Combofix kontrola logu.
Napsal: 06 úno 2014 20:13
AHoj všichni,
mohl by mi prosím někdo zkontrolovat log z combofixu? Včera jsem ho spustila a nezavřela jsem skype a prohlížeč. Na skype mi šlo přihlásit až po restartování počítače a prohlížeč mi neotevře google.cz a taky se nemůžu přihlásit na email (nevím jestli za to může combofix) Děkuji za radu.
ComboFix 14-02-03.01 - pavla 06.02.2014 18:22:11.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.2039.1299 [GMT 1:00]
Spuštěný z: c:\users\pavla\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-06 do 2014-02-06 )))))))))))))))))))))))))))))))
.
.
2014-02-06 17:31 . 2014-02-06 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-05 21:38 . 2014-02-06 17:31 -------- d-----w- c:\users\pavla\AppData\Local\temp
2014-02-04 14:37 . 2013-12-16 00:54 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{684C1FFB-E960-4863-B002-613543D5CE27}\mpengine.dll
2014-01-28 21:45 . 2014-01-28 21:45 -------- d-----w- c:\users\pavla\AppData\Roaming\pdfforge
2014-01-28 21:45 . 2013-04-09 13:13 95416 ----a-w- c:\windows\system32\pdfcmon.dll
2014-01-28 21:45 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2014-01-28 21:45 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2014-01-28 21:45 . 2014-01-28 21:47 -------- d-----w- c:\program files\PDFCreator
2014-01-28 21:45 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2014-01-27 19:39 . 2014-01-27 19:40 -------- d-----w- C:\WG2000
2014-01-15 14:56 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 14:56 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 14:56 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 14:56 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 14:56 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 14:56 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 14:56 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 14:56 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 14:56 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-09 20:32 . 2014-01-09 20:32 -------- d-----w- c:\program files\rajce
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 14:33 . 2012-11-06 20:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 14:33 . 2012-11-06 20:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-16 08:59 . 2012-11-06 09:27 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-08 22:18 . 2013-12-08 22:18 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-08 22:18 . 2013-12-08 22:18 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-08 22:18 . 2013-12-08 22:18 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-08 22:18 . 2013-12-08 22:18 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-12-08 22:18 . 2013-12-08 22:18 182272 ----a-w- c:\windows\system32\msls31.dll
2013-12-08 22:18 . 2013-12-08 22:18 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-12-08 22:18 . 2013-12-08 22:18 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-08 22:18 . 2013-12-08 22:18 337408 ----a-w- c:\windows\system32\html.iec
2013-12-08 22:18 . 2013-12-08 22:18 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-08 22:18 . 2013-12-08 22:18 454656 ----a-w- c:\windows\system32\vbscript.dll
2013-12-08 22:18 . 2013-12-08 22:18 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-08 22:18 . 2013-12-08 22:18 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-12-08 22:18 . 2013-12-08 22:18 139264 ----a-w- c:\windows\system32\wextract.exe
2013-12-08 22:18 . 2013-12-08 22:18 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-08 22:18 . 2013-12-08 22:18 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-12-08 22:18 . 2013-12-08 22:18 13312 ----a-w- c:\windows\system32\mshta.exe
2013-12-08 22:18 . 2013-12-08 22:18 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-08 22:18 . 2013-12-08 22:18 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-08 22:18 . 2013-12-08 22:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-08 22:18 . 2013-12-08 22:18 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 09:23 . 2013-12-12 22:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 09:22 . 2013-12-12 22:19 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53 . 2013-12-12 22:19 61952 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 08:52 . 2013-12-12 22:19 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29 . 2013-12-12 22:19 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 08:29 . 2013-12-12 22:19 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28 . 2013-12-12 22:19 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 22:19 4243968 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 07:32 . 2013-12-12 22:19 1928192 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 06:33 . 2013-12-12 22:19 1820160 ----a-w- c:\windows\system32\wininet.dll
2013-11-25 19:27 . 2012-11-06 11:36 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-23 18:26 . 2013-12-12 22:02 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:07 . 2013-12-12 22:02 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 19:27 3349528 ----a-w- c:\program files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll" [2014-01-08 3349528]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2014-02-03 2552856]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-23 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-10-24 147768]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-09-09 27448]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-04 209176]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-09-16 22840]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-11-25 37664]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-06 14:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = proxy.uhul.cz:8080
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-06 18:33:38
ComboFix-quarantined-files.txt 2014-02-06 17:33
ComboFix2.txt 2014-02-05 21:38
ComboFix3.txt 2014-02-04 14:27
.
Před spuštěním: 6 535 929 856
Po spuštění: 6 490 578 944
.
- - End Of File - - 33CC4916EA1B9E55251F8824EC632436
A36C5E4F47E84449FF07ED3517B43A31
mohl by mi prosím někdo zkontrolovat log z combofixu? Včera jsem ho spustila a nezavřela jsem skype a prohlížeč. Na skype mi šlo přihlásit až po restartování počítače a prohlížeč mi neotevře google.cz a taky se nemůžu přihlásit na email (nevím jestli za to může combofix) Děkuji za radu.
ComboFix 14-02-03.01 - pavla 06.02.2014 18:22:11.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.2039.1299 [GMT 1:00]
Spuštěný z: c:\users\pavla\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-06 do 2014-02-06 )))))))))))))))))))))))))))))))
.
.
2014-02-06 17:31 . 2014-02-06 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-05 21:38 . 2014-02-06 17:31 -------- d-----w- c:\users\pavla\AppData\Local\temp
2014-02-04 14:37 . 2013-12-16 00:54 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{684C1FFB-E960-4863-B002-613543D5CE27}\mpengine.dll
2014-01-28 21:45 . 2014-01-28 21:45 -------- d-----w- c:\users\pavla\AppData\Roaming\pdfforge
2014-01-28 21:45 . 2013-04-09 13:13 95416 ----a-w- c:\windows\system32\pdfcmon.dll
2014-01-28 21:45 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2014-01-28 21:45 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2014-01-28 21:45 . 2014-01-28 21:47 -------- d-----w- c:\program files\PDFCreator
2014-01-28 21:45 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2014-01-27 19:39 . 2014-01-27 19:40 -------- d-----w- C:\WG2000
2014-01-15 14:56 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 14:56 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 14:56 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 14:56 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 14:56 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 14:56 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 14:56 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 14:56 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 14:56 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-09 20:32 . 2014-01-09 20:32 -------- d-----w- c:\program files\rajce
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 14:33 . 2012-11-06 20:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 14:33 . 2012-11-06 20:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-01-16 08:59 . 2012-11-06 09:27 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2013-12-08 22:18 . 2013-12-08 22:18 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-08 22:18 . 2013-12-08 22:18 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-08 22:18 . 2013-12-08 22:18 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-08 22:18 . 2013-12-08 22:18 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-12-08 22:18 . 2013-12-08 22:18 182272 ----a-w- c:\windows\system32\msls31.dll
2013-12-08 22:18 . 2013-12-08 22:18 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-12-08 22:18 . 2013-12-08 22:18 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-08 22:18 . 2013-12-08 22:18 337408 ----a-w- c:\windows\system32\html.iec
2013-12-08 22:18 . 2013-12-08 22:18 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-08 22:18 . 2013-12-08 22:18 454656 ----a-w- c:\windows\system32\vbscript.dll
2013-12-08 22:18 . 2013-12-08 22:18 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-08 22:18 . 2013-12-08 22:18 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-12-08 22:18 . 2013-12-08 22:18 139264 ----a-w- c:\windows\system32\wextract.exe
2013-12-08 22:18 . 2013-12-08 22:18 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-08 22:18 . 2013-12-08 22:18 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-12-08 22:18 . 2013-12-08 22:18 13312 ----a-w- c:\windows\system32\mshta.exe
2013-12-08 22:18 . 2013-12-08 22:18 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-08 22:18 . 2013-12-08 22:18 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-08 22:18 . 2013-12-08 22:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-08 22:18 . 2013-12-08 22:18 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 09:23 . 2013-12-12 22:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 09:22 . 2013-12-12 22:19 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53 . 2013-12-12 22:19 61952 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 08:52 . 2013-12-12 22:19 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29 . 2013-12-12 22:19 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 08:29 . 2013-12-12 22:19 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28 . 2013-12-12 22:19 553472 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 22:19 4243968 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 07:32 . 2013-12-12 22:19 1928192 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 06:33 . 2013-12-12 22:19 1820160 ----a-w- c:\windows\system32\wininet.dll
2013-11-25 19:27 . 2012-11-06 11:36 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-11-23 18:26 . 2013-12-12 22:02 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:07 . 2013-12-12 22:02 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-01-08 19:27 3349528 ----a-w- c:\program files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll" [2014-01-08 3349528]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2009-09-17 663552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2014-02-03 2552856]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-23 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 101120]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-02-22 9216]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-10-24 147768]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-09-09 27448]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-11-05 120600]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-11-04 209176]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-09-16 22840]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-10-31 176952]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-11-25 37664]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2013-09-24 348008]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-06 14:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = proxy.uhul.cz:8080
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-06 18:33:38
ComboFix-quarantined-files.txt 2014-02-06 17:33
ComboFix2.txt 2014-02-05 21:38
ComboFix3.txt 2014-02-04 14:27
.
Před spuštěním: 6 535 929 856
Po spuštění: 6 490 578 944
.
- - End Of File - - 33CC4916EA1B9E55251F8824EC632436
A36C5E4F47E84449FF07ED3517B43A31