JS/kryptik.l trojský kůň
Napsal: 07 dub 2014 11:04
Dobrý den,
dostal se mi do PC trojský kůň a nemužu se ho zaboha zbavit při prohlížení internetu vyskočí s každou vteřinou hláška od esetu, že byl vir zablokován a uložen do karantény vůbec si stím nevím rady tady je log z ComboFixu jesti to nějak pomůže
ComboFix 13-09-19.01 - Shatamik . 04. 2014 11:55:20.1.4 - x86
Microsoft Windows 8 Pro 6.2.9200.0.1250.420.1029.18.2984.2176 [GMT 2:00]
Spuštěný z: c:\users\Shatamik\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Shatamik\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-07 do 2014-04-07 )))))))))))))))))))))))))))))))
.
.
2014-04-07 09:59 . 2014-04-07 09:59 -------- d-----w- c:\users\Shatamik\AppData\Local\temp
2014-04-02 23:47 . 2014-04-02 23:47 388096 ----a-r- c:\users\Shatamik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-04-02 23:47 . 2014-04-02 23:47 -------- d-----w- c:\program files\Trend Micro
2014-04-01 00:00 . 2014-04-03 11:37 -------- d-----w- c:\program files\CCleaner
2014-03-31 17:09 . 2014-04-03 11:37 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-03-23 21:43 . 2014-03-23 22:02 48471 ----a-w- c:\windows\system32\ForceBindIP-Uninstaller.exe
2014-03-18 14:28 . 2014-03-18 14:28 -------- d-----w- c:\users\Shatamik\AppData\Local\DOSBox
2014-03-18 14:28 . 2014-04-03 11:37 -------- d-----w- c:\program files\DOSBox-0.74
2014-03-11 18:11 . 2014-01-31 00:48 1339392 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-11 18:11 . 2014-02-05 23:37 496640 ----a-w- c:\windows\system32\qedit.dll
2014-03-11 18:11 . 2014-02-08 04:08 3387904 ----a-w- c:\windows\system32\win32k.sys
2014-03-11 17:18 . 2014-03-11 17:18 -------- d-----w- c:\windows\system32\NV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-04 22:52 . 2013-11-14 15:43 78304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-04 22:52 . 2013-11-14 15:43 694240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-04 14:29 . 2014-02-19 11:02 832936 ----a-w- c:\windows\system32\nvumdshim.dll
2014-03-04 14:29 . 2014-02-19 11:02 148016 ----a-w- c:\windows\system32\nvinit.dll
2014-03-04 14:29 . 2014-02-19 11:02 2715264 ----a-w- c:\windows\system32\nvapi.dll
2014-03-04 14:29 . 2014-02-19 11:02 14709720 ----a-w- c:\windows\system32\nvd3dum.dll
2014-03-04 12:34 . 2014-02-19 11:09 4348704 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 12:34 . 2014-02-19 11:09 3044696 ----a-w- c:\windows\system32\nvsvc.dll
2014-03-04 12:34 . 2014-02-19 11:09 919496 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-03-04 12:34 . 2014-02-19 11:09 66560 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-03-04 12:34 . 2014-02-19 11:09 663896 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 12:34 . 2014-02-19 11:09 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 12:34 . 2014-02-19 11:09 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 12:34 . 2014-02-19 11:09 607064 ----a-w- c:\windows\system32\oemdspif.dll
2014-03-04 12:34 . 2014-02-19 11:09 375128 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 18:27 . 2014-02-19 11:02 895264 ----a-w- c:\windows\system32\nvdispgenco3233489.dll
2014-02-08 18:27 . 2014-02-19 11:02 1049888 ----a-w- c:\windows\system32\nvdispco3233489.dll
2014-01-12 23:30 . 2014-02-13 22:51 2032640 ----a-w- c:\windows\system32\d3d10warp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2013-08-01 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 146032]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 181360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 190064]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3164472]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-10-03 2244496]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2012-06-26 260736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2013-12-10 982232]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5110672]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
LINKMAGIC.lnk - c:\program files\LINKMAGIC\LINKMAGIC.EXE [2013-8-28 1757696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableCursorSuppression"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-08-20 84248]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-09-24 241968]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2012-06-15 233104]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680]
R3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys [2012-12-19 5120]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe [2012-09-20 23040]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys [2013-09-17 187808]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2014-03-04 26968]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe [2011-12-15 1668136]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-09-12 1337752]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 122376]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe [2012-09-05 71168]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 14658848]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-09-24 898352]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys [2010-01-20 23136]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-01-27 143528]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 165376]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-10-03 282000]
S3 L1C;Ovladač miniportu NDIS pro řadič Qualcomm Atheros AR813x/AR815x PCI-E Ethernet;c:\windows\system32\DRIVERS\L1C63x86.sys [2012-06-02 85504]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\System32\drivers\HECI.sys [2012-07-17 55104]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-05 34080]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:43 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-01 18:16]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf2736c7e5502d.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-01 17:19]
.
2014-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf48d7c422d5f6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-01 17:19]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Shatamik\AppData\Roaming\Mozilla\Firefox\Profiles\jv6ci999.default\
FF - prefs.js: browser.startup.homepage - idnes.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{2A9F95AB-65A3-432c-8631-B8BC5BF7477A} - e:\hry\EAUninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2014-04-07 12:00:04
ComboFix-quarantined-files.txt 2014-04-07 10:00
.
Před spuštěním: 75 959 934 976 bytes free
Po spuštění: 78 568 759 296 bytes free
.
- - End Of File - - D63CA6542A4AE204FCC4F27CBC4502BA
A36C5E4F47E84449FF07ED3517B43A31
dostal se mi do PC trojský kůň a nemužu se ho zaboha zbavit při prohlížení internetu vyskočí s každou vteřinou hláška od esetu, že byl vir zablokován a uložen do karantény vůbec si stím nevím rady tady je log z ComboFixu jesti to nějak pomůže
ComboFix 13-09-19.01 - Shatamik . 04. 2014 11:55:20.1.4 - x86
Microsoft Windows 8 Pro 6.2.9200.0.1250.420.1029.18.2984.2176 [GMT 2:00]
Spuštěný z: c:\users\Shatamik\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Shatamik\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-07 do 2014-04-07 )))))))))))))))))))))))))))))))
.
.
2014-04-07 09:59 . 2014-04-07 09:59 -------- d-----w- c:\users\Shatamik\AppData\Local\temp
2014-04-02 23:47 . 2014-04-02 23:47 388096 ----a-r- c:\users\Shatamik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-04-02 23:47 . 2014-04-02 23:47 -------- d-----w- c:\program files\Trend Micro
2014-04-01 00:00 . 2014-04-03 11:37 -------- d-----w- c:\program files\CCleaner
2014-03-31 17:09 . 2014-04-03 11:37 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-03-23 21:43 . 2014-03-23 22:02 48471 ----a-w- c:\windows\system32\ForceBindIP-Uninstaller.exe
2014-03-18 14:28 . 2014-03-18 14:28 -------- d-----w- c:\users\Shatamik\AppData\Local\DOSBox
2014-03-18 14:28 . 2014-04-03 11:37 -------- d-----w- c:\program files\DOSBox-0.74
2014-03-11 18:11 . 2014-01-31 00:48 1339392 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-11 18:11 . 2014-02-05 23:37 496640 ----a-w- c:\windows\system32\qedit.dll
2014-03-11 18:11 . 2014-02-08 04:08 3387904 ----a-w- c:\windows\system32\win32k.sys
2014-03-11 17:18 . 2014-03-11 17:18 -------- d-----w- c:\windows\system32\NV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-04 22:52 . 2013-11-14 15:43 78304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-04 22:52 . 2013-11-14 15:43 694240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-04 14:29 . 2014-02-19 11:02 832936 ----a-w- c:\windows\system32\nvumdshim.dll
2014-03-04 14:29 . 2014-02-19 11:02 148016 ----a-w- c:\windows\system32\nvinit.dll
2014-03-04 14:29 . 2014-02-19 11:02 2715264 ----a-w- c:\windows\system32\nvapi.dll
2014-03-04 14:29 . 2014-02-19 11:02 14709720 ----a-w- c:\windows\system32\nvd3dum.dll
2014-03-04 12:34 . 2014-02-19 11:09 4348704 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 12:34 . 2014-02-19 11:09 3044696 ----a-w- c:\windows\system32\nvsvc.dll
2014-03-04 12:34 . 2014-02-19 11:09 919496 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-03-04 12:34 . 2014-02-19 11:09 66560 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-03-04 12:34 . 2014-02-19 11:09 663896 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 12:34 . 2014-02-19 11:09 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 12:34 . 2014-02-19 11:09 2556360 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 12:34 . 2014-02-19 11:09 607064 ----a-w- c:\windows\system32\oemdspif.dll
2014-03-04 12:34 . 2014-02-19 11:09 375128 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 18:27 . 2014-02-19 11:02 895264 ----a-w- c:\windows\system32\nvdispgenco3233489.dll
2014-02-08 18:27 . 2014-02-19 11:02 1049888 ----a-w- c:\windows\system32\nvdispco3233489.dll
2014-01-12 23:30 . 2014-02-13 22:51 2032640 ----a-w- c:\windows\system32\d3d10warp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2013-08-01 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 146032]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 181360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 190064]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3164472]
"ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-10-03 2244496]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2012-06-26 260736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2013-12-10 982232]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5110672]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
LINKMAGIC.lnk - c:\program files\LINKMAGIC\LINKMAGIC.EXE [2013-8-28 1757696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableCursorSuppression"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-08-20 84248]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-09-24 241968]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2012-06-15 233104]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680]
R3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys [2012-12-19 5120]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe [2012-09-20 23040]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys [2013-09-17 187808]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2014-03-04 26968]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe [2011-12-15 1668136]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-09-12 1337752]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 122376]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe [2012-09-05 71168]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 14658848]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-09-24 898352]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys [2010-01-20 23136]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-01-27 143528]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 165376]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-10-03 282000]
S3 L1C;Ovladač miniportu NDIS pro řadič Qualcomm Atheros AR813x/AR815x PCI-E Ethernet;c:\windows\system32\DRIVERS\L1C63x86.sys [2012-06-02 85504]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\System32\drivers\HECI.sys [2012-07-17 55104]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-05 34080]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:43 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-01 18:16]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf2736c7e5502d.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-01 17:19]
.
2014-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf48d7c422d5f6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-01 17:19]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Shatamik\AppData\Roaming\Mozilla\Firefox\Profiles\jv6ci999.default\
FF - prefs.js: browser.startup.homepage - idnes.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{2A9F95AB-65A3-432c-8631-B8BC5BF7477A} - e:\hry\EAUninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2014-04-07 12:00:04
ComboFix-quarantined-files.txt 2014-04-07 10:00
.
Před spuštěním: 75 959 934 976 bytes free
Po spuštění: 78 568 759 296 bytes free
.
- - End Of File - - D63CA6542A4AE204FCC4F27CBC4502BA
A36C5E4F47E84449FF07ED3517B43A31
Muzete mi rict, proc jste spoustel ComboFix? Umite s nim zachazet?
Udelejte 
