Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Jak se zbavit viru z facebooku? - Enox

To, co se nehodí jinam..

Moderátor: Moderátoři

Odpovědět
Zpráva
Autor
Enox
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 14 srp 2014 12:47

Jak se zbavit viru z facebooku? - Enox

#1 Příspěvek od Enox »

Dobrý den, mám jistý vir v počítači klikl jsem omylem na facebook video a už to jelo.. nevím co s tím našel jsem váš návod tak jsem ho provedl a zde je log netuším jestli je v počítači ještě stále vir a tak bych byl velice rád kdyby jste mi mohl log překontrolovat předem děkuji a jsem s pozdravem Enox


ComboFix 14-08-14.02 - Enox 14.08.2014 13:28:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2650 [GMT 2:00]
Spuštěný z: c:\users\Enox\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Enox\AppData\Local\Temp\1871KrakenDevProps.dll
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-14 do 2014-08-14 )))))))))))))))))))))))))))))))
.
.
2014-08-13 21:51 . 2014-08-13 21:51 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2014-08-13 21:51 . 2014-08-13 22:01 -------- d-----w- c:\programdata\Spyware Terminator
2014-08-13 21:51 . 2014-08-13 21:51 -------- d-----w- c:\users\Enox\AppData\Roaming\Spyware Terminator
2014-08-13 21:51 . 2014-08-13 22:00 -------- d-----w- c:\program files (x86)\Spyware Terminator
2014-08-13 20:12 . 2014-08-13 20:12 -------- d-----w- c:\programdata\flaplsae
2014-08-13 09:11 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B3222B2-1291-478E-AB6E-EFFFAC401EA5}\mpengine.dll
2014-08-13 09:03 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 09:03 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 09:03 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 09:03 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 09:03 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 09:03 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 09:02 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 09:00 . 2014-07-25 14:01 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-08-13 08:59 . 2014-07-09 02:03 7168 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-08-13 08:58 . 2014-06-16 02:10 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-13 08:56 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-13 08:56 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 19:55 . 2014-08-12 19:55 -------- d-----w- c:\users\Enox\AppData\Local\Glyph
2014-08-12 19:55 . 2014-08-12 19:55 -------- d-----w- c:\programdata\Glyph
2014-08-10 22:17 . 2014-08-10 22:47 -------- d-----w- c:\users\Enox\AppData\Local\CrashDumps
2014-08-10 21:32 . 2014-08-10 21:32 31648 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2014-08-09 00:15 . 2014-08-09 00:15 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-09 00:14 . 2014-08-09 00:14 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-08 21:59 . 2014-08-08 21:59 -------- d-----w- c:\programdata\SystemRequirementsLab
2014-08-08 21:59 . 2014-08-08 21:59 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-08-06 13:35 . 2014-08-06 13:43 7808 ----a-w- c:\windows\system32\drivers\hidusbf.sys
2014-08-05 21:38 . 2014-08-05 21:38 -------- d-----w- c:\programdata\Riot Games
2014-08-03 22:00 . 2014-08-03 22:00 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-08-03 22:00 . 2014-08-03 22:00 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-08-03 21:40 . 2014-08-12 21:31 -------- d-----w- c:\program files\OBS
2014-08-03 21:40 . 2014-08-12 21:31 -------- d-----w- c:\program files (x86)\OBS
2014-08-03 13:41 . 2014-08-03 13:41 -------- d-----w- c:\users\Enox\AppData\Roaming\Unity
2014-08-03 13:06 . 2014-08-03 13:11 -------- d-----w- c:\users\Enox\AppData\Local\Unity
2014-08-02 23:09 . 2014-08-02 23:09 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-08-02 21:19 . 2014-08-02 21:19 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-08-02 21:19 . 2014-08-02 21:19 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-08-02 21:17 . 2014-08-02 21:17 -------- d-sh--w- c:\users\Enox\AppData\Local\EmieUserList
2014-08-02 21:17 . 2014-08-02 21:17 -------- d-sh--w- c:\users\Enox\AppData\Local\EmieSiteList
2014-08-02 20:54 . 2014-08-08 16:30 -------- d-----w- c:\users\Enox\AppData\Local\Ahead
2014-08-02 20:53 . 2014-08-02 20:55 -------- d-----w- c:\users\Enox\AppData\Roaming\Ahead
2014-08-02 20:53 . 2014-08-02 20:53 -------- d-----w- c:\programdata\Ahead
2014-08-02 20:52 . 2014-08-02 20:53 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2014-08-02 20:52 . 2014-08-02 20:52 -------- d-----w- c:\programdata\Nero
2014-08-01 08:58 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-01 08:58 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-01 08:58 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-01 08:58 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-01 08:58 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-31 19:53 . 2014-07-31 19:53 -------- d-----w- c:\users\Enox\AppData\Local\SWTORPerf
2014-07-31 19:52 . 2014-08-12 21:15 -------- d-----w- c:\program files (x86)\Common Files\BioWare
2014-07-31 16:29 . 2014-07-31 16:29 -------- d-----w- c:\users\Enox\AppData\Local\ESN
2014-07-31 16:29 . 2014-08-10 21:11 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2014-07-31 16:27 . 2014-07-31 16:27 -------- d-----w- c:\programdata\EA Core
2014-07-31 16:27 . 2014-07-31 16:58 -------- d-----w- c:\programdata\EA Logs
2014-07-30 23:13 . 2014-08-10 22:32 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-30 23:13 . 2014-08-10 22:32 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-07-30 19:42 . 2014-08-09 03:44 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2014-07-30 19:17 . 2014-08-06 18:54 -------- d-----w- c:\users\Enox\AppData\Roaming\Origin
2014-07-30 19:17 . 2014-07-30 19:17 -------- d-----w- c:\users\Enox\AppData\Local\Origin
2014-07-30 19:16 . 2014-08-13 00:42 -------- d-----w- c:\programdata\Origin
2014-07-30 19:16 . 2014-07-31 16:28 -------- d-----w- c:\programdata\Electronic Arts
2014-07-29 17:17 . 2014-07-02 17:44 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-07-28 10:25 . 2014-07-28 10:25 3060920 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\MSOINTL.DLL
2014-07-27 09:45 . 2014-07-27 09:45 5532368 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-07-27 09:45 . 2014-07-27 09:45 5233848 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-07-27 09:45 . 2014-07-27 09:45 26273464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-07-27 09:41 . 2014-07-27 09:41 3633848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1033\MSOINTL.DLL
2014-07-27 09:41 . 2014-07-27 09:41 7501528 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-07-27 09:41 . 2014-07-27 09:41 7259328 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-07-27 09:41 . 2014-07-27 09:41 654512 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-07-27 09:41 . 2014-07-27 09:41 36681400 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-07-27 09:41 . 2014-07-27 09:41 197328 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2014-07-25 17:14 . 2014-05-30 08:08 22016 ----a-w- c:\windows\system32\credssp.dll
2014-07-25 17:14 . 2014-05-30 07:52 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-07-25 17:14 . 2014-05-30 07:52 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-07-25 17:14 . 2014-05-30 07:52 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-07-25 17:14 . 2014-05-30 07:52 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-07-25 17:14 . 2014-05-30 07:52 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-07-25 17:14 . 2014-05-30 07:52 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-07-25 17:14 . 2014-05-30 07:52 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-07-25 17:14 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-25 17:14 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-13 09:17 . 2014-03-22 13:13 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-10 22:32 . 2014-03-22 20:37 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-07-31 16:59 . 2014-03-22 20:37 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-25 14:52 . 2014-08-13 09:00 23645696 ----a-w- c:\windows\system32\mshtml.dll
2014-07-25 14:02 . 2014-08-13 09:01 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-07-25 13:50 . 2014-06-17 14:08 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2014-06-17 13:31 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-06-17 14:08 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2014-06-17 13:31 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-25 13:28 . 2014-08-13 09:00 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-07-25 13:25 . 2014-08-13 09:00 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-07-25 12:47 . 2014-08-13 09:00 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 12:19 . 2014-08-13 09:00 195584 ----a-w- c:\windows\system32\msrating.dll
2014-07-25 12:17 . 2014-08-13 09:00 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-07-25 11:47 . 2014-08-13 09:00 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-07-25 11:39 . 2014-08-13 09:00 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-07-25 10:52 . 2014-08-13 09:00 2266624 ----a-w- c:\windows\system32\wininet.dll
2014-07-25 10:26 . 2014-08-13 09:00 1431040 ----a-w- c:\windows\system32\urlmon.dll
2014-07-21 18:37 . 2014-04-18 13:18 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-21 18:37 . 2014-04-18 13:18 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-16 03:23 . 2014-08-13 09:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:12 . 2014-08-13 08:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-07-14 02:02 . 2014-08-13 08:59 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-02 20:48 . 2014-07-29 17:12 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-07-02 20:48 . 2014-07-29 17:12 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2014-07-29 17:12 944928 ----a-w- c:\windows\system32\NvIFR64.dll
2014-07-02 20:48 . 2014-07-29 17:12 903624 ----a-w- c:\windows\system32\NvFBC64.dll
2014-07-02 20:48 . 2014-07-29 17:12 502232 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-07-02 20:48 . 2014-07-29 17:12 391640 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-07-02 20:48 . 2014-07-29 17:12 1890080 ----a-w- c:\windows\system32\nvdispco6434052.dll
2014-07-02 20:48 . 2014-07-29 17:12 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-07-02 20:48 . 2014-07-29 17:12 1539928 ----a-w- c:\windows\system32\nvdispgenco6434052.dll
2014-07-02 20:48 . 2014-07-29 17:12 22994208 ----a-w- c:\windows\system32\nvcompiler.dll
2014-07-02 20:48 . 2014-06-17 16:14 16122344 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2014-06-17 16:14 13922752 ----a-w- c:\windows\system32\nvopencl.dll
2014-07-02 20:48 . 2014-06-17 16:14 31512520 ----a-w- c:\windows\system32\nvoglv64.dll
2014-07-02 20:48 . 2014-06-17 16:14 17555104 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-07-02 20:48 . 2014-06-17 16:14 4247000 ----a-w- c:\windows\system32\nvcuvid.dll
2014-07-02 20:48 . 2014-06-17 16:14 13835208 ----a-w- c:\windows\system32\nvcuda.dll
2014-07-02 20:48 . 2014-06-17 13:26 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:48 . 2014-06-17 13:26 61912 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-02 20:48 . 2014-06-17 13:25 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2014-06-17 13:25 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 20:48 . 2014-06-17 13:25 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 20:48 . 2014-06-17 13:25 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 18:55 . 2014-06-17 13:27 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2014-06-17 13:27 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2014-06-17 13:27 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2014-06-17 13:27 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2014-06-17 13:27 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2014-06-17 13:27 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-02 10:14 . 2014-06-17 13:27 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-25 02:05 . 2014-08-13 08:59 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-06-18 02:18 . 2014-07-25 17:16 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-11 08:57 . 2014-06-17 16:14 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-06-11 08:57 . 2014-06-17 16:14 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-06-06 10:47 . 2014-06-06 10:47 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-06-06 10:10 . 2014-07-25 17:16 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 06:12 . 2014-08-13 09:02 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-06-05 14:45 . 2014-07-25 17:14 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-03 10:02 . 2014-08-13 09:00 504320 ----a-w- c:\windows\system32\msihnd.dll
2014-06-03 10:02 . 2014-08-13 09:00 3241984 ----a-w- c:\windows\system32\msi.dll
2014-05-30 08:08 . 2014-07-25 17:14 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-25 17:14 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-25 17:14 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-25 17:14 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-25 17:14 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-25 17:14 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 07:52 . 2014-07-25 17:14 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-24 02:33 . 2014-05-24 02:33 864256 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2014-05-24 02:33 . 2014-05-24 02:33 325120 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2014-05-20 02:44 . 2014-06-17 16:14 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-06-17 16:14 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-05-19 06:26 . 2014-05-19 06:26 89088 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2014-05-19 06:26 . 2014-05-19 06:26 155136 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2014-05-19 06:26 . 2014-05-19 06:26 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\applications\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Steam"="e:\games\Steam\steam.exe" [2014-07-16 1753280]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-06-23 585560]
"KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2014-06-12 1486128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
c:\users\Enox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - d:\applications\Rainmeter\Rainmeter.exe [2013-10-29 36024]
Stardock ObjectDock.lnk - d:\applications\Stardock\ObjectDockPlus2\ObjectDock.exe [2014-3-22 4142448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R3 ALSysIO;ALSysIO;c:\users\Enox\AppData\Local\Temp\ALSysIO64.sys;c:\users\Enox\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz137;cpuz137;c:\windows\TEMP\cpuz137\cpuz137_x64.sys;c:\windows\TEMP\cpuz137\cpuz137_x64.sys [x]
R3 DIRECTIO;DIRECTIO;d:\applications\PerformanceTest\DirectIo64.sys;d:\applications\PerformanceTest\DirectIo64.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\DRIVERS\hidusbf.sys;c:\windows\SYSNATIVE\DRIVERS\hidusbf.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - RTCore64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-25 17:13 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-18 18:37]
.
2014-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-06 15:20]
.
2014-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-06 15:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-06 2777296]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2014-05-13 3681688]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.254.254.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-PunkBusterSvc - d:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,f1,6e,c9,fb,b9,98,43,bb,61,7c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,f1,6e,c9,fb,b9,98,43,bb,61,7c,\
.
[HKEY_USERS\S-1-5-21-3223592804-3748621517-3225420057-1000\Software\SecuROM\License information*]
"datasecu"=hex:7b,00,42,95,fe,b8,9b,df,db,9c,0b,23,b2,10,37,e3,39,ca,8c,3a,48,
cd,fd,8f,4a,a9,35,c2,61,cf,99,34,65,0e,c8,82,c9,7d,b4,65,d0,92,0d,61,41,ac,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
.
**************************************************************************
.
Celkový čas: 2014-08-14 13:44:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-14 11:44
.
Před spuštěním: Volných bajtů: 748 327 608 320
Po spuštění: Volných bajtů: 755 289 444 352
.
- - End Of File - - 0593ED6F067C3E89130AD76CCB9F62D5
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Jak se zbavit viru z facebooku? - Enox

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Tema jsem Vam oddelil do samostatneho, at se nam to neplete

:arrow: CF se pouziva az na doporuceni

:arrow: Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

:arrow: Nebezpeci CFka
  • Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
  • Maze stopy po haveti, takze v logu z RSIT neni nic videt
  • Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
  • CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
  • CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
- - - - -

:arrow: Odinstalujte Spyware Terminator

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Všehochuť“