vše proběhlo v pořádku
Tady je
log:
ComboFix 14-07-17.03 - Uio 18.07.2014 22:33:58.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.2047.1119 [GMT -7:00]
Spuštěný z: c:\users\Uio\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Uio\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Uio\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Uio\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Uio\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Uio\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Uio\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Uio\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii
c:\users\Uio\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\background.html
c:\users\Uio\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\content.js
c:\users\Uio\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\GBSHlMeO0.js
c:\users\Uio\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\lsdb.js
c:\users\Uio\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\omhbfmijkloamjfmknfphhodhjihjjii\2.0\manifest.json
c:\users\Uio\AppData\Roaming\Identities\AppServices.exe
c:\users\Uio\AppData\Roaming\Identities\data\csshield.asi
c:\users\Uio\AppData\Roaming\Identities\data\csshield.dll
c:\windows\SysWow64\tmp33AE.tmp
c:\windows\SysWow64\tmp33FD.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-19 do 2014-07-19 )))))))))))))))))))))))))))))))
.
.
2014-07-19 05:43 . 2014-07-19 05:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-18 18:50 . 2014-07-19 04:50 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-18 18:50 . 2014-07-18 18:50 -------- d-----w- c:\programdata\RogueKiller
2014-07-18 18:12 . 2014-07-18 18:12 -------- d-----w- c:\windows\ERUNT
2014-07-18 18:00 . 2014-07-18 18:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E194AA46-F105-4425-8C36-68AC5B32FD58}\offreg.dll
2014-07-18 05:20 . 2010-08-30 15:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-18 05:18 . 2014-07-18 18:00 -------- d-----w- C:\AdwCleaner
2014-07-18 04:51 . 2014-07-19 05:46 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-18 04:50 . 2014-07-18 04:50 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-18 04:50 . 2014-07-18 04:50 -------- d-----w- c:\programdata\Malwarebytes
2014-07-18 04:50 . 2014-05-12 14:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-18 04:50 . 2014-05-12 14:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-18 04:50 . 2014-05-12 14:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-17 04:26 . 2014-07-19 04:46 -------- d-----w- C:\Counter-.Strike 1.6
2014-07-17 03:56 . 2014-07-17 03:56 -------- d-----w- c:\program files (x86)\2K Games
2014-07-16 19:18 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E194AA46-F105-4425-8C36-68AC5B32FD58}\mpengine.dll
2014-07-15 00:05 . 2014-07-15 00:05 -------- d-----w- c:\program files (x86)\Custom-Strike
2014-07-15 00:05 . 1998-06-18 07:00 89360 ----a-w- c:\windows\SysWow64\VB5DB.DLL
2014-07-13 20:52 . 2014-07-13 20:52 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-07-12 08:31 . 2014-07-12 08:31 5018624 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-12 04:03 . 2014-07-12 04:03 -------- d-sh--w- c:\programdata\DSS
2014-07-12 03:40 . 2014-07-12 03:40 -------- d-----w- c:\program files (x86)\Electronic Arts
2014-07-11 23:54 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-11 23:53 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-11 23:53 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-11 23:53 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-11 23:04 . 2014-07-11 23:04 -------- d-----w- c:\programdata\1580ca9ebe96bbae
2014-07-11 23:04 . 2014-07-11 23:04 -------- d-----w- c:\users\Guest
2014-07-11 23:04 . 2014-07-11 23:04 -------- d-----w- c:\users\Administrator
2014-07-11 05:18 . 2014-03-06 05:19 7670 --s-a-w- c:\windows\SysWow64\mnclecsj.vbe
2014-07-11 05:13 . 2014-07-11 05:14 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-11 05:13 . 2014-07-11 05:13 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-07-11 05:13 . 2010-09-16 07:13 2601752 ----a-w- c:\windows\SysWow64\pbsvc_moh.exe
2014-07-11 04:57 . 2007-10-12 22:14 5081608 ----a-w- c:\windows\system32\d3dx9_36.dll
2014-07-11 04:47 . 2014-07-11 04:47 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-11 04:46 . 2014-07-11 04:47 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-07-11 04:46 . 2014-07-11 04:49 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-07-10 19:14 . 2014-07-10 19:39 -------- d-----w- c:\program files (x86)\Euro Truck Simulator 2
2014-07-10 03:46 . 2014-07-10 03:46 -------- d-----w- c:\program files (x86)\TopCD
2014-07-10 03:33 . 2014-07-10 03:53 -------- d-----w- C:\TopCD
2014-07-10 03:33 . 2014-07-10 03:33 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2014-07-10 03:33 . 2014-07-10 03:33 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-07-10 03:33 . 2014-07-10 03:33 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2014-07-10 03:33 . 2014-07-10 03:33 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-07-10 03:33 . 2014-07-10 03:33 -------- d-----w- c:\program files (x86)\OpenAL
2014-07-09 19:31 . 2014-07-09 19:31 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-07-09 18:54 . 2014-07-15 00:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-07-09 18:54 . 2014-07-09 18:54 -------- d-----w- c:\program files (x86)\1C
2014-07-09 18:30 . 2014-07-09 18:30 -------- d-----w- c:\programdata\InstallShield
2014-07-09 18:30 . 2014-07-17 07:16 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-07-09 18:29 . 2014-07-09 18:29 310984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2014-07-09 18:29 . 2014-07-09 18:29 42696 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2014-07-09 18:27 . 2014-07-15 00:04 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-07-09 07:53 . 2014-07-09 07:53 687 ----a-w- C:\awh9346.tmp
2014-07-09 07:50 . 2014-07-09 07:50 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-07-09 07:47 . 2014-07-11 23:57 -------- d-----w- c:\windows\SysWow64\bitstreams
2014-07-09 07:47 . 2013-10-27 03:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2014-07-09 07:47 . 2013-10-27 03:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2014-07-09 07:47 . 2013-10-27 03:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2014-07-09 07:47 . 2013-10-27 03:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2014-07-09 07:47 . 2013-06-12 22:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-07-09 07:47 . 2013-06-12 22:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2014-07-09 07:47 . 2012-09-26 06:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
2014-07-09 07:47 . 2012-05-27 08:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2014-07-09 04:15 . 2014-07-09 04:15 -------- d-----w- c:\program files\TeamSpeak 3 Client
2014-07-08 07:30 . 2014-07-17 04:48 -------- d-----w- C:\Counter-Strike--1.6
2014-07-07 17:45 . 2013-12-18 08:38 42808 ----a-w- c:\windows\system32\uxtuneup.dll
2014-07-07 17:45 . 2013-12-18 08:38 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2014-07-07 17:44 . 2013-12-18 08:38 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2014-07-07 17:44 . 2013-12-18 08:38 29496 ----a-w- c:\windows\system32\authuitu.dll
2014-07-07 17:44 . 2013-12-18 08:38 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2014-07-07 17:43 . 2014-07-07 17:43 -------- d-----w- c:\program files (x86)\AVG
2014-07-07 17:41 . 2014-07-07 17:46 -------- d-----w- c:\programdata\AVG
2014-07-07 17:40 . 2014-07-07 17:52 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-07 17:40 . 2014-07-07 17:40 -------- d--h--w- c:\programdata\Common Files
2014-07-07 03:16 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-07-07 03:16 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-07-07 00:48 . 2013-06-29 07:22 534016 ----a-w- c:\windows\system32\SafeIPs64.dll
2014-07-07 00:48 . 2013-06-29 07:21 373760 ----a-w- c:\windows\SysWow64\SafeIPs.dll
2014-07-07 00:48 . 2014-07-07 00:48 -------- d-----w- c:\program files (x86)\SafeIP
2014-07-07 00:40 . 2014-07-07 00:40 31648 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2014-07-07 00:40 . 2014-07-07 00:40 -------- d-----w- c:\program files (x86)\HWiNFO32
2014-07-06 15:03 . 2014-07-06 15:03 108544 ----a-w- c:\windows\SysWow64\hfnapi.dll
2014-07-05 11:10 . 2014-07-12 10:06 -------- d-----w- c:\windows\system32\MRT
2014-07-05 11:07 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-07-05 11:07 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-07-05 11:07 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-07-05 11:07 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-07-05 11:07 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-07-05 10:47 . 2014-07-05 10:47 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-07-05 10:47 . 2014-07-05 10:47 -------- d-----w- c:\windows\Migration
2014-07-05 10:34 . 2013-10-15 01:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-07-05 10:29 . 2014-07-05 10:29 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-07-05 10:25 . 2014-07-05 10:25 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-07-05 10:07 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-07-05 10:01 . 2014-07-05 10:01 -------- d-----w- c:\windows\SysWow64\Wat
2014-07-05 10:01 . 2014-07-05 10:01 -------- d-----w- c:\windows\system32\Wat
2014-07-05 07:57 . 2014-07-05 07:57 -------- d-----w- c:\program files (x86)\VideoLAN
2014-07-05 05:36 . 2014-07-05 05:36 -------- d-----w- C:\6b3a6ffff20b30d988765614
2014-07-05 05:24 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-07-05 05:10 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-07-05 05:10 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-07-05 05:10 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-07-05 05:10 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-07-05 05:10 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-07-05 05:10 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-07-05 05:10 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-07-05 05:03 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-07-05 05:03 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-07-05 05:03 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-07-05 04:56 . 2011-03-03 06:24 357888 ----a-w- c:\windows\system32\dnsapi.dll
2014-07-05 04:56 . 2011-03-03 06:24 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2014-07-05 04:56 . 2011-03-03 06:21 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2014-07-05 04:56 . 2011-03-03 05:36 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2014-07-05 04:52 . 2012-12-07 11:20 43520 ----a-w- c:\windows\system32\csrr.rs
2014-07-05 04:51 . 2013-08-29 02:13 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-07-05 04:51 . 2013-08-29 02:16 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-07-05 04:51 . 2013-08-29 02:16 859648 ----a-w- c:\windows\system32\tdh.dll
2014-07-05 04:51 . 2013-08-29 01:50 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-07-05 04:51 . 2013-08-29 01:50 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-07-05 04:51 . 2013-08-29 01:48 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-07-05 04:51 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-07-05 04:51 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-07-05 04:49 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2014-07-05 04:48 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-05 10:28 . 2014-07-05 10:28 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-07-05 10:28 . 2014-07-05 10:28 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-30 07:52 . 2014-07-11 23:54 247808 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ComplexWebServer"="c:\complexwebserver\bin\ServiceDirect.exe" [2006-09-18 686080]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-05 4086432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"mnclecsjSrv"="c:\windows\system32\mnclecsj.vbe" [2014-03-06 7670]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"TaskTray"=
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Util Norpalla;Util Norpalla;c:\program files (x86)\Norpalla\bin\utilNorpalla.exe;c:\program files (x86)\Norpalla\bin\utilNorpalla.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SafeIPS;SafeIPS;c:\program files (x86)\SafeIP\SafeIPs.exe;c:\program files (x86)\SafeIP\SafeIPs.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 CWS_Apache_80;CWS_Apache_80;c:\complexwebserver\apache\bin\apache.exe;c:\complexwebserver\apache\bin\apache.exe [x]
S2 CWS_MySQL_3306;CWS_MySQL_3306;c:\complexwebserver\mysql\bin\mysqld-nt.exe;c:\complexwebserver\mysql\bin\mysqld-nt.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 ULi5261;ULi Based Ethernet NT Driver;c:\windows\system32\DRIVERS\ULILAN64.SYS;c:\windows\SYSNATIVE\DRIVERS\ULILAN64.SYS [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-05 02:22 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-05 20:58]
.
2014-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-05 02:21]
.
2014-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-05 02:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-05 02:21 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-03-21 1797064]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
hxxp://www.seznam.cz/?clid=16194mDefault_Search_URL =
hxxp://www.google.commDefault_Page_URL =
hxxp://www.google.commStart Page =
hxxp://www.google.commLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page =
hxxp://www.google.comTCP: DhcpNameServer = 62.129.50.20 85.135.32.100
FF - ProfilePath - c:\users\Uio\AppData\Roaming\Mozilla\Firefox\Profiles\ya2v70vm.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
AddRemove-Super Ovladač_is1 - c:\program files (x86)\Driver-Soft\SuperOvladac\unins000.exe
AddRemove-webssearches uninstall - c:\users\Uio\AppData\Roaming\webssearches\UninstallManager.exe
AddRemove-WindowsMangerProtect - c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2014-07-18 22:51:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-19 05:51
.
Před spuštěním: 36 941 045 760 bytes free
Po spuštění: 36 629 803 008 bytes free
.
- - End Of File - - 4B6EAE85E15744F2F8CDCEE0F0F0B434
A36C5E4F47E84449FF07ED3517B43A31