Plase check Medical shop PC thanks

July 24, 2013

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300

www.malwarebytes.org

Verze: v2013.07.24.03

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Uzivatel :: UZIVATEL-PC [administrátor]

Ochrana: Povolena

24.7.2013 11:01:45

mbam-log-2013-07-24 (11-01-45).txt

Typ: Rychlá kontrola

Nastavení kontroly zakázáno: P2P

Kontrolované objekty: 258030

Uplynulý čas: 4 minut, 37 sekund

Nalezené procesy v paměti: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0

(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0

(Žádné škodlivé položky nebyly zjištěny)

(konec)

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: BrowserJavaVersion: 10.25.2

Run by Uzivatel at 11:10:04 on 2013-07-24

Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.1197 [GMT 2:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\EPSON\EPuras\EPurasLog.exe

C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe

C:\Windows\SysWOW64\FUSServices.exe

c:\data\LpW\Bin\Server\AppServerService.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe

C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

C:\Program Files (x86)\Companion Suite Pro LL2\MFServices.exe

c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\EPSON\EPuras\EPuras.exe

C:\Windows\system32\LFOGRPOW.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe

C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe

c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Internet Explorer, optimized for Bing and MSN

uURLSearchHooks: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll

mWinlogon: Userinit = userinit.exe

BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.3\iobitappsToolbarIE.dll

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [MFFSum_Pro_LL2] "C:\Program Files (x86)\Companion Suite Pro LL2\MFFSUM.exe"

mRun: [MFPrintServer_Pro_LL2] "C:\Program Files (x86)\Companion Suite Pro LL2\MFPrintServer.exe"

mRun: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

TCP: NameServer = 8.8.8.8 10.108.156.5

TCP: Interfaces\{B022F1E9-CF0A-4934-B94F-20F633315C19} : DHCPNameServer = 8.8.8.8 10.108.156.5

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [2011-8-9 67584]

R2 EPSON TM Parallel Port Driver;EPSON TM Parallel Port Driver;C:\Windows\System32\drivers\tmlpt.sys [2010-3-26 21640]

R2 EpsonPuras;Epson Puras Service;C:\Program Files\EPSON\EPuras\EPuras.exe [2010-3-26 755712]

R2 EpsonPurasLog;Epson Puras Log Service;C:\Program Files\EPSON\EPuras\EPurasLog.exe [2010-3-26 297472]

R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [2012-4-2 3727360]

R2 FUSServices;Session Launcher Service;C:\Windows\SysWOW64\FUSServices.exe [2010-1-9 10752]

R2 Lekis2005AppServer;Lekis2005 AppServer;C:\data\LpW\Bin\Server\AppServerService.exe [2011-12-27 20480]

R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-7-6 376144]

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 16056]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-8-9 72216]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]

R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

R3 XMLDIUSB;XML USB Device Interface;C:\Windows\System32\drivers\XMLDIUSB.sys [2010-1-30 55808]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 CobianBackup10;Cobian Backup 10;C:\Program Files (x86)\Cobian Backup 10\cbService.exe [2011-8-9 1125376]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-29 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-29 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-29 30208]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]

.

=============== File Associations ===============

.

FileExt: .txt: soffice.StarWriterDocument.6="C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe" -o "%1" [userChoice]

.

=============== Created Last 30 ================

.

2013-07-24 09:00:17 -------- d-----w- C:\Users\Uzivatel\AppData\Roaming\Malwarebytes

2013-07-24 09:00:02 -------- d-----w- C:\ProgramData\Malwarebytes

2013-07-24 08:59:32 -------- d-----w- C:\Users\Uzivatel\AppData\Local\Programs

2013-07-24 08:44:18 -------- d-----w- C:\Program Files\CCleaner

2013-07-24 08:42:51 -------- d-----w- C:\oprava programy

2013-07-24 08:19:56 -------- d-----w- C:\Program Files (x86)\TeamViewer

2013-07-24 07:42:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-24 07:22:43 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

2013-07-24 07:22:37 -------- d-----w- C:\Users\Uzivatel\AppData\Roaming\IObit

2013-07-24 07:22:37 -------- d-----w- C:\ProgramData\IObit

2013-07-24 07:22:24 -------- d-----w- C:\Program Files (x86)\Application Updater

2013-07-24 07:22:23 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar

2013-07-24 07:22:23 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot

2013-07-24 07:22:20 -------- d-----w- C:\Program Files (x86)\IObit

2013-07-24 07:17:25 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4FDB2CFA-2EF3-4427-8D66-A43388D718E5}\mpengine.dll

2013-07-23 11:42:49 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe

2013-07-23 11:42:48 263576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

2013-07-22 07:21:12 9460976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-07-17 07:13:08 941720 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C6CF2EE3-7E4E-4152-A3EB-D63236B8083C}\gapaengine.dll

2013-07-12 07:20:59 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-07-11 10:14:02 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll

2013-07-11 10:14:02 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll

2013-07-11 10:14:02 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll

2013-07-11 10:14:02 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll

2013-07-11 10:14:02 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll

2013-07-11 10:14:02 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll

2013-07-11 10:14:02 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll

2013-07-11 10:14:00 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-07-11 10:14:00 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-07-11 10:13:56 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-11 10:13:55 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-11 10:13:39 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-07-11 10:13:34 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-07-11 10:13:34 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-07-11 10:13:34 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-07-11 10:13:34 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-07-11 10:13:33 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-07-11 10:13:17 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-07-11 10:13:17 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

.

==================== Find3M ====================

.

2013-07-24 07:42:29 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-07-24 07:42:29 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-12 10:57:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 10:57:48 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-08 13:09:17 107368 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2013-06-08 13:09:16 35656 ----a-w- C:\Windows\System32\LMIport.dll

2013-06-08 13:09:16 100680 ----a-w- C:\Windows\System32\LMIinit.dll

2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

.

============= FINISH: 11:10:57,69 ===============

attach.txt

July 24, 2013