Kontrola Logu +

[Medievl]

mno nemám a ted si častěji dávám pozor takže ve většinu pogramů mám nedůvěru.

[Reklama]

[Žbeky]

Stejně by sis nějaký antivir dát měl. Anebo potom neplač, že to máš zavirované

Dej sem ten CF

[Medievl]

combo fix


ComboFix 11-11-01.03 - Pavel 01.11.2011 17:35:39.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.196 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pavel\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Pavel\WINDOWS
c:\recycled\Recycled
c:\windows\IsUn0405.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-01 do 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-10-31 18:51 . 2011-10-31 18:51 -------- d-----w- c:\program files\Hemisphere Games
2011-10-31 18:50 . 2011-10-31 18:50 -------- d-----w- c:\windows\system32\3085
2011-10-30 13:44 . 2011-10-30 13:44 -------- d-----w- c:\program files\Wanadoo Edition
2011-10-30 10:28 . 2011-10-30 10:28 -------- d-----w- c:\program files\uTorrent
2011-10-30 10:27 . 2011-10-30 10:27 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\uTorrent
2011-10-29 21:16 . 2011-10-29 21:16 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\Malwarebytes
2011-10-29 21:15 . 2011-10-29 21:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-10-29 21:15 . 2011-10-29 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-29 21:15 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-29 20:28 . 2011-10-29 20:28 388096 ----a-r- c:\documents and settings\Pavel\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-29 20:28 . 2011-10-29 20:28 -------- d-----w- c:\program files\Trend Micro
2011-10-25 16:18 . 2011-10-25 16:18 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\CrashRpt
2011-10-25 16:17 . 2011-10-26 15:08 -------- d-----w- C:\KAG
2011-10-24 14:23 . 2011-10-24 14:23 -------- d-----w- c:\program files\SystemRequirementsLab
2011-10-24 12:26 . 2011-10-24 12:26 -------- d-----w- c:\program files\EA Games
2011-10-23 12:08 . 2011-10-24 11:55 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\PowerChallenge
2011-10-23 11:51 . 2011-10-23 11:51 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\Unity
2011-10-23 11:43 . 2011-10-24 11:55 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\Unity
2011-10-20 15:00 . 2011-10-20 15:05 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\TS3Client
2011-10-17 13:32 . 2011-10-17 14:35 -------- d-----w- c:\program files\minecraftserver
2011-10-16 11:13 . 2011-10-23 08:38 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\Hamachi
2011-10-16 11:12 . 2011-10-22 21:47 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-10-11 20:41 . 2011-10-11 20:41 -------- d-----w- c:\program files\Verlag Dashöfer s.r.o
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 13:24 . 2011-10-21 19:58 -------- d-----w- C:\Ace of Spades
2011-10-03 18:55 . 2001-10-24 10:25 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2011-10-03 18:55 . 2001-10-24 10:25 99328 ----a-w- c:\windows\system32\srusd.dll
2011-10-03 18:55 . 2001-10-24 10:24 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2011-10-03 18:55 . 2001-10-24 10:24 71680 ----a-w- c:\windows\system32\fnfilter.dll
2011-10-03 18:55 . 2001-10-24 10:02 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-10-03 18:55 . 2001-10-24 10:02 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-03 03:06 . 2011-03-23 17:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2011-03-23 17:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-29 08:44 . 2011-08-29 06:59 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-22 19:16 . 2011-07-27 20:02 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-22 19:16 . 2011-07-27 20:02 138056 ----a-w- c:\documents and settings\Pavel\Data aplikací\PnkBstrK.sys
2011-08-22 19:15 . 2011-07-27 20:01 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-22 19:15 . 2011-07-27 20:01 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-08-21 20:59 . 2011-07-27 20:01 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-17 21:25 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:25 . 2004-08-17 13:49 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:25 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-08-17 21:25 . 2004-08-17 13:49 17408 ------w- c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2011-08-12 11:51 . 2007-12-18 22:20 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-10-02 18:24 . 2011-08-29 08:27 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1EA72C1C-3F5D-3E11-3614-1EF9496232D2}]
2008-04-14 03:21 65536 ----a-w- c:\windows\system32\dmsttyle.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 86016]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-04-11 1127644]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-04-10 1846804]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2006-04-07 126976]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\

[Žbeky]

Log není celý

[Medievl]

promin nevšiml jsem si dám to znova od spouštěcíé body v registru


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1EA72C1C-3F5D-3E11-3614-1EF9496232D2}]
2008-04-14 03:21 65536 ----a-w- c:\windows\system32\dmsttyle.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 86016]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-04-11 1127644]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-04-10 1846804]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2006-04-07 126976]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\gprs.exe [2008-3-19 43608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2010-10-20 09:48 319488 ----a-w- c:\program files\Gameforge4D\4Story\PrePatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-05-17 11:14 2345680 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
2011-06-07 16:55 1017344 ----a-w- c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Pavel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\Pavel\\Dokumenty\\Stažené soubory\\SweetIMSetup.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\GMOD10\\hl2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\KAG\\KAG.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [19.3.2008 16:52 51816]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.10.2009 10:41 27632]
S0 FGXSCSI;FGXSCSI;c:\windows\system32\DRIVERS\fgxscsi.sys --> c:\windows\system32\DRIVERS\fgxscsi.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 CEDRIVER55;CEDRIVER55;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [10.10.2009 10:41 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [10.10.2009 10:41 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [10.10.2009 10:41 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [10.10.2009 10:41 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [10.10.2009 10:41 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [10.10.2009 10:41 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [10.10.2009 10:41 109736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2010-03-18 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-08-21 14:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.superhry.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\rmtybd5f.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{7C5C0F58-E061-457D-9033-77307F5ED00C} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Cmaudio - cmicnfg.cpl
MSConfigStartUp-DAEMON Tools-1033 - c:\program files\D-Tools\daemon.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
AddRemove-Need For Speed II - c:\electronic arts\Need For Speed II\DeIsL1.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-01 17:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3416)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Ahead\InCD\InCDsrv.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\system32\RunDll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\rundll32.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-11-01 18:01:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-01 17:00
.
Před spuštěním: 9 574 572 032
Po spuštění: 9 820 008 448
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 1042A2761A7D22D33A66CA940B2A4768

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

DirLook::
c:\windows\system32\3085

Driver::
FGXSCSI
CEDRIVER55
EagleXNt

File::
c:\windows\Tasks\AppleSoftwareUpdate.job


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba

soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Medievl]

ComboFix 11-11-01.03 - Pavel 04.11.2011 16:40:24.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.314 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pavel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pavel\Plocha\CFScript.txt
.
FILE ::
"c:\windows\Tasks\AppleSoftwareUpdate.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CEDRIVER55
-------\Legacy_EAGLEXNT
-------\Legacy_FGXSCSI
-------\Service_CEDRIVER55
-------\Service_EagleXNt
-------\Service_FGXSCSI
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-04 do 2011-11-04 )))))))))))))))))))))))))))))))
.
.
2011-11-04 15:29 . 2011-11-04 15:32 -------- d-----w- c:\program files\Mount&Blade
2011-10-31 18:51 . 2011-10-31 18:51 -------- d-----w- c:\program files\Hemisphere Games
2011-10-31 18:50 . 2011-10-31 18:50 -------- d-----w- c:\windows\system32\3085
2011-10-30 13:44 . 2011-10-30 13:44 -------- d-----w- c:\program files\Wanadoo Edition
2011-10-30 10:28 . 2011-10-30 10:28 -------- d-----w- c:\program files\uTorrent
2011-10-30 10:27 . 2011-10-30 10:27 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\uTorrent
2011-10-29 21:16 . 2011-10-29 21:16 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\Malwarebytes
2011-10-29 21:15 . 2011-10-29 21:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-10-29 21:15 . 2011-10-29 21:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-29 21:15 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-29 20:28 . 2011-10-29 20:28 -------- d-----w- c:\program files\Trend Micro
2011-10-25 16:18 . 2011-10-25 16:18 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\CrashRpt
2011-10-25 16:17 . 2011-11-03 16:14 -------- d-----w- C:\KAG
2011-10-24 14:23 . 2011-10-24 14:23 -------- d-----w- c:\program files\SystemRequirementsLab
2011-10-24 12:26 . 2011-10-24 12:26 -------- d-----w- c:\program files\EA Games
2011-10-23 12:08 . 2011-10-24 11:55 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\PowerChallenge
2011-10-23 11:51 . 2011-10-23 11:51 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\Unity
2011-10-23 11:43 . 2011-10-24 11:55 -------- d-----w- c:\documents and settings\Pavel\Local Settings\Data aplikací\Unity
2011-10-20 15:00 . 2011-10-20 15:05 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\TS3Client
2011-10-17 13:32 . 2011-10-17 14:35 -------- d-----w- c:\program files\minecraftserver
2011-10-16 11:13 . 2011-10-23 08:38 -------- d-----w- c:\documents and settings\Pavel\Data aplikací\Hamachi
2011-10-16 11:12 . 2011-10-22 21:47 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-10-11 20:41 . 2011-10-11 20:41 -------- d-----w- c:\program files\Verlag Dashöfer s.r.o
2011-10-10 09:09 . 2011-10-10 09:09 4550304 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-10-07 13:24 . 2011-11-03 12:42 -------- d-----w- C:\Ace of Spades
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-03 03:06 . 2011-03-23 17:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2011-03-23 17:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-29 08:44 . 2011-08-29 06:59 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-22 19:16 . 2011-07-27 20:02 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-08-22 19:16 . 2011-07-27 20:02 138056 ----a-w- c:\documents and settings\Pavel\Data aplikací\PnkBstrK.sys
2011-08-22 19:15 . 2011-07-27 20:01 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-22 19:15 . 2011-07-27 20:01 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-08-21 20:59 . 2011-07-27 20:01 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-17 21:25 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:25 . 2004-08-17 13:49 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:25 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-08-17 21:25 . 2004-08-17 13:49 17408 ------w- c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2011-08-12 11:51 . 2007-12-18 22:20 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2011-10-02 18:24 . 2011-08-29 08:27 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\system32\3085 ----
.
2011-10-31 18:50 . 2011-11-03 08:13 4408 ----a-w- c:\windows\system32\3085\inf3085.dat
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-01_16.53.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-04 16:14 . 2011-11-04 16:14 16384 c:\windows\temp\Perflib_Perfdata_1e0.dat
+ 2010-08-17 10:49 . 2008-07-31 09:41 68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-08-17 10:49 . 2008-07-31 08:41 68616 c:\windows\system32\XAPOFX1_1.dll
- 2010-08-17 10:49 . 2008-05-30 12:17 65032 c:\windows\system32\XAPOFX1_0.dll
+ 2010-08-17 10:49 . 2008-05-30 13:17 65032 c:\windows\system32\XAPOFX1_0.dll
+ 2010-08-17 10:49 . 2008-05-30 13:17 25608 c:\windows\system32\X3DAudio1_4.dll
- 2010-08-17 10:49 . 2008-05-30 12:17 25608 c:\windows\system32\X3DAudio1_4.dll
+ 2011-11-03 20:58 . 2011-11-03 20:58 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2011-09-17 00:53 . 2011-09-17 00:53 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2011-10-01 21:20 . 2011-10-01 21:20 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-08-17 10:49 . 2008-07-31 09:40 509448 c:\windows\system32\XAudio2_2.dll
- 2010-08-17 10:49 . 2008-07-31 08:40 509448 c:\windows\system32\XAudio2_2.dll
- 2010-08-17 10:49 . 2008-05-30 12:19 507400 c:\windows\system32\XAudio2_1.dll
+ 2010-08-17 10:49 . 2008-05-30 13:19 507400 c:\windows\system32\XAudio2_1.dll
- 2010-08-17 10:49 . 2008-07-31 08:41 238088 c:\windows\system32\xactengine3_2.dll
+ 2010-08-17 10:49 . 2008-07-31 09:41 238088 c:\windows\system32\xactengine3_2.dll
+ 2010-08-17 10:49 . 2008-05-30 13:18 238088 c:\windows\system32\xactengine3_1.dll
- 2010-08-17 10:49 . 2008-05-30 12:18 238088 c:\windows\system32\xactengine3_1.dll
- 2010-08-17 10:49 . 2008-07-10 09:01 467984 c:\windows\system32\d3dx10_39.dll
+ 2010-08-17 10:49 . 2008-07-12 07:18 467984 c:\windows\system32\d3dx10_39.dll
- 2010-08-17 10:49 . 2008-05-30 12:11 467984 c:\windows\system32\d3dx10_38.dll
+ 2010-08-17 10:49 . 2008-05-30 13:11 467984 c:\windows\system32\d3dx10_38.dll
+ 2011-11-03 20:58 . 2011-11-03 20:58 381440 c:\windows\Installer\2bdf08d.msi
+ 2011-11-02 17:44 . 2011-11-02 17:44 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:43 . 2011-11-02 17:43 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:43 . 2011-11-02 17:43 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-11-02 17:44 . 2011-11-02 17:44 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-08-17 10:49 . 2008-07-12 07:18 3851784 c:\windows\system32\D3DX9_39.dll
- 2010-08-17 10:49 . 2008-07-10 09:00 3851784 c:\windows\system32\D3DX9_39.dll
+ 2010-08-17 10:48 . 2008-05-30 13:11 3850760 c:\windows\system32\D3DX9_38.dll
- 2010-08-17 10:48 . 2008-05-30 12:11 3850760 c:\windows\system32\D3DX9_38.dll
+ 2010-08-17 10:49 . 2008-07-12 07:18 1493528 c:\windows\system32\D3DCompiler_39.dll
- 2010-08-17 10:49 . 2008-07-10 09:00 1493528 c:\windows\system32\D3DCompiler_39.dll
- 2010-08-17 10:49 . 2008-05-30 12:11 1491992 c:\windows\system32\D3DCompiler_38.dll
+ 2010-08-17 10:49 . 2008-05-30 13:11 1491992 c:\windows\system32\D3DCompiler_38.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:43 . 2011-11-02 17:43 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-11-02 17:43 . 2011-11-02 17:43 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-10-01 21:20 . 2011-10-01 21:20 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1EA72C1C-3F5D-3E11-3614-1EF9496232D2}]
2008-04-14 03:21 65536 ----a-w- c:\windows\system32\dmsttyle.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="NvMCTray.dll" [2006-10-22 86016]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-04-11 1127644]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-04-10 1846804]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2006-04-07 126976]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-23 1398272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\gprs.exe [2008-3-19 43608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2010-10-20 09:48 319488 ----a-w- c:\program files\Gameforge4D\4Story\PrePatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-05-17 11:14 2345680 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
2011-06-07 16:55 1017344 ----a-w- c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.5.3.949\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 07:27 17351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Pavel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\GMOD10\\hl2.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [19.3.2008 16:52 51816]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.10.2009 10:41 27632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [10.10.2009 10:41 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [10.10.2009 10:41 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [10.10.2009 10:41 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [10.10.2009 10:41 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [10.10.2009 10:41 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [10.10.2009 10:41 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [10.10.2009 10:41 109736]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.superhry.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\rmtybd5f.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-04 17:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3692)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Ahead\InCD\InCDsrv.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\system32\rundll32.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-11-04 17:22:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-04 16:21
ComboFix2.txt 2011-11-01 17:01
.
Před spuštěním: Volných bajtů: 12 138 221 568
Po spuštění: Volných bajtů: 12 152 320 000
.
- - End Of File - - E16F531718E87FE88AC3B9FFD24FBCAB

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[Medievl]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:33:24, on 8.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove Folder Synchronization - {1EA72C1C-3F5D-3E11-3614-1EF9496232D2} - C:\WINDOWS\system32\dmsttyle.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

--
End of file - 7099 bytes

[Žbeky]

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

Pokud nejsou problémy, dej vyřešeno

[Medievl]

problémy jsou zasekávání myší a trošku pomalejší PC

[Žbeky]

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.