spomalený ntb Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 05 říj 2013 22:33

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Starter x86
Ran by martinka on so 05. 10. 2013 at 22:25:57,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2976481369-1775756746-1115402291-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealio_setup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealio_setup_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B0B233D8-F0A3-4B75-9D6C-1CBD8DBE5805}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\martinka\appdata\local\{00178856-21D9-459E-819A-261F8F404B30}
Successfully deleted: [Empty Folder] C:\Users\martinka\appdata\local\{4A592573-3077-4DF8-9FB8-5088A8CEDE96}
Successfully deleted: [Empty Folder] C:\Users\martinka\appdata\local\{59C0CD1F-3B92-46B7-BC89-D28CF7FB1E1D}
Successfully deleted: [Empty Folder] C:\Users\martinka\appdata\local\{6C835BD4-5967-4B0D-98C7-A7638018C811}
Successfully deleted: [Empty Folder] C:\Users\martinka\appdata\local\{6E1AAAA8-FFE7-4FB1-B4F0-BD5A676C40B8}



~~~ FireFox

Successfully deleted: [File] C:\Users\martinka\AppData\Roaming\mozilla\firefox\profiles\t6rzolxr.default\searchplugins\babylon.xml



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejdabpabkmacjiiooccecnpakonoibah



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 05. 10. 2013 at 22:32:36,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: spomalený ntb

Příspěvekod memphisto » 06 říj 2013 22:39

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 07 říj 2013 20:42

RogueKiller V8.7.1 [Oct 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spustené v : Normálny režim
Užívateľ : martinka [Práva Správcu]
Režim : Odebrať -- Dátum : 10/07/2013 20:42:13
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZANÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZANÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V2][SUSP PATH] fbagent : C:\Users\martinka\AppData\Roaming\htz.exe [x] -> VYMAZANÉ
[V2][SUSP PATH] systems : C:\Users\martinka\AppData\Roaming\ytf.exe [x] -> VYMAZANÉ

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NAHRATÉ] ¤¤¤
[Inline] EAT @explorer.exe (?s_pClassInfo@CCSysLink@DirectUI@@0PAUIClassInfo@2@A) : DUI70.dll -> HOOKED (Unknown @ 0x6C6A9AC4)
[Inline] EAT @explorer.exe (?s_pClassInfo@HWNDElement@DirectUI@@0PAUIClassInfo@2@A) : DUI70.dll -> HOOKED (Unknown @ 0xD46A93C8)
[Inline] EAT @explorer.exe (?s_pClassInfo@RadioButtonGlyph@DirectUI@@0PAUIClassInfo@2@A) : DUI70.dll -> HOOKED (Unknown @ 0x6C6A99F2)
[Inline] EAT @explorer.exe (?s_pClassInfo@TextGraphic@DirectUI@@0PAUIClassInfo@2@A) : DUI70.dll -> HOOKED (Unknown @ 0x6C6A9AE3)
[Inline] EAT @explorer.exe (?MILLIS_PER_SECOND@GCDate@@2JB) : GrooveUtil.DLL -> HOOKED (Unknown @ 0xD13A333C)

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - Hitachi HTS545025B9A300 +++++
--- User ---
[MBR] 186a8bbe3ec8c2e895f8cc9255e88c92
[BSP] 5427587686c7b7c8882d593d497cf561 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 13319 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27278370 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27487215 | Size: 225052 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_10072013_204213.txt >>
RKreport[0]_S_10052013_222219.txt;RKreport[0]_S_10072013_203716.txt

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 07 říj 2013 21:39

ComboFix 13-10-04.02 - martinka . 10. 2013 20:55:51.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.421.1051.18.1013.250 [GMT 2:00]
Running from: C:\Users\martinka\Downloads\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files\ESET\MiNODLogin
C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
C:\Program Files\ESET\MiNODLogin\MiNODLogin.jar
C:\Program Files\ESET\MiNODLogin\MiNODLoginLib.dll
C:\Program Files\ESET\MiNODLogin\MiNODLoginUninst.exe
C:\Program Files\ESET\MiNODLogin\servidores.xml
C:\ProgramData\Acer
C:\ProgramData\Acer\Acer Updater\_UpdaterService_CFG.ini
C:\ProgramData\Acer\Acer Updater\_UpdaterService_LOG.txt
C:\ProgramData\Acer\Acer Updater\fubdlr.sent
C:\ProgramData\Acer\Acer Updater\ServerInfo_Local.xml
C:\ProgramData\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
C:\ProgramData\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
C:\ProgramData\Acer\Install\install.log
C:\Users\martinka\AppData\Roaming\2A12.exe
C:\Users\martinka\AppData\Roaming\48FB.exe
C:\Users\martinka\AppData\Roaming\68CB.exe
C:\Users\martinka\AppData\Roaming\6B1C.exe
C:\Users\martinka\AppData\Roaming\80D3.exe
C:\Users\martinka\AppData\Roaming\92FE.exe
C:\Users\martinka\AppData\Roaming\949A.exe
C:\Users\martinka\AppData\Roaming\A84B.exe
C:\Users\martinka\AppData\Roaming\C11B.exe
C:\Users\martinka\AppData\Roaming\E1FD.exe
C:\Users\martinka\AppData\Roaming\Local
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\aptfigosizgn.avi.ddr
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2).ddp
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3).ddp
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4).ddp
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\aptfigosizgn.avi.ddp
C:\Users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
C:\Windows\pkunzip.pif
C:\Windows\pkzip.pif
C:\Windows\system32\Packet.dll
C:\Windows\system32\wpcap.dll


((((((((((((((((((((((((( Files Created from 2013-09-07 to 2013-10-07 )))))))))))))))))))))))))))))))


2013-10-07 19:25:30 . 2013-10-07 19:26:07 -------- d-----w- C:\Users\martinka\AppData\Local\temp
2013-10-07 19:25:30 . 2013-10-07 19:25:30 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-10-07 16:19:18 . 2013-10-07 16:19:35 -------- d-----w- C:\Users\martinka\AppData\Local\Adobe
2013-10-05 20:25:46 . 2013-10-05 20:25:46 -------- d-----w- C:\Windows\ERUNT
2013-10-05 17:42:21 . 2013-10-05 19:13:40 -------- d-----w- C:\AdwCleaner
2013-10-05 17:41:59 . 2013-10-05 17:41:59 -------- d-----w- C:\Users\martinka\AppData\Local\avgchrome
2013-10-05 17:11:38 . 2013-10-05 17:11:58 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2013-10-05 17:11:38 . 2013-04-04 12:50:32 22856 ----a-w- C:\Windows\system32\drivers\mbam.sys
2013-09-20 16:12:27 . 2013-10-05 19:59:02 -------- d-----w- C:\Program Files\7Go Games
2013-09-20 16:12:16 . 2013-09-20 16:12:17 -------- d-----w- C:\Users\martinka\AppData\Local\Programs
2013-09-16 10:30:40 . 2013-09-16 10:30:40 4806016 ----a-w- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-09-16 10:30:40 . 2013-09-16 10:30:40 4806016 ----a-w- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-09-15 17:51:59 . 2013-08-10 03:59:02 817664 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-09-15 17:51:57 . 2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\system32\wininet.dll
2013-09-15 17:51:56 . 2013-08-10 04:18:11 770648 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-09-13 18:30:26 . 2013-08-05 01:56:47 133056 ----a-w- C:\Windows\system32\drivers\ataport.sys
2013-09-13 17:34:11 . 2013-08-08 01:03:07 2348544 ----a-w- C:\Windows\system32\win32k.sys
2013-09-09 10:48:47 . 2013-06-21 00:07:52 84248 ----a-w- C:\Windows\system32\drivers\ssudbus.sys
2013-09-09 10:22:02 . 2013-09-09 10:22:02 -------- d-----w- C:\Program Files\MarkAny
.


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-07-25 08:57:27 . 2013-08-14 15:08:08 1620992 ----a-w- C:\Windows\system32\WMVDECOD.DLL
2013-07-19 01:41:01 . 2013-08-14 15:06:02 2048 ----a-w- C:\Windows\system32\tzres.dll
2010-10-13 21:28:54 . 2010-09-27 21:49:58 24376 ----a-w- C:\Program Files\mozilla firefox\components\Scriptff.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55:48 120176 ----a-w- C:\Program Files\EgisTec MyWinLocker\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-03 03:53:03 39408]
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe" [2013-07-26 12:43:44 1564016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]
"Smart File Advisor"="C:\Program Files\Smart File Advisor\sfa.exe" [2011-04-04 13:59:12 280824]
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 12:43:46 311152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe" [2013-05-19 05:48:32 280576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 828704]
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-11-24 13:15:36 74752]
R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 10:23:26 90112]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 10:29:40 3273088]
R2 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 17:12:14 160944]
R3 BBSvc;Bing Bar Update Service;C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 17:44:14 183560]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys [2010-03-05 17:03:58 286248]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 22:37:36 33320]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-21 00:07:52 84248]
R3 EUCR;EUCR;C:\Windows\system32\DRIVERS\EUCR6SK.SYS [2010-03-02 06:23:36 82384]
R3 gel90xne;gel90xne;C:\Users\martinka\AppData\Local\Temp\gel90xne.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 15:48:00 235216]
R3 MWLService;MyWinLocker Service;C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 05:56:48 305520]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 08:38:44 98672]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 08:38:44 14960]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 08:38:44 124016]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 08:38:44 117872]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 08:38:44 25456]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 08:38:44 113904]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 08:38:44 123504]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 10:24:41 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 15:33:04 51040]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [2011-02-04 06:05:04 436792]
S1 ehdrv;ehdrv;C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 08:03:36 108792]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 02:15:34 18992]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 02:15:38 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 02:15:40 60976]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files\Launch Manager\dsiwmis.exe [2010-04-08 04:18:40 312400]
S2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 08:04:30 735960]
S2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 08:06:50 38240]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-06 03:23:14 735776]
S2 GREGService;GREGService;C:\Program Files\Acer\Registration\GREGsvc.exe [2010-01-08 13:21:22 23584]
S2 RS_Service;Raw Socket Service;C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-29 23:52:58 260640]
S2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 23:27:36 243232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x86.sys [2010-04-21 07:47:36 68208]


--- Other Services/Drivers In Memory ---

*Deregistered* - TrueSight

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc

Contents of the 'Scheduled Tasks' folder

2013-10-07 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-20 17:35:45 . 2010-10-20 17:35:09]

2013-10-07 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-20 17:35:45 . 2010-10-20 17:35:09]

2013-10-07 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000Core.job
- C:\Users\martinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 16:31:00 . 2010-09-26 16:30:43]

2013-10-07 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000UA.job
- C:\Users\martinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 16:31:00 . 2010-09-26 16:30:43]

2013-10-06 C:\Windows\Tasks\Norton Security Scan for martinka.job
- C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-01-05 18:12:14 . 2010-07-06 23:51:06]


------- Supplementary Scan -------

uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
IE: {{45d8438c-b51d-47a8-aeea-9061535f25f1} - {b52d0735-ec19-448a-abde-e01b5bd275d2} -
TCP: DhcpNameServer = 192.168.1.10 195.146.132.59 195.146.128.60
FF - ProfilePath - C:\Users\martinka\AppData\Roaming\Mozilla\Firefox\Profiles\t6rzolxr.default\

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKCU-Run-AdobeBridge - (no file)
AddRemove-Convert Doc_is1 - C:\Program Files\Softinterface
AddRemove-MiNODLogin - C:\Program Files\ESET\MiNODLogin\MiNODLoginUninst.exe
AddRemove-{1EB98921-3AD1-4A7A-BED2-B4054E9CFA8E}_is1 - C:\Users\martinka\AppData\Local\Performersoft\Application\24.0.1293.0\Installer\unins000.exe
AddRemove-{cb6d194b-149b-4e28-9b6b-fd0bdaa2aa7c}_is1 - C:\Program Files\DownTangoLauncherToolbar\unins000.exe
AddRemove-01_Simmental - C:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - C:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - C:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - C:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - C:\Program Files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - C:\Program Files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - C:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - C:\Program Files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - C:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - C:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - C:\Program Files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - C:\Program Files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - C:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - C:\Program Files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - C:\Program Files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - C:\Program Files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - C:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - C:\Program Files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-24_flashusbdriver - C:\Program Files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - C:\Program Files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-Jet - C:\Users\martinka\AppData\Local\Performersoft\Application\24.0.1293.0\Installer\setup.exe

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: spomalený ntb

Příspěvekod memphisto » 07 říj 2013 21:47

LOg není celý. Odinstaluj toho cracknutého ESETa a zase udělej Combofix znovu... Navíc jej máš spouštět z plochy! Tak jej tam přesuň...
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 08 říj 2013 19:55

potiahla som znovu downloadu combofix na plochu (ako aj vcera) ale v logu mi ukazuje,ze je spúštaný z download, nieco robim zle? prikladám aj log ComboFix 13-10-04.02 - martinka . 10. 2013 19:32:45.2.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.421.1051.18.1013.367 [GMT 2:00]
Running from: c:\users\martinka\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
.
---- Previous Run -------
.
c:\program files\ESET\MiNODLogin
c:\program files\ESET\MiNODLogin\MiNODLogin.exe
c:\program files\ESET\MiNODLogin\MiNODLogin.jar
c:\program files\ESET\MiNODLogin\MiNODLoginLib.dll
c:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
c:\program files\ESET\MiNODLogin\servidores.xml
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
c:\programdata\Acer\Install\install.log
c:\users\martinka\AppData\Roaming\2A12.exe
c:\users\martinka\AppData\Roaming\48FB.exe
c:\users\martinka\AppData\Roaming\68CB.exe
c:\users\martinka\AppData\Roaming\6B1C.exe
c:\users\martinka\AppData\Roaming\80D3.exe
c:\users\martinka\AppData\Roaming\92FE.exe
c:\users\martinka\AppData\Roaming\949A.exe
c:\users\martinka\AppData\Roaming\A84B.exe
c:\users\martinka\AppData\Roaming\C11B.exe
c:\users\martinka\AppData\Roaming\E1FD.exe
c:\users\martinka\AppData\Roaming\Local
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\aptfigosizgn.avi.ddr
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2).ddp
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3).ddp
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4).ddp
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\aptfigosizgn.avi.ddp
c:\users\martinka\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Packet.dll
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-09-08 to 2013-10-08 )))))))))))))))))))))))))))))))
.
.
2013-10-08 17:48 . 2013-10-08 17:48 -------- d-----w- c:\users\martinka\AppData\Local\temp
2013-10-08 17:48 . 2013-10-08 17:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-07 16:19 . 2013-10-07 16:19 -------- d-----w- c:\users\martinka\AppData\Local\Adobe
2013-10-05 20:25 . 2013-10-05 20:25 -------- d-----w- c:\windows\ERUNT
2013-10-05 17:42 . 2013-10-05 19:13 -------- d-----w- C:\AdwCleaner
2013-10-05 17:41 . 2013-10-05 17:41 -------- d-----w- c:\users\martinka\AppData\Local\avgchrome
2013-10-05 17:11 . 2013-10-05 17:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-05 17:11 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-20 16:12 . 2013-10-05 19:59 -------- d-----w- c:\program files\7Go Games
2013-09-20 16:12 . 2013-09-20 16:12 -------- d-----w- c:\users\martinka\AppData\Local\Programs
2013-09-16 10:30 . 2013-09-16 10:30 4806016 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-09-16 10:30 . 2013-09-16 10:30 4806016 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-09-15 17:51 . 2013-08-10 03:59 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-09-15 17:51 . 2013-08-10 03:59 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-09-15 17:51 . 2013-08-10 04:18 770648 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-09-13 18:30 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-13 17:34 . 2013-08-08 01:03 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-09-09 10:48 . 2013-06-21 00:07 84248 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-09-09 10:22 . 2013-09-09 10:22 -------- d-----w- c:\program files\MarkAny
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-25 08:57 . 2013-08-14 15:08 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-14 15:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-13 21:28 . 2010-09-27 21:49 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-03 39408]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"AdobeBridge"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-05-19 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 828704]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-11-24 74752]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-05 286248]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 33320]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [2010-03-02 82384]
R3 gel90xne;gel90xne;c:\users\martinka\AppData\Local\Temp\gel90xne.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-02-04 436792]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 18992]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60976]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-06 735776]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-21 68208]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-20 17:35]
.
2013-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-20 17:35]
.
2013-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000Core.job
- c:\users\martinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 16:30]
.
2013-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000UA.job
- c:\users\martinka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 16:30]
.
2013-10-06 c:\windows\Tasks\Norton Security Scan for martinka.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-01-05 23:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
IE: {{45d8438c-b51d-47a8-aeea-9061535f25f1} - {b52d0735-ec19-448a-abde-e01b5bd275d2} -
TCP: DhcpNameServer = 192.168.1.10 195.146.132.59 195.146.128.60
FF - ProfilePath - c:\users\martinka\AppData\Roaming\Mozilla\Firefox\Profiles\t6rzolxr.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2976481369-1775756746-1115402291-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,3b,1b,06,27,44,
9b,03,3a,81,03,95,5b,f0,f6,94,dc,d2,5f
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,3b,1b,a1,de,03,
3d,54,1e,b3,5d,84,15,4b,d0,26,e1,8f,56
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,c4,
06,9c,bf,e4,0e,ba,9b,b1,17,8d,6a,ff,da
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6a,75,
2c,b3,16,9a,0a,83,1b,5f,09,a5,d3,d7,ed
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,3b,1b,d6,c2,26,
47,59,23,ba,00,8f,ec,09,9a,db,e6,60,f0
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2d,9e,
6c,f4,67,45,01,a8,f4,40,fc,1c,7c,e1,67
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,2b,
8e,33,1b,d8,06,91,c1,1a,24,77,4c,21,df
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,3b,1b,7b,fd,c6,
81,5e,d4,61,04,b4,12,5f,15,ca,ab,b0,90
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,3b,1b,48,f1,43,
b4,ec,56,f6,01,9c,3e,84,50,56,30,31,ee
"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,3b,1b,39,e3,9a,
cd,ca,2b,29,01,a6,27,8f,ad,dd,2d,24,0d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,d3,
c5,74,f3,3c,0f,a3,79,d7,65,c0,81,ca,b0
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,06,4f,
34,c7,0c,02,0a,b7,ae,84,e9,66,6a,00,88
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,3b,1b,21,82,1e,
e1,6b,9b,49,02,a0,36,dd,a9,28,92,17,1a
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,c2,f1,
a3,54,95,b7,5d,a3,e0,4b,e0,c8,4e,f7,16
"{B52D0735-EC19-448A-ABDE-E01B5BD275D2}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,1b,36,
ab,28,bb,ed,08,b4,d3,ab,5b,5a,96,37,cb
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,44,9b,
b0,6d,79,b3,02,90,76,ba,b7,84,5e,06,8e
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"=hex:51,66,7a,6c,4c,1d,3b,1b,da,d1,74,
38,82,2c,c0,01,ac,b2,b3,05,df,e6,a9,cf
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,36,
53,8f,3e,1d,0b,8f,f8,b6,9b,04,71,3b,6c
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-10-08 19:52:30
ComboFix-quarantined-files.txt 2013-10-08 17:52
.
Pre-Run: 140 065 189 888 bytes free
Post-Run: 140 012 691 456 bytes free
.
- - End Of File - - 70DF700870EA21BF396D78829952BAAB
A36C5E4F47E84449FF07ED3517B43A31

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: spomalený ntb

Příspěvekod jaro3 » 08 říj 2013 20:46

Odinstaluj:
BingBar
McAfee Security Scan
Norton Security Scan
Winamp Toolbar

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\users\martinka\AppData\Local\Temp\gel90xne.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000UA.job
c:\windows\Tasks\Norton Security Scan for martinka.job

Folder::
c:\program files\Skype\Updater
c:\program files\McAfee Security Scan
c:\program files\Google\Update
c:\users\martinka\AppData\Local\Google\Update
c:\program files\Norton Security Scan

Driver::
SkypeUpdate
gel90xne
McComponentHostService

RegLock::
[HKEY_USERS\S-1-5-21-2976481369-1775756746-1115402291-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,3b,1b,06,27,44,
 9b,03,3a,81,03,95,5b,f0,f6,94,dc,d2,5f
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,3b,1b,a1,de,03,
 3d,54,1e,b3,5d,84,15,4b,d0,26,e1,8f,56
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,c4,
 06,9c,bf,e4,0e,ba,9b,b1,17,8d,6a,ff,da
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6a,75,
 2c,b3,16,9a,0a,83,1b,5f,09,a5,d3,d7,ed
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,3b,1b,d6,c2,26,
 47,59,23,ba,00,8f,ec,09,9a,db,e6,60,f0
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2d,9e,
 6c,f4,67,45,01,a8,f4,40,fc,1c,7c,e1,67
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,2b,
 8e,33,1b,d8,06,91,c1,1a,24,77,4c,21,df
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,3b,1b,7b,fd,c6,
 81,5e,d4,61,04,b4,12,5f,15,ca,ab,b0,90
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,3b,1b,48,f1,43,
 b4,ec,56,f6,01,9c,3e,84,50,56,30,31,ee
"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,3b,1b,39,e3,9a,
 cd,ca,2b,29,01,a6,27,8f,ad,dd,2d,24,0d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,d3,
 c5,74,f3,3c,0f,a3,79,d7,65,c0,81,ca,b0
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,06,4f,
 34,c7,0c,02,0a,b7,ae,84,e9,66,6a,00,88
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,3b,1b,21,82,1e,
 e1,6b,9b,49,02,a0,36,dd,a9,28,92,17,1a
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,c2,f1,
 a3,54,95,b7,5d,a3,e0,4b,e0,c8,4e,f7,16
"{B52D0735-EC19-448A-ABDE-E01B5BD275D2}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,1b,36,
 ab,28,bb,ed,08,b4,d3,ab,5b,5a,96,37,cb
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,44,9b,
 b0,6d,79,b3,02,90,76,ba,b7,84,5e,06,8e
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"=hex:51,66,7a,6c,4c,1d,3b,1b,da,d1,74,
 38,82,2c,c0,01,ac,b2,b3,05,df,e6,a9,cf
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,36,
 53,8f,3e,1d,0b,8f,f8,b6,9b,04,71,3b,6c
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
http://files.avast.com/files/rootkit-scanner/aswmbr.exe
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 09 říj 2013 20:13

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně: Mám spustit príkazový riadok?? ked kliknem na start nemám tam ziadnu volbu spustit, a ked som skusala kopirovat zeleny text do prikazoveho riadku pomocou ctrl c, a ctrl v, neslo mi to,

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: spomalený ntb

Příspěvekod jaro3 » 09 říj 2013 22:28

Čti to pořádně.

Start , nad start je okénko , do toho napiš pouze:
notepad a dej OK.

Objeví se pozn. blok , do něho zkopíruj ten text atd.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 10 říj 2013 18:13

posielam log z combo fix ComboFix 13-10-04.02 - martinka . 10. 2013 17:44:48.3.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.421.1051.18.1013.508 [GMT 2:00]
Running from: c:\users\martinka\Downloads\ComboFix.exe
Command switches used :: c:\users\martinka\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\martinka\AppData\Local\Temp\gel90xne.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2976481369-1775756746-1115402291-1000UA.job"
"c:\windows\Tasks\Norton Security Scan for martinka.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.153\goopdate.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.153\psmachine.dll
c:\program files\Google\Update\1.3.21.153\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{452C5AE3-4624-44B5-882B-213633FA773C}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe
c:\program files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4413.1752\GoogleToolbarInstaller_updater_signed.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\users\martinka\AppData\Local\Google\Update
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdate.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_am.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_da.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_de.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_el.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_en.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_es.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_et.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_id.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_is.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_it.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_no.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_te.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_th.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\psmachine.dll
c:\users\martinka\AppData\Local\Google\Update\1.3.21.153\psuser.dll
c:\users\martinka\AppData\Local\Google\Update\Download\{0FB939EF-804F-4BEB-A6E4-992562E7958D}\chrome_updater.exe
c:\users\martinka\AppData\Local\Google\Update\Download\{259C03F6-6315-41E8-B00F-EE21650809E7}\GoogleUpdateSetup.exe
c:\users\martinka\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
c:\users\martinka\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe
c:\users\martinka\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GEL90XNE
-------\Service_gel90xne
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2013-09-10 to 2013-10-10 )))))))))))))))))))))))))))))))
.
.
2013-10-10 16:03 . 2013-10-10 16:03 -------- d-----w- c:\programdata\Acer
2013-10-10 16:01 . 2013-10-10 16:04 -------- d-----w- c:\users\martinka\AppData\Local\temp
2013-10-10 16:01 . 2013-10-10 16:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-10 09:16 . 2013-10-10 09:16 -------- d-----w- C:\72ea45ebf3dc2e610f649c
2013-10-09 20:42 . 2013-10-09 20:42 -------- d-----w- C:\d0064a5db9d1598583
2013-10-09 18:57 . 2013-08-01 11:03 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 18:57 . 2013-08-29 01:51 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-10-09 18:57 . 2013-08-29 01:51 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-10-09 18:57 . 2013-08-29 01:50 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-10-09 18:57 . 2013-08-29 01:50 619520 ----a-w- c:\windows\system32\tdh.dll
2013-10-09 18:57 . 2013-08-29 01:48 640512 ----a-w- c:\windows\system32\advapi32.dll
2013-10-09 18:57 . 2013-07-20 10:33 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 18:57 . 2013-06-06 03:01 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-10-09 18:57 . 2013-06-06 04:52 26112 ----a-w- c:\windows\system32\lpk.dll
2013-10-09 18:57 . 2013-06-06 04:51 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-10-09 18:57 . 2013-06-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-10-09 18:57 . 2013-06-06 03:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-09 18:57 . 2013-08-28 00:57 434688 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 18:43 . 2013-08-28 01:04 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-10-09 18:42 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 18:42 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 18:42 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 18:41 . 2013-07-12 10:08 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-09 18:41 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 18:39 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-07 16:19 . 2013-10-07 16:19 -------- d-----w- c:\users\martinka\AppData\Local\Adobe
2013-10-05 20:25 . 2013-10-05 20:25 -------- d-----w- c:\windows\ERUNT
2013-10-05 17:42 . 2013-10-05 19:13 -------- d-----w- C:\AdwCleaner
2013-10-05 17:41 . 2013-10-05 17:41 -------- d-----w- c:\users\martinka\AppData\Local\avgchrome
2013-10-05 17:11 . 2013-10-05 17:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-05 17:11 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-20 16:12 . 2013-09-20 16:12 -------- d-----w- c:\users\martinka\AppData\Local\Programs
2013-09-16 10:30 . 2013-09-16 10:30 4806016 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-09-16 10:30 . 2013-09-16 10:30 4806016 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-09-13 18:30 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-25 08:57 . 2013-08-14 15:08 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-14 15:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-13 21:28 . 2010-09-27 21:49 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-03 39408]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"AdobeBridge"="" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-05-19 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-05 286248]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 33320]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [2010-03-02 82384]
R3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-02-04 436792]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 18992]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60976]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-06 735776]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-11-24 74752]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-21 68208]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
IE: {{45d8438c-b51d-47a8-aeea-9061535f25f1} - {b52d0735-ec19-448a-abde-e01b5bd275d2} -
TCP: DhcpNameServer = 192.168.1.10 195.146.132.59 195.146.128.60
FF - ProfilePath - c:\users\martinka\AppData\Roaming\Mozilla\Firefox\Profiles\t6rzolxr.default\
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1820)
c:\program files\EgisTec MyWinLocker\x86\psdprotect.dll
c:\program files\EgisTec MyWinLocker\x86\sysenv.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-10-10 18:11:07 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-10 16:11
ComboFix2.txt 2013-10-08 17:52
.
Pre-Run: 136 861 265 920 bytes free
Post-Run: 136 472 260 608 bytes free
.
- - End Of File - - 203DF9AB7DC787BDA5526250DD15C8C0
A36C5E4F47E84449FF07ED3517B43A31

ready880
nováček
Příspěvky: 18
Registrován: říjen 13
Pohlaví: Žena
Stav:
Offline

Re: spomalený ntb

Příspěvekod ready880 » 10 říj 2013 18:19

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-10-10 18:15:51
-----------------------------
18:15:51.762 OS Version: Windows 6.1.7601 Service Pack 1
18:15:51.762 Number of processors: 2 586 0x1C0A
18:15:51.778 ComputerName: ACER UserName:
18:15:54.134 Initialize success
18:15:59.389 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:15:59.389 Disk 0 Vendor: Hitachi_ PB2O Size: 238475MB BusType: 3
18:15:59.545 Disk 0 MBR read successfully
18:15:59.545 Disk 0 MBR scan
18:15:59.561 Disk 0 Windows 7 default MBR code
18:15:59.576 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13319 MB offset 63
18:15:59.608 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 27278370
18:15:59.623 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 225052 MB offset 27487215
18:15:59.639 Disk 0 scanning sectors +488395120
18:15:59.873 Disk 0 scanning C:\Windows\system32\drivers
18:16:14.740 Service scanning
18:16:37.828 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
18:16:45.222 Modules scanning
18:17:03.396 Disk 0 trace - called modules:
18:17:03.427 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys sptd.sys dxgkrnl.sys igdkmd32.sys dxgmms1.sys
18:17:03.443 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85290030]
18:17:03.459 3 CLASSPNP.SYS[827bf59e] -> nt!IofCallDriver -> [0x84870700]
18:17:03.474 5 ACPI.sys[86a193d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84835028]
18:17:03.490 Scan finished successfully
18:18:14.907 Disk 0 MBR has been saved successfully to "C:\Users\martinka\Desktop\MBR.dat"
18:18:14.922 The log file has been saved successfully to "C:\Users\martinka\Desktop\aswMBR.txt"

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: spomalený ntb

Příspěvekod jaro3 » 10 říj 2013 19:01

Running from: c:\users\martinka\Downloads\ComboFix.exe

tam asi dva Combofixy , jeden v Downloads a druhý na ploše?

ten v downloads smaž.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Vlož nový log z HJT+info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 68 hostů