Prosil bych o preventivní kontrolu logu

Příspěvekod **Clorky** » 14 úno 2013 21:46

Zdravím, PC občas sekne nebo padají ovládače, to se dá překousnout v pohodě... jde mi spíše o preventivní kontrolu.
Děkuji moc předem.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:10, on 14.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\Petr\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [D3DOverrider] "C:\Program Files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Steam] "E:\Hry\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Startup: µTorrent.lnk = C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7473 bytes

Reklama

Příspěvekod **jaro3** » 14 úno 2013 23:54

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

Příspěvekod **Clorky** » 15 úno 2013 14:08

Na zbytek jdu hned.

# AdwCleaner v2.112 - Logfile created 02/15/2013 at 14:06:24
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Petr - I5
# Boot Mode : Normal
# Running from : E:\Download\adwcleaner0.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [911 octets] - [15/02/2013 14:06:24]

########## EOF - C:\AdwCleaner[R1].txt - [970 octets] ##########

edit: MBAM nic nenašel, ostatní hotovo.

Příspěvekod **Žbeky** » 15 úno 2013 18:21

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.

Jak to vypadá s PC?

Příspěvekod **Clorky** » 15 úno 2013 19:31

# AdwCleaner v2.112 - Logfile created 02/15/2013 at 14:28:23
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Petr - I5
# Boot Mode : Normal
# Running from : E:\Download\adwcleaner0.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1038 octets] - [15/02/2013 14:06:24]
AdwCleaner[R2].txt - [1099 octets] - [15/02/2013 14:28:18]
AdwCleaner[S1].txt - [1041 octets] - [15/02/2013 14:28:23]

########## EOF - C:\AdwCleaner[S1].txt - [1101 octets] ##########

PC jsem neměl čas nijak testovat, pokuď by nevadilo, ještě bych pro jistotu zkusil Combofix, ať mám pokoj.

Příspěvekod **Clorky** » 15 úno 2013 20:10

ComboFix 13-02-15.01 - Petr 15.02.2013 19:35:26.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8190.6785 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Petr\AppData\Local\Temp\sfamcc00001.dll
c:\users\Petr\AppData\Local\Temp\sfareca00001.dll
c:\users\Petr\Documents\MOO93C.tmp
c:\users\Petr\Documents\MOOE5B1.tmp
c:\users\Petr\Documents\MOOE5B2.tmp
c:\users\Petr\Documents\MOOE5C7.tmp
c:\users\Petr\Documents\MOOE5CC.tmp
c:\users\Petr\Documents\MOOE5CE.tmp
c:\users\Petr\Documents\MOOE5D0.tmp
E:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-15 do 2013-02-15 )))))))))))))))))))))))))))))))
.
.
2013-02-15 13:34 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D14311F0-7076-40D4-BDF2-BDB7D3A4FA29}\mpengine.dll
2013-02-15 13:17 . 2013-02-15 13:17 -------- d-----w- c:\programdata\Malwarebytes
2013-02-15 13:17 . 2013-02-15 13:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-15 13:17 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-13 21:19 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 21:19 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 20:25 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 20:24 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 20:24 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 20:24 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 20:24 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 20:24 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 20:24 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 20:22 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 20:22 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 20:22 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 20:22 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 20:22 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 19:41 . 2013-02-13 20:12 -------- d-----w- c:\program files (x86)\FlightFX
2013-02-09 17:29 . 2013-02-09 17:29 -------- d-----w- c:\programdata\Steam
2013-02-08 23:57 . 2013-02-08 23:57 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-02-07 21:06 . 2011-09-16 15:05 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2013-02-07 19:50 . 2012-03-02 06:02 1919968 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2013-02-07 19:50 . 2010-08-02 15:19 31744 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2013-02-07 19:50 . 2012-03-02 15:02 34304 ----a-w- c:\windows\system32\drivers\lgandmodem64.sys
2013-02-07 19:50 . 2012-03-02 15:02 27648 ----a-w- c:\windows\system32\drivers\lganddiag64.sys
2013-02-07 19:50 . 2012-03-02 15:02 27136 ----a-w- c:\windows\system32\drivers\lgandgps64.sys
2013-02-07 19:50 . 2012-03-02 15:02 19456 ----a-w- c:\windows\system32\drivers\lgandbus64.sys
2013-02-07 19:50 . 2013-02-07 19:50 -------- d-----w- c:\program files (x86)\LG Electronics
2013-02-07 19:50 . 2013-02-11 12:17 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-02-07 19:49 . 2013-02-07 19:49 -------- d-----w- C:\LGP500
2013-02-07 19:47 . 2011-05-10 12:37 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll
2013-02-07 19:47 . 2011-05-10 12:37 568832 ----a-w- c:\windows\SysWow64\msvcp90.dll
2013-02-07 19:47 . 2011-05-10 12:37 224768 ----a-w- c:\windows\SysWow64\msvcm90.dll
2013-02-07 19:47 . 2006-05-04 07:33 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2013-02-07 19:47 . 2005-11-24 01:34 82432 ----a-w- c:\windows\SysWow64\msxml4r.dll
2013-02-07 19:47 . 2005-10-04 00:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2013-02-07 19:46 . 2013-02-07 19:47 -------- d-----w- c:\programdata\LGMOBILEAX
2013-02-07 12:13 . 2013-02-07 12:13 -------- d-----w- c:\windows\Sun
2013-02-02 18:28 . 2013-02-02 18:28 -------- d-----w- c:\program files (x86)\AIMP3
2013-02-01 21:11 . 2013-02-09 17:52 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-01 21:11 . 2013-02-09 17:52 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-01 14:08 . 2013-02-01 14:08 -------- d-----w- c:\programdata\ATI
2013-02-01 14:07 . 2013-02-01 14:07 0 ----a-w- c:\windows\ativpsrm.bin
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files (x86)\AMD AVT
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files (x86)\AMD APP
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-02-01 14:04 . 2013-02-01 14:04 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-02-01 14:04 . 2013-02-01 14:04 -------- d-----w- c:\program files\ATI
2013-02-01 14:04 . 2013-02-01 14:06 -------- d-----w- c:\program files\ATI Technologies
2013-02-01 14:03 . 2013-02-01 14:03 -------- d-----w- C:\AMD
2013-02-01 14:01 . 2013-02-01 14:01 -------- d-----w- c:\program files (x86)\Phyxion.net
2013-02-01 12:45 . 2013-02-01 12:45 -------- d-----w- c:\windows\system32\oodag
2013-02-01 12:44 . 2013-02-01 12:44 -------- d-----w- c:\program files\OO Software
2013-02-01 12:44 . 2013-02-01 12:44 -------- d-----w- c:\programdata\OO Software
2013-02-01 10:16 . 2013-02-01 10:19 -------- d-----w- C:\Textures Backup
2013-01-31 13:19 . 2013-01-31 13:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-01-31 13:18 . 2013-01-31 13:18 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-01-31 13:18 . 2013-01-31 13:18 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-31 13:18 . 2013-01-31 13:18 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-31 13:18 . 2013-01-31 13:18 -------- d-----w- c:\program files (x86)\Java
2013-01-30 16:40 . 2013-01-30 16:40 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2013-01-30 14:13 . 2013-01-30 14:18 -------- d-----w- c:\program files (x86)\Origin Games
2013-01-30 14:11 . 2013-01-31 14:10 -------- d-----w- c:\programdata\Origin
2013-01-30 14:11 . 2013-01-30 17:19 -------- d-----w- c:\programdata\Electronic Arts
2013-01-29 21:00 . 2013-01-29 21:00 78640 ----a-w- c:\windows\system32\atimpc64.dll
2013-01-29 21:00 . 2013-01-29 21:00 78640 ----a-w- c:\windows\system32\amdpcom64.dll
2013-01-29 21:00 . 2013-01-29 21:00 71912 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-01-29 21:00 . 2013-01-29 21:00 71912 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-01-29 21:00 . 2013-01-29 21:00 139904 ----a-w- c:\windows\system32\atiuxp64.dll
2013-01-29 21:00 . 2013-01-29 21:00 118792 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-01-29 20:59 . 2013-01-29 20:59 92512 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-01-29 20:59 . 2013-01-29 20:59 113672 ----a-w- c:\windows\system32\atiu9p64.dll
2013-01-29 20:59 . 2013-01-29 20:59 968560 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-01-29 20:59 . 2013-01-29 20:59 8173928 ----a-w- c:\windows\system32\atidxx64.dll
2013-01-29 20:59 . 2013-01-29 20:59 1150328 ----a-w- c:\windows\system32\aticfx64.dll
2013-01-29 20:59 . 2013-01-29 20:59 7159384 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-01-29 20:59 . 2013-01-29 20:59 4475192 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-01-29 20:59 . 2013-01-29 20:59 6035136 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-01-29 20:59 . 2013-01-29 20:59 5035000 ----a-w- c:\windows\system32\atiumd6a.dll
2013-01-29 20:59 . 2013-01-29 20:59 7038856 ----a-w- c:\windows\system32\atiumd64.dll
2013-01-29 20:57 . 2013-01-29 20:57 11612672 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-01-29 20:36 . 2013-01-29 20:36 23581184 ----a-w- c:\windows\system32\atio6axx.dll
2013-01-29 20:31 . 2013-01-29 20:31 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2013-01-29 20:29 . 2013-01-29 20:29 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2013-01-29 20:28 . 2013-01-29 20:28 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-01-29 20:28 . 2013-01-29 20:28 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2013-01-29 20:28 . 2013-01-29 20:28 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-01-29 20:28 . 2013-01-29 20:28 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2013-01-29 20:28 . 2013-01-29 20:28 77312 ----a-w- c:\windows\system32\coinst_12.10.17.dll
2013-01-29 20:24 . 2013-01-29 20:24 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-01-29 20:18 . 2013-01-29 20:18 19755520 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-01-29 20:07 . 2013-01-29 20:07 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-01-29 20:06 . 2013-01-29 20:06 561152 ----a-w- c:\windows\system32\atieclxx.exe
2013-01-29 20:06 . 2013-01-29 20:06 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2013-01-29 20:04 . 2013-01-29 20:04 120320 ----a-w- c:\windows\system32\atitmm64.dll
2013-01-29 20:04 . 2013-01-29 20:04 25600 ----a-w- c:\windows\system32\atimuixx.dll
2013-01-29 20:04 . 2013-01-29 20:04 59392 ----a-w- c:\windows\system32\atiedu64.dll
2013-01-29 20:04 . 2013-01-29 20:04 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 629760 ----a-w- c:\windows\system32\atiadlxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 79360 ----a-w- c:\windows\system32\amdave64.dll
2013-01-29 19:38 . 2013-01-29 19:38 425984 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-01-29 19:38 . 2013-01-29 19:38 78336 ----a-w- c:\windows\SysWow64\amdave32.dll
2013-01-29 19:38 . 2013-01-29 19:38 74240 ----a-w- c:\windows\system32\atisamu64.dll
2013-01-29 19:38 . 2013-01-29 19:38 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 71168 ----a-w- c:\windows\SysWow64\atisamu32.dll
2013-01-29 19:38 . 2013-01-29 19:38 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 44032 ----a-w- c:\windows\system32\atig6txx.dll
2013-01-29 19:38 . 2013-01-29 19:38 34816 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 576000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-01-29 19:35 . 2013-01-29 19:35 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-01-29 14:42 . 2013-01-29 14:42 222720 ----a-w- c:\windows\system32\clinfo.exe
2013-01-29 14:42 . 2013-01-29 14:42 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-01-29 14:42 . 2013-01-29 14:42 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-01-29 14:42 . 2013-01-29 14:42 29150208 ----a-w- c:\windows\system32\amdocl64.dll
2013-01-29 14:40 . 2013-01-29 14:40 23810048 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-01-29 12:58 . 2013-02-01 09:30 -------- d-----w- c:\windows\system32\appmgmt
2013-01-28 22:20 . 2013-01-28 22:20 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2013-01-28 22:20 . 2013-01-28 22:20 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-01-28 22:16 . 2013-01-28 22:16 54784 ----a-w- c:\windows\system32\OpenCL.dll
2013-01-28 22:16 . 2013-01-28 22:16 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-01-28 22:10 . 2013-01-28 22:10 5067264 ----a-w- c:\windows\system32\amdsc64.dll
2013-01-28 22:10 . 2013-01-28 22:10 4083200 ----a-w- c:\windows\SysWow64\amdsc.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 08:03 . 2013-01-10 08:03 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 08:03 . 2013-01-10 08:03 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-10 08:03 . 2013-01-10 08:03 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 08:03 . 2013-01-10 08:03 55296 ----a-w- c:\windows\SysWow64\cero.rs
2013-01-10 08:03 . 2013-01-10 08:03 55296 ----a-w- c:\windows\system32\cero.rs
2013-01-10 08:03 . 2013-01-10 08:03 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2013-01-10 08:03 . 2013-01-10 08:03 51712 ----a-w- c:\windows\system32\esrb.rs
2013-01-10 08:03 . 2013-01-10 08:03 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2013-01-10 08:03 . 2013-01-10 08:03 46592 ----a-w- c:\windows\system32\fpb.rs
2013-01-10 08:03 . 2013-01-10 08:03 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2013-01-10 08:03 . 2013-01-10 08:03 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-10 08:03 . 2013-01-10 08:03 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2013-01-10 08:03 . 2013-01-10 08:03 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2013-01-10 08:03 . 2013-01-10 08:03 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-10 08:03 . 2013-01-10 08:03 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2013-01-10 08:03 . 2013-01-10 08:03 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-10 08:03 . 2013-01-10 08:03 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2013-01-10 08:03 . 2013-01-10 08:03 40960 ----a-w- c:\windows\system32\cob-au.rs
2013-01-10 08:03 . 2013-01-10 08:03 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2013-01-10 08:03 . 2013-01-10 08:03 30720 ----a-w- c:\windows\SysWow64\usk.rs
2013-01-10 08:03 . 2013-01-10 08:03 30720 ----a-w- c:\windows\system32\usk.rs
2013-01-10 08:03 . 2013-01-10 08:03 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-10 08:03 . 2013-01-10 08:03 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2013-01-10 08:03 . 2013-01-10 08:03 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2013-01-10 08:03 . 2013-01-10 08:03 23552 ----a-w- c:\windows\system32\oflc.rs
2013-01-10 08:03 . 2013-01-10 08:03 21504 ----a-w- c:\windows\SysWow64\grb.rs
2013-01-10 08:03 . 2013-01-10 08:03 21504 ----a-w- c:\windows\system32\grb.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\system32\pegi.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2013-01-10 08:03 . 2013-01-10 08:03 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2013-01-10 08:03 . 2013-01-10 08:03 15360 ----a-w- c:\windows\system32\djctq.rs
2013-01-10 08:03 . 2013-01-10 08:03 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 08:03 . 2013-01-10 08:03 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-10 08:02 . 2013-01-10 08:02 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 338432 ----a-w- c:\windows\system32\conhost.exe
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-01-10 08:02 . 2013-01-10 08:02 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-10 08:02 . 2013-01-10 08:02 16384 ----a-w- c:\windows\system32\ntvdm64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\hry\Steam\Steam.exe" [2013-02-14 1597864]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-21 969104]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"D3DOverrider"="c:\program files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverriderWrapper.exe" [2009-02-15 40960]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-01-29 642656]
.
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2012-9-12 4679672]
µTorrent.lnk - c:\program files (x86)\uTorrent\uTorrent.exe [2013-1-20 969104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
O&O Defrag Tray.lnk - c:\windows\Installer\{AC5FFE7C-7101-4639-8559-92F3139F3FDC}\DefragIcon.exe [2013-2-1 292878]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-10 19456]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.23\RivaTuner64.sys [2013-01-20 19952]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-01-10 29696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-01-10 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-01-10 30208]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-21 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-20 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-23 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-23 149592]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-01-20 29672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-01-29 240640]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-11-26 1329304]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-10-23 138744]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-11-01 2555760]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 6325936]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2012-11-01 7061360]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =902615&p=
FF - ExtSQL: 2013-01-21 18:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-01-25 15:45; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="A7CFCC78B58F1FD408B2750E6DACFBA17C38DEE39FB45DA2E1CF32A9C4A502E813C29A5A044ECBF3B3C0164123E1F8F4D9811E87D8A0B331F6741CDE5B0E6B689C7B2C2BD037844E893B304C830853FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D679469A57A27FD03BB4915CBB0A2E3225EA6E9C603CA56374FCECAAD705618C4B7C43EBFD17749C02F476470ADF02ACF984D0C4D92F9EE4A0254412A0672A31A20F6FE258565185B54DEE8759362EA5EBF011309511D18686D275FFB38E619CE874F66514E6B1B611DD47188794FC0A178F109FE5B8A72C78887081A42A5C4A2533A4E4DA7B8E63780E3F3EB3DC12641EA479AC28AC885774CA6428E20D456256F18363B4F2FF291FAB609F27DFA00B9C39B1B7F83153BD7362E397A154D60BDC93E44CE49669CFB0DEF6D0820ED11D8B3FB00F3A8E0E01C48B63B90A61D5A265571BED05CA724D5392403A8CCC20444706AE271A3CF2BCE08D0BB18208421EA09EF911D93F1AE50865B4CE56ED3E473325C02DFE2B92F4CFE7ED16C8F7A726FDE694D233E77C274031574E4B6B0A632B33EBEB7962D67453BB6B77BC5A871E756822568709FCE9BBB40475E989E9E20B86B9F0834E732BECEE5CB4B5A6AA75FF051718480042174C6433720CC92053083384E73F46152104EE91370A5D37EB23663AEA40973EF82B9F4D60C50BA782CDD689930D4BF6D68D3953218C62A469430B97B88E8F0529CB0A4E096E17479AD14B7718717618E46FC31F57FA1E4B289ED461C8345B246EBCB1232C985546EA5F5D3EC59BFD524006B76CC7C5A33596D03F179FE04A2AAF0AF73494184A19F565ADEC696976100BCC4154774DA7738EB84981E77515FC37D02704E31EAD7BADA18EDDAC5AB7D5AFB33B09F635244AC870D8A3B7C19BCBBB96FA688DB0827519B0C0B2D02CED5CA8BE3DE2F5833E57B963C8B233313419D9F2728651C71F1D9DA97B462F793CB5212882BF4F632584B4135D34FD133255A7DDD78F45EFDD0ABAA1EDDC36C56725187D69414F64ACE27089C8E5B283559C5F5CA90ECA54A0F06720A6C41B2B0938F39080FD2A1BAAB7F3A9F5D85131AFE1980A8DDA505B5AB89EF47B8EA3786AB3647DA019CD7038C277E6B53348822ECF0E737C21C2765D9BAB1C512F7F7FBEA55288FC5800D6CBB55CEB2F86D90D5AECBCA3B9271C8C103841CFA3AC18579365E22ECAAB048FEBCA6F7ABC95EC681810F9B7C17EABB76C034665FE7C509AD25A7533B7506A409C3189D91B556DC33D80422458C706573637A9C6F44263A0906EB2D4ADA78501D3A0F342421C895BDD9D677E5A411BD6CED6C1D2C6D29E8C057C7736A87A891923F538524644F"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverrider.exe
.
**************************************************************************
.
Celkový čas: 2013-02-15 19:42:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-15 18:42
.
Před spuštěním: 265 374 273 536 bytes free
Po spuštění: 265 080 721 408 bytes free
.
- - End Of File - - 8D430BD6104FAF3F7BBD6C7E901EEB44

Příspěvekod **Žbeky** » 15 úno 2013 21:38

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

Firefox::
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =902615&p=

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Příspěvekod **Clorky** » 16 úno 2013 12:02

Hotovo.

ComboFix 13-02-15.01 - Petr 16.02.2013 11:48:17.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8190.6464 [GMT 1:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Petr\AppData\Local\Temp\sfamcc00001.dll
c:\users\Petr\AppData\Local\Temp\sfareca00001.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-16 do 2013-02-16 )))))))))))))))))))))))))))))))
.
.
2013-02-15 13:34 . 2013-01-15 01:45 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D14311F0-7076-40D4-BDF2-BDB7D3A4FA29}\mpengine.dll
2013-02-15 13:17 . 2013-02-15 13:17 -------- d-----w- c:\programdata\Malwarebytes
2013-02-15 13:17 . 2013-02-15 13:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-15 13:17 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-13 21:19 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 21:19 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 20:25 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 20:24 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-13 20:24 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-13 20:24 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-13 20:24 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-13 20:24 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-13 20:24 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-13 20:22 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 20:22 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 20:22 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 20:22 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 20:22 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 19:41 . 2013-02-13 20:12 -------- d-----w- c:\program files (x86)\FlightFX
2013-02-09 17:29 . 2013-02-09 17:29 -------- d-----w- c:\programdata\Steam
2013-02-08 23:57 . 2013-02-08 23:57 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-02-07 21:06 . 2011-09-16 15:05 11137024 ----a-w- c:\windows\SysWow64\libmfxsw32.dll
2013-02-07 19:50 . 2012-03-02 06:02 1919968 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2013-02-07 19:50 . 2010-08-02 15:19 31744 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2013-02-07 19:50 . 2012-03-02 15:02 34304 ----a-w- c:\windows\system32\drivers\lgandmodem64.sys
2013-02-07 19:50 . 2012-03-02 15:02 27648 ----a-w- c:\windows\system32\drivers\lganddiag64.sys
2013-02-07 19:50 . 2012-03-02 15:02 27136 ----a-w- c:\windows\system32\drivers\lgandgps64.sys
2013-02-07 19:50 . 2012-03-02 15:02 19456 ----a-w- c:\windows\system32\drivers\lgandbus64.sys
2013-02-07 19:50 . 2013-02-07 19:50 -------- d-----w- c:\program files (x86)\LG Electronics
2013-02-07 19:50 . 2013-02-11 12:17 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-02-07 19:49 . 2013-02-07 19:49 -------- d-----w- C:\LGP500
2013-02-07 19:47 . 2011-05-10 12:37 655872 ----a-w- c:\windows\SysWow64\msvcr90.dll
2013-02-07 19:47 . 2011-05-10 12:37 568832 ----a-w- c:\windows\SysWow64\msvcp90.dll
2013-02-07 19:47 . 2011-05-10 12:37 224768 ----a-w- c:\windows\SysWow64\msvcm90.dll
2013-02-07 19:47 . 2006-05-04 07:33 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2013-02-07 19:47 . 2005-11-24 01:34 82432 ----a-w- c:\windows\SysWow64\msxml4r.dll
2013-02-07 19:47 . 2005-10-04 00:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2013-02-07 19:46 . 2013-02-07 19:47 -------- d-----w- c:\programdata\LGMOBILEAX
2013-02-07 12:13 . 2013-02-07 12:13 -------- d-----w- c:\windows\Sun
2013-02-02 18:28 . 2013-02-02 18:28 -------- d-----w- c:\program files (x86)\AIMP3
2013-02-01 21:11 . 2013-02-09 17:52 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-01 21:11 . 2013-02-09 17:52 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-01 14:08 . 2013-02-01 14:08 -------- d-----w- c:\programdata\ATI
2013-02-01 14:07 . 2013-02-01 14:07 0 ----a-w- c:\windows\ativpsrm.bin
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files (x86)\AMD AVT
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files (x86)\AMD APP
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-02-01 14:06 . 2013-02-01 14:06 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-02-01 14:04 . 2013-02-01 14:04 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-02-01 14:04 . 2013-02-01 14:04 -------- d-----w- c:\program files\ATI
2013-02-01 14:04 . 2013-02-01 14:06 -------- d-----w- c:\program files\ATI Technologies
2013-02-01 14:03 . 2013-02-01 14:03 -------- d-----w- C:\AMD
2013-02-01 14:01 . 2013-02-01 14:01 -------- d-----w- c:\program files (x86)\Phyxion.net
2013-02-01 12:45 . 2013-02-01 12:45 -------- d-----w- c:\windows\system32\oodag
2013-02-01 12:44 . 2013-02-01 12:44 -------- d-----w- c:\program files\OO Software
2013-02-01 12:44 . 2013-02-01 12:44 -------- d-----w- c:\programdata\OO Software
2013-02-01 10:16 . 2013-02-01 10:19 -------- d-----w- C:\Textures Backup
2013-01-31 13:19 . 2013-01-31 13:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-01-31 13:18 . 2013-01-31 13:18 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-01-31 13:18 . 2013-01-31 13:18 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-31 13:18 . 2013-01-31 13:18 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-31 13:18 . 2013-01-31 13:18 -------- d-----w- c:\program files (x86)\Java
2013-01-30 16:40 . 2013-01-30 16:40 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2013-01-30 14:13 . 2013-01-30 14:18 -------- d-----w- c:\program files (x86)\Origin Games
2013-01-30 14:11 . 2013-01-31 14:10 -------- d-----w- c:\programdata\Origin
2013-01-30 14:11 . 2013-01-30 17:19 -------- d-----w- c:\programdata\Electronic Arts
2013-01-29 21:00 . 2013-01-29 21:00 78640 ----a-w- c:\windows\system32\atimpc64.dll
2013-01-29 21:00 . 2013-01-29 21:00 78640 ----a-w- c:\windows\system32\amdpcom64.dll
2013-01-29 21:00 . 2013-01-29 21:00 71912 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-01-29 21:00 . 2013-01-29 21:00 71912 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-01-29 21:00 . 2013-01-29 21:00 139904 ----a-w- c:\windows\system32\atiuxp64.dll
2013-01-29 21:00 . 2013-01-29 21:00 118792 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-01-29 20:59 . 2013-01-29 20:59 92512 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-01-29 20:59 . 2013-01-29 20:59 113672 ----a-w- c:\windows\system32\atiu9p64.dll
2013-01-29 20:59 . 2013-01-29 20:59 968560 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-01-29 20:59 . 2013-01-29 20:59 8173928 ----a-w- c:\windows\system32\atidxx64.dll
2013-01-29 20:59 . 2013-01-29 20:59 1150328 ----a-w- c:\windows\system32\aticfx64.dll
2013-01-29 20:59 . 2013-01-29 20:59 7159384 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-01-29 20:59 . 2013-01-29 20:59 4475192 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-01-29 20:59 . 2013-01-29 20:59 6035136 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-01-29 20:59 . 2013-01-29 20:59 5035000 ----a-w- c:\windows\system32\atiumd6a.dll
2013-01-29 20:59 . 2013-01-29 20:59 7038856 ----a-w- c:\windows\system32\atiumd64.dll
2013-01-29 20:57 . 2013-01-29 20:57 11612672 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-01-29 20:36 . 2013-01-29 20:36 23581184 ----a-w- c:\windows\system32\atio6axx.dll
2013-01-29 20:31 . 2013-01-29 20:31 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2013-01-29 20:29 . 2013-01-29 20:29 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2013-01-29 20:28 . 2013-01-29 20:28 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-01-29 20:28 . 2013-01-29 20:28 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2013-01-29 20:28 . 2013-01-29 20:28 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-01-29 20:28 . 2013-01-29 20:28 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2013-01-29 20:28 . 2013-01-29 20:28 77312 ----a-w- c:\windows\system32\coinst_12.10.17.dll
2013-01-29 20:24 . 2013-01-29 20:24 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-01-29 20:18 . 2013-01-29 20:18 19755520 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-01-29 20:07 . 2013-01-29 20:07 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-01-29 20:06 . 2013-01-29 20:06 561152 ----a-w- c:\windows\system32\atieclxx.exe
2013-01-29 20:06 . 2013-01-29 20:06 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2013-01-29 20:04 . 2013-01-29 20:04 120320 ----a-w- c:\windows\system32\atitmm64.dll
2013-01-29 20:04 . 2013-01-29 20:04 25600 ----a-w- c:\windows\system32\atimuixx.dll
2013-01-29 20:04 . 2013-01-29 20:04 59392 ----a-w- c:\windows\system32\atiedu64.dll
2013-01-29 20:04 . 2013-01-29 20:04 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 629760 ----a-w- c:\windows\system32\atiadlxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 79360 ----a-w- c:\windows\system32\amdave64.dll
2013-01-29 19:38 . 2013-01-29 19:38 425984 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-01-29 19:38 . 2013-01-29 19:38 78336 ----a-w- c:\windows\SysWow64\amdave32.dll
2013-01-29 19:38 . 2013-01-29 19:38 74240 ----a-w- c:\windows\system32\atisamu64.dll
2013-01-29 19:38 . 2013-01-29 19:38 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 71168 ----a-w- c:\windows\SysWow64\atisamu32.dll
2013-01-29 19:38 . 2013-01-29 19:38 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 44032 ----a-w- c:\windows\system32\atig6txx.dll
2013-01-29 19:38 . 2013-01-29 19:38 34816 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-01-29 19:38 . 2013-01-29 19:38 576000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-01-29 19:35 . 2013-01-29 19:35 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-01-29 14:42 . 2013-01-29 14:42 222720 ----a-w- c:\windows\system32\clinfo.exe
2013-01-29 14:42 . 2013-01-29 14:42 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-01-29 14:42 . 2013-01-29 14:42 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-01-29 14:42 . 2013-01-29 14:42 29150208 ----a-w- c:\windows\system32\amdocl64.dll
2013-01-29 14:40 . 2013-01-29 14:40 23810048 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-01-29 12:58 . 2013-02-01 09:30 -------- d-----w- c:\windows\system32\appmgmt
2013-01-28 22:20 . 2013-01-28 22:20 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2013-01-28 22:20 . 2013-01-28 22:20 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-01-28 22:16 . 2013-01-28 22:16 54784 ----a-w- c:\windows\system32\OpenCL.dll
2013-01-28 22:16 . 2013-01-28 22:16 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-01-28 22:10 . 2013-01-28 22:10 5067264 ----a-w- c:\windows\system32\amdsc64.dll
2013-01-28 22:10 . 2013-01-28 22:10 4083200 ----a-w- c:\windows\SysWow64\amdsc.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-10 08:03 . 2013-01-10 08:03 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 08:03 . 2013-01-10 08:03 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-10 08:03 . 2013-01-10 08:03 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 08:03 . 2013-01-10 08:03 55296 ----a-w- c:\windows\SysWow64\cero.rs
2013-01-10 08:03 . 2013-01-10 08:03 55296 ----a-w- c:\windows\system32\cero.rs
2013-01-10 08:03 . 2013-01-10 08:03 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2013-01-10 08:03 . 2013-01-10 08:03 51712 ----a-w- c:\windows\system32\esrb.rs
2013-01-10 08:03 . 2013-01-10 08:03 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2013-01-10 08:03 . 2013-01-10 08:03 46592 ----a-w- c:\windows\system32\fpb.rs
2013-01-10 08:03 . 2013-01-10 08:03 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2013-01-10 08:03 . 2013-01-10 08:03 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-10 08:03 . 2013-01-10 08:03 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2013-01-10 08:03 . 2013-01-10 08:03 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2013-01-10 08:03 . 2013-01-10 08:03 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-10 08:03 . 2013-01-10 08:03 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2013-01-10 08:03 . 2013-01-10 08:03 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-10 08:03 . 2013-01-10 08:03 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2013-01-10 08:03 . 2013-01-10 08:03 40960 ----a-w- c:\windows\system32\cob-au.rs
2013-01-10 08:03 . 2013-01-10 08:03 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2013-01-10 08:03 . 2013-01-10 08:03 30720 ----a-w- c:\windows\SysWow64\usk.rs
2013-01-10 08:03 . 2013-01-10 08:03 30720 ----a-w- c:\windows\system32\usk.rs
2013-01-10 08:03 . 2013-01-10 08:03 2746368 ----a-w- c:\windows\system32\gameux.dll
2013-01-10 08:03 . 2013-01-10 08:03 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2013-01-10 08:03 . 2013-01-10 08:03 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2013-01-10 08:03 . 2013-01-10 08:03 23552 ----a-w- c:\windows\system32\oflc.rs
2013-01-10 08:03 . 2013-01-10 08:03 21504 ----a-w- c:\windows\SysWow64\grb.rs
2013-01-10 08:03 . 2013-01-10 08:03 21504 ----a-w- c:\windows\system32\grb.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\system32\pegi.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2013-01-10 08:03 . 2013-01-10 08:03 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2013-01-10 08:03 . 2013-01-10 08:03 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2013-01-10 08:03 . 2013-01-10 08:03 15360 ----a-w- c:\windows\system32\djctq.rs
2013-01-10 08:03 . 2013-01-10 08:03 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 08:03 . 2013-01-10 08:03 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-10 08:02 . 2013-01-10 08:02 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 338432 ----a-w- c:\windows\system32\conhost.exe
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 08:02 . 2013-01-10 08:02 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-01-10 08:02 . 2013-01-10 08:02 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-10 08:02 . 2013-01-10 08:02 16384 ----a-w- c:\windows\system32\ntvdm64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\hry\Steam\Steam.exe" [2013-02-15 1597864]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-21 969104]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"D3DOverrider"="c:\program files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverriderWrapper.exe" [2009-02-15 40960]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-01-29 642656]
.
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2012-9-12 4679672]
µTorrent.lnk - c:\program files (x86)\uTorrent\uTorrent.exe [2013-1-20 969104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
O&O Defrag Tray.lnk - c:\windows\Installer\{AC5FFE7C-7101-4639-8559-92F3139F3FDC}\DefragIcon.exe [2013-2-1 292878]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-10 19456]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.23\RivaTuner64.sys [2013-01-20 19952]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-01-10 29696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-01-10 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-01-10 30208]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-21 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-20 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-23 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-23 149592]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-01-20 29672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-01-29 240640]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-11-26 1329304]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-10-23 138744]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-11-01 2555760]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 6325936]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2012-11-01 7061360]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-01-21 18:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-01-25 15:45; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\maiqp8lt.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="A7CFCC78B58F1FD408B2750E6DACFBA17C38DEE39FB45DA2E1CF32A9C4A502E813C29A5A044ECBF3B3C0164123E1F8F4D9811E87D8A0B331F6741CDE5B0E6B689C7B2C2BD037844E893B304C830853FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D679469A57A27FD03BB4915CBB0A2E3225EA6E9C603CA56374FCECAAD705618C4B7C43EBFD17749C02F476470ADF02ACF984D0C4D92F9EE4A0254412A0672A31A20F6FE258565185B54DEE8759362EA5EBF011309511D18686D275FFB38E619CE874F66514E6B1B611DD47188794FC0A178F109FE5B8A72C78887081A42A5C4A2533A4E4DA7B8E63780E3F3EB3DC12641EA479AC28AC885774CA6428E20D456256F18363B4F2FF291FAB609F27DFA00B9C39B1B7F83153BD7362E397A154D60BDC93E44CE49669CFB0DEF6D0820ED11D8B3FB00F3A8E0E01C48B63B90A61D5A265571BED05CA724D5392403A8CCC20444706AE271A3CF2BCE08D0BB18208421EA09EF911D93F1AE50865B4CE56ED3E473325C02DFE2B92F4CFE7ED16C8F7A726FDE694D233E77C274031574E4B6B0A632B33EBEB7962D67453BB6B77BC5A871E756822568709FCE9BBB40475E989E9E20B86B9F0834E732BECEE5CB4B5A6AA75FF051718480042174C6433720CC92053083384E73F46152104EE91370A5D37EB23663AEA40973EF82B9F4D60C50BA782CDD689930D4BF6D68D3953218C62A469430B97B88E8F0529CB0A4E096E17479AD14B7718717618E46FC31F57FA1E4B289ED461C8345B246EBCB1232C985546EA5F5D3EC59BFD524006B76CC7C5A33596D03F179FE04A2AAF0AF73494184A19F565ADEC696976100BCC4154774DA7738EB84981E77515FC37D02704E31EAD7BADA18EDDAC5AB7D5AFB33B09F635244AC870D8A3B7C19BCBBB96FA688DB0827519B0C0B2D02CED5CA8BE3DE2F5833E57B963C8B233313419D9F2728651C71F1D9DA97B462F793CB5212882BF4F632584B4135D34FD133255A7DDD78F45EFDD0ABAA1EDDC36C56725187D69414F64ACE27089C8E5B283559C5F5CA90ECA54A0F06720A6C41B2B0938F39080FD2A1BAAB7F3A9F5D85131AFE1980A8DDA505B5AB89EF47B8EA3786AB3647DA019CD7038C277E6B53348822ECF0E737C21C2765D9BAB1C512F7F7FBEA55288FC5800D6CBB55CEB2F86D90D5AECBCA3B9271C8C103841CFA3AC18579365E22ECAAB048FEBCA6F7ABC95EC681810F9B7C17EABB76C034665FE7C509AD25A7533B7506A409C3189D91B556DC33D80422458C706573637A9C6F44263A0906EB2D4ADA78501D3A0F342421C895BDD9D677E5A411BD6CED6C1D2C6D29E8C057C7736A87A891923F538524644F"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverrider.exe
.
**************************************************************************
.
Celkový čas: 2013-02-16 11:55:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-16 10:55
ComboFix2.txt 2013-02-15 18:42
.
Před spuštěním: 264 112 033 792 bytes free
Po spuštění: 263 885 848 576 bytes free
.
- - End Of File - - 7F52A3994BCB8B3ED4F639430887C34A

Příspěvekod **memphisto** » 16 úno 2013 12:36

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

Příspěvekod **Clorky** » 16 úno 2013 14:24

Hotovo.
Je to v pohodě, děkuji moc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:24:04, on 16.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
E:\Hry\Steam\steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverrider.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Razer\Razer Game Booster\gbtray.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Users\Petr\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [D3DOverrider] "C:\Program Files (x86)\RivaTuner v2.23\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Steam] "E:\Hry\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Startup: µTorrent.lnk = C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7106 bytes

Příspěvekod **Žbeky** » 16 úno 2013 15:52

HJT OK, můžeš dát vyřešeno

Prosil bych o preventivní kontrolu logu Vyřešeno

Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu

Re: Prosil bych o preventivní kontrolu logu Vyřešeno

Kdo je online