Prosím o kontrolu: HJT & MBAM Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 16 kvě 2011 20:30

Prosím o kontrolu logu HJT a MBAM na základě tohoto topicu: http://pc-help.cz/viewtopic.php?f=39&t=67679
Děkuji všem za ochotu

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:08, on 16.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-436017773-4153735156-2289325891-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-436017773-4153735156-2289325891-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7000v8\jswpsapi.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11135 bytes

MBAM
Malwarebytes' Anti-Malware 1.45
http://www.malwarebytes.org

Verze databáze: 6079

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

16.5.2011 20:30:22
mbam-log-2011-05-16 (20-30-22).txt

Typ skenu: Rychlý sken
Skenované objekty: 162205
Uplynulý čas: 2 minuta(y), 55 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
The ///M. The most powerful letter in the world.
Nahoru
Reklama
Top
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod Žbeky » 16 kvě 2011 21:37

Odinstaluj:
MyAshampoo Toolbar
Conduit Engine
ICQToolBar

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 17 kvě 2011 16:56

Promiňte časovou pauzu. Nevadí, že jsem Chrome čistil přes CCleaner, jinak Mozilla a Opera přes ATF.

ComboFix
ComboFix 11-05-16.04 - User 17.05.2011 16:47:03.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2876 [GMT 2:00]
Spuštěný z: c:\users\User\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\acmmzx.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-17 do 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 14:51 . 2011-05-17 14:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-16 16:27 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F2032393-768A-47AF-82FD-34EA141621C4}\mpengine.dll
2011-05-11 18:00 . 2011-05-15 10:40 -------- d-----w- c:\users\User\Škola
2011-05-11 14:26 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 14:26 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 14:26 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 14:26 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 14:26 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 14:26 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 14:26 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 14:26 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 14:26 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 14:26 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 16:41 . 2011-05-10 16:41 -------- d-----w- c:\users\User\SystemRequirementsLab
2011-05-10 16:26 . 2011-05-10 16:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-10 16:26 . 2011-05-10 16:26 -------- d-----r- c:\program files (x86)\Skype
2011-05-06 18:06 . 2011-05-09 17:46 -------- d-----w- c:\users\UpdatusUser
2011-05-06 18:01 . 2011-04-08 05:14 1619048 ----a-w- c:\windows\system32\nvdispco6420140.dll
2011-05-06 18:01 . 2011-04-08 05:14 1404008 ----a-w- c:\windows\system32\nvgenco642060.dll
2011-05-06 18:01 . 2011-04-08 05:14 10071656 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-03 15:23 . 2011-05-06 19:48 -------- d-----w- c:\program files (x86)\City Interactive
2011-04-28 13:00 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-28 13:00 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-28 13:00 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-28 13:00 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-25 15:49 . 2011-04-25 15:49 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2011-04-25 15:48 . 2011-05-13 13:21 -------- d-----w- c:\program files (x86)\ICQ7.5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-17 14:43 . 2011-02-20 19:17 25640 ----a-w- c:\windows\gdrv.sys
2011-05-06 10:42 . 2010-12-17 14:37 30528 ----a-w- c:\windows\GVTDrv64.sys
2011-04-23 18:49 . 2010-12-18 12:05 25640 ----a-w- c:\windows\etdrv.sys
2011-04-17 17:13 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-04-17 17:13 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-11 08:21 . 2010-12-20 13:41 8802128 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-08 05:14 . 2011-01-05 16:48 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-08 05:14 . 2011-01-05 16:48 2273896 ----a-w- c:\windows\system32\nvapi64.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-29 18:30 . 2011-03-29 18:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-29 18:30 . 2011-03-29 18:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-29 18:30 . 2011-03-29 18:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-29 18:30 . 2011-03-29 18:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-29 18:30 . 2011-03-29 18:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-29 18:30 . 2011-03-29 18:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-29 18:30 . 2011-03-29 18:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-29 18:30 . 2011-03-29 18:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-29 18:30 . 2011-03-29 18:30 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-29 18:30 . 2011-03-29 18:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-29 18:30 . 2011-03-29 18:30 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-29 18:30 . 2011-03-29 18:30 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-29 18:30 . 2011-03-29 18:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-29 18:30 . 2011-03-29 18:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-29 18:30 . 2011-03-29 18:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-29 18:30 . 2011-03-29 18:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-29 18:30 . 2011-03-29 18:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-29 18:30 . 2011-03-29 18:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-29 18:30 . 2011-03-29 18:30 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-29 18:30 . 2011-03-29 18:30 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-29 18:30 . 2011-03-29 18:30 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-29 18:30 . 2011-03-29 18:30 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-29 18:30 . 2011-03-29 18:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-29 18:30 . 2011-03-29 18:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-29 18:30 . 2011-03-29 18:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-29 18:30 . 2011-03-29 18:30 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-29 18:30 . 2011-03-29 18:30 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-29 18:30 . 2011-03-29 18:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-29 18:30 . 2011-03-29 18:30 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-29 18:30 . 2011-03-29 18:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-29 18:30 . 2011-03-29 18:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-29 18:30 . 2011-03-29 18:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-29 18:30 . 2011-03-29 18:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-29 18:30 . 2011-03-29 18:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-29 18:30 . 2011-03-29 18:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-29 18:30 . 2011-03-29 18:30 448512 ----a-w- c:\windows\system32\html.iec
2011-03-29 18:30 . 2011-03-29 18:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-29 18:30 . 2011-03-29 18:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-29 18:30 . 2011-03-29 18:30 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-29 18:30 . 2011-03-29 18:30 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-29 18:30 . 2011-03-29 18:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-29 18:30 . 2011-03-29 18:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-19 14:00 . 2011-03-19 13:32 3724 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2011-03-19 13:45 . 2011-03-19 13:45 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-03-18 14:02 . 2011-03-18 14:02 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-18 14:02 . 2011-03-18 13:57 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-18 13:56 . 2011-03-18 13:56 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-16 20:18 . 2010-12-28 21:17 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-16 20:18 . 2010-12-28 21:17 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-03-16 20:18 . 2010-12-28 21:17 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-16 20:18 . 2010-12-28 21:17 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-03-11 06:34 . 2011-04-12 19:16 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-12 19:16 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-12 19:16 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-12 19:16 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 16:23 . 2011-03-08 16:24 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-08 06:29 . 2011-04-12 19:15 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-12 19:15 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-07 16:36 . 2011-03-07 16:36 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-04 06:19 . 2011-04-28 12:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-28 12:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-12 19:15 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-12 19:15 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-12 19:15 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-12 19:16 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:15 . 2011-04-12 19:16 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:38 . 2011-04-12 19:16 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 17:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-23 17:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-23 04:56 . 2011-04-12 19:10 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:56 . 2011-04-12 19:16 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 04:56 . 2011-04-12 19:16 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 04:55 . 2011-04-12 19:16 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:55 . 2011-04-12 19:10 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:55 . 2011-04-12 19:10 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:55 . 2011-04-12 19:10 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 12:05 . 2011-03-09 11:47 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 11:47 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 11:47 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 12:03 . 2011-04-12 19:16 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 09:00 . 2011-04-12 19:16 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 06:30 . 2011-03-09 11:47 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 11:47 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 06:30 . 2011-04-12 19:16 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SDBOK"="c:\program files (x86)\GIGABYTE\smart6\dbios\run.exe" [2009-07-06 207400]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-04-23 25640]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-05-06 30528]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\Belkin\F5D7000v8\jswpsapi.exe [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n64.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 JSWSCIMD;jswscimd Service;c:\windows\system32\DRIVERS\jswscimdx.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 20:47]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 20:47]
.
2011-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 20:13]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-24 20:13]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tgu2qjia.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-436017773-4153735156-2289325891-1000\Software\SecuROM\License information*]
"datasecu"=hex:08,e9,96,5f,0d,2f,99,61,2b,58,0a,f7,71,af,f8,2a,25,8e,c9,5d,4b,
d6,e0,9d,1e,24,f3,c4,ce,fe,40,1d,85,85,73,c5,cb,de,0e,bf,f5,ec,22,16,70,7a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-05-17 16:53:25
ComboFix-quarantined-files.txt 2011-05-17 14:53
.
Před spuštěním: Volných bajtů: 480 187 330 560
Po spuštění: Volných bajtů: 479 650 050 048
.
- - End Of File - - 4A54E21779906165796991AACD6FFF0C

//Málem bych zapomněl, Ten Conduit nešel odinstalovat jak přes Přidat/Odebrat programy taky přes Ccleanera, dal jsem odinstalovat a nic se nestalo. My Ashampoo Toolbar taky ne: "Could not open INSTALL.LOG file"
The ///M. The most powerful letter in the world.
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod Žbeky » 17 kvě 2011 17:57

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\ICQ6Toolbar

File::
c:\windows\system32\drivers\cpuz134_x64.sys
c:\windows\system32\drivers\cpuz135_x64.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000UA.job

Driver::
cpuz134
cpuz135
ICQ Service

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableLUA"=-
"EnableUIADesktopToggle"=-
"PromptOnSecureDesktop"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=-

Firefox::
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tgu2qjia.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 17 kvě 2011 18:24

Tys mě teda vyděsil... CF doběhl, zobrazil se log ale pak už nešlo totálně nic spustit. Pomohl rstart. Je to normální?

ComboFix
ComboFix 11-05-16.04 - User 17.05.2011 18:06:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2694 [GMT 2:00]
Spuštěný z: c:\users\User\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\User\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\cpuz134_x64.sys"
"c:\windows\system32\drivers\cpuz135_x64.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\windows\system32\drivers\cpuz134_x64.sys
c:\windows\system32\drivers\cpuz135_x64.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ134
-------\Legacy_CPUZ135
-------\Service_cpuz134
-------\Service_cpuz135
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-17 do 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 16:10 . 2011-05-17 16:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 14:54 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5A8BDCE0-DFEA-4CE4-A545-D290D0AC3237}\mpengine.dll
2011-05-17 14:53 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-17 14:53 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 18:00 . 2011-05-17 15:50 -------- d-----w- c:\users\User\Škola
2011-05-11 14:26 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 14:26 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 14:26 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 14:26 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 14:26 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 14:26 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 14:26 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 14:26 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 14:26 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 14:26 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 16:41 . 2011-05-10 16:41 -------- d-----w- c:\users\User\SystemRequirementsLab
2011-05-10 16:26 . 2011-05-10 16:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-10 16:26 . 2011-05-10 16:26 -------- d-----r- c:\program files (x86)\Skype
2011-05-06 18:06 . 2011-05-09 17:46 -------- d-----w- c:\users\UpdatusUser
2011-05-06 18:01 . 2011-04-08 05:14 1619048 ----a-w- c:\windows\system32\nvdispco6420140.dll
2011-05-06 18:01 . 2011-04-08 05:14 1404008 ----a-w- c:\windows\system32\nvgenco642060.dll
2011-05-06 18:01 . 2011-04-08 05:14 10071656 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-03 15:23 . 2011-05-06 19:48 -------- d-----w- c:\program files (x86)\City Interactive
2011-04-28 13:00 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-28 13:00 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-28 13:00 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-28 13:00 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-25 15:48 . 2011-05-13 13:21 -------- d-----w- c:\program files (x86)\ICQ7.5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-17 16:13 . 2011-02-20 19:17 25640 ----a-w- c:\windows\gdrv.sys
2011-05-17 15:51 . 2011-01-02 18:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-06 10:42 . 2010-12-17 14:37 30528 ----a-w- c:\windows\GVTDrv64.sys
2011-04-23 18:49 . 2010-12-18 12:05 25640 ----a-w- c:\windows\etdrv.sys
2011-04-17 17:13 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-04-17 17:13 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-11 08:21 . 2010-12-20 13:41 8802128 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-08 05:14 . 2011-01-05 16:48 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-08 05:14 . 2011-01-05 16:48 2273896 ----a-w- c:\windows\system32\nvapi64.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-29 18:30 . 2011-03-29 18:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-29 18:30 . 2011-03-29 18:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-29 18:30 . 2011-03-29 18:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-29 18:30 . 2011-03-29 18:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-29 18:30 . 2011-03-29 18:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-29 18:30 . 2011-03-29 18:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-29 18:30 . 2011-03-29 18:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-29 18:30 . 2011-03-29 18:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-29 18:30 . 2011-03-29 18:30 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-29 18:30 . 2011-03-29 18:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-29 18:30 . 2011-03-29 18:30 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-29 18:30 . 2011-03-29 18:30 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-29 18:30 . 2011-03-29 18:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-29 18:30 . 2011-03-29 18:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-29 18:30 . 2011-03-29 18:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-29 18:30 . 2011-03-29 18:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-29 18:30 . 2011-03-29 18:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-29 18:30 . 2011-03-29 18:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-29 18:30 . 2011-03-29 18:30 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-29 18:30 . 2011-03-29 18:30 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-29 18:30 . 2011-03-29 18:30 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-29 18:30 . 2011-03-29 18:30 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-29 18:30 . 2011-03-29 18:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-29 18:30 . 2011-03-29 18:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-29 18:30 . 2011-03-29 18:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-29 18:30 . 2011-03-29 18:30 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-29 18:30 . 2011-03-29 18:30 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-29 18:30 . 2011-03-29 18:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-29 18:30 . 2011-03-29 18:30 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-29 18:30 . 2011-03-29 18:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-29 18:30 . 2011-03-29 18:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-29 18:30 . 2011-03-29 18:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-29 18:30 . 2011-03-29 18:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-29 18:30 . 2011-03-29 18:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-29 18:30 . 2011-03-29 18:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-29 18:30 . 2011-03-29 18:30 448512 ----a-w- c:\windows\system32\html.iec
2011-03-29 18:30 . 2011-03-29 18:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-29 18:30 . 2011-03-29 18:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-29 18:30 . 2011-03-29 18:30 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-29 18:30 . 2011-03-29 18:30 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-29 18:30 . 2011-03-29 18:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-29 18:30 . 2011-03-29 18:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-19 14:00 . 2011-03-19 13:32 3724 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2011-03-19 13:45 . 2011-03-19 13:45 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-03-18 14:02 . 2011-03-18 14:02 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-18 14:02 . 2011-03-18 13:57 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-18 13:56 . 2011-03-18 13:56 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-16 20:18 . 2010-12-28 21:17 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-16 20:18 . 2010-12-28 21:17 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-03-16 20:18 . 2010-12-28 21:17 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-16 20:18 . 2010-12-28 21:17 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-03-11 06:34 . 2011-04-12 19:16 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-12 19:16 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-12 19:16 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-12 19:16 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 16:23 . 2011-03-08 16:24 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-08 06:29 . 2011-04-12 19:15 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-12 19:15 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-07 16:36 . 2011-03-07 16:36 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-04 06:19 . 2011-04-28 12:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-28 12:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-12 19:15 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-12 19:15 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-12 19:15 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-12 19:16 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:15 . 2011-04-12 19:16 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:38 . 2011-04-12 19:16 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 17:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-23 17:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-23 04:56 . 2011-04-12 19:10 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:56 . 2011-04-12 19:16 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 04:56 . 2011-04-12 19:16 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 04:55 . 2011-04-12 19:16 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:55 . 2011-04-12 19:10 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:55 . 2011-04-12 19:10 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:55 . 2011-04-12 19:10 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 12:05 . 2011-03-09 11:47 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 11:47 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 11:47 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 12:03 . 2011-04-12 19:16 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 09:00 . 2011-04-12 19:16 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 06:30 . 2011-03-09 11:47 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 11:47 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-17_14.51.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-12-17 14:44 . 2011-05-17 14:44 42530 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2010-12-17 14:44 . 2011-05-17 15:48 42530 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-05-17 14:44 33154 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-05-17 15:48 33154 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-17 14:38 . 2011-05-17 15:48 11844 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-436017773-4153735156-2289325891-1000_UserData.bin
+ 2009-07-14 04:46 . 2011-05-17 15:49 91408 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-03-15 14:08 . 2011-05-16 20:14 4103 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-03-15 14:08 . 2011-05-17 16:11 4103 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-05-17 14:42 . 2011-05-17 14:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-17 16:12 . 2011-05-17 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-17 14:42 . 2011-05-17 14:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-17 16:12 . 2011-05-17 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-05-16 20:14 271460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-05-17 16:11 271460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-05-11 16:23 7150424 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-05-17 15:49 7150424 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-12-25 21:54 . 2011-05-17 16:11 12573996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-436017773-4153735156-2289325891-1000-12288.dat
- 2010-12-25 21:54 . 2011-05-16 20:14 12573996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-436017773-4153735156-2289325891-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SDBOK"="c:\program files (x86)\GIGABYTE\smart6\dbios\run.exe" [2009-07-06 207400]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-04-23 25640]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-05-06 30528]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\Belkin\F5D7000v8\jswpsapi.exe [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n64.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 JSWSCIMD;jswscimd Service;c:\windows\system32\DRIVERS\jswscimdx.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF24170.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tgu2qjia.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-436017773-4153735156-2289325891-1000\Software\SecuROM\License information*]
"datasecu"=hex:08,e9,96,5f,0d,2f,99,61,2b,58,0a,f7,71,af,f8,2a,25,8e,c9,5d,4b,
d6,e0,9d,1e,24,f3,c4,ce,fe,40,1d,85,85,73,c5,cb,de,0e,bf,f5,ec,22,16,70,7a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
.
**************************************************************************
.
Celkový čas: 2011-05-17 18:16:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-17 16:16
ComboFix2.txt 2011-05-17 14:53
.
Před spuštěním: Volných bajtů: 481 752 645 632
Po spuštění: Volných bajtů: 480 903 467 008
.
- - End Of File - - E75649806150ACF77D5043092CAFFF73
The ///M. The most powerful letter in the world.
Nahoru
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 17 kvě 2011 18:25

Tys mě teda vyděsil... CF doběhl, zobrazil se log ale pak už nešlo totálně nic spustit. Pomohl rstart. Je to normální?

ComboFix
ComboFix 11-05-16.04 - User 17.05.2011 18:06:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4087.2694 [GMT 2:00]
Spuštěný z: c:\users\User\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\User\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\cpuz134_x64.sys"
"c:\windows\system32\drivers\cpuz135_x64.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\windows\system32\drivers\cpuz134_x64.sys
c:\windows\system32\drivers\cpuz135_x64.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436017773-4153735156-2289325891-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ134
-------\Legacy_CPUZ135
-------\Service_cpuz134
-------\Service_cpuz135
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-17 do 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 16:10 . 2011-05-17 16:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 14:54 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5A8BDCE0-DFEA-4CE4-A545-D290D0AC3237}\mpengine.dll
2011-05-17 14:53 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-17 14:53 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 18:00 . 2011-05-17 15:50 -------- d-----w- c:\users\User\Škola
2011-05-11 14:26 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 14:26 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 14:26 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 14:26 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 14:26 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 14:26 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 14:26 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 14:26 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 14:26 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 14:26 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 16:41 . 2011-05-10 16:41 -------- d-----w- c:\users\User\SystemRequirementsLab
2011-05-10 16:26 . 2011-05-10 16:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-10 16:26 . 2011-05-10 16:26 -------- d-----r- c:\program files (x86)\Skype
2011-05-06 18:06 . 2011-05-09 17:46 -------- d-----w- c:\users\UpdatusUser
2011-05-06 18:01 . 2011-04-08 05:14 1619048 ----a-w- c:\windows\system32\nvdispco6420140.dll
2011-05-06 18:01 . 2011-04-08 05:14 1404008 ----a-w- c:\windows\system32\nvgenco642060.dll
2011-05-06 18:01 . 2011-04-08 05:14 10071656 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-03 15:23 . 2011-05-06 19:48 -------- d-----w- c:\program files (x86)\City Interactive
2011-04-28 13:00 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2011-04-28 13:00 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-28 13:00 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-28 13:00 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-25 15:48 . 2011-05-13 13:21 -------- d-----w- c:\program files (x86)\ICQ7.5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-17 16:13 . 2011-02-20 19:17 25640 ----a-w- c:\windows\gdrv.sys
2011-05-17 15:51 . 2011-01-02 18:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-06 10:42 . 2010-12-17 14:37 30528 ----a-w- c:\windows\GVTDrv64.sys
2011-04-23 18:49 . 2010-12-18 12:05 25640 ----a-w- c:\windows\etdrv.sys
2011-04-17 17:13 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-04-17 17:13 . 2009-08-18 10:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-11 08:21 . 2010-12-20 13:41 8802128 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-08 05:14 . 2011-01-05 16:48 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-04-08 05:14 . 2011-01-05 16:48 2273896 ----a-w- c:\windows\system32\nvapi64.dll
2011-04-07 21:19 . 2011-04-07 21:19 2582120 ----a-w- c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18 3041384 ----a-w- c:\windows\system32\nvsvc64.dll
2011-03-29 18:30 . 2011-03-29 18:30 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-29 18:30 . 2011-03-29 18:30 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-29 18:30 . 2011-03-29 18:30 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-29 18:30 . 2011-03-29 18:30 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-29 18:30 . 2011-03-29 18:30 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-29 18:30 . 2011-03-29 18:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-29 18:30 . 2011-03-29 18:30 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-29 18:30 . 2011-03-29 18:30 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-29 18:30 . 2011-03-29 18:30 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-29 18:30 . 2011-03-29 18:30 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-29 18:30 . 2011-03-29 18:30 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-29 18:30 . 2011-03-29 18:30 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-29 18:30 . 2011-03-29 18:30 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-29 18:30 . 2011-03-29 18:30 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-29 18:30 . 2011-03-29 18:30 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-29 18:30 . 2011-03-29 18:30 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-29 18:30 . 2011-03-29 18:30 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-29 18:30 . 2011-03-29 18:30 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-29 18:30 . 2011-03-29 18:30 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-29 18:30 . 2011-03-29 18:30 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-29 18:30 . 2011-03-29 18:30 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-29 18:30 . 2011-03-29 18:30 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-29 18:30 . 2011-03-29 18:30 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-29 18:30 . 2011-03-29 18:30 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-29 18:30 . 2011-03-29 18:30 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-29 18:30 . 2011-03-29 18:30 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-29 18:30 . 2011-03-29 18:30 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-29 18:30 . 2011-03-29 18:30 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-29 18:30 . 2011-03-29 18:30 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-29 18:30 . 2011-03-29 18:30 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-29 18:30 . 2011-03-29 18:30 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-29 18:30 . 2011-03-29 18:30 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-29 18:30 . 2011-03-29 18:30 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-29 18:30 . 2011-03-29 18:30 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-29 18:30 . 2011-03-29 18:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-29 18:30 . 2011-03-29 18:30 448512 ----a-w- c:\windows\system32\html.iec
2011-03-29 18:30 . 2011-03-29 18:30 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-29 18:30 . 2011-03-29 18:30 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-29 18:30 . 2011-03-29 18:30 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-29 18:30 . 2011-03-29 18:30 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-29 18:30 . 2011-03-29 18:30 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-29 18:30 . 2011-03-29 18:30 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-19 14:00 . 2011-03-19 13:32 3724 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2011-03-19 13:45 . 2011-03-19 13:45 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-03-18 14:02 . 2011-03-18 14:02 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-18 14:02 . 2011-03-18 13:57 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-18 13:56 . 2011-03-18 13:56 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-16 20:18 . 2010-12-28 21:17 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-16 20:18 . 2010-12-28 21:17 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-03-16 20:18 . 2010-12-28 21:17 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-16 20:18 . 2010-12-28 21:17 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-03-11 06:34 . 2011-04-12 19:16 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:34 . 2011-04-12 19:16 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-12 19:16 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:33 . 2011-04-12 19:16 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 16:23 . 2011-03-08 16:24 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-08 06:29 . 2011-04-12 19:15 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:28 . 2011-04-12 19:15 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-07 16:36 . 2011-03-07 16:36 388096 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-04 06:19 . 2011-04-28 12:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19 . 2011-04-28 12:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:24 . 2011-04-12 19:15 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:21 . 2011-04-12 19:15 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:36 . 2011-04-12 19:15 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52 . 2011-04-12 19:16 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:15 . 2011-04-12 19:16 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:38 . 2011-04-12 19:16 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 17:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-02-23 17:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-02-23 04:56 . 2011-04-12 19:10 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 04:56 . 2011-04-12 19:16 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 04:56 . 2011-04-12 19:16 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 04:55 . 2011-04-12 19:16 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 04:55 . 2011-04-12 19:10 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 04:55 . 2011-04-12 19:10 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 04:55 . 2011-04-12 19:10 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 12:05 . 2011-03-09 11:47 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 12:04 . 2011-03-09 11:47 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 12:04 . 2011-03-09 11:47 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 12:03 . 2011-04-12 19:16 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 09:00 . 2011-04-12 19:16 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 06:30 . 2011-03-09 11:47 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 06:30 . 2011-03-09 11:47 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-17_14.51.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-12-17 14:44 . 2011-05-17 14:44 42530 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2010-12-17 14:44 . 2011-05-17 15:48 42530 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-05-17 14:44 33154 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-05-17 15:48 33154 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-17 14:38 . 2011-05-17 15:48 11844 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-436017773-4153735156-2289325891-1000_UserData.bin
+ 2009-07-14 04:46 . 2011-05-17 15:49 91408 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-03-15 14:08 . 2011-05-16 20:14 4103 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-03-15 14:08 . 2011-05-17 16:11 4103 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-05-17 14:42 . 2011-05-17 14:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-05-17 16:12 . 2011-05-17 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-05-17 14:42 . 2011-05-17 14:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-05-17 16:12 . 2011-05-17 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-05-16 20:14 271460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-05-17 16:11 271460 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-05-11 16:23 7150424 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-05-17 15:49 7150424 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-12-25 21:54 . 2011-05-17 16:11 12573996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-436017773-4153735156-2289325891-1000-12288.dat
- 2010-12-25 21:54 . 2011-05-16 20:14 12573996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-436017773-4153735156-2289325891-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SDBOK"="c:\program files (x86)\GIGABYTE\smart6\dbios\run.exe" [2009-07-06 207400]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-04-23 25640]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-05-06 30528]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\Belkin\F5D7000v8\jswpsapi.exe [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n64.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 JSWSCIMD;jswscimd Service;c:\windows\system32\DRIVERS\jswscimdx.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF24170.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tgu2qjia.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-436017773-4153735156-2289325891-1000\Software\SecuROM\License information*]
"datasecu"=hex:08,e9,96,5f,0d,2f,99,61,2b,58,0a,f7,71,af,f8,2a,25,8e,c9,5d,4b,
d6,e0,9d,1e,24,f3,c4,ce,fe,40,1d,85,85,73,c5,cb,de,0e,bf,f5,ec,22,16,70,7a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
.
**************************************************************************
.
Celkový čas: 2011-05-17 18:16:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-17 16:16
ComboFix2.txt 2011-05-17 14:53
.
Před spuštěním: Volných bajtů: 481 752 645 632
Po spuštění: Volných bajtů: 480 903 467 008
.
- - End Of File - - E75649806150ACF77D5043092CAFFF73
The ///M. The most powerful letter in the world.
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod Žbeky » 17 kvě 2011 18:32

Jo, když CF udělá víc věcí tak se PC chová divně do dalšího startu. Pak je už vše OK

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 17 kvě 2011 18:50

T-Cleaner vyhodil toto:
//3. soubor
///V Tomto Počítači byly složky, které se vytvořily po combu, ty sem odstarnil ručně. Ale jedna furt zůstává (Qoobox). Jak jí mám smazat?
Přílohy
Bez názvu.jpg
Naposledy upravil(a) ClearSky dne 17 kvě 2011 19:22, celkem upraveno 1 x.
The ///M. The most powerful letter in the world.
Nahoru
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 17 kvě 2011 18:52

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:17, on 17.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Unknown owner - C:\Program Files (x86)\Belkin\F5D7000v8\jswpsapi.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7597 bytes

PC je rychlejší
The ///M. The most powerful letter in the world.
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod memphisto » 17 kvě 2011 22:10

HJT ok

Zkus ji smazat v nouzovém režimu. Jedná se o karanténu Combofixu.

Stáhni a nainstaluj Crystal Disk Info a dej sem log
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
ClearSky
Level 4
Level 4
Příspěvky: 1093
Registrován: prosinec 10
Bydliště: Hostivice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod ClearSky » 18 kvě 2011 17:37

V nouzovém režimu smazat nejde.
CDI 1:
Přílohy
cdi1.jpg
cdi.png
The ///M. The most powerful letter in the world.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu: HJT & MBAM

Příspěvekod jaro3 » 18 kvě 2011 21:46

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)


Zkus ještě jednou odinstalovat Combofix , měl se smazat při něm..

Pokud tam bude qoobox pořád:

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou )

na plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění)a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)
******************************************************************************************
Jaké jsou problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 103 hostů