Kontrola logu Vyřešeno

[bereline]

Zdravím, ještě než popíšu svůj problém ... když nejsem přihlášený, dostanu se do sekce HiJackThis, ale jakmile se přihlásím, nechce mě to tam pustit a netuším proč, proto jsem založil nového téma zde.

A teď k mému problému, poslední dobou mám strašně zasekaný počítač, snažím se to řešit, ale zatím se mi to nedaří. Prosím tedy o preventivní kontrolu logu, jestli problém nebude i zde ...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:29:27, on 11.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\IObit\Game Booster 3\gbtray.exe
E:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110187 ... 1e33b23958
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [LightShot] C:\Users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
O4 - HKCU\..\Run: [Google Update] "C:\Users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

--
End of file - 5672 bytes

Děkuji, bereline

[Reklama]

[Žbeky]

Až budeš mít práva do HJT, tak napiš. Přesunem to tam, tady to akorát zapadne

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110187 ... 1e33b23958
O4 - HKCU\..\Run: [Google Update] "C:\Users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[bereline]

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Verze databáze: v2012.10.05.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Syntasy :: SYNTASYPC [administrátor]

16.11.2012 18:42:52
mbam-log-2012-11-16 (18-42-52).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 190464
Uplynulý čas: 4 minut, 23 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


Projížděl jsem počítač vším možným co na netu je a s čím mám zkušenost, všechno OK. Kontrolu jsem potřeboval hlavně jako pevenci, pokud by tam náhodou bylo něco špatného. A zajímá mě, kde mám hledat problém hlavně ohledně toho FPS a sekání mozzily kvůli (podle mého) flash playeru? Může ten šílený pokles FPS způsobit ovladač grafické karty? Nebo na co se mám zaměřit ...

[jaro3]

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[bereline]

5588 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:15.0984 5588 mrxsmb20 - ok
11:35:16.0015 5588 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
11:35:16.0015 5588 msahci - ok
11:35:16.0046 5588 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:35:16.0046 5588 msdsm - ok
11:35:16.0062 5588 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:35:16.0062 5588 MSDTC - ok
11:35:16.0109 5588 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:35:16.0109 5588 Msfs - ok
11:35:16.0124 5588 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:35:16.0124 5588 mshidkmdf - ok
11:35:16.0156 5588 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:35:16.0156 5588 msisadrv - ok
11:35:16.0202 5588 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:35:16.0202 5588 MSiSCSI - ok
11:35:16.0218 5588 msiserver - ok
11:35:16.0265 5588 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:35:16.0265 5588 MSKSSRV - ok
11:35:16.0280 5588 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:16.0280 5588 MSPCLOCK - ok
11:35:16.0296 5588 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:35:16.0296 5588 MSPQM - ok
11:35:16.0327 5588 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:35:16.0327 5588 MsRPC - ok
11:35:16.0358 5588 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:35:16.0358 5588 mssmbios - ok
11:35:16.0358 5588 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:35:16.0358 5588 MSTEE - ok
11:35:16.0390 5588 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:35:16.0390 5588 MTConfig - ok
11:35:16.0405 5588 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:35:16.0405 5588 Mup - ok
11:35:16.0436 5588 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
11:35:16.0452 5588 napagent - ok
11:35:16.0499 5588 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:35:16.0499 5588 NativeWifiP - ok
11:35:16.0546 5588 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:35:16.0561 5588 NDIS - ok
11:35:16.0592 5588 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:16.0592 5588 NdisCap - ok
11:35:16.0608 5588 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:16.0608 5588 NdisTapi - ok
11:35:16.0655 5588 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:16.0655 5588 Ndisuio - ok
11:35:16.0686 5588 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:16.0686 5588 NdisWan - ok
11:35:16.0702 5588 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:35:16.0702 5588 NDProxy - ok
11:35:16.0717 5588 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:35:16.0717 5588 NetBIOS - ok
11:35:16.0748 5588 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:35:16.0764 5588 NetBT - ok
11:35:16.0764 5588 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
11:35:16.0780 5588 Netlogon - ok
11:35:16.0826 5588 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:35:16.0826 5588 Netman - ok
11:35:16.0873 5588 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:35:16.0889 5588 netprofm - ok
11:35:16.0920 5588 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:35:16.0920 5588 NetTcpPortSharing - ok
11:35:17.0107 5588 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
11:35:17.0248 5588 NETw5s32 - ok
11:35:17.0372 5588 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
11:35:17.0466 5588 netw5v32 - ok
11:35:17.0497 5588 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:35:17.0497 5588 nfrd960 - ok
11:35:17.0544 5588 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:35:17.0544 5588 NlaSvc - ok
11:35:17.0560 5588 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:35:17.0560 5588 Npfs - ok
11:35:17.0591 5588 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:35:17.0591 5588 nsi - ok
11:35:17.0591 5588 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:35:17.0606 5588 nsiproxy - ok
11:35:17.0669 5588 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:35:17.0700 5588 Ntfs - ok
11:35:17.0716 5588 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:35:17.0731 5588 Null - ok
11:35:17.0778 5588 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:35:17.0778 5588 nvraid - ok
11:35:17.0825 5588 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:35:17.0840 5588 nvstor - ok
11:35:17.0872 5588 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:35:17.0872 5588 nv_agp - ok
11:35:17.0903 5588 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:35:17.0903 5588 ohci1394 - ok
11:35:17.0950 5588 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:35:17.0950 5588 ose - ok
11:35:18.0121 5588 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:35:18.0230 5588 osppsvc - ok
11:35:18.0293 5588 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:35:18.0308 5588 p2pimsvc - ok
11:35:18.0340 5588 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:35:18.0340 5588 p2psvc - ok
11:35:18.0371 5588 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:35:18.0371 5588 Parport - ok
11:35:18.0386 5588 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:35:18.0402 5588 partmgr - ok
11:35:18.0418 5588 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:35:18.0418 5588 Parvdm - ok
11:35:18.0433 5588 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:35:18.0449 5588 PcaSvc - ok
11:35:18.0480 5588 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
11:35:18.0480 5588 pci - ok
11:35:18.0527 5588 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
11:35:18.0527 5588 pciide - ok
11:35:18.0558 5588 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:35:18.0558 5588 pcmcia - ok
11:35:18.0574 5588 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:35:18.0574 5588 pcw - ok
11:35:18.0605 5588 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:35:18.0620 5588 PEAUTH - ok
11:35:18.0667 5588 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:35:18.0714 5588 PeerDistSvc - ok
11:35:18.0776 5588 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
11:35:18.0823 5588 pla - ok
11:35:18.0854 5588 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:35:18.0870 5588 PlugPlay - ok
11:35:18.0979 5588 [ 3A2E85F7D90D15460C337CE80C2E3B29 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
11:35:18.0979 5588 PnkBstrA - ok
11:35:19.0010 5588 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:35:19.0010 5588 PNRPAutoReg - ok
11:35:19.0042 5588 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:35:19.0042 5588 PNRPsvc - ok
11:35:19.0057 5588 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:35:19.0073 5588 PolicyAgent - ok
11:35:19.0120 5588 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
11:35:19.0120 5588 Power - ok
11:35:19.0151 5588 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:35:19.0166 5588 PptpMiniport - ok
11:35:19.0166 5588 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:35:19.0182 5588 Processor - ok
11:35:19.0213 5588 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
11:35:19.0213 5588 ProfSvc - ok
11:35:19.0229 5588 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:19.0229 5588 ProtectedStorage - ok
11:35:19.0260 5588 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:35:19.0276 5588 Psched - ok
11:35:19.0322 5588 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:35:19.0354 5588 ql2300 - ok
11:35:19.0369 5588 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:35:19.0369 5588 ql40xx - ok
11:35:19.0400 5588 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:35:19.0400 5588 QWAVE - ok
11:35:19.0416 5588 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:35:19.0416 5588 QWAVEdrv - ok
11:35:19.0432 5588 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:35:19.0447 5588 RasAcd - ok
11:35:19.0478 5588 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:19.0478 5588 RasAgileVpn - ok
11:35:19.0478 5588 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:35:19.0494 5588 RasAuto - ok
11:35:19.0510 5588 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:19.0510 5588 Rasl2tp - ok
11:35:19.0556 5588 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
11:35:19.0556 5588 RasMan - ok
11:35:19.0588 5588 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:19.0588 5588 RasPppoe - ok
11:35:19.0603 5588 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:35:19.0603 5588 RasSstp - ok
11:35:19.0634 5588 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:35:19.0634 5588 rdbss - ok
11:35:19.0650 5588 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:19.0666 5588 rdpbus - ok
11:35:19.0681 5588 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:19.0681 5588 RDPCDD - ok
11:35:19.0712 5588 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:35:19.0712 5588 RDPDR - ok
11:35:19.0744 5588 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:35:19.0744 5588 RDPENCDD - ok
11:35:19.0775 5588 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:35:19.0775 5588 RDPREFMP - ok
11:35:19.0806 5588 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:35:19.0806 5588 RdpVideoMiniport - ok
11:35:19.0837 5588 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:35:19.0853 5588 RDPWD - ok
11:35:19.0900 5588 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:35:19.0900 5588 rdyboost - ok
11:35:19.0931 5588 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:35:19.0931 5588 RemoteAccess - ok
11:35:19.0978 5588 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:35:19.0978 5588 RemoteRegistry - ok
11:35:20.0024 5588 [ D65AC8797F0286ED269500747D6290A4 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
11:35:20.0024 5588 rimmptsk - ok
11:35:20.0071 5588 [ 49EC82B44EB93374ED9988DA7E0E0151 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
11:35:20.0071 5588 rimsptsk - ok
11:35:20.0087 5588 [ 3F400C3CCD0818858602DDB37B5DE719 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
11:35:20.0102 5588 rismxdp - ok
11:35:20.0118 5588 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:35:20.0118 5588 RpcEptMapper - ok
11:35:20.0134 5588 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:35:20.0149 5588 RpcLocator - ok
11:35:20.0165 5588 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
11:35:20.0165 5588 RpcSs - ok
11:35:20.0196 5588 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:35:20.0212 5588 rspndr - ok
11:35:20.0243 5588 [ 87407B31EA6FF0DC4765258164B98BEA ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
11:35:20.0243 5588 RTHDMIAzAudService - ok
11:35:20.0321 5588 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:35:20.0321 5588 RTL8167 - ok
11:35:20.0352 5588 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:35:20.0352 5588 s3cap - ok
11:35:20.0368 5588 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
11:35:20.0383 5588 SamSs - ok
11:35:20.0414 5588 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:35:20.0414 5588 sbp2port - ok
11:35:20.0446 5588 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:35:20.0446 5588 SCardSvr - ok
11:35:20.0492 5588 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:35:20.0492 5588 scfilter - ok
11:35:20.0539 5588 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
11:35:20.0570 5588 Schedule - ok
11:35:20.0586 5588 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:35:20.0586 5588 SCPolicySvc - ok
11:35:20.0648 5588 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:35:20.0648 5588 sdbus - ok
11:35:20.0695 5588 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:35:20.0695 5588 SDRSVC - ok
11:35:20.0758 5588 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:35:20.0758 5588 secdrv - ok
11:35:20.0789 5588 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:35:20.0789 5588 seclogon - ok
11:35:20.0836 5588 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
11:35:20.0836 5588 SENS - ok
11:35:20.0867 5588 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:35:20.0867 5588 SensrSvc - ok
11:35:20.0914 5588 [ A2CC81C30BEF6AC9F27055490EEF6DE3 ] Sentinel C:\Windows\System32\Drivers\SENTINEL.SYS
11:35:20.0914 5588 Sentinel - ok
11:35:20.0914 5588 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:35:20.0929 5588 Serenum - ok
11:35:20.0945 5588 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:35:20.0945 5588 Serial - ok
11:35:20.0960 5588 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:35:20.0960 5588 sermouse - ok
11:35:21.0023 5588 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
11:35:21.0023 5588 SessionEnv - ok
11:35:21.0085 5588 [ 18A4EB256E35A6DD233C4D005835879A ] SetupARService C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe
11:35:21.0085 5588 SetupARService - ok
11:35:21.0116 5588 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:35:21.0116 5588 sffdisk - ok
11:35:21.0148 5588 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:35:21.0148 5588 sffp_mmc - ok
11:35:21.0163 5588 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:35:21.0163 5588 sffp_sd - ok
11:35:21.0210 5588 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:35:21.0210 5588 sfloppy - ok
11:35:21.0241 5588 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:35:21.0257 5588 SharedAccess - ok
11:35:21.0304 5588 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:21.0319 5588 ShellHWDetection - ok
11:35:21.0366 5588 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:35:21.0366 5588 sisagp - ok
11:35:21.0397 5588 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:35:21.0397 5588 SiSRaid2 - ok
11:35:21.0413 5588 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:35:21.0413 5588 SiSRaid4 - ok
11:35:21.0444 5588 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:35:21.0444 5588 Smb - ok
11:35:21.0491 5588 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:35:21.0491 5588 SNMPTRAP - ok
11:35:21.0538 5588 [ 9DE6E60CE7FD82B4985DE5D9C22265AD ] SNTNLUSB C:\Windows\system32\DRIVERS\SNTNLUSB.SYS
11:35:21.0538 5588 SNTNLUSB - ok
11:35:21.0678 5588 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
11:35:21.0694 5588 Sony PC Companion - ok
11:35:21.0725 5588 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:35:21.0725 5588 spldr - ok
11:35:21.0787 5588 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
11:35:21.0803 5588 Spooler - ok
11:35:21.0912 5588 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
11:35:21.0990 5588 sppsvc - ok
11:35:22.0037 5588 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:35:22.0052 5588 sppuinotify - ok
11:35:22.0084 5588 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:35:22.0084 5588 srv - ok
11:35:22.0099 5588 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:35:22.0115 5588 srv2 - ok
11:35:22.0146 5588 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:35:22.0146 5588 srvnet - ok
11:35:22.0177 5588 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:35:22.0177 5588 SSDPSRV - ok
11:35:22.0193 5588 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:35:22.0208 5588 SstpSvc - ok
11:35:22.0224 5588 Steam Client Service - ok
11:35:22.0255 5588 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:35:22.0255 5588 stexstor - ok
11:35:22.0286 5588 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
11:35:22.0333 5588 StiSvc - ok
11:35:22.0380 5588 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:35:22.0380 5588 storflt - ok
11:35:22.0396 5588 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:35:22.0396 5588 storvsc - ok
11:35:22.0442 5588 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
11:35:22.0442 5588 swenum - ok
11:35:22.0474 5588 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:35:22.0505 5588 swprv - ok
11:35:22.0520 5588 Synth3dVsc - ok
11:35:22.0567 5588 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
11:35:22.0614 5588 SysMain - ok
11:35:22.0630 5588 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:22.0630 5588 TabletInputService - ok
11:35:22.0708 5588 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
11:35:22.0708 5588 TapiSrv - ok
11:35:22.0754 5588 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:35:22.0754 5588 TBS - ok
11:35:22.0817 5588 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:35:22.0879 5588 Tcpip - ok
11:35:22.0942 5588 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:35:22.0942 5588 TCPIP6 - ok
11:35:23.0020 5588 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:35:23.0035 5588 tcpipreg - ok
11:35:23.0066 5588 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:35:23.0066 5588 TDPIPE - ok
11:35:23.0082 5588 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:35:23.0082 5588 TDTCP - ok
11:35:23.0113 5588 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:35:23.0113 5588 tdx - ok
11:35:23.0160 5588 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:35:23.0160 5588 TermDD - ok
11:35:23.0207 5588 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
11:35:23.0222 5588 TermService - ok
11:35:23.0269 5588 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:35:23.0285 5588 Themes - ok
11:35:23.0285 5588 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:35:23.0300 5588 THREADORDER - ok
11:35:23.0378 5588 [ 5557E7F940CBCF09BE43379F551F6689 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:35:23.0378 5588 TosCoSrv - ok
11:35:23.0441 5588 [ 969377943FE7284609BABBAB4E06B93C ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
11:35:23.0441 5588 tos_sps32 - ok
11:35:23.0488 5588 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:35:23.0488 5588 TrkWks - ok
11:35:23.0534 5588 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:23.0534 5588 TrustedInstaller - ok
11:35:23.0581 5588 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:23.0597 5588 tssecsrv - ok
11:35:23.0628 5588 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:35:23.0628 5588 TsUsbFlt - ok
11:35:23.0659 5588 tsusbhub - ok
11:35:23.0706 5588 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:35:23.0722 5588 tunnel - ok
11:35:23.0737 5588 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:35:23.0737 5588 TVALZ - ok
11:35:23.0784 5588 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:35:23.0784 5588 uagp35 - ok
11:35:23.0831 5588 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:35:23.0846 5588 udfs - ok
11:35:23.0878 5588 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:35:23.0878 5588 UI0Detect - ok
11:35:23.0924 5588 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:35:23.0924 5588 uliagpkx - ok
11:35:23.0971 5588 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
11:35:23.0971 5588 umbus - ok
11:35:23.0987 5588 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:35:23.0987 5588 UmPass - ok
11:35:24.0034 5588 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
11:35:24.0034 5588 UmRdpService - ok
11:35:24.0065 5588 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:35:24.0096 5588 upnphost - ok
11:35:24.0127 5588 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:24.0127 5588 usbccgp - ok
11:35:24.0158 5588 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:35:24.0158 5588 usbcir - ok
11:35:24.0190 5588 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:35:24.0190 5588 usbehci - ok
11:35:24.0236 5588 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:35:24.0236 5588 usbhub - ok
11:35:24.0252 5588 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:35:24.0268 5588 usbohci - ok
11:35:24.0283 5588 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:35:24.0283 5588 usbprint - ok
11:35:24.0314 5588 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:24.0314 5588 USBSTOR - ok
11:35:24.0346 5588 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:35:24.0346 5588 usbuhci - ok
11:35:24.0392 5588 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:35:24.0392 5588 usbvideo - ok
11:35:24.0439 5588 [ 237C444FBD1C697A2E3FA60F02C61F22 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
11:35:24.0439 5588 UVCFTR - ok
11:35:24.0455 5588 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:35:24.0470 5588 UxSms - ok
11:35:24.0470 5588 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
11:35:24.0486 5588 VaultSvc - ok
11:35:24.0533 5588 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:35:24.0533 5588 vdrvroot - ok
11:35:24.0564 5588 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
11:35:24.0580 5588 vds - ok
11:35:24.0626 5588 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:24.0626 5588 vga - ok
11:35:24.0642 5588 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:35:24.0658 5588 VgaSave - ok
11:35:24.0658 5588 VGPU - ok
11:35:24.0704 5588 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:35:24.0720 5588 vhdmp - ok
11:35:24.0767 5588 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:35:24.0767 5588 viaagp - ok
11:35:24.0782 5588 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:35:24.0782 5588 ViaC7 - ok
11:35:24.0814 5588 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
11:35:24.0814 5588 viaide - ok
11:35:24.0845 5588 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:35:24.0845 5588 vmbus - ok
11:35:24.0860 5588 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:35:24.0876 5588 VMBusHID - ok
11:35:24.0892 5588 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:35:24.0892 5588 volmgr - ok
11:35:24.0923 5588 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:35:24.0923 5588 volmgrx - ok
11:35:24.0970 5588 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:35:24.0970 5588 volsnap - ok
11:35:25.0016 5588 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:35:25.0016 5588 vsmraid - ok
11:35:25.0063 5588 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
11:35:25.0094 5588 VSS - ok
11:35:25.0094 5588 vtany - ok
11:35:25.0141 5588 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:25.0141 5588 vwifibus - ok
11:35:25.0172 5588 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:25.0172 5588 vwififlt - ok
11:35:25.0219 5588 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:35:25.0219 5588 W32Time - ok
11:35:25.0235 5588 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:35:25.0235 5588 WacomPen - ok
11:35:25.0282 5588 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:35:25.0282 5588 WANARP - ok
11:35:25.0297 5588 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:35:25.0297 5588 Wanarpv6 - ok
11:35:25.0391 5588 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:25.0422 5588 WatAdminSvc - ok
11:35:25.0469 5588 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
11:35:25.0500 5588 wbengine - ok
11:35:25.0531 5588 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:35:25.0547 5588 WbioSrvc - ok
11:35:25.0578 5588 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:35:25.0594 5588 wcncsvc - ok
11:35:25.0609 5588 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:25.0609 5588 WcsPlugInService - ok
11:35:25.0640 5588 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:35:25.0640 5588 Wd - ok
11:35:25.0672 5588 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:35:25.0672 5588 Wdf01000 - ok
11:35:25.0687 5588 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:35:25.0703 5588 WdiServiceHost - ok
11:35:25.0703 5588 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:35:25.0703 5588 WdiSystemHost - ok
11:35:25.0750 5588 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
11:35:25.0750 5588 WebClient - ok
11:35:25.0765 5588 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:35:25.0781 5588 Wecsvc - ok
11:35:25.0796 5588 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:35:25.0796 5588 wercplsupport - ok
11:35:25.0828 5588 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:35:25.0828 5588 WerSvc - ok
11:35:25.0843 5588 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:25.0843 5588 WfpLwf - ok
11:35:25.0859 5588 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:35:25.0859 5588 WIMMount - ok
11:35:25.0921 5588 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:35:25.0937 5588 WinDefend - ok
11:35:25.0952 5588 WinHttpAutoProxySvc - ok
11:35:25.0999 5588 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:35:25.0999 5588 Winmgmt - ok
11:35:26.0077 5588 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
11:35:26.0077 5588 WinRing0_1_2_0 - ok
11:35:26.0140 5588 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
11:35:26.0171 5588 WinRM - ok
11:35:26.0218 5588 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:26.0218 5588 WinUsb - ok
11:35:26.0264 5588 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:35:26.0296 5588 Wlansvc - ok
11:35:26.0327 5588 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:35:26.0327 5588 WmiAcpi - ok
11:35:26.0358 5588 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:35:26.0374 5588 wmiApSrv - ok
11:35:26.0452 5588 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:35:26.0483 5588 WMPNetworkSvc - ok
11:35:26.0498 5588 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:35:26.0498 5588 WPCSvc - ok
11:35:26.0530 5588 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:35:26.0545 5588 WPDBusEnum - ok
11:35:26.0561 5588 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:35:26.0576 5588 ws2ifsl - ok
11:35:26.0592 5588 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
11:35:26.0592 5588 wscsvc - ok
11:35:26.0592 5588 WSearch - ok
11:35:26.0670 5588 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:35:26.0717 5588 wuauserv - ok
11:35:26.0732 5588 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:35:26.0748 5588 WudfPf - ok
11:35:26.0810 5588 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:26.0810 5588 WUDFRd - ok
11:35:26.0842 5588 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:35:26.0857 5588 wudfsvc - ok
11:35:26.0888 5588 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:35:26.0888 5588 WwanSvc - ok
11:35:26.0888 5588 xhunter1 - ok
11:35:26.0935 5588 [ 66D3C0BAF4F0D83E974F3BF426C0DE7D ] xsherlock C:\Windows\system32\xsherlock.xem
11:35:26.0966 5588 xsherlock - ok
11:35:26.0982 5588 ================ Scan global ===============================
11:35:27.0029 5588 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:35:27.0076 5588 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:35:27.0091 5588 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:35:27.0138 5588 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:35:27.0154 5588 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:35:27.0154 5588 [Global] - ok
11:35:27.0169 5588 ================ Scan MBR ==================================
11:35:27.0185 5588 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:35:27.0590 5588 \Device\Harddisk0\DR0 - ok
11:35:27.0590 5588 ================ Scan VBR ==================================
11:35:27.0622 5588 [ 143A105C6D14EA9286CB12D163FFEDF8 ] \Device\Harddisk0\DR0\Partition1
11:35:27.0622 5588 \Device\Harddisk0\DR0\Partition1 - ok
11:35:27.0622 5588 [ BD9AD5CD39D3143F7EE34D5FBB4BE9EA ] \Device\Harddisk0\DR0\Partition2
11:35:27.0622 5588 \Device\Harddisk0\DR0\Partition2 - ok
11:35:27.0653 5588 [ 1E1D04FEFF15868FA5811E63FCC93682 ] \Device\Harddisk0\DR0\Partition3
11:35:27.0653 5588 \Device\Harddisk0\DR0\Partition3 - ok
11:35:27.0653 5588 ============================================================
11:35:27.0653 5588 Scan finished
11:35:27.0653 5588 ============================================================
11:35:27.0668 5580 Detected object count: 0
11:35:27.0668 5580 Actual detected object count: 0
11:35:32.0536 5428 Deinitialize success

--- Doplnění předchozího příspěvku (Pon Lis 19, 2012 12:00 pm) ---

Netuším jak je možné, že mi combofix hlásil, že avast je zapnutý, když jsem všechny štíty vypnul + jsem vypnul celý antivirus ve službách, každopádně tady je log:

ComboFix 12-11-16.02 - Syntasy 19.11.2012 11:46:09.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.2139 [GMT 1:00]
Spuštěný z: c:\users\Syntasy\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
c:\windows\system32\roboot.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-19 do 2012-11-19 )))))))))))))))))))))))))))))))
.
.
2012-11-19 10:52 . 2012-11-19 10:54 -------- d-----w- c:\users\Syntasy\AppData\Local\temp
2012-11-19 10:52 . 2012-11-19 10:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-19 09:35 . 2012-11-19 09:35 -------- d-----w- c:\programdata\FLEXnet
2012-11-19 09:34 . 2012-11-19 09:34 -------- d-----w- C:\MoTemp
2012-11-19 09:19 . 2012-11-19 09:19 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-11-18 21:34 . 2012-11-18 21:34 -------- d-----w- c:\users\Syntasy\AppData\Roaming\SFBot
2012-11-18 19:27 . 2012-11-18 19:27 -------- d-----w- c:\program files\Ronimo Games
2012-11-18 18:33 . 2012-11-18 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-11-18 18:33 . 2012-11-18 18:33 -------- d-----w- c:\users\Syntasy\AppData\Local\PunkBuster
2012-11-18 18:30 . 2012-11-18 18:34 141072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-11-18 18:30 . 2012-11-18 18:30 138904 ----a-w- c:\users\Syntasy\AppData\Roaming\PnkBstrK.sys
2012-11-18 18:30 . 2012-11-18 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-18 18:30 . 2012-11-18 18:30 282512 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-11-18 18:29 . 2012-11-18 18:29 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-11-18 12:16 . 2012-11-18 18:43 -------- d-----w- C:\Ubisoft
2012-11-18 12:15 . 2012-11-18 12:15 -------- d-----w- c:\users\Syntasy\AppData\Local\Apps
2012-11-18 12:15 . 2012-11-18 18:43 -------- d-----w- c:\users\Syntasy\AppData\Local\Deployment
2012-11-18 12:14 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-11-18 12:14 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-11-18 12:14 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-18 12:14 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-18 12:14 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2012-11-18 10:44 . 2012-11-18 10:44 -------- d-----w- c:\users\Syntasy\AppData\Local\SniperV2
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\program files\Sony Media Go Install
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Sony
2012-11-17 16:03 . 2012-11-17 16:03 -------- d-----w- c:\program files\CPUID
2012-11-17 14:31 . 2012-11-17 14:31 666720 ----a-w- c:\windows\system32\xsherlock.xem
2012-11-17 14:14 . 2012-11-17 14:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-11-14 19:41 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CCEE4A3-2AE2-4971-99A8-B1F4EA96CC3A}\mpengine.dll
2012-11-14 13:53 . 2012-11-19 09:36 -------- d-----w- c:\users\Syntasy\AppData\Local\Adobe
2012-11-13 21:46 . 2012-11-13 21:46 -------- d-----w- c:\users\Syntasy\AppData\Local\Programs
2012-11-13 10:41 . 2012-11-13 10:41 -------- d-----w- c:\users\Syntasy\AppData\Local\ATI
2012-11-13 09:25 . 2012-11-19 10:25 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-11-12 21:42 . 2012-11-12 21:42 -------- d-----w- c:\users\Syntasy\AppData\Roaming\CheckPoint
2012-11-12 21:25 . 2012-11-12 21:25 -------- d-----w- c:\programdata\CheckPoint
2012-11-11 22:05 . 2012-11-13 09:38 -------- d-----w- c:\users\Syntasy\AppData\Local\NPE
2012-11-11 22:05 . 2012-11-11 22:05 -------- d-----w- c:\programdata\Norton
2012-11-07 22:42 . 2012-11-07 22:43 -------- d-----w- c:\users\Syntasy\AppData\Roaming\SPORE
2012-11-07 22:31 . 2012-11-07 22:31 -------- d-----w- c:\program files\Electronic Arts
2012-11-07 19:48 . 2012-11-07 19:54 -------- d-----w- c:\users\Syntasy\AppData\Roaming\.minecraft
2012-11-06 16:44 . 2012-11-06 16:45 -------- d-----w- c:\users\Syntasy\AppData\Roaming\PSpad
2012-11-06 16:42 . 2012-11-06 16:42 -------- d-----w- c:\program files\PSPad editor
2012-11-06 11:42 . 2012-11-06 11:42 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Sports Interactive
2012-11-06 11:42 . 2012-11-06 11:42 -------- d-----w- c:\users\Syntasy\AppData\Local\Sports Interactive
2012-11-06 08:07 . 2012-11-06 08:08 -------- d-----w- c:\windows\FltMgr
2012-11-06 08:07 . 2012-11-07 10:47 -------- d-----w- c:\program files\PogiSys
2012-11-03 11:56 . 2009-04-06 08:08 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2012-11-03 11:56 . 2009-04-06 08:08 4682 ----a-w- c:\windows\system32\npptNT2.sys
2012-11-03 11:05 . 2012-11-03 11:05 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Red Alert 3
2012-11-03 10:04 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2012-11-03 10:04 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2012-11-03 10:04 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-11-03 10:04 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2012-11-03 10:04 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2012-11-03 10:04 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-11-02 21:01 . 2007-10-22 02:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2012-11-02 21:01 . 2007-10-22 02:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2012-11-02 21:01 . 2007-10-12 14:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2012-11-02 21:01 . 2007-10-02 08:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2012-11-02 21:01 . 2007-10-12 14:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2012-11-02 21:01 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-10-31 13:33 . 2012-10-31 13:48 -------- d-----w- C:\UT2004
2012-10-28 19:56 . 2012-10-28 19:56 -------- d-----w- c:\users\Syntasy\UMLet
2012-10-28 18:23 . 2012-10-28 18:23 -------- d-----w- c:\program files\Sony Mobile
2012-10-28 18:18 . 2012-10-28 18:18 -------- d-----w- c:\programdata\Sony Ericsson
2012-10-28 18:17 . 2012-10-28 18:17 -------- d-----w- c:\program files\Sony Ericsson
2012-10-28 18:10 . 2012-10-28 18:10 -------- d-----w- c:\programdata\Sony
2012-10-28 18:10 . 2012-10-28 18:10 -------- d-----w- c:\program files\Sony
2012-10-27 06:48 . 2012-10-27 06:48 -------- d-----w- c:\users\Syntasy\AppData\Roaming\systweak
2012-10-27 06:47 . 2012-10-27 06:47 -------- d-----w- c:\programdata\Babylon
2012-10-27 06:47 . 2012-10-27 06:47 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Babylon
2012-10-25 20:26 . 2012-10-31 12:04 -------- d-----w- c:\programdata\TmForever
2012-10-25 20:23 . 2012-10-25 20:25 -------- d-----w- c:\program files\TmNationsForever
2012-10-24 09:09 . 2012-11-03 11:45 -------- d-----w- c:\program files\NCsoft
2012-10-23 11:45 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-23 11:45 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-23 11:45 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-10-23 11:45 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-23 11:45 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-10-23 11:45 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-10-23 07:26 . 2012-10-23 07:26 -------- d-----w- c:\programdata\IObit
2012-10-23 07:26 . 2012-10-23 07:26 -------- d-----w- c:\program files\IObit
2012-10-21 12:26 . 2012-10-21 12:26 -------- d-----w- c:\windows\system32\SPReview
2012-10-21 12:25 . 2012-10-21 12:25 -------- d-----w- c:\windows\system32\EventProviders
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-10 22:00 . 2012-08-15 20:39 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-10 22:00 . 2012-08-15 20:39 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-30 22:51 . 2012-08-15 20:23 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-08-15 20:23 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-08-15 20:22 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-08-15 20:22 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-08-15 20:23 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-08-15 20:22 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-08-15 20:22 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-21 12:34 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-15 16:59 . 2012-08-15 20:23 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-14 18:28 . 2012-10-10 16:52 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-07 15:04 . 2012-08-21 15:13 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 17:18 . 2012-10-10 16:51 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12 . 2012-10-10 16:51 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 16:51 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 16:57 . 2012-10-10 16:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-09-22 06:22 981504 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 15:20 . 2012-09-22 06:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-14 18:18 . 2012-10-05 10:29 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2012-02-02 195072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-03-06 468320]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-12-18 448376]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-03-23 729088]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-15 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Syntasy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\users\Syntasy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54 3672384 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-08-26 08:29 116648 ----atw- c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-11-15 17:01 2254768 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
R2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vtany;vtany;c:\windows\vtany.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 22:00]
.
2012-11-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000Core.job
- c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 08:29]
.
2012-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000UA.job
- c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 08:29]
.
2012-11-19 c:\windows\Tasks\update-S-1-5-21-2935198736-4227321628-2989923049-1000.job
- c:\program files\Skillbrains\Updater\Updater.exe [2012-08-15 20:09]
.
2012-11-19 c:\windows\Tasks\update-sys.job
- c:\program files\Skillbrains\Updater\Updater.exe [2012-08-15 20:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\Syntasy\AppData\Roaming\Mozilla\Firefox\Profiles\sslcfnzy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ZoneAlarm Installer - c:\program files\CheckPoint\Install\Launcher.exe
AddRemove-PunkBusterSvc - c:\ubisoft\Ghost Recon Online\PDC-Live\pbsvc_gro.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Game Booster 3\gbtray.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-11-19 11:59:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-19 10:59
.
Před spuštěním: Volných bajtů: 48 536 645 632
Po spuštění: Volných bajtů: 48 486 141 952
.
- - End Of File - - ED5A25B6BA4350DBF8D4EFCBBF5250DE

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
Folder::
c:\programdata\Babylon
c:\users\Syntasy\AppData\Roaming\Babylon


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[bereline]

ComboFix 12-11-16.02 - Syntasy 20.11.2012 13:42:52.4.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.1919 [GMT 1:00]
Spuštěný z: c:\users\Syntasy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Syntasy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Babylon
c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
c:\users\Syntasy\AppData\Roaming\Babylon
c:\users\Syntasy\AppData\Roaming\Babylon\log_file.txt
.
Nakažená kopie c:\windows\system32\kernel32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_94753f2bd07b1432\kernel32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-20 do 2012-11-20 )))))))))))))))))))))))))))))))
.
.
2012-11-20 12:51 . 2012-11-20 12:53 -------- d-----w- c:\users\Syntasy\AppData\Local\temp
2012-11-20 12:51 . 2012-11-20 12:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-20 12:51 . 2012-11-20 12:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-20 11:49 . 2012-11-20 11:50 -------- d-----w- c:\users\Syntasy\AppData\Roaming\QIP
2012-11-20 11:49 . 2012-11-20 11:49 -------- d-----w- c:\program files\QIP 2012
2012-11-20 10:57 . 2012-11-20 11:15 -------- d-----w- C:\Flashtool
2012-11-19 17:01 . 2012-11-19 17:01 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CCEE4A3-2AE2-4971-99A8-B1F4EA96CC3A}\offreg.dll
2012-11-19 09:35 . 2012-11-19 09:35 -------- d-----w- c:\programdata\FLEXnet
2012-11-19 09:34 . 2012-11-19 09:34 -------- d-----w- C:\MoTemp
2012-11-19 09:19 . 2012-11-19 09:19 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-11-18 21:34 . 2012-11-18 21:34 -------- d-----w- c:\users\Syntasy\AppData\Roaming\SFBot
2012-11-18 19:27 . 2012-11-18 19:27 -------- d-----w- c:\program files\Ronimo Games
2012-11-18 18:33 . 2012-11-18 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-11-18 18:33 . 2012-11-18 18:33 -------- d-----w- c:\users\Syntasy\AppData\Local\PunkBuster
2012-11-18 18:30 . 2012-11-18 18:34 141072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-11-18 18:30 . 2012-11-18 18:30 138904 ----a-w- c:\users\Syntasy\AppData\Roaming\PnkBstrK.sys
2012-11-18 18:30 . 2012-11-18 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-18 18:30 . 2012-11-18 18:30 282512 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-11-18 18:29 . 2012-11-18 18:29 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-11-18 12:16 . 2012-11-18 18:43 -------- d-----w- C:\Ubisoft
2012-11-18 12:15 . 2012-11-18 12:15 -------- d-----w- c:\users\Syntasy\AppData\Local\Apps
2012-11-18 12:15 . 2012-11-18 18:43 -------- d-----w- c:\users\Syntasy\AppData\Local\Deployment
2012-11-18 12:14 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-11-18 12:14 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-11-18 12:14 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-18 12:14 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-18 12:14 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2012-11-18 10:44 . 2012-11-18 10:44 -------- d-----w- c:\users\Syntasy\AppData\Local\SniperV2
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\program files\Sony Media Go Install
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Sony
2012-11-17 16:03 . 2012-11-17 16:03 -------- d-----w- c:\program files\CPUID
2012-11-17 14:31 . 2012-11-17 14:31 666720 ----a-w- c:\windows\system32\xsherlock.xem
2012-11-17 14:14 . 2012-11-17 14:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-11-14 19:41 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CCEE4A3-2AE2-4971-99A8-B1F4EA96CC3A}\mpengine.dll
2012-11-14 13:53 . 2012-11-20 12:05 -------- d-----w- c:\users\Syntasy\AppData\Local\Adobe
2012-11-13 21:46 . 2012-11-13 21:46 -------- d-----w- c:\users\Syntasy\AppData\Local\Programs
2012-11-13 10:41 . 2012-11-13 10:41 -------- d-----w- c:\users\Syntasy\AppData\Local\ATI
2012-11-13 09:25 . 2012-11-19 10:25 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-11-12 21:42 . 2012-11-12 21:42 -------- d-----w- c:\users\Syntasy\AppData\Roaming\CheckPoint
2012-11-12 21:25 . 2012-11-12 21:25 -------- d-----w- c:\programdata\CheckPoint
2012-11-11 22:05 . 2012-11-13 09:38 -------- d-----w- c:\users\Syntasy\AppData\Local\NPE
2012-11-11 22:05 . 2012-11-11 22:05 -------- d-----w- c:\programdata\Norton
2012-11-07 22:42 . 2012-11-07 22:43 -------- d-----w- c:\users\Syntasy\AppData\Roaming\SPORE
2012-11-07 22:31 . 2012-11-07 22:31 -------- d-----w- c:\program files\Electronic Arts
2012-11-07 19:48 . 2012-11-07 19:54 -------- d-----w- c:\users\Syntasy\AppData\Roaming\.minecraft
2012-11-06 16:44 . 2012-11-06 16:45 -------- d-----w- c:\users\Syntasy\AppData\Roaming\PSpad
2012-11-06 16:42 . 2012-11-06 16:42 -------- d-----w- c:\program files\PSPad editor
2012-11-06 11:42 . 2012-11-06 11:42 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Sports Interactive
2012-11-06 11:42 . 2012-11-06 11:42 -------- d-----w- c:\users\Syntasy\AppData\Local\Sports Interactive
2012-11-06 08:07 . 2012-11-06 08:08 -------- d-----w- c:\windows\FltMgr
2012-11-06 08:07 . 2012-11-07 10:47 -------- d-----w- c:\program files\PogiSys
2012-11-03 11:56 . 2009-04-06 08:08 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2012-11-03 11:56 . 2009-04-06 08:08 4682 ----a-w- c:\windows\system32\npptNT2.sys
2012-11-03 11:05 . 2012-11-03 11:05 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Red Alert 3
2012-11-03 10:04 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2012-11-03 10:04 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2012-11-03 10:04 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-11-03 10:04 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2012-11-03 10:04 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2012-11-03 10:04 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-11-02 21:01 . 2007-10-22 02:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2012-11-02 21:01 . 2007-10-22 02:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2012-11-02 21:01 . 2007-10-12 14:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2012-11-02 21:01 . 2007-10-02 08:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2012-11-02 21:01 . 2007-10-12 14:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2012-11-02 21:01 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-10-31 13:33 . 2012-10-31 13:48 -------- d-----w- C:\UT2004
2012-10-28 19:56 . 2012-10-28 19:56 -------- d-----w- c:\users\Syntasy\UMLet
2012-10-28 18:23 . 2012-10-28 18:23 -------- d-----w- c:\program files\Sony Mobile
2012-10-28 18:18 . 2012-10-28 18:18 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2012-10-28 18:18 . 2012-10-28 18:18 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2012-10-28 18:18 . 2012-11-20 10:35 -------- d-----w- c:\programdata\Sony Ericsson
2012-10-28 18:17 . 2012-11-20 10:35 -------- d-----w- c:\program files\Sony Ericsson
2012-10-28 18:10 . 2012-10-28 18:10 -------- d-----w- c:\programdata\Sony
2012-10-28 18:10 . 2012-10-28 18:10 -------- d-----w- c:\program files\Sony
2012-10-27 06:48 . 2012-10-27 06:48 -------- d-----w- c:\users\Syntasy\AppData\Roaming\systweak
2012-10-25 20:26 . 2012-10-31 12:04 -------- d-----w- c:\programdata\TmForever
2012-10-25 20:23 . 2012-10-25 20:25 -------- d-----w- c:\program files\TmNationsForever
2012-10-24 09:09 . 2012-11-03 11:45 -------- d-----w- c:\program files\NCsoft
2012-10-23 11:45 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-23 11:45 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-23 11:45 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-10-23 11:45 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-23 11:45 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-10-23 11:45 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-10-23 07:26 . 2012-10-23 07:26 -------- d-----w- c:\programdata\IObit
2012-10-23 07:26 . 2012-10-23 07:26 -------- d-----w- c:\program files\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-10 22:00 . 2012-08-15 20:39 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-10 22:00 . 2012-08-15 20:39 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-30 22:51 . 2012-08-15 20:23 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-08-15 20:23 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-08-15 20:22 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-08-15 20:22 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-08-15 20:23 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-08-15 20:22 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-08-15 20:22 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-21 12:34 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-15 16:59 . 2012-08-15 20:23 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-14 18:28 . 2012-10-10 16:52 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-07 15:04 . 2012-08-21 15:13 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 17:18 . 2012-10-10 16:51 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12 . 2012-10-10 16:51 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 16:51 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 16:57 . 2012-10-10 16:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-09-22 06:22 981504 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 15:20 . 2012-09-22 06:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-14 18:18 . 2012-10-05 10:29 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2012-02-02 195072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-03-06 468320]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-12-18 448376]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-03-23 729088]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-15 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Syntasy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\users\Syntasy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54 3672384 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-08-26 08:29 116648 ----atw- c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-11-15 17:01 2254768 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
R2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vtany;vtany;c:\windows\vtany.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 22:00]
.
2012-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000Core.job
- c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 08:29]
.
2012-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000UA.job
- c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 08:29]
.
2012-11-20 c:\windows\Tasks\update-S-1-5-21-2935198736-4227321628-2989923049-1000.job
- c:\program files\Skillbrains\Updater\Updater.exe [2012-08-15 20:09]
.
2012-11-20 c:\windows\Tasks\update-sys.job
- c:\program files\Skillbrains\Updater\Updater.exe [2012-08-15 20:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\Syntasy\AppData\Roaming\Mozilla\Firefox\Profiles\sslcfnzy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\conhost.exe
c:\program files\IObit\Game Booster 3\gbtray.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-11-20 13:57:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-20 12:57
ComboFix2.txt 2012-11-19 10:59
.
Před spuštěním: Volných bajtů: 28 531 335 168
Po spuštění: Volných bajtů: 28 499 185 664
.
- - End Of File - - 49A68B489578D366769FDAA5069C6B05


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-20 14:01:45
-----------------------------
14:01:45.572 OS Version: Windows 6.1.7601 Service Pack 1
14:01:45.572 Number of processors: 2 586 0x170A
14:01:45.572 ComputerName: SYNTASYPC UserName: Syntasy
14:01:46.196 Initialize success
14:01:46.274 AVAST engine defs: 12111901
14:01:47.615 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:01:47.615 Disk 0 Vendor: WDC_WD3200BEVS-26VAT0 11.01A11 Size: 305245MB BusType: 11
14:01:47.662 Disk 0 MBR read successfully
14:01:47.662 Disk 0 MBR scan
14:01:47.662 Disk 0 Windows 7 default MBR code
14:01:47.678 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 1500 MB offset 2048
14:01:47.709 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152463 MB offset 3074048
14:01:47.725 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 151280 MB offset 315318272
14:01:47.756 Disk 0 scanning sectors +625140400
14:01:47.927 Disk 0 scanning C:\Windows\system32\drivers
14:01:59.783 Service scanning
14:02:23.761 Modules scanning
14:02:37.114 Disk 0 trace - called modules:
14:02:37.130 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
14:02:37.145 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865c8030]
14:02:37.145 3 CLASSPNP.SYS[8b7de59e] -> nt!IofCallDriver -> [0x860dc918]
14:02:37.161 5 ACPI.sys[8b2bc3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x860e6908]
14:02:37.723 AVAST engine scan C:\Windows
14:02:40.125 AVAST engine scan C:\Windows\system32
14:05:15.751 AVAST engine scan C:\Windows\system32\drivers
14:05:25.127 AVAST engine scan C:\Users\Syntasy
14:12:36.530 AVAST engine scan C:\ProgramData
14:13:06.279 Scan finished successfully
14:17:11.527 Disk 0 MBR has been saved successfully to "C:\Users\Syntasy\Desktop\MBR.dat"
14:17:11.543 The log file has been saved successfully to "C:\Users\Syntasy\Desktop\aswMBR.txt"

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000UA.job

Folder::
c:\programdata\Norton
c:\users\Syntasy\AppData\Local\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\kernel32.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[bereline]

https://www.virustotal.com/file/9fdb539 ... /analysis/

ComboFix 12-11-16.02 - Syntasy 21.11.2012 11:28:20.5.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3070.1961 [GMT 1:00]
Spuštěný z: c:\users\Syntasy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Syntasy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Norton
c:\programdata\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\programdata\Norton\NPE\NPEsettings.dat
c:\users\Syntasy\AppData\Local\Google\Update
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\Syntasy\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\Syntasy\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\Syntasy\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\23.0.1271.64\23.0.1271.64_22.0.1229.94_chrome_updater.exe
c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2935198736-4227321628-2989923049-1000UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-21 do 2012-11-21 )))))))))))))))))))))))))))))))
.
.
2012-11-21 10:39 . 2012-11-21 10:39 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-11-21 10:36 . 2012-11-21 10:39 -------- d-----w- c:\users\Syntasy\AppData\Local\temp
2012-11-21 10:36 . 2012-11-21 10:36 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-21 10:36 . 2012-11-21 10:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-20 19:05 . 2012-11-20 19:43 -------- d-----w- c:\users\Syntasy\AppData\Roaming\ICQ
2012-11-20 19:05 . 2012-11-20 19:07 -------- d-----w- c:\program files\ICQ7M
2012-11-20 11:49 . 2012-11-20 11:50 -------- d-----w- c:\users\Syntasy\AppData\Roaming\QIP
2012-11-20 10:57 . 2012-11-20 11:15 -------- d-----w- C:\Flashtool
2012-11-19 17:01 . 2012-11-19 17:01 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CCEE4A3-2AE2-4971-99A8-B1F4EA96CC3A}\offreg.dll
2012-11-19 09:35 . 2012-11-19 09:35 -------- d-----w- c:\programdata\FLEXnet
2012-11-19 09:34 . 2012-11-19 09:34 -------- d-----w- C:\MoTemp
2012-11-19 09:19 . 2012-11-19 09:19 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-11-18 21:34 . 2012-11-18 21:34 -------- d-----w- c:\users\Syntasy\AppData\Roaming\SFBot
2012-11-18 19:27 . 2012-11-18 19:27 -------- d-----w- c:\program files\Ronimo Games
2012-11-18 18:33 . 2012-11-18 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-11-18 18:33 . 2012-11-18 18:33 -------- d-----w- c:\users\Syntasy\AppData\Local\PunkBuster
2012-11-18 18:30 . 2012-11-18 18:34 141072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-11-18 18:30 . 2012-11-18 18:30 138904 ----a-w- c:\users\Syntasy\AppData\Roaming\PnkBstrK.sys
2012-11-18 18:30 . 2012-11-18 18:33 281120 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-18 18:30 . 2012-11-18 18:30 282512 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-11-18 18:29 . 2012-11-18 18:29 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-11-18 12:16 . 2012-11-18 18:43 -------- d-----w- C:\Ubisoft
2012-11-18 12:15 . 2012-11-18 12:15 -------- d-----w- c:\users\Syntasy\AppData\Local\Apps
2012-11-18 12:15 . 2012-11-18 18:43 -------- d-----w- c:\users\Syntasy\AppData\Local\Deployment
2012-11-18 12:14 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-11-18 12:14 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-11-18 12:14 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-18 12:14 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-18 12:14 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2012-11-18 10:44 . 2012-11-18 10:44 -------- d-----w- c:\users\Syntasy\AppData\Local\SniperV2
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\program files\Sony Media Go Install
2012-11-18 09:29 . 2012-11-18 09:29 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Sony
2012-11-17 16:03 . 2012-11-17 16:03 -------- d-----w- c:\program files\CPUID
2012-11-17 14:31 . 2012-11-17 14:31 666720 ----a-w- c:\windows\system32\xsherlock.xem
2012-11-17 14:14 . 2012-11-17 14:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-11-14 19:41 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7CCEE4A3-2AE2-4971-99A8-B1F4EA96CC3A}\mpengine.dll
2012-11-14 13:53 . 2012-11-20 12:05 -------- d-----w- c:\users\Syntasy\AppData\Local\Adobe
2012-11-13 21:46 . 2012-11-13 21:46 -------- d-----w- c:\users\Syntasy\AppData\Local\Programs
2012-11-13 10:41 . 2012-11-13 10:41 -------- d-----w- c:\users\Syntasy\AppData\Local\ATI
2012-11-12 21:42 . 2012-11-12 21:42 -------- d-----w- c:\users\Syntasy\AppData\Roaming\CheckPoint
2012-11-12 21:25 . 2012-11-12 21:25 -------- d-----w- c:\programdata\CheckPoint
2012-11-11 22:05 . 2012-11-13 09:38 -------- d-----w- c:\users\Syntasy\AppData\Local\NPE
2012-11-07 22:42 . 2012-11-07 22:43 -------- d-----w- c:\users\Syntasy\AppData\Roaming\SPORE
2012-11-07 22:31 . 2012-11-07 22:31 -------- d-----w- c:\program files\Electronic Arts
2012-11-07 19:48 . 2012-11-07 19:54 -------- d-----w- c:\users\Syntasy\AppData\Roaming\.minecraft
2012-11-06 16:44 . 2012-11-06 16:45 -------- d-----w- c:\users\Syntasy\AppData\Roaming\PSpad
2012-11-06 16:42 . 2012-11-06 16:42 -------- d-----w- c:\program files\PSPad editor
2012-11-06 11:42 . 2012-11-06 11:42 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Sports Interactive
2012-11-06 11:42 . 2012-11-06 11:42 -------- d-----w- c:\users\Syntasy\AppData\Local\Sports Interactive
2012-11-06 08:07 . 2012-11-06 08:08 -------- d-----w- c:\windows\FltMgr
2012-11-06 08:07 . 2012-11-07 10:47 -------- d-----w- c:\program files\PogiSys
2012-11-03 11:56 . 2009-04-06 08:08 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2012-11-03 11:56 . 2009-04-06 08:08 4682 ----a-w- c:\windows\system32\npptNT2.sys
2012-11-03 11:05 . 2012-11-03 11:05 -------- d-----w- c:\users\Syntasy\AppData\Roaming\Red Alert 3
2012-11-03 10:04 . 2008-05-30 13:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2012-11-03 10:04 . 2008-05-30 13:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2012-11-03 10:04 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-11-03 10:04 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2012-11-03 10:04 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2012-11-03 10:04 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-11-02 21:01 . 2007-10-22 02:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2012-11-02 21:01 . 2007-10-22 02:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2012-11-02 21:01 . 2007-10-12 14:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2012-11-02 21:01 . 2007-10-02 08:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2012-11-02 21:01 . 2007-10-12 14:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2012-11-02 21:01 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-10-31 13:33 . 2012-10-31 13:48 -------- d-----w- C:\UT2004
2012-10-28 19:56 . 2012-10-28 19:56 -------- d-----w- c:\users\Syntasy\UMLet
2012-10-28 18:23 . 2012-10-28 18:23 -------- d-----w- c:\program files\Sony Mobile
2012-10-28 18:18 . 2012-10-28 18:18 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2012-10-28 18:18 . 2012-10-28 18:18 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
2012-10-28 18:18 . 2012-11-20 10:35 -------- d-----w- c:\programdata\Sony Ericsson
2012-10-28 18:17 . 2012-11-20 10:35 -------- d-----w- c:\program files\Sony Ericsson
2012-10-28 18:10 . 2012-10-28 18:10 -------- d-----w- c:\programdata\Sony
2012-10-28 18:10 . 2012-10-28 18:10 -------- d-----w- c:\program files\Sony
2012-10-27 06:48 . 2012-10-27 06:48 -------- d-----w- c:\users\Syntasy\AppData\Roaming\systweak
2012-10-25 20:26 . 2012-10-31 12:04 -------- d-----w- c:\programdata\TmForever
2012-10-25 20:23 . 2012-10-25 20:25 -------- d-----w- c:\program files\TmNationsForever
2012-10-24 09:09 . 2012-11-03 11:45 -------- d-----w- c:\program files\NCsoft
2012-10-23 11:45 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-23 11:45 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-23 11:45 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-10-23 11:45 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-23 11:45 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-10-23 11:45 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-10-23 07:26 . 2012-10-23 07:26 -------- d-----w- c:\programdata\IObit
2012-10-23 07:26 . 2012-10-23 07:26 -------- d-----w- c:\program files\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-10 22:00 . 2012-08-15 20:39 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-10 22:00 . 2012-08-15 20:39 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-30 22:51 . 2012-08-15 20:23 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-08-15 20:23 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-08-15 20:22 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-08-15 20:22 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-08-15 20:23 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-08-15 20:22 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-08-15 20:22 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-21 12:34 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-10-15 16:59 . 2012-08-15 20:23 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-14 18:28 . 2012-10-10 16:52 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-07 15:04 . 2012-08-21 15:13 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-31 17:18 . 2012-10-10 16:51 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12 . 2012-10-10 16:51 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 16:51 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 16:57 . 2012-10-10 16:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-09-22 06:22 981504 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 15:20 . 2012-09-22 06:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-14 18:18 . 2012-10-05 10:29 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2012-02-02 195072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-03-06 468320]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-12-18 448376]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-03-23 729088]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-11-19 2254768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Syntasy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\users\Syntasy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54 3672384 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-11-19 20:48 2254768 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
R2 SetupARService;SetupARService;c:\program files\Realtek\Audio\SetupAfterRebootService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vtany;vtany;c:\windows\vtany.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 22:00]
.
2012-11-21 c:\windows\Tasks\update-S-1-5-21-2935198736-4227321628-2989923049-1000.job
- c:\program files\Skillbrains\Updater\Updater.exe [2012-08-15 20:09]
.
2012-11-21 c:\windows\Tasks\update-sys.job
- c:\program files\Skillbrains\Updater\Updater.exe [2012-08-15 20:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.152.101.1 192.168.2.1
FF - ProfilePath - c:\users\Syntasy\AppData\Roaming\Mozilla\Firefox\Profiles\sslcfnzy.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Google Update - c:\users\Syntasy\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Game Booster 3\gbtray.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\users\Syntasy\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-11-21 11:43:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-21 10:43
ComboFix2.txt 2012-11-20 12:57
ComboFix3.txt 2012-11-19 10:59
.
Před spuštěním: Volných bajtů: 24 152 748 032
Po spuštění: Volných bajtů: 24 130 994 176
.
- - End Of File - - 4BA6127669F4716FEE9625E46B6EAA46


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:45:04, on 21.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Users\Syntasy\AppData\Local\Skillbrains\lightshot\3.2.0.0\LightShot.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Explorer.exe
C:\Program Files\Skype\Phone\Skype.exe
E:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [LightShot] C:\Users\Syntasy\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SetupARService - Realtek Semiconductor. - C:\Program Files\Realtek\Audio\SetupAfterRebootService.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:\Windows\system32\xsherlock.xem

--
End of file - 5909 bytes

[jaro3]

Co ten soubor na VT?

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Jak to vypadá nyní?

[bereline]

Jako první odkaz nad posledním logem z combofixu jsem ho dával, takže tam je. No jinak to bylo čisté, žádný virus. No asi dobrý. Jen mám problém pořád s tím flashem, ale to bude asi jiný problém a je potřeba to řešit v jiné sekci. Po stránce zda-li je počítač bez virů a havěti, myslím že je, takže moc děkuju

Tak pokud to je vše, dám vyřešeno ...

[Žbeky]

Viry tam nemáš, takže tady můžeš dát vyřešeno