Kontrola logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Mareksa
nováček
Příspěvky: 8
Registrován: červenec 11
Pohlaví: Muž
Stav:
Offline

Kontrola logu  Vyřešeno

Příspěvekod Mareksa » 24 črc 2011 20:23

Zdravím,
Chci poprosit o kontrolu logu ,poslední dobou mám trochu pomalejší hry a internet.
Děkuji


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:53, on 24.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\HP\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Datart Antivir\Common\FSM32.EXE
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\HP\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Datart Antivir\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Datart Antivir\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\HP\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Datart Antivir\Anti-Virus\fsgk32st.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Datart Antivir\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Datart Antivir\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Datart Antivir\ORSP Client\fsorsp.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9574 bytes

Reklama
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Žbeky » 24 črc 2011 20:33

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\HP\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\HP\AppData\Roaming\QipGuard\QipGuard.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O20 - AppInit_DLLs:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Mareksa
nováček
Příspěvky: 8
Registrován: červenec 11
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Mareksa » 24 črc 2011 20:47

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7264

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

24.7.2011 20:47:10
mbam-log-2011-07-24 (20-47-10).txt

Typ: Rychlá kontrola
Kontrolované objekty: 167546
Uplynulý čas: 4 minut, 20 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Žbeky » 24 črc 2011 20:54

Jak se chová počítač?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Mareksa
nováček
Příspěvky: 8
Registrován: červenec 11
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Mareksa » 24 črc 2011 20:55

Zdá se mi že je to lepší.Už se tolik neseká.

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Žbeky » 24 črc 2011 20:59

Pokud to považuješ za dostatečné, můžeš dát vyřešeno. Pokud se ti to furt nezdá, můžeme zkusit CF
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Mareksa
nováček
Příspěvky: 8
Registrován: červenec 11
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Mareksa » 24 črc 2011 21:00

Lepší bude to udělat pořádně a kompletně ne? :smile:

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Žbeky » 24 črc 2011 21:03

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Mareksa
nováček
Příspěvky: 8
Registrován: červenec 11
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Mareksa » 24 črc 2011 21:48

ComboFix 11-07-24.01 - HP 24.07.2011 21:09:42.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1791.888 [GMT 2:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
AV: Datart Antivir 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Datart Antivir 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Datart Antivir 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
c:\users\HP\AppData\Roaming\HPlog.dat
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\searchplugins\SearchquWebSearch.xml
c:\users\HP\AppData\Roaming\Sdat.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-24 do 2011-07-24 )))))))))))))))))))))))))))))))
.
.
2011-07-24 19:25 . 2011-07-24 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-24 18:41 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-24 18:41 . 2011-07-24 18:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-24 10:20 . 2011-07-24 10:20 -------- d-----w- c:\users\HP\AppData\Roaming\IObit
2011-07-24 10:20 . 2011-02-23 14:50 18232 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-07-24 10:20 . 2011-02-23 14:50 32136 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-07-24 10:20 . 2011-07-24 14:09 -------- d-----w- c:\program files (x86)\IObit
2011-07-24 10:19 . 2011-07-24 10:19 -------- d-----w- c:\program files\IObit
2011-07-24 09:25 . 2011-07-24 09:25 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2011-07-24 09:25 . 2011-07-24 09:25 -------- d-----w- c:\programdata\Malwarebytes
2011-07-24 09:24 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-24 09:01 . 2011-07-24 09:01 -------- d-----w- c:\program files (x86)\CCleaner
2011-07-23 11:47 . 2011-07-23 11:47 -------- d-----w- c:\users\HP\AppData\Local\Unity
2011-07-23 06:55 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F2242A8-2736-41AD-B767-0A7518D41142}\mpengine.dll
2011-07-22 16:26 . 2011-07-22 16:27 -------- d-----w- c:\users\HP\AppData\Roaming\InfraRecorder
2011-07-22 16:26 . 2011-07-22 16:26 -------- d-----w- c:\program files (x86)\InfraRecorder
2011-07-21 09:11 . 2011-07-21 09:14 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-07-20 13:22 . 2011-07-20 13:22 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-07-20 13:22 . 2011-07-20 13:23 -------- d-----w- c:\program files (x86)\Hamachi
2011-07-17 15:15 . 2011-07-17 17:11 -------- d-----w- c:\programdata\Sony Ericsson
2011-07-17 15:15 . 2011-07-17 17:11 -------- d-----w- c:\program files (x86)\Sony Ericsson
2011-07-17 11:14 . 2011-07-17 11:14 -------- d-----w- c:\users\HP\AppData\Roaming\Apple Computer
2011-07-17 11:12 . 2011-07-17 11:12 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-17 11:12 . 2011-07-17 11:12 -------- d-----w- c:\programdata\Apple
2011-07-13 10:08 . 2011-06-03 06:57 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-13 10:08 . 2011-06-03 06:57 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 10:08 . 2011-06-03 06:53 338944 ----a-w- c:\windows\system32\conhost.exe
2011-07-13 10:08 . 2011-06-03 06:57 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-13 10:08 . 2011-06-03 05:57 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-13 10:08 . 2011-06-03 06:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-13 10:08 . 2011-06-03 06:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-13 10:08 . 2011-06-03 06:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-13 10:08 . 2011-06-03 05:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-13 10:08 . 2011-06-03 03:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-13 10:08 . 2011-06-03 03:53 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-07 08:27 . 2011-07-07 09:54 -------- d-----w- c:\program files (x86)\Valve
2011-07-04 08:42 . 2011-07-04 08:42 -------- d-----w- c:\users\HP\AppData\Roaming\funkitron
2011-06-29 04:39 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 04:39 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-06-29 04:39 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-06-29 04:39 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-06-29 04:39 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-06-27 19:41 . 2011-06-27 19:41 -------- d-----w- c:\users\HP\AppData\Local\MCEdit
2011-06-27 17:28 . 2011-07-05 15:58 -------- d-----w- c:\users\HP\AppData\Roaming\.minecraft
2011-06-27 14:22 . 2011-06-27 14:27 -------- d-----w- c:\program files (x86)\Medieval Lords
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-03 05:57 . 2011-07-13 10:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-29 05:12 . 2011-05-29 05:12 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-29 05:12 . 2011-05-29 05:12 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-05-29 05:12 . 2011-05-29 05:12 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-29 05:12 . 2011-05-29 05:12 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-05-29 05:12 . 2011-05-29 05:12 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-29 05:12 . 2011-05-29 05:12 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-05-29 05:12 . 2011-05-29 05:12 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-05-29 05:12 . 2011-05-29 05:12 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-05-29 05:12 . 2011-05-29 05:12 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-05-29 05:12 . 2011-05-29 05:12 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-05-29 05:12 . 2011-05-29 05:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-05-29 05:12 . 2011-05-29 05:12 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-05-29 05:12 . 2011-05-29 05:12 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-29 05:12 . 2011-05-29 05:12 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-05-29 05:12 . 2011-05-29 05:12 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-05-29 05:12 . 2011-05-29 05:12 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-05-29 05:12 . 2011-05-29 05:12 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-05-29 05:12 . 2011-05-29 05:12 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-05-29 05:12 . 2011-05-29 05:12 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-05-29 05:12 . 2011-05-29 05:12 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-29 05:12 . 2011-05-29 05:12 222208 ----a-w- c:\windows\system32\msls31.dll
2011-05-29 05:12 . 2011-05-29 05:12 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-29 05:12 . 2011-05-29 05:12 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-05-29 05:12 . 2011-05-29 05:12 12288 ----a-w- c:\windows\system32\mshta.exe
2011-05-29 05:12 . 2011-05-29 05:12 114176 ----a-w- c:\windows\system32\admparse.dll
2011-05-29 05:12 . 2011-05-29 05:12 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-29 05:12 . 2011-05-29 05:12 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-05-29 05:12 . 2011-05-29 05:12 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-29 05:12 . 2011-05-29 05:12 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-29 05:12 . 2011-05-29 05:12 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-29 05:12 . 2011-05-29 05:12 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-05-29 05:12 . 2011-05-29 05:12 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-05-29 05:12 . 2011-05-29 05:12 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-05-29 05:12 . 2011-05-29 05:12 448512 ----a-w- c:\windows\system32\html.iec
2011-05-29 05:12 . 2011-05-29 05:12 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-29 05:12 . 2011-05-29 05:12 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-05-29 05:12 . 2011-05-29 05:12 160256 ----a-w- c:\windows\system32\wextract.exe
2011-05-29 05:12 . 2011-05-29 05:12 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-29 05:06 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-29 05:06 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-05-28 12:56 . 2011-05-28 12:56 71680 ----a-w- c:\windows\system32\frapsv64.dll
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-05-24 17:14 . 2010-08-21 16:39 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 16:16 . 2011-05-18 16:16 0 ----a-w- c:\windows\SysWow64\REN368C.tmp
2011-05-18 16:16 . 2011-05-18 16:16 0 ----a-w- c:\windows\SysWow64\REN3350.tmp
2011-05-18 16:16 . 2011-05-18 16:16 0 ----a-w- c:\windows\SysWow64\REN334F.tmp
2011-05-14 12:33 . 2011-05-14 12:33 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 05:29 . 2011-06-15 04:46 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-15 04:46 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-15 04:51 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-15 04:51 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-15 04:51 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:40 . 2011-06-15 04:57 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-27 02:39 . 2011-06-15 04:57 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:39 . 2011-06-15 04:57 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 17095048]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-05-23 431616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-03 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-03 3331944]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-01-25 61112]
"F-Secure Manager"="c:\program files (x86)\Datart Antivir\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\Datart Antivir\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-01-31 385024]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Software Kodak EasyShare.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-5-10 282624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\Datart Antivir\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\Datart Antivir\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Datart Antivir\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Datart Antivir\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Datart Antivir\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Datart Antivir\ORSP Client\fsorsp.exe [2011-05-23 61088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - SMARTDEFRAGDRIVER
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000Core.job
- c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-22 06:15]
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000UA.job
- c:\users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-22 06:15]
.
2011-06-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]
.
2011-07-24 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\DATART~1\ANTI-V~1\fsav.exe [2010-08-21 15:56]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files (x86)\Datart Antivir\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.the-west.cz
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: InnoGames International Community Toolbar: {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - %profile%\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{495A8A3C-8FD0-4C46-9979-95C26181A1AB} - c:\program files (x86)\InstallShield Installation Information\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-24 21:46:57
ComboFix-quarantined-files.txt 2011-07-24 19:46
.
Před spuštěním: Volných bajtů: 407 201 992 704
Po spuštění: Volných bajtů: 406 833 246 208
.
- - End Of File - - 1ED087DBC26B7121B21C488657127809

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Žbeky » 25 črc 2011 23:02

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\SysWow64\REN368C.tmp
c:\windows\SysWow64\REN3350.tmp
c:\windows\SysWow64\REN334F.tmp
c:\windows\system32\drivers\EagleX64.sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000UA.job
c:\windows\Tasks\PCDRScheduledMaintenance.job

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"=-
[-hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=-

Driver::
EagleX64

Firefox::
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: InnoGames International Community Toolbar: {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - %profile%\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Mareksa
nováček
Příspěvky: 8
Registrován: červenec 11
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Mareksa » 26 črc 2011 07:14

ComboFix 11-07-25.03 - HP 26.07.2011 6:57.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1791.740 [GMT 2:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HP\Desktop\CFScript.txt
AV: Datart Antivir 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Datart Antivir 9.01 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Datart Antivir 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\drivers\EagleX64.sys"
"c:\windows\SysWow64\REN334F.tmp"
"c:\windows\SysWow64\REN3350.tmp"
"c:\windows\SysWow64\REN368C.tmp"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000UA.job"
"c:\windows\Tasks\PCDRScheduledMaintenance.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\components\ConduitAutoCompleteSearch.js
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\components\ConduitAutoCompleteSearch.xpt
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\components\RadioWMPCore.dll
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\components\RadioWMPCore.xpt
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\components\RadioWMPCoreGecko19.dll
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\alertSettingsComponent.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\appContextMenu.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\engineContextMenu.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\engineSettings.json
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\fbAlert.js
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\getAppsContextMenu.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\postAppsContextMenu.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\toolbarContextMenu.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\defaults\unsharedAppsContextMenu.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\chrome.manifest
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\chrome\innogames_international.jar
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\install.rdf
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\META-INF\manifest.mf
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\META-INF\zigbert.rsa
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\META-INF\zigbert.sf
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\DataStructures.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\EBEncryption.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\ExternalLibraryLoader.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\HTTP.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Chat.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\IO.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Log.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\MainSingleton.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\MD5.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Notifications.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\ObserversAndEvents.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Prefs.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\SearchProtector.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\SearchSuggestIO.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\String.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\TEAEncryption.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Timer.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Twitter.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\URL.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\Windows.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\modules\XML.jsm
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\searchplugin\conduit.xml
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}\version.txt
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\QipCounter@qip.ru
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\QipCounter@qip.ru\chrome.manifest
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\QipCounter@qip.ru\chrome\content\ajax.js
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\QipCounter@qip.ru\chrome\content\main.js
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\QipCounter@qip.ru\chrome\content\sample.xul
c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\extensions\QipCounter@qip.ru\install.rdf
c:\windows\SysWow64\REN334F.tmp
c:\windows\SysWow64\REN3350.tmp
c:\windows\SysWow64\REN368C.tmp
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1245485141-529716091-2515593969-1000UA.job
c:\windows\Tasks\PCDRScheduledMaintenance.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAGLEX64
-------\Service_EagleX64
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-26 05:06 . 2011-07-26 05:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-26 04:56 . 2011-07-26 04:56 -------- d-----w- C:\32788R22FWJFW
2011-07-25 05:19 . 2011-07-25 05:19 -------- d-----w- c:\users\HP\AppData\Local\ATI
2011-07-24 18:41 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-24 18:41 . 2011-07-24 18:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-24 10:20 . 2011-07-24 10:20 -------- d-----w- c:\users\HP\AppData\Roaming\IObit
2011-07-24 10:20 . 2011-02-23 14:50 18232 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-07-24 10:20 . 2011-02-23 14:50 32136 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-07-24 10:20 . 2011-07-24 14:09 -------- d-----w- c:\program files (x86)\IObit
2011-07-24 10:19 . 2011-07-24 10:19 -------- d-----w- c:\program files\IObit
2011-07-24 09:25 . 2011-07-24 09:25 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2011-07-24 09:25 . 2011-07-24 09:25 -------- d-----w- c:\programdata\Malwarebytes
2011-07-24 09:24 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-24 09:01 . 2011-07-24 09:01 -------- d-----w- c:\program files (x86)\CCleaner
2011-07-23 11:47 . 2011-07-23 11:47 -------- d-----w- c:\users\HP\AppData\Local\Unity
2011-07-23 06:55 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F2242A8-2736-41AD-B767-0A7518D41142}\mpengine.dll
2011-07-22 16:26 . 2011-07-22 16:27 -------- d-----w- c:\users\HP\AppData\Roaming\InfraRecorder
2011-07-22 16:26 . 2011-07-22 16:26 -------- d-----w- c:\program files (x86)\InfraRecorder
2011-07-21 09:11 . 2011-07-21 09:14 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-07-20 13:22 . 2011-07-20 13:22 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-07-20 13:22 . 2011-07-20 13:23 -------- d-----w- c:\program files (x86)\Hamachi
2011-07-17 15:15 . 2011-07-17 17:11 -------- d-----w- c:\programdata\Sony Ericsson
2011-07-17 15:15 . 2011-07-17 17:11 -------- d-----w- c:\program files (x86)\Sony Ericsson
2011-07-17 11:14 . 2011-07-17 11:14 -------- d-----w- c:\users\HP\AppData\Roaming\Apple Computer
2011-07-17 11:12 . 2011-07-17 11:12 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-17 11:12 . 2011-07-17 11:12 -------- d-----w- c:\programdata\Apple
2011-07-13 10:08 . 2011-06-03 06:57 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-13 10:08 . 2011-06-03 06:57 214528 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 10:08 . 2011-06-03 06:53 338944 ----a-w- c:\windows\system32\conhost.exe
2011-07-13 10:08 . 2011-06-03 06:57 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-13 10:08 . 2011-06-03 05:57 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-13 10:08 . 2011-06-03 06:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-13 10:08 . 2011-06-03 06:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-13 10:08 . 2011-06-03 06:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-13 10:08 . 2011-06-03 05:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-13 10:08 . 2011-06-03 03:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2011-07-13 10:08 . 2011-06-03 03:53 2048 ----a-w- c:\windows\SysWow64\user.exe
2011-07-07 08:27 . 2011-07-07 09:54 -------- d-----w- c:\program files (x86)\Valve
2011-07-04 08:42 . 2011-07-04 08:42 -------- d-----w- c:\users\HP\AppData\Roaming\funkitron
2011-06-29 04:39 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 04:39 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-06-29 04:39 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-06-29 04:39 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-06-29 04:39 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-06-27 19:41 . 2011-06-27 19:41 -------- d-----w- c:\users\HP\AppData\Local\MCEdit
2011-06-27 17:28 . 2011-07-05 15:58 -------- d-----w- c:\users\HP\AppData\Roaming\.minecraft
2011-06-27 14:22 . 2011-06-27 14:27 -------- d-----w- c:\program files (x86)\Medieval Lords
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-03 05:57 . 2011-07-13 10:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-29 05:12 . 2011-05-29 05:12 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-29 05:12 . 2011-05-29 05:12 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-05-29 05:12 . 2011-05-29 05:12 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-29 05:12 . 2011-05-29 05:12 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-05-29 05:12 . 2011-05-29 05:12 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-29 05:12 . 2011-05-29 05:12 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-05-29 05:12 . 2011-05-29 05:12 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-05-29 05:12 . 2011-05-29 05:12 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-05-29 05:12 . 2011-05-29 05:12 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-05-29 05:12 . 2011-05-29 05:12 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-05-29 05:12 . 2011-05-29 05:12 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-05-29 05:12 . 2011-05-29 05:12 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-05-29 05:12 . 2011-05-29 05:12 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-29 05:12 . 2011-05-29 05:12 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-05-29 05:12 . 2011-05-29 05:12 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-05-29 05:12 . 2011-05-29 05:12 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-05-29 05:12 . 2011-05-29 05:12 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-05-29 05:12 . 2011-05-29 05:12 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-05-29 05:12 . 2011-05-29 05:12 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-05-29 05:12 . 2011-05-29 05:12 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-29 05:12 . 2011-05-29 05:12 222208 ----a-w- c:\windows\system32\msls31.dll
2011-05-29 05:12 . 2011-05-29 05:12 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-29 05:12 . 2011-05-29 05:12 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-05-29 05:12 . 2011-05-29 05:12 12288 ----a-w- c:\windows\system32\mshta.exe
2011-05-29 05:12 . 2011-05-29 05:12 114176 ----a-w- c:\windows\system32\admparse.dll
2011-05-29 05:12 . 2011-05-29 05:12 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-29 05:12 . 2011-05-29 05:12 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-05-29 05:12 . 2011-05-29 05:12 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-29 05:12 . 2011-05-29 05:12 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-29 05:12 . 2011-05-29 05:12 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-29 05:12 . 2011-05-29 05:12 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-05-29 05:12 . 2011-05-29 05:12 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-05-29 05:12 . 2011-05-29 05:12 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-05-29 05:12 . 2011-05-29 05:12 448512 ----a-w- c:\windows\system32\html.iec
2011-05-29 05:12 . 2011-05-29 05:12 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-29 05:12 . 2011-05-29 05:12 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-05-29 05:12 . 2011-05-29 05:12 160256 ----a-w- c:\windows\system32\wextract.exe
2011-05-29 05:12 . 2011-05-29 05:12 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-29 05:06 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-29 05:06 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-05-28 12:56 . 2011-05-28 12:56 71680 ----a-w- c:\windows\system32\frapsv64.dll
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-05-24 17:14 . 2010-08-21 16:39 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-14 12:33 . 2011-05-14 12:33 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 05:29 . 2011-06-15 04:46 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-15 04:46 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-15 04:51 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-15 04:51 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-15 04:51 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-24_19.26.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-24 09:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-26 05:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-24 09:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 05:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 05:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-24 09:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-21 12:28 . 2011-07-26 04:38 49688 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-26 04:38 41356 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-08-21 12:28 . 2011-07-24 09:35 14870 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1245485141-529716091-2515593969-1000_UserData.bin
+ 2010-08-21 12:28 . 2011-07-26 04:38 14870 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1245485141-529716091-2515593969-1000_UserData.bin
- 2010-08-21 20:39 . 2011-07-24 10:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-21 20:39 . 2011-07-26 04:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-21 20:39 . 2011-07-26 04:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-21 20:39 . 2011-07-24 10:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 04:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-24 10:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-26 05:07 . 2011-07-26 05:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-24 09:33 . 2011-07-24 09:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-26 05:07 . 2011-07-26 05:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-24 09:33 . 2011-07-24 09:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-07-20 12:29 622938 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-25 14:35 622938 c:\windows\system32\perfh009.dat
- 2010-07-17 04:10 . 2011-07-20 12:29 638182 c:\windows\system32\perfh005.dat
+ 2010-07-17 04:10 . 2011-07-25 14:35 638182 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-07-25 14:35 109434 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-07-20 12:29 109434 c:\windows\system32\perfc009.dat
- 2010-07-17 04:10 . 2011-07-20 12:29 124952 c:\windows\system32\perfc005.dat
+ 2010-07-17 04:10 . 2011-07-25 14:35 124952 c:\windows\system32\perfc005.dat
- 2011-04-30 20:44 . 2011-07-24 09:33 865424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-04-30 20:44 . 2011-07-26 05:07 865424 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-07-24 09:33 358776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-26 05:07 358776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-08-21 12:26 . 2011-07-26 05:07 7928700 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1245485141-529716091-2515593969-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 17095048]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-05-23 431616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-03 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-03 3331944]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-01-25 61112]
"F-Secure Manager"="c:\program files (x86)\Datart Antivir\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\Datart Antivir\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-01-31 385024]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Software Kodak EasyShare.lnk - c:\program files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-5-10 282624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\Datart Antivir\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\Datart Antivir\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Datart Antivir\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Datart Antivir\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Datart Antivir\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Datart Antivir\ORSP Client\fsorsp.exe [2011-05-23 61088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-26 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\DATART~1\ANTI-V~1\fsav.exe [2010-08-21 15:56]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF15271.cfxxe" [X]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files (x86)\Datart Antivir\FSPS\program\FSLSP.DLL
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jcab2uuc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.the-west.cz
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Datart Antivir\Common\FSMA32.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Datart Antivir\Common\FSHDLL32.EXE
.
**************************************************************************
.
Celkový čas: 2011-07-26 07:11:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 05:11
ComboFix2.txt 2011-07-24 19:47
.
Před spuštěním: Volných bajtů: 406 211 817 472
Po spuštění: Volných bajtů: 405 965 770 752
.
- - End Of File - - DC115F77680FD8F542183D8E2A07D4D1

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu

Příspěvekod Žbeky » 26 črc 2011 08:17

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 97 hostů