Modrá smrt

[Žbeky]

Radši to udělej, smaže to zbytky

[Reklama]

[martinmasor]

ComboFix 11-07-26.02 - Martin 27.07.2011 18:33:34.4.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2905 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2067-05-27 13:16 . 2011-03-16 02:11 1249280 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\InsectMod.dll
2067-05-21 20:35 . 2003-06-05 15:40 106496 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\Filesystem.dll
2011-07-27 16:50 . 2011-07-27 16:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-27 16:50 . 2011-07-27 16:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-26 18:29 . 2011-07-26 18:30 -------- d-----w- c:\program files (x86)\QIP Infium
2011-07-26 11:01 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4276CF8-F43A-44D9-AF2E-BEC963C41CA9}\mpengine.dll
2011-07-25 18:58 . 2011-07-25 22:59 -------- d-----w- c:\program files (x86)\Czech Soccer Manager 2002 FE
2011-07-25 15:14 . 2011-07-25 15:15 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2011-07-25 15:14 . 2011-07-25 15:14 -------- d-----w- c:\windows\SysWow64\AGEIA
2011-07-25 15:10 . 2011-07-25 16:35 -------- d-----w- c:\program files (x86)\Agrar Simulator 2011
2011-07-24 16:22 . 2011-07-24 16:22 -------- d-----w- c:\program files (x86)\Glamus
2011-07-21 11:43 . 2011-07-21 11:43 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2011-07-21 11:43 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-21 11:43 . 2011-07-21 11:43 -------- d-----w- c:\programdata\Malwarebytes
2011-07-21 11:43 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-21 11:43 . 2011-07-21 16:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-21 11:34 . 2011-07-21 16:36 -------- d-----w- c:\program files (x86)\trend micro
2011-07-21 11:34 . 2011-07-21 11:34 -------- d-----w- C:\rsit
2011-07-21 10:35 . 2011-07-21 10:35 -------- d-----w- c:\program files (x86)\CCleaner
2011-07-20 23:18 . 2011-07-20 23:18 -------- d-----w- c:\users\Martin\AppData\Roaming\Black Sea Studios
2011-07-20 21:53 . 2011-07-20 21:53 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-20 21:53 . 2011-07-20 21:53 -------- d-----w- c:\program files (x86)\hijack
2011-07-20 19:12 . 2011-07-20 19:12 -------- d-----w- c:\program files (x86)\rajce
2011-07-20 14:06 . 2011-06-30 09:53 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-07-20 14:06 . 2011-06-30 09:46 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-07-20 14:06 . 2011-06-30 09:46 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-07-20 14:06 . 2011-06-30 09:46 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-07-20 14:06 . 2011-06-30 09:46 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-07-20 14:05 . 2011-07-20 16:42 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
2011-07-20 13:41 . 2011-07-20 13:41 -------- d-----w- c:\program files (x86)\WinASO
2011-07-20 13:34 . 2011-07-20 13:34 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-07-20 09:58 . 2011-07-27 16:51 -------- d-----w- c:\programdata\NVIDIA
2011-07-20 09:58 . 2011-07-21 09:56 -------- d-----w- c:\users\UpdatusUser.Martin-PC
2011-07-20 09:57 . 2011-05-21 06:01 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-07-20 09:57 . 2011-05-21 06:01 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-07-20 09:57 . 2011-05-21 06:01 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-07-20 09:57 . 2011-05-21 06:01 326760 ----a-w- c:\windows\system32\nvhotkey.dll
2011-07-20 09:57 . 2011-05-21 06:01 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-07-20 09:57 . 2011-05-21 06:01 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-07-20 09:57 . 2011-05-21 06:01 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-07-20 09:57 . 2011-05-21 06:01 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-07-20 09:57 . 2011-07-20 09:57 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-07-20 01:49 . 2011-07-20 01:49 -------- d-----w- C:\found.005
2011-07-19 21:56 . 2011-07-19 21:56 -------- d-----w- c:\program files (x86)\Black Sea Studios
2011-07-19 21:54 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-07-19 21:54 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-07-19 21:54 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-07-19 21:54 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-07-19 21:54 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-07-19 21:54 . 2011-07-19 21:54 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-07-19 21:54 . 2011-07-19 21:54 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-07-19 19:30 . 2011-07-19 19:30 -------- d-----w- c:\program files (x86)\UPLNE NOVA MIRANDA
2011-07-05 16:52 . 2011-07-05 16:52 -------- d-----w- C:\found.004
2011-07-05 16:13 . 2011-07-05 16:13 26624 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{6910C412-A523-493C-BC22-0213CD7F4F3A}\Icon6910C412.exe
2011-07-04 19:59 . 2011-07-05 18:38 -------- d-----w- c:\program files (x86)\Industry Giant 2
2011-07-04 10:47 . 2011-07-04 10:47 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-07-03 12:39 . 2011-07-03 12:39 -------- d-----w- c:\program files (x86)\Eidos Interactive
2011-07-03 10:57 . 2011-07-03 10:57 -------- d-----w- c:\users\Martin\AppData\Local\Left Behind Games
2011-07-03 10:36 . 2011-07-03 10:36 -------- d-----w- c:\program files (x86)\Left Behind Games
2011-07-02 15:56 . 2005-01-02 03:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2011-07-02 15:56 . 2003-07-18 12:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2011-07-02 12:45 . 2011-07-02 12:44 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-07-01 22:06 . 2011-07-01 22:06 -------- d-----w- c:\program files (x86)\Microdis
2011-06-29 14:24 . 2011-06-29 14:24 -------- d-----w- C:\found.003
2011-06-29 10:37 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 10:37 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-06-29 10:37 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-06-29 10:37 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-06-29 10:37 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-06-29 10:05 . 2011-06-29 10:05 -------- d-----w- C:\found.002
2011-06-28 23:36 . 2011-07-20 21:29 -------- d-----w- c:\program files (x86)\Steam
2011-06-28 23:27 . 2011-06-28 23:28 -------- d-----w- c:\users\Martin cislo 2
2011-06-28 22:58 . 2011-06-28 22:58 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-26 10:53 . 2011-06-26 10:53 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2011-06-03 05:57 . 2011-07-19 08:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-29 00:02 . 2011-06-04 18:40 80256 ----a-w- c:\windows\SysWow64\ezGOSvc.dll
2011-05-29 00:02 . 2011-06-04 18:40 718208 ----a-w- c:\windows\SysWow64\ezGOSvcApp.exe
2011-05-27 20:12 . 2010-08-01 20:19 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-05-27 20:12 . 2010-08-01 20:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-05-27 20:12 . 2010-08-01 20:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-05-24 17:14 . 2010-06-04 20:53 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-05-04 02:52 . 2010-06-05 18:02 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-03 05:29 . 2011-06-15 23:15 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-15 23:14 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:06 . 2011-06-15 23:16 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:05 . 2011-06-15 23:16 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:05 . 2011-06-15 23:16 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2008-03-09 06:25 . 2010-12-17 15:25 236 ----a-w- c:\program files (x86)\Common Files\dx.reg
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-25_19.51.34 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-25 19:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-27 10:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-25 19:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 10:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 10:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-25 19:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-04 20:38 . 2011-07-26 18:38 84742 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-27 10:11 51492 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-06-04 20:38 . 2011-07-27 16:54 18786 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-11252969-3503386757-4147031876-1001_UserData.bin
- 2009-07-14 05:30 . 2011-07-20 09:59 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-07-26 17:43 86016 c:\windows\system32\DriverStore\infpub.dat
- 2011-07-25 19:12 . 2011-07-25 19:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-27 16:51 . 2011-07-27 16:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-27 16:51 . 2011-07-27 16:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-25 19:12 . 2011-07-25 19:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-25 21:56 . 2011-07-25 21:56 243360 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
- 2011-07-25 18:22 . 2011-07-25 18:22 243360 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
+ 2011-07-25 21:56 . 2011-07-25 21:56 328864 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.dll
- 2011-07-25 18:22 . 2011-07-25 18:22 328864 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.dll
+ 2010-08-11 18:52 . 2011-07-27 10:13 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-08-11 18:52 . 2011-07-25 19:18 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-06-11 09:28 . 2011-07-27 15:54 433968 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-07-14 05:30 . 2011-07-26 17:43 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-07-20 09:59 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-07-26 17:43 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-07-20 09:59 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:01 . 2011-07-25 19:11 511780 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-27 16:51 511780 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-07-07 00:16 . 2011-07-27 16:51 512548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-11252969-3503386757-4147031876-1001-8192.dat
+ 2011-07-26 18:34 . 2011-07-26 18:34 512548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-11252969-3503386757-4147031876-1001-4096.dat
+ 2011-06-21 13:25 . 2011-06-21 13:25 3123872 c:\windows\Downloaded Program Files\CONFLICT.2\FP_AX_CAB_INSTALLER.exe
+ 2010-07-07 22:01 . 2011-07-27 16:51 21828184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-11252969-3503386757-4147031876-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files (x86)\Real\realplayer\update\realsched.exe" [2010-11-24 274608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\users\Martin\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-6-5 12862]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 123 Flash Chat Server 6.4;123 Flash Chat Server 6.4;c:\program files (x86)\123FlashChatServer6.4\server\wrapper.exe [2004-10-01 135168]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1cb0754cb7cef68;Služba Google Update (gupdate1cb0754cb7cef68);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 133104]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 133104]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2010-12-24 19952]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2010-08-30 88200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 ezGOSvc;Easybits GO Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TNOD UP"="c:\program files (x86)\TNod User & Password Finder\TNODUP.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [BU]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezGOSvc
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ho7po534.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{1ACC87D6-CB2B-4CAF-9280-6549842407C9} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-11252969-3503386757-4147031876-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:a0,31,99,65,e8,a6,56,64,b5,25,bb,9a,97,9b,0b,79,bd,28,11,e7,56,1b,29,
1d,48,ca,ac,18,9b,54,6b,0f,e1,67,99,70,4e,96,fb,b1,3b,03,75,c2,e8,a7,22,af,\
"??"=hex:be,cf,ea,22,93,e6,28,23,9c,e2,33,46,a6,a9,68,45
.
[HKEY_USERS\S-1-5-21-11252969-3503386757-4147031876-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="BE5F38DE674FF12219F2F884400B9A9BD92CC4DFF577E4DCC0D14DCF1CE5CBB72662EB4E3ACD207B3DE42D46D6C8A9B2DA8B71B9835546ACCD22993683F123DB51CE4917FA880202FCA1AF1C33A393AED777ECCD6D74D787ED2AF830C43499E7FB8F2AC89F41F04DADC8BCF334A1601360E573061AC4F2FE84D5CAC36D1E771C8725AFA5FE8FC76BC690D26A1A9F1C5CA5E087FD5583741C20242F2B72740D2E75A53BA457DCE55EE64137D40BCDD878FE876D064BC6BFD76D28FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67948EDD5E5BE2F6E667A9C6AECB7A5D1407601871C06FCF72D7B83240EBE16671E27E21C9053DFD4C94B9CE4D662E5BD19CF7A3D41B220FC268E93145A2F07F2C0F12A387910F46D30F038334F1D8DB2EE5AE505880E4936FE842604BB2EC6C9F7D9A950A91C328C911BA6531615C39327360A97C98DE82266D20465628CFDE5238951E7F974682ADBA9ED63EEC35A1769BAC6F21DD3DF4B9A124A0D2E217FDEF60C5957C8A0629A54032EE361EE336384979940BA232F99FC2B2DF8E1AC3E446A8300BF6A07464F7E93EF55953E90C5877ED4165086F93712375A83A545DA349D8A03D4B6B08F011144CEDCCC1502CDCB675D03C07B0B7ED2AD952EE6FEBBB104BA4A4B84ABC7E802EAB0699ED22126C2FC15281EB314FF5D0116A261C7DA554EE0E6A63F490B17A3DEFA62A34EFB1D41845098AD4B0BA8F2610B1BDDD234A7549F169D0730621D6596FE951C1CBEC083FB9ED9038F4C965CC101C7810F38AF6EEAC366E24A359922F461E41994F1F19861AABB0DA4743C5F98D537CDC09B9FE8CDB950A38745A4BFED34614149414C262A7A26DDAF2E1A0F74BB254C6FE1D5960607F58370719C51C3A98C4DABC0D61DCE5E4AAA649D10D274DCAEFA1F8F0F3BFE12370F8EEFC6B6FE17F356C69BE74121D3A33039EB7C5F6DCDF9E171CE361104A614DACC061C575F319291CC3D32335599E34074CA7276F066B98A291995A4DC6D0CD531897073EE139C890F768B4896A423E1EAD2C342A9B99F81786A83886C9393643156201EEDD65A0C4B30C17E865874788A4C392D433CA3C172E9BFADF0A19AEA6577AADBE5E592107ACC55A402106295A16DF0B342414C61C3E72441081A1C0F8090C27791F021EFA990EB3133B8A207B69668D9B8C3D5DF26E9EDBE0ED395D0E5237AD801F82D016B5D1FBF39393CE278BB2AAF64E42AB3DFD892CB452F7588BE10F26C7A231D52440F0300D4D543A6CEE1098440DD53E6E2E8B44FB73AD66EAEB9B18D72F99ACC27EC2F09CD1B5CBB00544311532DA0A51C4F557BEDC59257A26DAAECB11F8BA66B78E04F2CBD14FAA4902F1116B6964808B0BBC99DCB1935A4BBA"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 19:09:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 17:09
ComboFix2.txt 2011-07-26 17:35
ComboFix3.txt 2011-07-26 11:34
ComboFix4.txt 2011-07-25 19:57
.
Před spuštěním: Volných bajtů: 72 263 512 064
Po spuštění: Volných bajtů: 72 081 592 320
.
- - End Of File - - C12E10BE724D1EEAB9B4FF780C4EB9B1

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\SBREDrv.sys
c:\program files (x86)\TNod User & Password Finder\TNODUP.exe

Folder::
C:\found.005
C:\found.003
C:\found.002
c:\program files (x86)\TNod User & Password Finder

Driver::
SBREDrv
ezGOSvc

NetSvcs::
ezGOSvc

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TNOD UP"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si MBR Rootkit Detektor
- ulož si ho přímo na disk C a spusť ho
- za chvíli se ti vytvoří jeho log (mbr.log) vlož sem celý jeho obsah.

[martinmasor]

http://leteckaposta.cz/553338164 log z combofixu sem se to nevešlo

[martinmasor]

mimochodem nevite jaktoze se mi ted nechce pripojit qip k icq?

[Žbeky]

Log dej sem - rozděl ho na víc příspěvků

[martinmasor]

maximalni pocet znaku je 60 tisic a ten textak ma pres 3 MB tak si predstav jak moc bych to musel rozlozit

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\SysWow64\ezGOSvc.dll
c:\windows\SysWow64\ezGOSvcApp.exe
c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe

Driver::
ezGOSvc


NetSvcs::
ezGOSvc

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[martinmasor]

ComboFix 11-07-26.02 - Martin 29.07.2011 2:00.6.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2599 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe"
"c:\windows\SysWow64\ezGOSvc.dll"
"c:\windows\SysWow64\ezGOSvcApp.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Martin\AppData\Local\Temp\swtlib-32\swt-gdip-win32-3650.dll
c:\users\Martin\AppData\Local\Temp\swtlib-32\swt-win32-3650.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-29 )))))))))))))))))))))))))))))))
.
.
2067-05-27 13:16 . 2011-03-16 02:11 1249280 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\InsectMod.dll
2067-05-21 20:35 . 2003-06-05 15:40 106496 ----a-w- c:\program files (x86)\Microsoft Games\Impossible Creatures\Filesystem.dll
2011-07-29 00:17 . 2011-07-29 00:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-29 00:17 . 2011-07-29 00:17 -------- d-----w- c:\users\Martin cislo 2\AppData\Local\temp
2011-07-29 00:17 . 2011-07-29 00:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-26 18:29 . 2011-07-28 10:40 -------- d-----w- c:\program files (x86)\QIP Infium
2011-07-25 18:58 . 2011-07-25 22:59 -------- d-----w- c:\program files (x86)\Czech Soccer Manager 2002 FE
2011-07-25 15:14 . 2011-07-25 15:15 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2011-07-25 15:14 . 2011-07-25 15:14 -------- d-----w- c:\windows\SysWow64\AGEIA
2011-07-25 15:10 . 2011-07-25 16:35 -------- d-----w- c:\program files (x86)\Agrar Simulator 2011
2011-07-24 16:22 . 2011-07-24 16:22 -------- d-----w- c:\program files (x86)\Glamus
2011-07-21 11:43 . 2011-07-21 11:43 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2011-07-21 11:43 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-21 11:43 . 2011-07-21 11:43 -------- d-----w- c:\programdata\Malwarebytes
2011-07-21 11:43 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-21 11:43 . 2011-07-21 16:27 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-21 11:34 . 2011-07-21 16:36 -------- d-----w- c:\program files (x86)\trend micro
2011-07-21 11:34 . 2011-07-21 11:34 -------- d-----w- C:\rsit
2011-07-21 10:35 . 2011-07-21 10:35 -------- d-----w- c:\program files (x86)\CCleaner
2011-07-20 23:18 . 2011-07-20 23:18 -------- d-----w- c:\users\Martin\AppData\Roaming\Black Sea Studios
2011-07-20 21:53 . 2011-07-20 21:53 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-20 21:53 . 2011-07-20 21:53 -------- d-----w- c:\program files (x86)\hijack
2011-07-20 19:12 . 2011-07-20 19:12 -------- d-----w- c:\program files (x86)\rajce
2011-07-20 14:06 . 2011-06-30 09:53 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-07-20 14:06 . 2011-06-30 09:46 36160 ----a-w- c:\windows\system32\uxtuneup.dll
2011-07-20 14:06 . 2011-06-30 09:46 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-07-20 14:06 . 2011-06-30 09:46 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-07-20 14:06 . 2011-06-30 09:46 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-07-20 14:05 . 2011-07-20 16:42 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011
2011-07-20 13:41 . 2011-07-20 13:41 -------- d-----w- c:\program files (x86)\WinASO
2011-07-20 13:34 . 2011-07-20 13:34 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-07-20 09:58 . 2011-07-29 00:19 -------- d-----w- c:\programdata\NVIDIA
2011-07-20 09:58 . 2011-07-21 09:56 -------- d-----w- c:\users\UpdatusUser.Martin-PC
2011-07-20 09:57 . 2011-05-21 06:01 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-07-20 09:57 . 2011-05-21 06:01 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-07-20 09:57 . 2011-05-21 06:01 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-07-20 09:57 . 2011-05-21 06:01 326760 ----a-w- c:\windows\system32\nvhotkey.dll
2011-07-20 09:57 . 2011-05-21 06:01 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-07-20 09:57 . 2011-05-21 06:01 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-07-20 09:57 . 2011-05-21 06:01 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-07-20 09:57 . 2011-05-21 06:01 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-07-20 09:57 . 2011-07-20 09:57 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-07-19 21:56 . 2011-07-19 21:56 -------- d-----w- c:\program files (x86)\Black Sea Studios
2011-07-19 21:54 . 2003-09-03 00:26 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-07-19 21:54 . 2003-09-03 00:28 724992 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-07-19 21:54 . 2003-09-03 00:27 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-07-19 21:54 . 2003-09-03 00:26 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-07-19 21:54 . 2003-09-03 00:25 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-07-19 21:54 . 2011-07-19 21:54 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-07-19 21:54 . 2011-07-19 21:54 184452 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-07-19 19:30 . 2011-07-19 19:30 -------- d-----w- c:\program files (x86)\UPLNE NOVA MIRANDA
2011-07-05 16:52 . 2011-07-05 16:52 -------- d-----w- C:\found.004
2011-07-05 16:13 . 2011-07-05 16:13 26624 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{6910C412-A523-493C-BC22-0213CD7F4F3A}\Icon6910C412.exe
2011-07-04 19:59 . 2011-07-05 18:38 -------- d-----w- c:\program files (x86)\Industry Giant 2
2011-07-04 10:47 . 2011-07-04 10:47 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-07-03 12:39 . 2011-07-03 12:39 -------- d-----w- c:\program files (x86)\Eidos Interactive
2011-07-03 10:57 . 2011-07-03 10:57 -------- d-----w- c:\users\Martin\AppData\Local\Left Behind Games
2011-07-03 10:36 . 2011-07-03 10:36 -------- d-----w- c:\program files (x86)\Left Behind Games
2011-07-02 15:56 . 2005-01-02 03:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2011-07-02 15:56 . 2003-07-18 12:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2011-07-02 12:45 . 2011-07-02 12:44 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-07-01 22:06 . 2011-07-01 22:06 -------- d-----w- c:\program files (x86)\Microdis
2011-06-29 10:37 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 10:37 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-06-29 10:37 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-06-29 10:37 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-06-29 10:37 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-13 04:53 . 2011-07-26 11:01 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4276CF8-F43A-44D9-AF2E-BEC963C41CA9}\mpengine.dll
2011-06-28 22:58 . 2011-06-28 22:58 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-26 10:53 . 2011-06-26 10:53 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2011-06-03 05:57 . 2011-07-19 08:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-29 00:02 . 2011-06-04 18:40 80256 ----a-w- c:\windows\SysWow64\ezGOSvc.dll
2011-05-29 00:02 . 2011-06-04 18:40 718208 ----a-w- c:\windows\SysWow64\ezGOSvcApp.exe
2011-05-27 20:12 . 2010-08-01 20:19 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-05-27 20:12 . 2010-08-01 20:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-05-27 20:12 . 2010-08-01 20:14 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-05-24 17:14 . 2010-06-04 20:53 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-05-04 02:52 . 2010-06-05 18:02 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-03 05:29 . 2011-06-15 23:15 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:30 . 2011-06-15 23:14 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2008-03-09 06:25 . 2010-12-17 15:25 236 ----a-w- c:\program files (x86)\Common Files\dx.reg
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-25_19.51.34 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-25 19:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-27 17:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-25 19:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 17:17 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 17:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-25 19:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-04 20:38 . 2011-07-28 10:16 85016 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-28 10:16 51492 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-06-04 20:38 . 2011-07-28 10:16 18862 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-11252969-3503386757-4147031876-1001_UserData.bin
+ 2009-07-14 05:30 . 2011-07-26 17:43 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-07-20 09:59 86016 c:\windows\system32\DriverStore\infpub.dat
- 2011-07-25 19:12 . 2011-07-25 19:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-29 00:19 . 2011-07-29 00:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-29 00:19 . 2011-07-29 00:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-25 19:12 . 2011-07-25 19:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-25 21:56 . 2011-07-25 21:56 243360 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
- 2011-07-25 18:22 . 2011-07-25 18:22 243360 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
- 2011-07-25 18:22 . 2011-07-25 18:22 328864 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.dll
+ 2011-07-25 21:56 . 2011-07-25 21:56 328864 c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.dll
- 2010-08-11 18:52 . 2011-07-25 19:18 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-08-11 18:52 . 2011-07-27 17:17 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-06-11 09:28 . 2011-07-28 21:08 435764 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2009-07-14 05:30 . 2011-07-20 09:59 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-07-26 17:43 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-07-26 17:43 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-07-20 09:59 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:01 . 2011-07-25 19:11 511780 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-29 00:18 511780 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-26 18:34 . 2011-07-26 18:34 512548 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-11252969-3503386757-4147031876-1001-4096.dat
+ 2010-07-07 00:16 . 2011-07-29 00:18 1223888 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-11252969-3503386757-4147031876-1001-8192.dat
+ 2011-06-21 13:25 . 2011-06-21 13:25 3123872 c:\windows\Downloaded Program Files\CONFLICT.2\FP_AX_CAB_INSTALLER.exe
+ 2010-07-07 22:01 . 2011-07-29 00:18 21828184 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-11252969-3503386757-4147031876-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files (x86)\Real\realplayer\update\realsched.exe" [2010-11-24 274608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\users\Martin\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-6-5 12862]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files (x86)\ESET\MiNODLogin\MiNODLogin.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 123 Flash Chat Server 6.4;123 Flash Chat Server 6.4;c:\program files (x86)\123FlashChatServer6.4\server\wrapper.exe [2004-10-01 135168]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1cb0754cb7cef68;Služba Google Update (gupdate1cb0754cb7cef68);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 133104]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-08 133104]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2010-12-24 19952]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2010-08-30 88200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [BU]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 2185032]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezGOSvc
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ho7po534.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{1ACC87D6-CB2B-4CAF-9280-6549842407C9} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-11252969-3503386757-4147031876-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:a0,31,99,65,e8,a6,56,64,b5,25,bb,9a,97,9b,0b,79,bd,28,11,e7,56,1b,29,
1d,48,ca,ac,18,9b,54,6b,0f,e1,67,99,70,4e,96,fb,b1,3b,03,75,c2,e8,a7,22,af,\
"??"=hex:be,cf,ea,22,93,e6,28,23,9c,e2,33,46,a6,a9,68,45
.
[HKEY_USERS\S-1-5-21-11252969-3503386757-4147031876-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="BE5F38DE674FF12219F2F884400B9A9BD92CC4DFF577E4DCC0D14DCF1CE5CBB72662EB4E3ACD207B3DE42D46D6C8A9B2DA8B71B9835546ACCD22993683F123DB51CE4917FA880202FCA1AF1C33A393AED777ECCD6D74D787ED2AF830C43499E7FB8F2AC89F41F04DADC8BCF334A1601360E573061AC4F2FE84D5CAC36D1E771C8725AFA5FE8FC76BC690D26A1A9F1C5CA5E087FD5583741C20242F2B72740D2E75A53BA457DCE55EE64137D40BCDD878FE876D064BC6BFD76D28FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67948EDD5E5BE2F6E667A9C6AECB7A5D1407601871C06FCF72D7B83240EBE16671E27E21C9053DFD4C94B9CE4D662E5BD19CF7A3D41B220FC268E93145A2F07F2C0F12A387910F46D30F038334F1D8DB2EE5AE505880E4936FE842604BB2EC6C9F7D9A950A91C328C911BA6531615C39327360A97C98DE82266D20465628CFDE5238951E7F974682ADBA9ED63EEC35A1769BAC6F21DD3DF4B9A124A0D2E217FDEF60C5957C8A0629A54032EE361EE336384979940BA232F99FC2B2DF8E1AC3E446A8300BF6A07464F7E93EF55953E90C5877ED4165086F93712375A83A545DA349D8A03D4B6B08F011144CEDCCC1502CDCB675D03C07B0B7ED2AD952EE6FEBBB104BA4A4B84ABC7E802EAB0699ED22126C2FC15281EB314FF5D0116A261C7DA554EE0E6A63F490B17A3DEFA62A34EFB1D41845098AD4B0BA8F2610B1BDDD234A7549F169D0730621D6596FE951C1CBEC083FB9ED9038F4C965CC101C7810F38AF6EEAC366E24A359922F461E41994F1F19861AABB0DA4743C5F98D537CDC09B9FE8CDB950A38745A4BFED34614149414C262A7A26DDAF2E1A0F74BB254C6FE1D5960607F58370719C51C3A98C4DABC0D61DCE5E4AAA649D10D274DCAEFA1F8F0F3BFE12370F8EEFC6B6FE17F356C69BE74121D3A33039EB7C5F6DCDF9E171CE361104A614DACC061C575F319291CC3D32335599E34074CA7276F066B98A291995A4DC6D0CD531897073EE139C890F768B4896A423E1EAD2C342A9B99F81786A83886C9393643156201EEDD65A0C4B30C17E865874788A4C392D433CA3C172E9BFADF0A19AEA6577AADBE5E592107ACC55A402106295A16DF0B342414C61C3E72441081A1C0F8090C27791F021EFA990EB3133B8A207B69668D9B8C3D5DF26E9EDBE0ED395D0E5237AD801F82D016B5D1FBF39393CE278BB2AAF64E42AB3DFD892CB452F7588BE10F26C7A231D52440F0300D4D543A6CEE1098440DD53E6E2E8B44FB73AD66EAEB9B18D72F99ACC27EC2F09CD1B5CBB00544311532DA0A51C4F557BEDC59257A26DAAECB11F8BA66B78E04F2CBD14FAA4902F1116B6964808B0BBC99DCB1935A4BBA"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2011-07-29 02:28:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-29 00:27
ComboFix2.txt 2011-07-27 17:09
ComboFix3.txt 2011-07-26 17:35
ComboFix4.txt 2011-07-26 11:34
ComboFix5.txt 2011-07-27 23:13
.
Před spuštěním: Volných bajtů: 106 829 582 336
Po spuštění: Volných bajtů: 107 020 509 184
.
- - End Of File - - E50ACC875068988C34B8C3AFD3174E8C








HJT vzdycky uplny log?

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DirLook::
c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

File::
c:\windows\SysWow64\ezGOSvcApp.exe
c:\windows\SysWow64\ezGOSvc.dll

Folder::
c:\program files (x86)\ESET

NetSvcs::
ezGOSvc


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu