Kontrola HJT, spomalený PC, Skype virus (?)

Příspěvekod **Clorky** » 08 říj 2012 11:04

CF hotov:

ComboFix 12-10-08.01 - Clorky 08.10.2012 10:53:15.10.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4094.2670 [GMT 2:00]
Spuštěný z: c:\users\Clorky\Desktop\Download\ComboFix.exe
Použité ovládací přepínače :: c:\users\Clorky\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\windows\system32\drivers\44287528.sys"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1365180198-3819917712-2369891476-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1365180198-3819917712-2369891476-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Clorky\AppData\Local\Facebook\Update
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Clorky\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Clorky\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1365180198-3819917712-2369891476-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1365180198-3819917712-2369891476-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-08 do 2012-10-08 )))))))))))))))))))))))))))))))
.
.
2012-10-08 08:57 . 2012-10-08 08:57 -------- d-----w- c:\users\Petr\AppData\Local\temp
2012-10-08 08:57 . 2012-10-08 08:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-08 06:44 . 2012-09-18 22:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60DE809E-BA64-4B67-A2B2-781E79881C17}\mpengine.dll
2012-10-07 20:02 . 2012-10-08 06:53 -------- d-----w- c:\users\Clorky\AppData\Local\Adobe
2012-10-07 13:17 . 2012-10-07 13:17 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-04 07:55 . 2012-10-04 07:57 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2012-10-04 07:55 . 2012-10-04 07:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2012-10-02 18:07 . 2012-10-02 18:07 -------- d-----w- c:\users\Clorky\AppData\Local\The Witcher 2
2012-10-02 17:55 . 2012-10-02 17:55 -------- d-----w- c:\program files\GamePark2
2012-09-30 20:13 . 2012-09-30 20:13 -------- d-----w- c:\users\Clorky\AppData\Local\IsolatedStorage
2012-09-30 20:13 . 2012-09-30 20:13 -------- d-----w- c:\users\Clorky\AppData\Local\Futuremark_Corporation
2012-09-30 20:12 . 2012-09-30 20:12 -------- d-----w- c:\program files\Futuremark
2012-09-30 19:30 . 2012-09-30 19:39 -------- d-----w- c:\users\Clorky\Heaven
2012-09-30 12:03 . 2012-09-30 12:03 -------- d-----w- c:\users\Clorky\AppData\Local\GHISLER
2012-09-30 11:44 . 2012-09-30 11:45 -------- d-----w- c:\users\Clorky\AppData\Roaming\GHISLER
2012-09-29 17:16 . 2012-09-29 17:16 -------- d-----w- c:\programdata\ATI
2012-09-29 17:16 . 2012-09-29 17:16 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-29 17:15 . 2012-09-29 17:15 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-29 08:42 . 2012-09-29 08:42 -------- d-----w- c:\programdata\Codemasters
2012-09-29 08:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-09-29 08:41 . 2011-09-05 18:57 1306624 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-09-29 08:41 . 2012-09-29 08:41 -------- d-----w- c:\program files (x86)\BRS
2012-09-29 08:41 . 2012-09-29 08:41 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-29 08:11 . 2012-09-29 08:11 -------- d-----w- c:\users\Clorky\AppData\Roaming\ToMMTi-Systems
2012-09-27 16:09 . 2012-09-27 16:09 -------- d-----w- c:\program files (x86)\MSI Kombustor 2.4
2012-09-26 18:27 . 2012-10-03 14:58 -------- d-----w- c:\program files (x86)\MSI Afterburner
2012-09-25 12:10 . 2012-09-25 12:10 -------- d-----w- c:\users\Clorky\AppData\Local\Google
2012-09-24 19:26 . 2012-09-24 19:26 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-24 19:04 . 2012-09-24 19:04 -------- d-----w- c:\programdata\RELOADED
2012-09-24 17:34 . 2012-09-24 17:34 -------- d-----w- c:\programdata\Futuremark
2012-09-24 17:24 . 2012-09-24 17:27 -------- d-----w- c:\program files (x86)\Futuremark
2012-09-24 16:33 . 2012-09-24 16:33 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-09-24 16:24 . 2012-09-24 16:24 -------- d-----w- c:\program files (x86)\oZone3D
2012-09-23 14:48 . 2012-09-23 14:58 -------- d-----w- c:\program files (x86)\OpenVPN
2012-09-23 14:31 . 2012-09-23 14:31 -------- d-----w- c:\windows\SysWow64\plugins
2012-09-23 14:26 . 2012-09-23 14:26 -------- d-----w- C:\tmp
2012-09-23 14:26 . 2012-09-23 14:40 -------- d-----w- c:\users\Clorky\.remobo
2012-09-23 14:13 . 2012-10-06 14:17 -------- d-----w- c:\users\Clorky\AppData\Roaming\.minecraft
2012-09-23 11:43 . 2012-09-30 09:51 -------- d-----w- c:\users\Clorky\AppData\Local\dxhr
2012-09-23 11:41 . 2012-09-30 16:16 -------- d-----w- c:\users\Clorky\AppData\Roaming\RadeonPro
2012-09-23 11:41 . 2012-10-03 14:00 -------- d-----w- c:\program files (x86)\RadeonPro
2012-09-23 09:49 . 2012-09-23 09:49 -------- d-----w- c:\program files\HWiNFO64
2012-09-22 18:13 . 2012-09-22 18:13 -------- d-----w- c:\programdata\Electronic Arts
2012-09-22 18:13 . 2012-09-22 18:13 -------- d-----w- c:\programdata\EA Core
2012-09-21 20:36 . 2012-09-21 20:36 -------- d-----w- c:\windows\SysWow64\SkyProcDebug
2012-09-21 17:59 . 2012-09-21 17:59 -------- d-----w- C:\Folding@HomeCPU
2012-09-21 17:52 . 2012-09-21 17:52 -------- d-----w- c:\users\Clorky\AppData\Roaming\XRay Engine
2012-09-21 17:33 . 2012-09-21 17:33 -------- d-----w- c:\program files\CPUID
2012-09-21 15:29 . 2012-09-21 15:29 -------- d-----w- c:\programdata\Aspyr
2012-09-21 12:38 . 2012-09-21 12:38 -------- d-----w- C:\GvTemp
2012-09-21 12:27 . 2012-09-21 12:27 -------- d-----w- c:\users\Clorky\AppData\Roaming\Day 1 Studios
2012-09-21 12:27 . 2012-09-21 12:27 -------- d-----w- c:\program files (x86)\GIGABYTE
2012-09-20 19:00 . 2012-09-20 19:00 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-20 18:12 . 2012-09-20 18:12 -------- d-----w- c:\program files (x86)\GPU-Z
2012-09-19 13:32 . 2012-09-19 13:32 -------- d-----w- c:\windows\system32\wbem\Logs
2012-09-19 13:29 . 2012-09-19 13:29 -------- d-----w- c:\windows\SysWow64\wbem\Logs
2012-09-19 13:22 . 2012-09-19 13:22 -------- d-----w- c:\windows\system32\wbem\MOF
2012-09-19 13:17 . 2012-09-19 13:17 -------- d-----w- c:\users\Clorky\AppData\Local\Remove_Empty_Directories
2012-09-19 13:15 . 2012-09-19 13:15 -------- d-----w- c:\program files (x86)\Remove Empty Directories
2012-09-15 11:52 . 2012-09-29 19:35 -------- d-----w- c:\program files\Nexus Mod Manager
2012-09-14 21:55 . 2012-09-14 21:55 -------- d-----w- c:\users\Clorky\AppData\Local\Aspyr
2012-09-13 23:03 . 2012-09-13 23:03 5557416 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-13 23:01 . 2012-09-13 23:01 10695168 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-13 22:46 . 2012-09-13 22:46 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-13 22:46 . 2012-09-13 22:46 70144 ----a-w- c:\windows\system32\coinst_9.001.dll
2012-09-13 22:42 . 2012-09-13 22:42 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-13 22:40 . 2012-09-13 22:40 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-13 22:40 . 2012-09-13 22:40 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-13 22:40 . 2012-09-13 22:40 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-13 22:40 . 2012-09-13 22:40 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-13 22:40 . 2012-09-13 22:40 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-13 22:36 . 2012-09-13 22:36 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-13 22:27 . 2012-09-13 22:27 934912 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-13 22:27 . 2012-09-13 22:27 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-13 22:23 . 2012-09-13 22:23 6477824 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-13 22:19 . 2012-09-13 22:19 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-13 22:19 . 2012-09-13 22:19 536064 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-13 22:18 . 2012-09-13 22:18 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-13 22:17 . 2012-09-13 22:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-13 22:17 . 2012-09-13 22:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-13 22:16 . 2012-09-13 22:16 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-13 22:16 . 2012-09-13 22:16 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-13 22:13 . 2012-09-13 22:13 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-13 22:06 . 2012-09-13 22:06 6704128 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-13 22:05 . 2012-09-13 22:05 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-13 21:56 . 2012-09-13 21:56 79360 ----a-w- c:\windows\system32\amdave64.dll
2012-09-13 21:56 . 2012-09-13 21:56 78336 ----a-w- c:\windows\SysWow64\amdave32.dll
2012-09-13 21:56 . 2012-09-13 21:56 74240 ----a-w- c:\windows\system32\atisamu64.dll
2012-09-13 21:56 . 2012-09-13 21:56 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-13 21:56 . 2012-09-13 21:56 71168 ----a-w- c:\windows\SysWow64\atisamu32.dll
2012-09-13 21:56 . 2012-09-13 21:56 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-13 21:56 . 2012-09-13 21:56 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-13 21:56 . 2012-09-13 21:56 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-13 21:56 . 2012-09-13 21:56 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-13 21:55 . 2012-09-13 21:55 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-13 21:55 . 2012-09-13 21:55 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-13 21:55 . 2012-09-13 21:55 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 459776 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-13 21:54 . 2012-09-13 21:54 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-13 21:54 . 2012-09-13 21:54 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-13 21:54 . 2012-09-13 21:54 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-13 21:53 . 2012-09-13 21:53 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-13 21:53 . 2012-09-13 21:53 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-13 16:47 . 2012-09-13 16:47 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-13 16:46 . 2012-09-13 16:46 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-13 16:46 . 2012-09-13 16:46 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-13 16:46 . 2012-09-13 16:46 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-13 16:46 . 2012-09-13 16:46 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-13 16:46 . 2012-09-13 16:46 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-13 16:42 . 2012-09-13 16:42 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-12 06:35 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 06:35 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 06:35 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 06:35 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 06:35 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 06:35 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 06:35 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 17:01 . 2012-09-11 17:01 -------- d-----w- c:\users\Clorky\AppData\Roaming\CleanMyPC Software
2012-09-11 17:01 . 2012-09-11 17:01 -------- d-----w- c:\program files (x86)\CleanMyPC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-05 08:40 . 2012-05-26 19:10 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-05 08:40 . 2012-05-26 19:06 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-05 08:40 . 2012-05-26 19:06 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-21 17:57 . 2012-04-29 12:55 88480 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-09-20 19:19 . 2012-03-29 13:43 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 19:19 . 2012-02-29 18:34 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-15 13:33 . 2012-06-22 14:10 52736 ----a-w- c:\windows\ipuninst.exe
2012-09-13 22:25 . 2012-02-29 15:57 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-13 22:08 . 2012-02-29 15:57 7107072 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-13 12:08 . 2012-03-31 10:51 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-07 15:04 . 2012-04-14 09:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-16 01:04 . 2012-08-14 18:37 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
2012-08-01 15:47 . 2012-08-01 15:47 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-08-01 15:47 . 2012-08-01 15:47 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-08-01 15:47 . 2012-08-01 15:47 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2012-08-01 15:47 . 2012-08-01 15:47 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-07-28 02:10 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 01:22 . 2012-07-28 01:22 71168 ----a-w- c:\windows\atisamu32.dll
2012-07-18 18:15 . 2012-08-15 09:23 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-16 12:01 . 2012-07-16 12:01 165232 ---ha-w- c:\users\Clorky\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2012-07-11 13:47 . 2012-07-11 13:47 268744 ----a-w- c:\windows\system32\javaws.exe
2012-07-11 13:47 . 2012-07-11 13:47 189384 ----a-w- c:\windows\system32\javaw.exe
2012-07-11 13:47 . 2012-07-11 13:47 188872 ----a-w- c:\windows\system32\java.exe
2012-07-11 13:47 . 2012-04-13 11:09 955848 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-11 13:47 . 2012-02-29 20:39 839112 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Clorky\AppData\Local\dxhr ----
.
2012-09-30 09:51 . 2012-09-30 10:01 384 ----a-w- c:\users\Clorky\AppData\Local\dxhr\dfts.dat
2012-09-23 11:44 . 2012-09-30 10:01 648 ----a-w- c:\users\Clorky\AppData\Local\dxhr\user.var
2012-09-23 11:43 . 2012-09-30 09:46 512 ----a-w- c:\users\Clorky\AppData\Local\dxhr\dftm.dat
.
---- Directory of c:\windows\system32\wbem\Logs ----
.
.
---- Directory of c:\windows\system32\wbem\MOF ----
.
.
---- Directory of c:\windows\SysWow64\plugins ----
.
.
---- Directory of c:\windows\SysWow64\wbem\Logs ----
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\utorrent\utorrent.exe" [2012-05-20 880496]
"OscarX7Mouse5Mode"="c:\program files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2011-10-21 3518976]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe" [2010-08-11 2472048]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-13 642728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2012-10-2 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R1 FDCDNT;FDCDNT;c:\windows\system32\drivers\FDCDNT.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-08-01 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-08-01 79360]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys [2010-08-01 30720]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 nrtap;NeoRouter Virtual Network Interface;c:\windows\system32\DRIVERS\nrtap.sys [2011-12-05 29696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-29 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S0 CFRMD;CFRMD;c:\windows\System32\drivers\cfrmd.sys [2009-10-27 149536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-22 283200]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO64\HWiNFO64A.SYS [2012-05-10 30592]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-13 239616]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-07-12 8704]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-03-28 3288400]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [2011-02-09 12800]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-09-13 10695168]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-09-13 459776]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-08-04 1342064]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 19:19]
.
2012-10-07 c:\windows\Tasks\COMODO System Cleaner Update.job
- c:\program files (x86)\COMODO\COMODO System-Cleaner\UpdateApplications.exe [2009-10-27 16:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2012-03-28 3998032]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{C5994560-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994561-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994562-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994563-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994564-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994565-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994566-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994567-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994568-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{152C96EB-288E-4EDC-B7C6-D21F8250ADF3} - (no file)
ShellIconOverlayIdentifiers-{342DAA0B-D796-460D-8566-901E08A1CCAD} - (no file)
ShellIconOverlayIdentifiers-{57595DAE-1AE1-4D97-A49E-67CBB53B52DF} - (no file)
ShellIconOverlayIdentifiers-{33816773-98AE-4723-ADE0-EBE54C8B5A67} - (no file)
AddRemove-BGCZ - e:\hry\Baldur's Gate\čeština\data\Setup.exe
AddRemove-Jagged Alliance 2 - e:\hry\Jagged Alliance 2 Gold\Uninst.isu
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1365180198-3819917712-2369891476-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:35,d1,6b,ec,4a,f8,0d,45,46,98,f4,19,6c,c1,ce,3e,af,74,0b,c7,64,a5,ad,
d7,9f,8e,32,6e,26,d8,0d,d0,7b,ef,2f,26,d9,2e,76,09,0b,d5,1f,d4,ce,f8,40,5a,\
"??"=hex:9e,ce,54,ef,45,be,11,4c,b2,2e,df,d2,9a,50,31,f2
.
[HKEY_USERS\S-1-5-21-1365180198-3819917712-2369891476-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,23,a8,e1,1f,b7,38,34,d4,d2,12,3c,07,92,5e,61,92,f1,31,e9,e6,
7b,93,76,ed,e6,35,5b,ea,a3,27,2b,ac,1d,79,92,b9,b0,e8,53,f9,33,70,af,b9,db,\
"rkeysecu"=hex:6c,d2,fc,dc,d8,fc,76,c9,3b,92,b6,3f,7a,34,f2,68
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="CFE1CA2B0F975DAD4D9EB25DEA92878C93B8ECAB521C7EEA39E3EC839017D1EE4911C78A1B75336D1264B7FB6F9FC66F968BBADE0524058D78513DFD473F32958A115042A82F5C855CEE78493D596C54EAE309DE6B3D4E08CE9D0AB62A379E1F87A8B500CE9B70CA506F01C66C949CF307803AA240D7A599A2B3B0B7B4AEAB7038106C066A476E64950C7D0C5AD85C5B63955537031B3A52DC75AF222687D13E97F40EA79BF0364D5A5FC0C12863976B7E4984B9F2DF9F98EE352C2A02D8ED94A677564FC58B8F574DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D67949DB7CE019D40AA5C838FACAD88F720A3481AB483170CBD662E5E8C032449C738B75445831C8F294696B6C6A0AA54923A9C32A04E0C2B75CCF2B9AD6F35D1C873AB5A038B4258268F99A9AF8A4150AFB800BD4D824191C6920FBAE1153D071AB32DE81063C71B771C176494051BA079B8CBD29B1DE0DB7B8046AF5F74E18FE8920EA915A972A54FF51087B470BA5DC5D54C28015E4B8CAF61D40A6F4C8176B7AC96E4543F39ADB1A9F657E46E5681C12E439D86CA930851076860F1A1AB2AD724818B20CBCBC8FACDB5BA0DE6D8EF6A6565B249A90198244521EBD7BFA5FB751FFCAF5E380B7157F5A83EA905DF6B13A55C0B7A888FEAC176970BA7B2E7220C46AD870CB30D0AC83E9C11CB383F9CE297C3F1E035EE1294F4D4BE7CCA1E386B47286FB7301BD324C4D80817B2FC1054EC2ED2D24602015CA3D5AE039EA93DB9D4FAE50563B1F6952C151AC2EC543635579E3FC012E013ADE50EA300069F91EE24A10DAB4804FE191B7B641D22B2E22A91116BAA36570470A4E38A471FC67D586E11ACF49B755A02BC2D2605CFBA4FA8546FB0A491E3F6DFCB2FF6C44A1DAA16F130AE42E0A15DF3BE3EC2EEBAC2977BE09D8B594ABAF08A4E401EF5ADD2269E6FD923065DD5BFE9D43743E268563C42F96E9D06C5C359569D575A6C32CB6438ADDBBCC79B929BB0B593527E2633216EE62B2CFB321A00FAB52CA85004213B81767B51A2690EF06C9AC2C07001CC10C875921E1FFE8C950290E6AB5A9420E46A16EE5C45DAB02410C22981FE4DC7B3E9725402EA609FAF4DAFA7A8591BC67FB75EDFFDF4C21AFA67F29FAD80A1011EC1B41609EACE8AC690187E8B300D4D8D0327EFF686BD1A228FEEF080E0DA06C19311EE864186B839D1D2F25F542B987538462F30E6A9B6A7F982DE59A29518F875E36EF42386CAC76E6B7ED6CFF4C702989D263293272A016C7C1B3E58362FFE510E95EFD893131816730EC8C2AE2AE0390B50AEA29EE00401AE4FD4AB6475F36772D6B941B798B44CFE06AFDCE244A602779C77B8397C6B27F0186A570A4A5DC9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2012-10-08 11:02:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-08 09:02
ComboFix2.txt 2012-10-07 13:26
.
Před spuštěním: 203 136 577 536 bytes free
Po spuštění: 202 702 008 320 bytes free
.
- - End Of File - - DB22F4D28D97544E62F88FC9C5DDC95A

Reklama

Příspěvekod **Clorky** » 08 říj 2012 11:09

aswMBR:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-08 11:05:52
-----------------------------
11:05:52.489 OS Version: Windows x64 6.1.7601 Service Pack 1
11:05:52.489 Number of processors: 4 586 0x1E05
11:05:52.489 ComputerName: I5PETR UserName: Clorky
11:05:53.482 Initialize success
11:07:46.829 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
11:07:46.831 Disk 0 Vendor: ST380021A 3.19 Size: 76319MB BusType: 3
11:07:46.832 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-4
11:07:46.834 Disk 1 Vendor: WDC_WD1001FALS-00E8B0 05.00K05 Size: 953869MB BusType: 3
11:07:46.838 Disk 1 MBR read successfully
11:07:46.840 Disk 1 MBR scan
11:07:46.842 Disk 1 Windows 7 default MBR code
11:07:46.847 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:07:46.853 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 299899 MB offset 206848
11:07:46.870 Disk 1 Partition 3 00 07 HPFS/NTFS NTFS 653867 MB offset 614400000
11:07:46.900 Disk 1 scanning C:\Windows\system32\drivers
11:07:50.113 Service scanning
11:07:58.648 Modules scanning
11:07:58.653 Disk 1 trace - called modules:
11:07:58.663 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
11:07:58.666 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800482c060]
11:07:58.669 3 CLASSPNP.SYS[fffff8800196c43f] -> nt!IofCallDriver -> [0xfffffa8004588e40]
11:07:58.671 5 ACPI.sys[fffff88000f397a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-4[0xfffffa80045b5060]
11:07:58.674 Scan finished successfully
11:08:10.258 Disk 1 MBR has been saved successfully to "C:\Users\Clorky\Desktop\MBR.dat"
11:08:10.261 The log file has been saved successfully to "C:\Users\Clorky\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 08 říj 2012 19:18

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
Folder::
C:\TDSSKiller_Quarantine

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\users\Clorky\AppData\Local\dxhr\dfts.dat
c:\users\Clorky\AppData\Local\dxhr\user.var
c:\users\Clorky\AppData\Local\dxhr\dftm.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Příspěvekod **Clorky** » 08 říj 2012 19:30

Nic, ale nevím co to je. Mažu.
Jdu na CF.

EDIT: Už vím co to je. Data ku hře Deus Ex: Human Revolution.

Příspěvekod **Clorky** » 08 říj 2012 19:47

CF:

ComboFix 12-10-08.02 - Clorky 08.10.2012 19:34:55.11.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4094.2453 [GMT 2:00]
Spuštěný z: c:\users\Clorky\Desktop\Download\ComboFix.exe
Použité ovládací přepínače :: c:\users\Clorky\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\TDSSKiller_Quarantine
c:\tdsskiller_quarantine\07.10.2012_15.14.40\susp0000\object.ini
c:\tdsskiller_quarantine\07.10.2012_15.14.40\susp0000\svc0000\object.ini
c:\tdsskiller_quarantine\07.10.2012_15.14.40\susp0000\svc0000\tsk0000.dta
c:\tdsskiller_quarantine\07.10.2012_15.14.40\susp0000\svc0000\tsk0000.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-08 do 2012-10-08 )))))))))))))))))))))))))))))))
.
.
2012-10-08 17:40 . 2012-10-08 17:40 -------- d-----w- c:\users\Petr\AppData\Local\temp
2012-10-08 17:40 . 2012-10-08 17:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-08 06:44 . 2012-09-18 22:58 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{60DE809E-BA64-4B67-A2B2-781E79881C17}\mpengine.dll
2012-10-07 20:02 . 2012-10-08 06:53 -------- d-----w- c:\users\Clorky\AppData\Local\Adobe
2012-10-04 07:55 . 2012-10-04 07:57 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2012-10-04 07:55 . 2012-10-04 07:57 -------- d-----w- c:\program files (x86)\World of Warcraft
2012-10-02 18:07 . 2012-10-02 18:07 -------- d-----w- c:\users\Clorky\AppData\Local\The Witcher 2
2012-10-02 17:55 . 2012-10-02 17:55 -------- d-----w- c:\program files\GamePark2
2012-09-30 20:13 . 2012-09-30 20:13 -------- d-----w- c:\users\Clorky\AppData\Local\IsolatedStorage
2012-09-30 20:13 . 2012-09-30 20:13 -------- d-----w- c:\users\Clorky\AppData\Local\Futuremark_Corporation
2012-09-30 20:12 . 2012-09-30 20:12 -------- d-----w- c:\program files\Futuremark
2012-09-30 19:30 . 2012-09-30 19:39 -------- d-----w- c:\users\Clorky\Heaven
2012-09-30 12:03 . 2012-09-30 12:03 -------- d-----w- c:\users\Clorky\AppData\Local\GHISLER
2012-09-30 11:44 . 2012-09-30 11:45 -------- d-----w- c:\users\Clorky\AppData\Roaming\GHISLER
2012-09-29 17:16 . 2012-09-29 17:16 -------- d-----w- c:\programdata\ATI
2012-09-29 17:16 . 2012-09-29 17:16 -------- d-----w- c:\program files (x86)\AMD AVT
2012-09-29 17:15 . 2012-09-29 17:15 -------- d-----w- c:\program files (x86)\AMD APP
2012-09-29 08:42 . 2012-09-29 08:42 -------- d-----w- c:\programdata\Codemasters
2012-09-29 08:41 . 2010-09-22 12:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2012-09-29 08:41 . 2011-09-05 18:57 1306624 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2012-09-29 08:41 . 2012-09-29 08:41 -------- d-----w- c:\program files (x86)\BRS
2012-09-29 08:41 . 2012-09-29 08:41 -------- d-----w- c:\program files (x86)\OpenAL
2012-09-29 08:11 . 2012-09-29 08:11 -------- d-----w- c:\users\Clorky\AppData\Roaming\ToMMTi-Systems
2012-09-27 16:09 . 2012-09-27 16:09 -------- d-----w- c:\program files (x86)\MSI Kombustor 2.4
2012-09-26 18:27 . 2012-10-03 14:58 -------- d-----w- c:\program files (x86)\MSI Afterburner
2012-09-25 12:10 . 2012-09-25 12:10 -------- d-----w- c:\users\Clorky\AppData\Local\Google
2012-09-24 19:26 . 2012-09-24 19:26 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-24 19:04 . 2012-09-24 19:04 -------- d-----w- c:\programdata\RELOADED
2012-09-24 17:34 . 2012-09-24 17:34 -------- d-----w- c:\programdata\Futuremark
2012-09-24 17:24 . 2012-09-24 17:27 -------- d-----w- c:\program files (x86)\Futuremark
2012-09-24 16:33 . 2012-09-24 16:33 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-09-24 16:24 . 2012-09-24 16:24 -------- d-----w- c:\program files (x86)\oZone3D
2012-09-23 14:48 . 2012-09-23 14:58 -------- d-----w- c:\program files (x86)\OpenVPN
2012-09-23 14:31 . 2012-09-23 14:31 -------- d-----w- c:\windows\SysWow64\plugins
2012-09-23 14:26 . 2012-09-23 14:26 -------- d-----w- C:\tmp
2012-09-23 14:26 . 2012-09-23 14:40 -------- d-----w- c:\users\Clorky\.remobo
2012-09-23 14:13 . 2012-10-06 14:17 -------- d-----w- c:\users\Clorky\AppData\Roaming\.minecraft
2012-09-23 11:43 . 2012-09-30 09:51 -------- d-----w- c:\users\Clorky\AppData\Local\dxhr
2012-09-23 11:41 . 2012-09-30 16:16 -------- d-----w- c:\users\Clorky\AppData\Roaming\RadeonPro
2012-09-23 11:41 . 2012-10-03 14:00 -------- d-----w- c:\program files (x86)\RadeonPro
2012-09-23 09:49 . 2012-09-23 09:49 -------- d-----w- c:\program files\HWiNFO64
2012-09-22 18:13 . 2012-09-22 18:13 -------- d-----w- c:\programdata\Electronic Arts
2012-09-22 18:13 . 2012-09-22 18:13 -------- d-----w- c:\programdata\EA Core
2012-09-21 20:36 . 2012-09-21 20:36 -------- d-----w- c:\windows\SysWow64\SkyProcDebug
2012-09-21 17:59 . 2012-09-21 17:59 -------- d-----w- C:\Folding@HomeCPU
2012-09-21 17:52 . 2012-09-21 17:52 -------- d-----w- c:\users\Clorky\AppData\Roaming\XRay Engine
2012-09-21 17:33 . 2012-09-21 17:33 -------- d-----w- c:\program files\CPUID
2012-09-21 15:29 . 2012-09-21 15:29 -------- d-----w- c:\programdata\Aspyr
2012-09-21 12:38 . 2012-09-21 12:38 -------- d-----w- C:\GvTemp
2012-09-21 12:27 . 2012-09-21 12:27 -------- d-----w- c:\users\Clorky\AppData\Roaming\Day 1 Studios
2012-09-21 12:27 . 2012-09-21 12:27 -------- d-----w- c:\program files (x86)\GIGABYTE
2012-09-20 19:00 . 2012-09-20 19:00 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-09-20 18:12 . 2012-09-20 18:12 -------- d-----w- c:\program files (x86)\GPU-Z
2012-09-19 13:32 . 2012-09-19 13:32 -------- d-----w- c:\windows\system32\wbem\Logs
2012-09-19 13:29 . 2012-09-19 13:29 -------- d-----w- c:\windows\SysWow64\wbem\Logs
2012-09-19 13:22 . 2012-09-19 13:22 -------- d-----w- c:\windows\system32\wbem\MOF
2012-09-19 13:17 . 2012-09-19 13:17 -------- d-----w- c:\users\Clorky\AppData\Local\Remove_Empty_Directories
2012-09-19 13:15 . 2012-09-19 13:15 -------- d-----w- c:\program files (x86)\Remove Empty Directories
2012-09-15 11:52 . 2012-09-29 19:35 -------- d-----w- c:\program files\Nexus Mod Manager
2012-09-14 21:55 . 2012-09-14 21:55 -------- d-----w- c:\users\Clorky\AppData\Local\Aspyr
2012-09-13 23:03 . 2012-09-13 23:03 5557416 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-13 23:01 . 2012-09-13 23:01 10695168 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-13 22:46 . 2012-09-13 22:46 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-13 22:46 . 2012-09-13 22:46 70144 ----a-w- c:\windows\system32\coinst_9.001.dll
2012-09-13 22:42 . 2012-09-13 22:42 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-13 22:40 . 2012-09-13 22:40 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-13 22:40 . 2012-09-13 22:40 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-13 22:40 . 2012-09-13 22:40 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-13 22:40 . 2012-09-13 22:40 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-13 22:40 . 2012-09-13 22:40 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-13 22:36 . 2012-09-13 22:36 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-13 22:27 . 2012-09-13 22:27 934912 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-13 22:27 . 2012-09-13 22:27 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-13 22:23 . 2012-09-13 22:23 6477824 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-13 22:19 . 2012-09-13 22:19 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-13 22:19 . 2012-09-13 22:19 536064 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-13 22:18 . 2012-09-13 22:18 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-13 22:17 . 2012-09-13 22:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-13 22:17 . 2012-09-13 22:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-13 22:16 . 2012-09-13 22:16 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-13 22:16 . 2012-09-13 22:16 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-13 22:13 . 2012-09-13 22:13 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-13 22:06 . 2012-09-13 22:06 6704128 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-13 22:05 . 2012-09-13 22:05 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-13 21:56 . 2012-09-13 21:56 79360 ----a-w- c:\windows\system32\amdave64.dll
2012-09-13 21:56 . 2012-09-13 21:56 78336 ----a-w- c:\windows\SysWow64\amdave32.dll
2012-09-13 21:56 . 2012-09-13 21:56 74240 ----a-w- c:\windows\system32\atisamu64.dll
2012-09-13 21:56 . 2012-09-13 21:56 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-13 21:56 . 2012-09-13 21:56 71168 ----a-w- c:\windows\SysWow64\atisamu32.dll
2012-09-13 21:56 . 2012-09-13 21:56 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-13 21:56 . 2012-09-13 21:56 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-13 21:56 . 2012-09-13 21:56 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-13 21:56 . 2012-09-13 21:56 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-13 21:55 . 2012-09-13 21:55 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-13 21:55 . 2012-09-13 21:55 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-13 21:55 . 2012-09-13 21:55 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-13 21:55 . 2012-09-13 21:55 459776 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-13 21:54 . 2012-09-13 21:54 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-13 21:54 . 2012-09-13 21:54 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-13 21:54 . 2012-09-13 21:54 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-13 21:53 . 2012-09-13 21:53 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-13 21:53 . 2012-09-13 21:53 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-13 16:47 . 2012-09-13 16:47 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-13 16:46 . 2012-09-13 16:46 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-13 16:46 . 2012-09-13 16:46 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-13 16:46 . 2012-09-13 16:46 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-13 16:46 . 2012-09-13 16:46 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-13 16:46 . 2012-09-13 16:46 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-13 16:42 . 2012-09-13 16:42 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-12 06:35 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 06:35 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 06:35 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 06:35 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 06:35 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 06:35 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 06:35 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 17:01 . 2012-09-11 17:01 -------- d-----w- c:\users\Clorky\AppData\Roaming\CleanMyPC Software
2012-09-11 17:01 . 2012-09-11 17:01 -------- d-----w- c:\program files (x86)\CleanMyPC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-05 08:40 . 2012-05-26 19:10 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-05 08:40 . 2012-05-26 19:06 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-05 08:40 . 2012-05-26 19:06 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-21 17:57 . 2012-04-29 12:55 88480 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-09-20 19:19 . 2012-03-29 13:43 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 19:19 . 2012-02-29 18:34 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-15 13:33 . 2012-06-22 14:10 52736 ----a-w- c:\windows\ipuninst.exe
2012-09-13 22:25 . 2012-02-29 15:57 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-13 22:08 . 2012-02-29 15:57 7107072 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-13 12:08 . 2012-03-31 10:51 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-09-07 15:04 . 2012-04-14 09:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-16 01:04 . 2012-08-14 18:37 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
2012-08-01 15:47 . 2012-08-01 15:47 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-08-01 15:47 . 2012-08-01 15:47 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-08-01 15:47 . 2012-08-01 15:47 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2012-08-01 15:47 . 2012-08-01 15:47 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-07-28 02:10 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 01:22 . 2012-07-28 01:22 71168 ----a-w- c:\windows\atisamu32.dll
2012-07-18 18:15 . 2012-08-15 09:23 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-16 12:01 . 2012-07-16 12:01 165232 ---ha-w- c:\users\Clorky\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2012-07-11 13:47 . 2012-07-11 13:47 268744 ----a-w- c:\windows\system32\javaws.exe
2012-07-11 13:47 . 2012-07-11 13:47 189384 ----a-w- c:\windows\system32\javaw.exe
2012-07-11 13:47 . 2012-07-11 13:47 188872 ----a-w- c:\windows\system32\java.exe
2012-07-11 13:47 . 2012-04-13 11:09 955848 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-11 13:47 . 2012-02-29 20:39 839112 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\utorrent\utorrent.exe" [2012-05-20 880496]
"OscarX7Mouse5Mode"="c:\program files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2011-10-21 3518976]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe" [2010-08-11 2472048]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-13 642728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2012-10-2 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
R1 FDCDNT;FDCDNT;c:\windows\system32\drivers\FDCDNT.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2012-03-02 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2012-03-02 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2012-03-02 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2012-03-02 34304]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-08-01 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-08-01 79360]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys [2010-08-01 30720]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
R3 nrtap;NeoRouter Virtual Network Interface;c:\windows\system32\DRIVERS\nrtap.sys [2011-12-05 29696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-07-19 738152]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-29 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S0 CFRMD;CFRMD;c:\windows\System32\drivers\cfrmd.sys [2009-10-27 149536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-22 283200]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO64\HWiNFO64A.SYS [2012-05-10 30592]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-13 239616]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-07-12 8704]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-03-28 3288400]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [2011-02-09 12800]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-09-13 10695168]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-09-13 459776]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-08-04 1342064]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 19:19]
.
2012-10-07 c:\windows\Tasks\COMODO System Cleaner Update.job
- c:\program files (x86)\COMODO\COMODO System-Cleaner\UpdateApplications.exe [2009-10-27 16:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2012-03-28 3998032]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{C5994560-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994561-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994562-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994563-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994564-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994565-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994566-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994567-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994568-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{152C96EB-288E-4EDC-B7C6-D21F8250ADF3} - (no file)
ShellIconOverlayIdentifiers-{342DAA0B-D796-460D-8566-901E08A1CCAD} - (no file)
ShellIconOverlayIdentifiers-{57595DAE-1AE1-4D97-A49E-67CBB53B52DF} - (no file)
ShellIconOverlayIdentifiers-{33816773-98AE-4723-ADE0-EBE54C8B5A67} - (no file)
AddRemove-BGCZ - e:\hry\Baldur's Gate\čeština\data\Setup.exe
AddRemove-Jagged Alliance 2 - e:\hry\Jagged Alliance 2 Gold\Uninst.isu
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1365180198-3819917712-2369891476-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:35,d1,6b,ec,4a,f8,0d,45,46,98,f4,19,6c,c1,ce,3e,af,74,0b,c7,64,a5,ad,
d7,9f,8e,32,6e,26,d8,0d,d0,7b,ef,2f,26,d9,2e,76,09,0b,d5,1f,d4,ce,f8,40,5a,\
"??"=hex:9e,ce,54,ef,45,be,11,4c,b2,2e,df,d2,9a,50,31,f2
.
[HKEY_USERS\S-1-5-21-1365180198-3819917712-2369891476-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,23,a8,e1,1f,b7,38,34,d4,d2,12,3c,07,92,5e,61,92,f1,31,e9,e6,
7b,93,76,ed,e6,35,5b,ea,a3,27,2b,ac,1d,79,92,b9,b0,e8,53,f9,33,70,af,b9,db,\
"rkeysecu"=hex:6c,d2,fc,dc,d8,fc,76,c9,3b,92,b6,3f,7a,34,f2,68
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="CFE1CA2B0F975DAD4D9EB25DEA92878C93B8ECAB521C7EEA39E3EC839017D1EE4911C78A1B75336D1264B7FB6F9FC66F968BBADE0524058D78513DFD473F32958A115042A82F5C855CEE78493D596C54EAE309DE6B3D4E08CE9D0AB62A379E1F87A8B500CE9B70CA506F01C66C949CF307803AA240D7A599A2B3B0B7B4AEAB7038106C066A476E64950C7D0C5AD85C5B63955537031B3A52DC75AF222687D13E97F40EA79BF0364D5A5FC0C12863976B7E4984B9F2DF9F98EE352C2A02D8ED94A677564FC58B8F574DFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D67949DB7CE019D40AA5C838FACAD88F720A3481AB483170CBD662E5E8C032449C738B75445831C8F294696B6C6A0AA54923A9C32A04E0C2B75CCF2B9AD6F35D1C873AB5A038B4258268F99A9AF8A4150AFB800BD4D824191C6920FBAE1153D071AB32DE81063C71B771C176494051BA079B8CBD29B1DE0DB7B8046AF5F74E18FE8920EA915A972A54FF51087B470BA5DC5D54C28015E4B8CAF61D40A6F4C8176B7AC96E4543F39ADB1A9F657E46E5681C12E439D86CA930851076860F1A1AB2AD724818B20CBCBC8FACDB5BA0DE6D8EF6A6565B249A90198244521EBD7BFA5FB751FFCAF5E380B7157F5A83EA905DF6B13A55C0B7A888FEAC176970BA7B2E7220C46AD870CB30D0AC83E9C11CB383F9CE297C3F1E035EE1294F4D4BE7CCA1E386B47286FB7301BD324C4D80817B2FC1054EC2ED2D24602015CA3D5AE039EA93DB9D4FAE50563B1F6952C151AC2EC543635579E3FC012E013ADE50EA300069F91EE24A10DAB4804FE191B7B641D22B2E22A91116BAA36570470A4E38A471FC67D586E11ACF49B755A02BC2D2605CFBA4FA8546FB0A491E3F6DFCB2FF6C44A1DAA16F130AE42E0A15DF3BE3EC2EEBAC2977BE09D8B594ABAF08A4E401EF5ADD2269E6FD923065DD5BFE9D43743E268563C42F96E9D06C5C359569D575A6C32CB6438ADDBBCC79B929BB0B593527E2633216EE62B2CFB321A00FAB52CA85004213B81767B51A2690EF06C9AC2C07001CC10C875921E1FFE8C950290E6AB5A9420E46A16EE5C45DAB02410C22981FE4DC7B3E9725402EA609FAF4DAFA7A8591BC67FB75EDFFDF4C21AFA67F29FAD80A1011EC1B41609EACE8AC690187E8B300D4D8D0327EFF686BD1A228FEEF080E0DA06C19311EE864186B839D1D2F25F542B987538462F30E6A9B6A7F982DE59A29518F875E36EF42386CAC76E6B7ED6CFF4C702989D263293272A016C7C1B3E58362FFE510E95EFD893131816730EC8C2AE2AE0390B50AEA29EE00401AE4FD4AB6475F36772D6B941B798B44CFE06AFDCE244A602779C77B8397C6B27F0186A570A4A5DC9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2012-10-08 19:45:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-08 17:45
ComboFix2.txt 2012-10-08 09:02
ComboFix3.txt 2012-10-07 13:26
.
Před spuštěním: 206 369 771 520 bytes free
Po spuštění: 206 308 339 712 bytes free
.
- - End Of File - - 18A262E40FDFD4BDC4018FD4DADEEA44

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:46:35, on 8.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Users\Clorky\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [HDAudDeck] c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe -r
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [uTorrent] "c:\program files (x86)\utorrent\utorrent.exe" /minimized
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8722 bytes

Příspěvekod **Žbeky** » 08 říj 2012 21:24

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Jak se chová PC?

Příspěvekod **Clorky** » 09 říj 2012 08:59

Už je to o dost lepší.

Díky za pomoc.

Kontrola HJT, spomalený PC, Skype virus (?) Vyřešeno

Re: Kontrola HJT, spomalený PC, Skype virus (?)

Re: Kontrola HJT, spomalený PC, Skype virus (?)

Re: Kontrola HJT, spomalený PC, Skype virus (?)

Re: Kontrola HJT, spomalený PC, Skype virus (?)

Re: Kontrola HJT, spomalený PC, Skype virus (?)

Re: Kontrola HJT, spomalený PC, Skype virus (?)

Re: Kontrola HJT, spomalený PC, Skype virus (?) Vyřešeno

Kdo je online