Prosím o kontrolu logu Vyřešeno
Re: Prosím o kontrolu logu
ComboFix 13-02-15.01 - Aleš 15.02.2013 22:33:09.4.4 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2982 [GMT 1:00]
Spuštěný z: c:\documents and settings\Aleš\Plocha\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\tmp6B.tmp
c:\windows\system32\tmp6C.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-15 do 2013-02-15 )))))))))))))))))))))))))))))))
.
.
2013-02-14 14:48 . 2013-02-14 14:48 388096 ----a-r- c:\documents and settings\Aleš\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-14 14:01 . 2013-02-14 14:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-14 14:01 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-13 15:39 . 2013-02-13 15:39 -------- d-sh--w- c:\windows\ftpcache
2013-02-13 15:27 . 2013-02-13 15:27 -------- d-----w- c:\program files\Activision
2013-02-13 10:04 . 2013-02-13 15:24 -------- d-----w- c:\documents and settings\Aleš\Data aplikací\Kastner software
2013-02-13 10:04 . 2013-02-13 15:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\KASTNER software
2013-01-25 21:14 . 2013-01-25 21:14 -------- d-----w- c:\program files\Common Files\Skype
2013-01-24 18:21 . 2013-01-24 18:21 -------- d-----w- c:\program files\pazera-software
2013-01-24 18:17 . 2013-01-24 18:17 -------- d-----w- c:\documents and settings\Aleš\Local Settings\Data aplikací\WMTools Downloaded Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-15 13:06 . 2013-01-13 10:36 7947 ----a-w- c:\windows\AutoKMS.tmp
2013-02-08 15:41 . 2012-04-04 13:28 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-08 15:41 . 2011-05-14 16:21 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-28 17:33 . 2013-01-06 18:12 45056 ----a-w- c:\windows\NCUNINST.EXE
2013-01-27 14:21 . 2012-11-18 09:44 21840 ----atw- c:\windows\system32\SIntfNT.dll
2013-01-27 14:21 . 2012-11-18 09:44 17212 ----atw- c:\windows\system32\SIntf32.dll
2013-01-27 14:21 . 2012-11-18 09:44 12067 ----atw- c:\windows\system32\SIntf16.dll
2013-01-26 03:55 . 2007-10-29 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-15 15:56 . 2012-06-16 18:52 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 15:56 . 2012-03-06 22:29 473520 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-15 14:14 . 2008-10-12 09:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-07 07:26 . 2007-10-29 12:00 2150912 ------w- c:\windows\system32\ntoskrnl.exe
2013-01-07 07:26 . 2004-08-17 15:45 2029568 ------w- c:\windows\system32\ntkrnlpa.exe
2013-01-06 13:06 . 2013-01-06 13:06 4608 ----a-w- c:\windows\system32\w95inf32.dll
2013-01-06 13:06 . 2013-01-06 13:06 2272 ----a-w- c:\windows\system32\w95inf16.dll
2013-01-04 10:10 . 2007-10-29 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2007-10-29 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2007-10-29 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-29 10:31 . 2013-01-06 13:00 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-12-29 10:31 . 2013-01-06 13:00 6066176 ----a-w- c:\windows\system32\nvopencl.dll
2012-12-29 10:31 . 2011-09-27 11:00 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2012-12-29 10:31 . 2010-06-04 18:15 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-12-29 10:31 . 2009-08-16 22:57 2725304 ----a-w- c:\windows\system32\nvcuvid.dll
2012-12-29 10:31 . 2009-08-16 22:57 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-12-29 10:31 . 2008-09-21 10:13 10686200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-12-29 10:31 . 2008-09-21 10:13 4154752 ----a-w- c:\windows\system32\nv4_disp.dll
2012-12-29 10:31 . 2008-09-21 10:13 2448384 ----a-w- c:\windows\system32\nvapi.dll
2012-12-29 10:31 . 2008-09-21 10:13 19570688 ----a-w- c:\windows\system32\nvoglnt.dll
2012-12-29 10:31 . 2008-05-03 03:46 7716864 ----a-w- c:\windows\system32\nvcuda.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2012-12-29 08:08 . 2011-01-07 18:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2012-12-29 08:08 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2012-12-29 08:08 . 2011-01-07 18:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2012-12-29 08:08 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2012-12-29 08:08 . 2011-01-07 18:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2012-12-29 08:08 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsja.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2012-12-29 08:08 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2012-12-29 08:08 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2012-12-29 08:08 . 2011-01-07 18:58 335872 ----a-w- c:\windows\system32\nvrshe.dll
2012-12-29 08:08 . 2011-01-07 18:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2012-12-29 08:08 . 2011-01-07 18:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2012-12-29 08:08 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2012-12-29 08:08 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2012-12-29 08:08 . 2011-01-07 18:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2012-12-29 08:08 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-12-29 08:08 . 2011-01-07 18:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2012-12-29 08:07 . 2011-01-07 18:58 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-12-29 08:07 . 2011-01-07 18:58 157112 ----a-w- c:\windows\system32\nvsvc32.exe
2012-12-29 08:07 . 2011-01-07 18:58 15635896 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:07 . 2011-01-07 18:58 108984 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 08:07 . 2011-01-07 18:58 144312 ----a-w- c:\windows\system32\nvcolor.exe
2012-12-26 20:20 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2007-10-29 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2007-10-29 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2007-10-29 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2007-10-29 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2011-08-07 26624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-12-29 15635896]
"NvMediaCenter"="NvMCTray.dll" [2012-12-29 108984]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-29 1982312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 12:01 148776 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-11-27 16:18 116648 ----atw- c:\documents and settings\Aleš\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-06-27 11:55 1211176 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 08:54 150016 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Nero\\Nero 7\\ODD Toolkit\\ODDUpdate.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\HD Publishing\\Joint Task Force\\jtf.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\HTC\\HTC Sync Manager\\HTC Sync\\htcsyncloader.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [23.4.2012 18:22 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [23.4.2012 18:23 199320]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [21.9.2008 10:52 143256]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.8.2010 20:13 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [23.4.2012 18:23 20624]
S1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [23.4.2012 18:23 106560]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23.4.2012 18:23 738504]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.4.2012 18:23 361032]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 84520]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.4.2012 18:23 21256]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [23.4.2012 18:22 133912]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [25.12.2009 2:10 238952]
S2 HTCMonitorService;HTCMonitorService;c:\program files\HTC\HTC Sync Manager\HSMServiceEntry.exe [8.6.2012 16:02 87368]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.2.2013 15:01 682344]
S2 MRUWebService;MRU Web Service;c:\program files\Marvell\61xx\Apache2\bin\Apache.exe [23.5.2007 1:17 20539]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [10.11.2012 21:15 625816]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [18.6.2012 16:17 88576]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [11.3.2011 22:38 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [25.12.2009 2:10 36608]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [7.8.2012 15:28 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 17:01 21248]
S3 Marvell RAID;Marvell RAID Event Agent;c:\program files\Marvell\61xx\svc\mvraidsvc.exe [12.6.2007 19:54 61440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.2.2013 15:01 21104]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [5.10.2008 10:49 47360]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\drivers\MarvinAVS.sys [12.10.2008 19:56 434176]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [3.7.2012 21:27 155320]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [3.8.2010 21:30 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [3.8.2010 21:30 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [3.8.2010 21:30 123648]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [3.8.2010 21:29 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [3.8.2010 21:29 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [3.8.2010 21:29 123648]
S3 ssudcdf;SAMSUNG Mobile Mode Changer Device;c:\windows\system32\drivers\ssudcdf.sys [18.10.2011 2:43 28856]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [6.10.2008 20:25 178913]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-10-22 18:55 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 15:41]
.
2013-02-15 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-05-22 21:08]
.
2013-02-15 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-06-29 22:50]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 11:28]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 11:28]
.
2013-02-15 c:\windows\Tasks\User_Feed_Synchronization-{300F3C5F-9E5F-4036-AA6F-5DC1C455CD12}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/a ... oader6.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Nektra OEAPI - (no file)
HKCU-Run-WEBTRAN - (no file)
HKLM-Run-NPSStartup - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Orb - c:\program files\Winamp Remote\bin\OrbTray.exe
AddRemove-PC Translator - c:\docume~1\ALE~1\LOCALS~1\Temp\UN32.EXE
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-15 22:45
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-1682526488-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*,%f%*%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1409082233-1682526488-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*,%f%*%\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-02-15 22:48:34
ComboFix-quarantined-files.txt 2013-02-15 21:48
.
Před spuštěním: Volných bajtů: 99 708 485 632
Po spuštění: Volných bajtů: 100 172 263 424
.
- - End Of File - - D3B10F8B77F8CA2AA63691B05C3EA1E2
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2982 [GMT 1:00]
Spuštěný z: c:\documents and settings\Aleš\Plocha\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\tmp6B.tmp
c:\windows\system32\tmp6C.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-15 do 2013-02-15 )))))))))))))))))))))))))))))))
.
.
2013-02-14 14:48 . 2013-02-14 14:48 388096 ----a-r- c:\documents and settings\Aleš\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-14 14:01 . 2013-02-14 14:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-14 14:01 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-13 15:39 . 2013-02-13 15:39 -------- d-sh--w- c:\windows\ftpcache
2013-02-13 15:27 . 2013-02-13 15:27 -------- d-----w- c:\program files\Activision
2013-02-13 10:04 . 2013-02-13 15:24 -------- d-----w- c:\documents and settings\Aleš\Data aplikací\Kastner software
2013-02-13 10:04 . 2013-02-13 15:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\KASTNER software
2013-01-25 21:14 . 2013-01-25 21:14 -------- d-----w- c:\program files\Common Files\Skype
2013-01-24 18:21 . 2013-01-24 18:21 -------- d-----w- c:\program files\pazera-software
2013-01-24 18:17 . 2013-01-24 18:17 -------- d-----w- c:\documents and settings\Aleš\Local Settings\Data aplikací\WMTools Downloaded Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-15 13:06 . 2013-01-13 10:36 7947 ----a-w- c:\windows\AutoKMS.tmp
2013-02-08 15:41 . 2012-04-04 13:28 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-08 15:41 . 2011-05-14 16:21 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-28 17:33 . 2013-01-06 18:12 45056 ----a-w- c:\windows\NCUNINST.EXE
2013-01-27 14:21 . 2012-11-18 09:44 21840 ----atw- c:\windows\system32\SIntfNT.dll
2013-01-27 14:21 . 2012-11-18 09:44 17212 ----atw- c:\windows\system32\SIntf32.dll
2013-01-27 14:21 . 2012-11-18 09:44 12067 ----atw- c:\windows\system32\SIntf16.dll
2013-01-26 03:55 . 2007-10-29 12:00 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-15 15:56 . 2012-06-16 18:52 477616 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-15 15:56 . 2012-03-06 22:29 473520 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-15 14:14 . 2008-10-12 09:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-07 07:26 . 2007-10-29 12:00 2150912 ------w- c:\windows\system32\ntoskrnl.exe
2013-01-07 07:26 . 2004-08-17 15:45 2029568 ------w- c:\windows\system32\ntkrnlpa.exe
2013-01-06 13:06 . 2013-01-06 13:06 4608 ----a-w- c:\windows\system32\w95inf32.dll
2013-01-06 13:06 . 2013-01-06 13:06 2272 ----a-w- c:\windows\system32\w95inf16.dll
2013-01-04 10:10 . 2007-10-29 12:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2007-10-29 12:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2007-10-29 12:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-29 10:31 . 2013-01-06 13:00 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-12-29 10:31 . 2013-01-06 13:00 6066176 ----a-w- c:\windows\system32\nvopencl.dll
2012-12-29 10:31 . 2011-09-27 11:00 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2012-12-29 10:31 . 2010-06-04 18:15 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-12-29 10:31 . 2009-08-16 22:57 2725304 ----a-w- c:\windows\system32\nvcuvid.dll
2012-12-29 10:31 . 2009-08-16 22:57 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-12-29 10:31 . 2008-09-21 10:13 10686200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-12-29 10:31 . 2008-09-21 10:13 4154752 ----a-w- c:\windows\system32\nv4_disp.dll
2012-12-29 10:31 . 2008-09-21 10:13 2448384 ----a-w- c:\windows\system32\nvapi.dll
2012-12-29 10:31 . 2008-09-21 10:13 19570688 ----a-w- c:\windows\system32\nvoglnt.dll
2012-12-29 10:31 . 2008-05-03 03:46 7716864 ----a-w- c:\windows\system32\nvcuda.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2012-12-29 08:08 . 2011-01-07 18:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2012-12-29 08:08 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2012-12-29 08:08 . 2011-01-07 18:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2012-12-29 08:08 . 2011-01-07 18:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2012-12-29 08:08 . 2011-01-07 18:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2012-12-29 08:08 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsja.dll
2012-12-29 08:08 . 2011-01-07 18:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2012-12-29 08:08 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2012-12-29 08:08 . 2011-01-07 18:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2012-12-29 08:08 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2012-12-29 08:08 . 2011-01-07 18:58 335872 ----a-w- c:\windows\system32\nvrshe.dll
2012-12-29 08:08 . 2011-01-07 18:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2012-12-29 08:08 . 2011-01-07 18:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2012-12-29 08:08 . 2011-01-07 18:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2012-12-29 08:08 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2012-12-29 08:08 . 2011-01-07 18:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2012-12-29 08:08 . 2011-01-07 18:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2012-12-29 08:08 . 2011-01-07 18:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-12-29 08:08 . 2011-01-07 18:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2012-12-29 08:07 . 2011-01-07 18:58 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-12-29 08:07 . 2011-01-07 18:58 157112 ----a-w- c:\windows\system32\nvsvc32.exe
2012-12-29 08:07 . 2011-01-07 18:58 15635896 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:07 . 2011-01-07 18:58 108984 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 08:07 . 2011-01-07 18:58 144312 ----a-w- c:\windows\system32\nvcolor.exe
2012-12-26 20:20 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2007-10-29 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2007-10-29 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2007-10-29 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2007-10-29 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2011-08-07 26624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-12-29 15635896]
"NvMediaCenter"="NvMCTray.dll" [2012-12-29 108984]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-29 1982312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 12:01 148776 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-11-27 16:18 116648 ----atw- c:\documents and settings\Aleš\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-06-27 11:55 1211176 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 08:54 150016 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Nero\\Nero 7\\ODD Toolkit\\ODDUpdate.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\HD Publishing\\Joint Task Force\\jtf.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\HTC\\HTC Sync Manager\\HTC Sync\\htcsyncloader.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [23.4.2012 18:22 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [23.4.2012 18:23 199320]
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [21.9.2008 10:52 143256]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.8.2010 20:13 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [23.4.2012 18:23 20624]
S1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [23.4.2012 18:23 106560]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [23.4.2012 18:23 738504]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.4.2012 18:23 361032]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 84520]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.4.2012 18:23 21256]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [23.4.2012 18:22 133912]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [25.12.2009 2:10 238952]
S2 HTCMonitorService;HTCMonitorService;c:\program files\HTC\HTC Sync Manager\HSMServiceEntry.exe [8.6.2012 16:02 87368]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.2.2013 15:01 682344]
S2 MRUWebService;MRU Web Service;c:\program files\Marvell\61xx\Apache2\bin\Apache.exe [23.5.2007 1:17 20539]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [10.11.2012 21:15 625816]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [18.6.2012 16:17 88576]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [11.3.2011 22:38 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [25.12.2009 2:10 36608]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [7.8.2012 15:28 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 17:01 21248]
S3 Marvell RAID;Marvell RAID Event Agent;c:\program files\Marvell\61xx\svc\mvraidsvc.exe [12.6.2007 19:54 61440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.2.2013 15:01 21104]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [5.10.2008 10:49 47360]
S3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\drivers\MarvinAVS.sys [12.10.2008 19:56 434176]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [3.7.2012 21:27 155320]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [3.8.2010 21:30 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [3.8.2010 21:30 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [3.8.2010 21:30 123648]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [3.8.2010 21:29 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [3.8.2010 21:29 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [3.8.2010 21:29 123648]
S3 ssudcdf;SAMSUNG Mobile Mode Changer Device;c:\windows\system32\drivers\ssudcdf.sys [18.10.2011 2:43 28856]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [6.10.2008 20:25 178913]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-10-22 18:55 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 15:41]
.
2013-02-15 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-05-22 21:08]
.
2013-02-15 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-06-29 22:50]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 11:28]
.
2013-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-20 11:28]
.
2013-02-15 c:\windows\Tasks\User_Feed_Synchronization-{300F3C5F-9E5F-4036-AA6F-5DC1C455CD12}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/a ... oader6.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Nektra OEAPI - (no file)
HKCU-Run-WEBTRAN - (no file)
HKLM-Run-NPSStartup - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Orb - c:\program files\Winamp Remote\bin\OrbTray.exe
AddRemove-PC Translator - c:\docume~1\ALE~1\LOCALS~1\Temp\UN32.EXE
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-15 22:45
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-1682526488-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*,%f%*%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1409082233-1682526488-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*,%f%*%\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-02-15 22:48:34
ComboFix-quarantined-files.txt 2013-02-15 21:48
.
Před spuštěním: Volných bajtů: 99 708 485 632
Po spuštění: Volných bajtů: 100 172 263 424
.
- - End Of File - - D3B10F8B77F8CA2AA63691B05C3EA1E2
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\AutoKMS.tmp
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files\Skype\Updater
c:\windows\AutoKMS
c:\program files\Google\Update
Driver::
SkypeUpdate
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosím o kontrolu logu
Mám problém, udělám vše podle návodu, combofix jede pak se objeví ten modrý příkazový řádek, kde se píše že hledá nakažené soubory atd. tak tam to chvíli pracuje a pak najednou z ničeho nic modrá obrazovka asi 2 vteřiny to tam něco píše, ani to nejde přečíst jak je to rychle a pak se PC restartuje.
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Zkus to v nouzovém režimu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosím o kontrolu logu
ComboFix 13-02-15.01 - Aleš 16.02.2013 20:38:28.5.4 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2984 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Aleš\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Aleš\Plocha\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\windows\AutoKMS.tmp"
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{9C590CCD-2C2F-4CBE-BDDA-09EB5760EBCF}\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-16 do 2013-02-16 )))))))))))))))))))))))))))))))
2013-02-14 14:48:39 . 2013-02-14 14:48:39 388096 ----a-r- C:\Documents and Settings\Aleš\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-14 14:01:14 . 2013-02-14 14:01:17 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2013-02-14 14:01:14 . 2012-12-14 15:49:28 21104 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2013-02-13 15:39:42 . 2013-02-13 15:39:42 -------- d-sh--w- C:\WINDOWS\ftpcache
2013-02-13 15:27:48 . 2013-02-13 15:27:48 -------- d-----w- C:\Program Files\Activision
2013-02-13 10:04:30 . 2013-02-13 15:24:55 -------- d-----w- C:\Documents and Settings\Aleš\Data aplikací\Kastner software
2013-02-13 10:04:16 . 2013-02-13 15:24:55 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-01-25 21:14:51 . 2013-01-25 21:14:51 -------- d-----w- C:\Program Files\Common Files\Skype
2013-01-24 18:21:44 . 2013-01-24 18:21:44 -------- d-----w- C:\Program Files\pazera-software
2013-01-24 18:17:25 . 2013-01-24 18:17:25 -------- d-----w- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\WMTools Downloaded Files
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-02-15 13:06:35 . 2013-01-13 10:36:32 7947 ----a-w- C:\WINDOWS\AutoKMS.tmp
2013-02-08 15:41:08 . 2012-04-04 13:28:46 697712 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-08 15:41:08 . 2011-05-14 16:21:56 74096 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-01-28 17:33:06 . 2013-01-06 18:12:06 45056 ----a-w- C:\WINDOWS\NCUNINST.EXE
2013-01-27 14:21:03 . 2012-11-18 09:44:53 21840 ----atw- C:\WINDOWS\system32\SIntfNT.dll
2013-01-27 14:21:03 . 2012-11-18 09:44:53 17212 ----atw- C:\WINDOWS\system32\SIntf32.dll
2013-01-27 14:21:03 . 2012-11-18 09:44:53 12067 ----atw- C:\WINDOWS\system32\SIntf16.dll
2013-01-26 03:55:43 . 2007-10-29 12:00:00 552448 ----a-w- C:\WINDOWS\system32\oleaut32.dll
2013-01-15 15:56:10 . 2012-06-16 18:52:26 477616 ----a-w- C:\WINDOWS\system32\npdeployJava1.dll
2013-01-15 15:56:07 . 2012-03-06 22:29:17 473520 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2013-01-15 14:14:01 . 2008-10-12 09:49:33 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2013-01-07 07:26:47 . 2007-10-29 12:00:00 2150912 ------w- C:\WINDOWS\system32\ntoskrnl.exe
2013-01-07 07:26:30 . 2004-08-17 15:45:32 2029568 ------w- C:\WINDOWS\system32\ntkrnlpa.exe
2013-01-06 13:06:07 . 2013-01-06 13:06:07 4608 ----a-w- C:\WINDOWS\system32\w95inf32.dll
2013-01-06 13:06:07 . 2013-01-06 13:06:07 2272 ----a-w- C:\WINDOWS\system32\w95inf16.dll
2013-01-04 10:10:23 . 2007-10-29 12:00:00 1867264 ----a-w- C:\WINDOWS\system32\win32k.sys
2013-01-02 06:49:49 . 2007-10-29 12:00:00 148992 ----a-w- C:\WINDOWS\system32\mpg2splt.ax
2013-01-02 06:49:49 . 2007-10-29 12:00:00 1294848 ----a-w- C:\WINDOWS\system32\quartz.dll
2012-12-29 10:31:25 . 2013-01-06 13:00:21 889784 ----a-w- C:\WINDOWS\system32\nvdispgenco32.dll
2012-12-29 10:31:25 . 2013-01-06 13:00:21 6066176 ----a-w- C:\WINDOWS\system32\nvopencl.dll
2012-12-29 10:31:25 . 2011-09-27 11:00:15 1017272 ----a-w- C:\WINDOWS\system32\nvdispco32.dll
2012-12-29 10:31:25 . 2010-06-04 18:15:16 17551360 ----a-w- C:\WINDOWS\system32\nvcompiler.dll
2012-12-29 10:31:25 . 2009-08-16 22:57:00 2725304 ----a-w- C:\WINDOWS\system32\nvcuvid.dll
2012-12-29 10:31:25 . 2009-08-16 22:57:00 1985976 ----a-w- C:\WINDOWS\system32\nvcuvenc.dll
2012-12-29 10:31:25 . 2008-09-21 10:13:03 10686200 ----a-w- C:\WINDOWS\system32\drivers\nv4_mini.sys
2012-12-29 10:31:25 . 2008-09-21 10:13:00 4154752 ----a-w- C:\WINDOWS\system32\nv4_disp.dll
2012-12-29 10:31:25 . 2008-09-21 10:13:00 2448384 ----a-w- C:\WINDOWS\system32\nvapi.dll
2012-12-29 10:31:25 . 2008-09-21 10:13:00 19570688 ----a-w- C:\WINDOWS\system32\nvoglnt.dll
2012-12-29 10:31:25 . 2008-05-03 03:46:00 7716864 ----a-w- C:\WINDOWS\system32\nvcuda.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:36 253952 ----a-w- C:\WINDOWS\system32\nvrsth.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:36 126976 ----a-w- C:\WINDOWS\system32\nvrszht.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 274432 ----a-w- C:\WINDOWS\system32\nvrsnl.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 270336 ----a-w- C:\WINDOWS\system32\nvrsru.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 258048 ----a-w- C:\WINDOWS\system32\nvrssl.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 229376 ----a-w- C:\WINDOWS\system32\nvrszhc.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 270336 ----a-w- C:\WINDOWS\system32\nvrsptb.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 266240 ----a-w- C:\WINDOWS\system32\nvrsko.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 258048 ----a-w- C:\WINDOWS\system32\nvrstr.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 258048 ----a-w- C:\WINDOWS\system32\nvrssk.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 253952 ----a-w- C:\WINDOWS\system32\nvrssv.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 253952 ----a-w- C:\WINDOWS\system32\nvrsno.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 282624 ----a-w- C:\WINDOWS\system32\nvrsit.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 274432 ----a-w- C:\WINDOWS\system32\nvrspt.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 274432 ----a-w- C:\WINDOWS\system32\nvrsja.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 258048 ----a-w- C:\WINDOWS\system32\nvrspl.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:36 282624 ----a-w- C:\WINDOWS\system32\nvrsel.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:36 274432 ----a-w- C:\WINDOWS\system32\nvrsesm.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:36 249856 ----a-w- C:\WINDOWS\system32\nvrseng.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 335872 ----a-w- C:\WINDOWS\system32\nvrshe.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 286720 ----a-w- C:\WINDOWS\system32\nvrsfr.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 262144 ----a-w- C:\WINDOWS\system32\nvrshu.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 253952 ----a-w- C:\WINDOWS\system32\nvrsda.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 249856 ----a-w- C:\WINDOWS\system32\nvrsfi.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:32 282624 ----a-w- C:\WINDOWS\system32\nvrses.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:32 278528 ----a-w- C:\WINDOWS\system32\nvrsde.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:32 249856 ----a-w- C:\WINDOWS\system32\nvrscs.dll
2012-12-29 08:08:57 . 2011-01-07 18:58:32 335872 ----a-w- C:\WINDOWS\system32\nvrsar.dll
2012-12-29 08:07:06 . 2011-01-07 18:58:20 54272 ----a-w- C:\WINDOWS\system32\nvwddi.dll
2012-12-29 08:07:02 . 2011-01-07 18:58:12 157112 ----a-w- C:\WINDOWS\system32\nvsvc32.exe
2012-12-29 08:07:02 . 2011-01-07 18:58:12 15635896 ----a-w- C:\WINDOWS\system32\nvcpl.dll
2012-12-29 08:07:02 . 2011-01-07 18:58:12 108984 ----a-w- C:\WINDOWS\system32\nvmctray.dll
2012-12-29 08:07:01 . 2011-01-07 18:58:12 144312 ----a-w- C:\WINDOWS\system32\nvcolor.exe
2012-12-26 20:20:00 . 2007-10-29 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-12-26 20:19:45 . 2007-10-29 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2012-12-26 20:19:43 . 2007-10-29 12:00:00 1469440 ----a-w- C:\WINDOWS\system32\inetcpl.cpl
2012-12-24 06:40:59 . 2007-10-29 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2012-12-16 12:23:59 . 2007-10-29 12:00:00 290560 ----a-w- C:\WINDOWS\system32\atmfd.dll
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50:38 121528 ----a-w- C:\Program Files\AVAST Software\Avast\ashShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 09:16:20 357696]
"OEXPRESS"="C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2011-08-07 16:52:30 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2007-02-20 12:09:04 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 09:33:10 16132608]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-10-30 22:50:59 4297136]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2012-12-29 08:07:02 15635896]
"NvMediaCenter"="NvMCTray.dll" [2012-12-29 08:07:02 108984]
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-29 10:31:25 1982312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:22:17 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54:26 91520 ----a-w- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 12:01:36 148776 ----a-w- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-11-27 16:18:54 116648 ----atw- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-06-27 11:55:26 1211176 ----a-w- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 08:54:08 150016 ----a-w- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22:36 1695232 ----a-w- C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59:26 18705664 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"C:\\Program Files\\Nero\\Nero 7\\ODD Toolkit\\ODDUpdate.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\ICQ6.5\\ICQ.exe"=
"C:\\Program Files\\HD Publishing\\Joint Task Force\\jtf.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"C:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"C:\\Program Files\\HTC\\HTC Sync Manager\\HTC Sync\\htcsyncloader.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\WINDOWS\system32\drivers\aswNdis.sys [23.4.2012 18:22:56 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\WINDOWS\system32\drivers\aswNdis2.sys [23.4.2012 18:23:25 199320]
R0 mv61xx;mv61xx;C:\WINDOWS\system32\drivers\mv61xx.sys [21.9.2008 10:52:24 143256]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [29.8.2010 20:13:31 691696]
R1 aswFW;avast! TDI Firewall driver;C:\WINDOWS\system32\drivers\aswFW.sys [23.4.2012 18:23:42 106560]
R1 aswKbd;aswKbd;C:\WINDOWS\system32\drivers\aswKbd.sys [23.4.2012 18:23:24 20624]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [23.4.2012 18:23:23 738504]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [23.4.2012 18:23:45 361032]
R2 602XML Updater;602Updater;C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28:44 84520]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [23.4.2012 18:23:45 21256]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [23.4.2012 18:22:54 133912]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [25.12.2009 2:10:28 238952]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [8.6.2012 16:02:06 87368]
R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [14.2.2013 15:01:15 682344]
R2 MRUWebService;MRU Web Service;C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [23.5.2007 1:17:02 20539]
R2 PanService;PandoraService;C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [10.11.2012 21:15:00 625816]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [18.6.2012 16:17:48 88576]
R2 Skype C2C Service;Skype C2C Service;C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38:54 3289208]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [25.12.2009 2:10:28 36608]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\system32\drivers\mbam.sys [14.2.2013 15:01:14 21104]
R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;C:\WINDOWS\system32\drivers\MarvinAVS.sys [12.10.2008 19:56:41 434176]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\drivers\V0260Vid.sys [6.10.2008 20:25:26 178913]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [11.3.2011 22:38:34 20032]
S3 HTCAND32;HTC Device Driver;C:\WINDOWS\system32\drivers\ANDROIDUSB.sys [7.8.2012 15:28:46 24576]
S3 htcnprot;HTC NDIS Protocol Driver;C:\WINDOWS\system32\drivers\htcnprot.sys [22.6.2010 17:01:52 21248]
S3 Marvell RAID;Marvell RAID Event Agent;C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [12.6.2007 19:54:12 61440]
S3 Pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\drivers\pcouffin.sys [5.10.2008 10:49:11 47360]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files\Sony\Sony PC Companion\PCCService.exe [3.7.2012 21:27:50 155320]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [3.8.2010 21:30:16 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [3.8.2010 21:30:16 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [3.8.2010 21:30:16 123648]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\WINDOWS\system32\drivers\sscebus.sys [3.8.2010 21:29:53 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\WINDOWS\system32\drivers\sscemdfl.sys [3.8.2010 21:29:53 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\WINDOWS\system32\drivers\sscemdm.sys [3.8.2010 21:29:53 123648]
S3 ssudcdf;SAMSUNG Mobile Mode Changer Device;C:\WINDOWS\system32\drivers\ssudcdf.sys [18.10.2011 2:43:42 28856]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - FSUSBEXDISK
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-10-22 18:55:40 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
Obsah adresáře 'Naplánované úlohy'
2013-02-16 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 13:28:46 . 2013-02-08 15:41:10]
2013-02-16 C:\WINDOWS\Tasks\avast! Emergency Update.job
- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-06-29 17:43:10 . 2012-10-30 22:50:59]
2013-02-16 C:\WINDOWS\Tasks\User_Feed_Synchronization-{300F3C5F-9E5F-4036-AA6F-5DC1C455CD12}.job
- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 16:36:40 . 2009-03-08 02:31:54]
------- Doplňkový sken -------
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/a ... oader6.cab
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-16 20:57:43
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2984 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Aleš\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Aleš\Plocha\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\windows\AutoKMS.tmp"
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{9C590CCD-2C2F-4CBE-BDDA-09EB5760EBCF}\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-16 do 2013-02-16 )))))))))))))))))))))))))))))))
2013-02-14 14:48:39 . 2013-02-14 14:48:39 388096 ----a-r- C:\Documents and Settings\Aleš\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-14 14:01:14 . 2013-02-14 14:01:17 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2013-02-14 14:01:14 . 2012-12-14 15:49:28 21104 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2013-02-13 15:39:42 . 2013-02-13 15:39:42 -------- d-sh--w- C:\WINDOWS\ftpcache
2013-02-13 15:27:48 . 2013-02-13 15:27:48 -------- d-----w- C:\Program Files\Activision
2013-02-13 10:04:30 . 2013-02-13 15:24:55 -------- d-----w- C:\Documents and Settings\Aleš\Data aplikací\Kastner software
2013-02-13 10:04:16 . 2013-02-13 15:24:55 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
2013-01-25 21:14:51 . 2013-01-25 21:14:51 -------- d-----w- C:\Program Files\Common Files\Skype
2013-01-24 18:21:44 . 2013-01-24 18:21:44 -------- d-----w- C:\Program Files\pazera-software
2013-01-24 18:17:25 . 2013-01-24 18:17:25 -------- d-----w- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\WMTools Downloaded Files
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-02-15 13:06:35 . 2013-01-13 10:36:32 7947 ----a-w- C:\WINDOWS\AutoKMS.tmp
2013-02-08 15:41:08 . 2012-04-04 13:28:46 697712 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-08 15:41:08 . 2011-05-14 16:21:56 74096 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-01-28 17:33:06 . 2013-01-06 18:12:06 45056 ----a-w- C:\WINDOWS\NCUNINST.EXE
2013-01-27 14:21:03 . 2012-11-18 09:44:53 21840 ----atw- C:\WINDOWS\system32\SIntfNT.dll
2013-01-27 14:21:03 . 2012-11-18 09:44:53 17212 ----atw- C:\WINDOWS\system32\SIntf32.dll
2013-01-27 14:21:03 . 2012-11-18 09:44:53 12067 ----atw- C:\WINDOWS\system32\SIntf16.dll
2013-01-26 03:55:43 . 2007-10-29 12:00:00 552448 ----a-w- C:\WINDOWS\system32\oleaut32.dll
2013-01-15 15:56:10 . 2012-06-16 18:52:26 477616 ----a-w- C:\WINDOWS\system32\npdeployJava1.dll
2013-01-15 15:56:07 . 2012-03-06 22:29:17 473520 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2013-01-15 14:14:01 . 2008-10-12 09:49:33 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2013-01-07 07:26:47 . 2007-10-29 12:00:00 2150912 ------w- C:\WINDOWS\system32\ntoskrnl.exe
2013-01-07 07:26:30 . 2004-08-17 15:45:32 2029568 ------w- C:\WINDOWS\system32\ntkrnlpa.exe
2013-01-06 13:06:07 . 2013-01-06 13:06:07 4608 ----a-w- C:\WINDOWS\system32\w95inf32.dll
2013-01-06 13:06:07 . 2013-01-06 13:06:07 2272 ----a-w- C:\WINDOWS\system32\w95inf16.dll
2013-01-04 10:10:23 . 2007-10-29 12:00:00 1867264 ----a-w- C:\WINDOWS\system32\win32k.sys
2013-01-02 06:49:49 . 2007-10-29 12:00:00 148992 ----a-w- C:\WINDOWS\system32\mpg2splt.ax
2013-01-02 06:49:49 . 2007-10-29 12:00:00 1294848 ----a-w- C:\WINDOWS\system32\quartz.dll
2012-12-29 10:31:25 . 2013-01-06 13:00:21 889784 ----a-w- C:\WINDOWS\system32\nvdispgenco32.dll
2012-12-29 10:31:25 . 2013-01-06 13:00:21 6066176 ----a-w- C:\WINDOWS\system32\nvopencl.dll
2012-12-29 10:31:25 . 2011-09-27 11:00:15 1017272 ----a-w- C:\WINDOWS\system32\nvdispco32.dll
2012-12-29 10:31:25 . 2010-06-04 18:15:16 17551360 ----a-w- C:\WINDOWS\system32\nvcompiler.dll
2012-12-29 10:31:25 . 2009-08-16 22:57:00 2725304 ----a-w- C:\WINDOWS\system32\nvcuvid.dll
2012-12-29 10:31:25 . 2009-08-16 22:57:00 1985976 ----a-w- C:\WINDOWS\system32\nvcuvenc.dll
2012-12-29 10:31:25 . 2008-09-21 10:13:03 10686200 ----a-w- C:\WINDOWS\system32\drivers\nv4_mini.sys
2012-12-29 10:31:25 . 2008-09-21 10:13:00 4154752 ----a-w- C:\WINDOWS\system32\nv4_disp.dll
2012-12-29 10:31:25 . 2008-09-21 10:13:00 2448384 ----a-w- C:\WINDOWS\system32\nvapi.dll
2012-12-29 10:31:25 . 2008-09-21 10:13:00 19570688 ----a-w- C:\WINDOWS\system32\nvoglnt.dll
2012-12-29 10:31:25 . 2008-05-03 03:46:00 7716864 ----a-w- C:\WINDOWS\system32\nvcuda.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:36 253952 ----a-w- C:\WINDOWS\system32\nvrsth.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:36 126976 ----a-w- C:\WINDOWS\system32\nvrszht.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 274432 ----a-w- C:\WINDOWS\system32\nvrsnl.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 270336 ----a-w- C:\WINDOWS\system32\nvrsru.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 258048 ----a-w- C:\WINDOWS\system32\nvrssl.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:34 229376 ----a-w- C:\WINDOWS\system32\nvrszhc.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 270336 ----a-w- C:\WINDOWS\system32\nvrsptb.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 266240 ----a-w- C:\WINDOWS\system32\nvrsko.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 258048 ----a-w- C:\WINDOWS\system32\nvrstr.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 258048 ----a-w- C:\WINDOWS\system32\nvrssk.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 253952 ----a-w- C:\WINDOWS\system32\nvrssv.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:32 253952 ----a-w- C:\WINDOWS\system32\nvrsno.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 282624 ----a-w- C:\WINDOWS\system32\nvrsit.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 274432 ----a-w- C:\WINDOWS\system32\nvrspt.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 274432 ----a-w- C:\WINDOWS\system32\nvrsja.dll
2012-12-29 08:08:59 . 2011-01-07 18:58:30 258048 ----a-w- C:\WINDOWS\system32\nvrspl.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:36 282624 ----a-w- C:\WINDOWS\system32\nvrsel.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:36 274432 ----a-w- C:\WINDOWS\system32\nvrsesm.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:36 249856 ----a-w- C:\WINDOWS\system32\nvrseng.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 335872 ----a-w- C:\WINDOWS\system32\nvrshe.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 286720 ----a-w- C:\WINDOWS\system32\nvrsfr.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 262144 ----a-w- C:\WINDOWS\system32\nvrshu.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 253952 ----a-w- C:\WINDOWS\system32\nvrsda.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:34 249856 ----a-w- C:\WINDOWS\system32\nvrsfi.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:32 282624 ----a-w- C:\WINDOWS\system32\nvrses.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:32 278528 ----a-w- C:\WINDOWS\system32\nvrsde.dll
2012-12-29 08:08:58 . 2011-01-07 18:58:32 249856 ----a-w- C:\WINDOWS\system32\nvrscs.dll
2012-12-29 08:08:57 . 2011-01-07 18:58:32 335872 ----a-w- C:\WINDOWS\system32\nvrsar.dll
2012-12-29 08:07:06 . 2011-01-07 18:58:20 54272 ----a-w- C:\WINDOWS\system32\nvwddi.dll
2012-12-29 08:07:02 . 2011-01-07 18:58:12 157112 ----a-w- C:\WINDOWS\system32\nvsvc32.exe
2012-12-29 08:07:02 . 2011-01-07 18:58:12 15635896 ----a-w- C:\WINDOWS\system32\nvcpl.dll
2012-12-29 08:07:02 . 2011-01-07 18:58:12 108984 ----a-w- C:\WINDOWS\system32\nvmctray.dll
2012-12-29 08:07:01 . 2011-01-07 18:58:12 144312 ----a-w- C:\WINDOWS\system32\nvcolor.exe
2012-12-26 20:20:00 . 2007-10-29 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-12-26 20:19:45 . 2007-10-29 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2012-12-26 20:19:43 . 2007-10-29 12:00:00 1469440 ----a-w- C:\WINDOWS\system32\inetcpl.cpl
2012-12-24 06:40:59 . 2007-10-29 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2012-12-16 12:23:59 . 2007-10-29 12:00:00 290560 ----a-w- C:\WINDOWS\system32\atmfd.dll
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50:38 121528 ----a-w- C:\Program Files\AVAST Software\Avast\ashShell.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 09:16:20 357696]
"OEXPRESS"="C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2011-08-07 16:52:30 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB2Check"="C:\WINDOWS\system32\PCLECoInst.dll" [2007-02-20 12:09:04 81920]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 09:33:10 16132608]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2012-10-30 22:50:59 4297136]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2012-12-29 08:07:02 15635896]
"NvMediaCenter"="NvMCTray.dll" [2012-12-29 08:07:02 108984]
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-29 10:31:25 1982312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:22:17 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54:26 91520 ----a-w- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 12:01:36 148776 ----a-w- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-11-27 16:18:54 116648 ----atw- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-06-27 11:55:26 1211176 ----a-w- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-08-20 08:54:08 150016 ----a-w- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22:36 1695232 ----a-w- C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59:26 18705664 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Marvell\\61xx\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"C:\\Program Files\\Nero\\Nero 7\\ODD Toolkit\\ODDUpdate.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\ICQ6.5\\ICQ.exe"=
"C:\\Program Files\\HD Publishing\\Joint Task Force\\jtf.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"C:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"C:\\Program Files\\Codemasters\\GRID\\GRID.exe"=
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"C:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"C:\\Program Files\\HTC\\HTC Sync Manager\\HTC Sync\\htcsyncloader.exe"=
"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\WINDOWS\system32\drivers\aswNdis.sys [23.4.2012 18:22:56 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\WINDOWS\system32\drivers\aswNdis2.sys [23.4.2012 18:23:25 199320]
R0 mv61xx;mv61xx;C:\WINDOWS\system32\drivers\mv61xx.sys [21.9.2008 10:52:24 143256]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [29.8.2010 20:13:31 691696]
R1 aswFW;avast! TDI Firewall driver;C:\WINDOWS\system32\drivers\aswFW.sys [23.4.2012 18:23:42 106560]
R1 aswKbd;aswKbd;C:\WINDOWS\system32\drivers\aswKbd.sys [23.4.2012 18:23:24 20624]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [23.4.2012 18:23:23 738504]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [23.4.2012 18:23:45 361032]
R2 602XML Updater;602Updater;C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28:44 84520]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [23.4.2012 18:23:45 21256]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [23.4.2012 18:22:54 133912]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [25.12.2009 2:10:28 238952]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [8.6.2012 16:02:06 87368]
R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [14.2.2013 15:01:15 682344]
R2 MRUWebService;MRU Web Service;C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe [23.5.2007 1:17:02 20539]
R2 PanService;PandoraService;C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [10.11.2012 21:15:00 625816]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [18.6.2012 16:17:48 88576]
R2 Skype C2C Service;Skype C2C Service;C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [31.1.2013 10:38:54 3289208]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [25.12.2009 2:10:28 36608]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\system32\drivers\mbam.sys [14.2.2013 15:01:14 21104]
R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;C:\WINDOWS\system32\drivers\MarvinAVS.sys [12.10.2008 19:56:41 434176]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\drivers\V0260Vid.sys [6.10.2008 20:25:26 178913]
S3 dgderdrv;dgderdrv;C:\WINDOWS\system32\drivers\dgderdrv.sys [11.3.2011 22:38:34 20032]
S3 HTCAND32;HTC Device Driver;C:\WINDOWS\system32\drivers\ANDROIDUSB.sys [7.8.2012 15:28:46 24576]
S3 htcnprot;HTC NDIS Protocol Driver;C:\WINDOWS\system32\drivers\htcnprot.sys [22.6.2010 17:01:52 21248]
S3 Marvell RAID;Marvell RAID Event Agent;C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe [12.6.2007 19:54:12 61440]
S3 Pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\drivers\pcouffin.sys [5.10.2008 10:49:11 47360]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files\Sony\Sony PC Companion\PCCService.exe [3.7.2012 21:27:50 155320]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [3.8.2010 21:30:16 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [3.8.2010 21:30:16 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [3.8.2010 21:30:16 123648]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);C:\WINDOWS\system32\drivers\sscebus.sys [3.8.2010 21:29:53 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;C:\WINDOWS\system32\drivers\sscemdfl.sys [3.8.2010 21:29:53 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;C:\WINDOWS\system32\drivers\sscemdm.sys [3.8.2010 21:29:53 123648]
S3 ssudcdf;SAMSUNG Mobile Mode Changer Device;C:\WINDOWS\system32\drivers\ssudcdf.sys [18.10.2011 2:43:42 28856]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - FSUSBEXDISK
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-10-22 18:55:40 451872 ----a-w- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
Obsah adresáře 'Naplánované úlohy'
2013-02-16 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 13:28:46 . 2013-02-08 15:41:10]
2013-02-16 C:\WINDOWS\Tasks\avast! Emergency Update.job
- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-06-29 17:43:10 . 2012-10-30 22:50:59]
2013-02-16 C:\WINDOWS\Tasks\User_Feed_Synchronization-{300F3C5F-9E5F-4036-AA6F-5DC1C455CD12}.job
- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 16:36:40 . 2009-03-08 02:31:54]
------- Doplňkový sken -------
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/a ... oader6.cab
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-16 20:57:43
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Ten log není celý
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu
Nic víc se mi v tom logu neobjevilo. 
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Asi se provedlo všechno
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC na plochu, spusť jej a klikni na Clean up!
+ Nový log z HJT
Jak se chová PC?
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC na plochu, spusť jej a klikni na Clean up!
+ Nový log z HJT
Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosím o kontrolu logu
Google chrome již běhá normálně, ale IE se mi zdá stále trochu zpomalený.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:16, on 18.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2452411890
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
--
End of file - 12376 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:16, on 18.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2452411890
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
--
End of file - 12376 bytes
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Fixni:
Viry to není, IE bude asi prostě pomaleji vykreslovat
Kód: Vybrat vše
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2452411890
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/a ... oader6.cabViry to není, IE bude asi prostě pomaleji vykreslovat
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosím o kontrolu logu Vyřešeno
Ok, mockrát děkuji za pomoc.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 93 hostů