Prosím o preventivní kontrolu logu Vyřešeno

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Reklama]

[ventovr6]

ComboFix 13-09-12.01 - Mamca 12.09.2013 18:28:40.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1587 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mamca\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Mamca\WINDOWS
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-12 do 2013-09-12 )))))))))))))))))))))))))))))))
.
.
2013-09-12 16:24 . 2013-09-12 16:24 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{49A22232-D528-4270-B1F7-43F158FEA0B5}\MpKsle6ebed2a.sys
2013-09-11 20:42 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{49A22232-D528-4270-B1F7-43F158FEA0B5}\mpengine.dll
2013-09-10 19:24 . 2013-09-11 16:29 -------- d-----w- C:\AdwCleaner
2013-09-09 14:42 . 2013-09-09 14:42 -------- d-----w- c:\program files\iVIDI.org plugin
2013-09-09 11:17 . 2013-09-09 11:17 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\.mono
2013-09-08 21:41 . 2013-09-08 21:42 17488 ----a-w- c:\windows\gdrv.sys
2013-09-08 19:14 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-07 20:45 . 2013-09-07 20:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-07 20:45 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-07 19:43 . 2013-09-09 14:09 298280 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-09-07 19:43 . 2013-09-07 19:43 -------- d-----w- c:\documents and settings\Mamca\Local Settings\Data aplikací\PunkBuster
2013-09-07 19:39 . 2013-09-09 14:09 140952 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-07 19:39 . 2013-09-07 19:39 138056 ----a-w- c:\documents and settings\Mamca\Data aplikací\PnkBstrK.sys
2013-09-07 19:38 . 2013-09-09 14:09 298280 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-09-07 19:38 . 2013-09-09 12:18 298280 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-09-07 19:38 . 2013-09-07 19:43 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-09-07 19:38 . 2013-09-07 19:37 3360624 ----a-w- c:\windows\system32\pbsvc.exe
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\program files\dumps
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\program files\Common Files\Steam
2013-09-07 19:08 . 2013-09-12 16:23 -------- d-----w- c:\program files\Steam
2013-09-06 22:08 . 2013-09-07 19:25 -------- d-----w- c:\program files\America's Army
2013-09-06 22:05 . 2013-09-07 19:23 188416 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\iGdiCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 266240 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IScrCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 32768 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\objpscnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 401408 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\ISRT.dll
2013-09-06 22:05 . 2013-09-07 19:23 192512 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IUserCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 761856 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe
2013-09-06 22:05 . 2013-09-07 19:23 299008 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\_ISRES1033.dll
2013-09-06 19:17 . 2013-09-06 19:17 -------- d-----w- c:\program files\Paradox Interactive
2013-09-03 13:32 . 2013-09-04 12:08 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\vlc
2013-09-03 13:30 . 2013-09-03 13:30 -------- d-----w- c:\program files\VideoLAN
2013-09-01 20:07 . 2013-09-01 20:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-09-01 20:07 . 2013-09-01 20:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-09-01 20:07 . 2013-09-01 20:07 -------- d-----w- c:\program files\OpenAL
2013-09-01 20:06 . 2013-09-07 19:27 -------- d-----w- c:\program files\Futuremark
2013-09-01 19:27 . 2013-09-03 16:28 -------- d-----w- c:\program files\CPU Speed Pro
2013-09-01 11:22 . 2013-09-03 20:31 -------- d-----w- c:\documents and settings\oem\Data aplikací\Skype
2013-08-31 21:09 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-08-31 21:09 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-31 16:49 . 2013-08-31 17:09 -------- d-----w- c:\program files\Farming Simulator 2013
2013-08-30 21:15 . 2013-08-30 21:16 -------- d-----w- c:\program files\Construction-Simulator 2012
2013-08-30 20:31 . 2013-09-04 14:47 -------- d-----w- c:\program files\MSI Afterburner
2013-08-29 18:12 . 2013-08-29 18:18 -------- d-----w- c:\documents and settings\Mamca\Local Settings\Data aplikací\NVIDIA
2013-08-26 14:45 . 2013-08-26 14:45 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Identities
2013-08-26 10:54 . 2013-08-26 11:03 -------- d-----w- c:\program files\Battlestations Midway
2013-08-26 09:47 . 2013-08-26 09:47 -------- d-----w- c:\program files\Defraggler
2013-08-23 19:34 . 2013-08-24 21:52 -------- d-----w- c:\program files\Euro Truck Simulator 2
2013-08-22 16:59 . 2005-11-28 12:43 2085345 ----a-w- c:\windows\T-72 BoF v103 patch.exe
2013-08-22 15:38 . 2013-08-22 15:38 -------- d-----w- c:\program files\Battlefront
2013-08-18 19:02 . 2013-08-18 19:02 -------- d-----w- c:\program files\EaseUS
2013-08-17 20:58 . 2013-08-17 20:58 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\Malwarebytes
2013-08-17 20:57 . 2013-08-17 20:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-08-17 10:19 . 2013-08-17 10:19 -------- d-----w- c:\documents and settings\oem\Data aplikací\GRETECH
2013-08-17 10:19 . 2013-08-17 18:59 -------- d-----w- c:\program files\GRETECH
2013-08-16 15:33 . 2013-08-23 19:33 -------- d-----w- c:\program files\Microsoft Games
2013-08-16 15:28 . 2013-08-16 15:29 -------- d-----w- c:\program files\PowerISO
2013-08-16 15:26 . 2013-08-16 15:26 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\PowerISO
2013-08-14 23:03 . 2013-08-26 18:54 -------- d-----w- c:\documents and settings\oem\Data aplikací\Might & Magic Heroes VI
2013-08-14 21:59 . 2013-09-09 12:10 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\Might & Magic Heroes VI
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 16:39 . 2013-07-15 11:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-11 16:39 . 2011-06-21 13:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 01:56 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:09 . 2008-04-14 12:00 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-07 18:36 . 2013-08-07 18:36 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-07 18:35 . 2013-08-07 18:36 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-08-07 18:35 . 2013-08-07 18:36 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-07 18:35 . 2013-08-07 18:36 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-07 18:31 . 2013-08-07 18:31 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-08-05 13:30 . 2008-04-14 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-08-02 17:18 . 2008-04-14 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-08-02 17:18 . 2008-04-14 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2013-08-02 17:18 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-08-02 17:18 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-07-17 12:11 . 2013-07-17 12:10 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-10 10:37 . 2008-04-14 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:34 . 2008-04-14 12:00 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-02 20:20 . 2010-03-08 08:24 5473496 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2013-07-02 14:20 . 2013-08-12 17:22 84696 ----a-w- c:\windows\system32\RtkCoInstIIXP.dll
2013-06-24 12:43 . 2010-03-08 08:24 20145368 ----a-w- c:\windows\RTHDCPL.EXE
2013-06-21 12:02 . 2013-08-07 18:44 893728 ----a-w- c:\windows\system32\nvdispgenco3232049.dll
2013-06-21 12:02 . 2013-08-07 18:44 1024288 ----a-w- c:\windows\system32\nvdispco3232049.dll
2013-06-21 12:02 . 2013-08-06 15:59 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:02 . 2013-08-06 15:59 6320128 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:02 . 2013-08-06 15:59 20197376 ----a-w- c:\windows\system32\nvoglnt.dll
2013-06-21 12:02 . 2013-08-06 15:59 7663616 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:02 . 2013-08-06 15:59 2783008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:02 . 2013-08-06 15:59 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:02 . 2013-08-06 15:59 4014592 ----a-w- c:\windows\system32\nv4_disp.dll
2013-06-21 12:02 . 2013-08-06 15:59 2548736 ----a-w- c:\windows\system32\nvapi.dll
2013-06-21 12:02 . 2013-08-06 15:59 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:02 . 2013-08-06 15:59 10973504 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-06-21 09:56 . 2013-08-06 16:00 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2013-06-21 09:56 . 2013-08-06 16:00 126976 ----a-w- c:\windows\system32\nvrszht.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrspt.dll
2013-06-21 09:56 . 2013-08-06 16:00 270336 ----a-w- c:\windows\system32\nvrsru.dll
2013-06-21 09:56 . 2013-08-06 16:00 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrstr.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrssl.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrssk.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsth.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrssv.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrsit.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsja.dll
2013-06-21 09:56 . 2013-08-06 16:00 266240 ----a-w- c:\windows\system32\nvrsko.dll
2013-06-21 09:56 . 2013-08-06 16:00 262144 ----a-w- c:\windows\system32\nvrshu.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrspl.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsno.dll
2013-06-21 09:56 . 2013-08-06 16:00 335872 ----a-w- c:\windows\system32\nvrshe.dll
2013-06-21 09:56 . 2013-08-06 16:00 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrses.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2013-06-21 09:56 . 2013-08-06 16:00 335872 ----a-w- c:\windows\system32\nvrsar.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrsel.dll
2013-06-21 09:56 . 2013-08-06 16:00 278528 ----a-w- c:\windows\system32\nvrsde.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsda.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrseng.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrscs.dll
2013-06-21 09:54 . 2013-08-06 16:00 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-06-21 09:54 . 2013-08-06 16:00 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-06-21 09:54 . 2013-08-06 16:00 15677728 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 09:54 . 2013-08-06 16:00 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 09:54 . 2013-08-06 16:00 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-06-18 19:50 . 2009-12-02 13:23 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Steam"="c:\program files\Steam\Steam.exe" [2013-09-06 1811368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-06-21 15677728]
"NvMediaCenter"="NvMCTray.dll" [2013-06-21 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-21 2586912]
"RTHDCPL"="RTHDCPL.EXE" [2013-06-24 20145368]
"QuickTime Task"="c:\windows\system32\qttask.exe" [2010-03-08 98304]
"RTSS"="c:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2013-01-23 166968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013Game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\america's army 3\\Binaries\\AA3Loader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\america's army 3\\Binaries\\AA3Game.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2055:TCP"= 2055:TCP:NWAC
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.7.2013 14:10 243128]
R1 MpKsle6ebed2a;MpKsle6ebed2a;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{49A22232-D528-4270-B1F7-43F158FEA0B5}\MpKsle6ebed2a.sys [12.9.2013 18:24 29904]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [24.12.2011 16:56 47360]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 14:28 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8.3.2010 10:23 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2.6.2011 11:08 11336]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [7.8.2013 20:31 23456]
S3 MSICDSetup;MSICDSetup;\??\i:\cdriver.sys --> i:\CDriver.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [3.8.2013 0:39 7680]
S3 NTIOLib_1_0_5;NTIOLib_1_0_5;\??\c:\program files\MSI\OverclockingCenter\NTIOLib.sys --> c:\program files\MSI\OverclockingCenter\NTIOLib.sys [?]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files\Setup Files\Ms7529v470\NTIOLib.sys [6.1.2011 11:04 7680]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLE6EBED2A
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15 16:39]
.
2013-09-12 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-06-20 16:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.ividi.org/?src=tbhp&id=40 ... 1&affilt=3
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Mamca\Data aplikací\Mozilla\Firefox\Profiles\w0yfzdw8.default\
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - google.com
FF - ExtSQL: 2013-08-11 00:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-08-26 15:22; translator@zoli.bod; c:\documents and settings\Mamca\Data aplikací\Mozilla\Firefox\Profiles\w0yfzdw8.default\extensions\translator@zoli.bod.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-hosts - c:\program files\hosts\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-12 18:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-09-12 18:33:23
ComboFix-quarantined-files.txt 2013-09-12 16:33
.
Před spuštěním: Volných bajtů: 31 903 227 904
Po spuštění: Volných bajtů: 31 864 713 216
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - C510592AC4E7FB2170A56E2DD2610F39
413FC2A0C716421B3158746D63736515

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::

Folder::
c:\program files\Skype\Updater

Dribver::
SkypeUpdate
MSICDSetup
NTIOLib_1_0_5;NTIOLib_1_0_5

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[ventovr6]

ComboFix 13-09-12.01 - Mamca 13.09.2013 17:58:03.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1613 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mamca\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mamca\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SkypeUpdate
-------\Legacy_SkypeUpdate
-------\Service_SkypeUpdate
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-13 do 2013-09-13 )))))))))))))))))))))))))))))))
.
.
2013-09-12 16:46 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3A80D8A0-B084-474D-8EBF-6F0D068E7FAC}\mpengine.dll
2013-09-12 16:35 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-10 19:24 . 2013-09-11 16:29 -------- d-----w- C:\AdwCleaner
2013-09-09 14:42 . 2013-09-09 14:42 -------- d-----w- c:\program files\iVIDI.org plugin
2013-09-09 11:17 . 2013-09-09 11:17 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\.mono
2013-09-08 21:41 . 2013-09-08 21:42 17488 ----a-w- c:\windows\gdrv.sys
2013-09-07 20:45 . 2013-09-07 20:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-07 20:45 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-07 19:43 . 2013-09-09 14:09 298280 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-09-07 19:43 . 2013-09-07 19:43 -------- d-----w- c:\documents and settings\Mamca\Local Settings\Data aplikací\PunkBuster
2013-09-07 19:39 . 2013-09-09 14:09 140952 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-07 19:39 . 2013-09-07 19:39 138056 ----a-w- c:\documents and settings\Mamca\Data aplikací\PnkBstrK.sys
2013-09-07 19:38 . 2013-09-09 14:09 298280 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-09-07 19:38 . 2013-09-09 12:18 298280 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-09-07 19:38 . 2013-09-07 19:43 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-09-07 19:38 . 2013-09-07 19:37 3360624 ----a-w- c:\windows\system32\pbsvc.exe
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\program files\dumps
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\program files\Common Files\Steam
2013-09-07 19:08 . 2013-09-13 16:06 -------- d-----w- c:\program files\Steam
2013-09-06 22:08 . 2013-09-07 19:25 -------- d-----w- c:\program files\America's Army
2013-09-06 22:05 . 2013-09-07 19:23 188416 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\iGdiCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 266240 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IScrCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 32768 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\objpscnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 401408 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\ISRT.dll
2013-09-06 22:05 . 2013-09-07 19:23 192512 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IUserCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 761856 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe
2013-09-06 22:05 . 2013-09-07 19:23 299008 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\_ISRES1033.dll
2013-09-06 19:17 . 2013-09-06 19:17 -------- d-----w- c:\program files\Paradox Interactive
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-09-03 13:32 . 2013-09-04 12:08 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\vlc
2013-09-03 13:30 . 2013-09-03 13:30 -------- d-----w- c:\program files\VideoLAN
2013-09-01 20:07 . 2013-09-01 20:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-09-01 20:07 . 2013-09-01 20:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-09-01 20:07 . 2013-09-01 20:07 -------- d-----w- c:\program files\OpenAL
2013-09-01 20:06 . 2013-09-07 19:27 -------- d-----w- c:\program files\Futuremark
2013-09-01 19:27 . 2013-09-03 16:28 -------- d-----w- c:\program files\CPU Speed Pro
2013-09-01 11:22 . 2013-09-03 20:31 -------- d-----w- c:\documents and settings\oem\Data aplikací\Skype
2013-08-31 21:09 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-08-31 21:09 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-31 16:49 . 2013-08-31 17:09 -------- d-----w- c:\program files\Farming Simulator 2013
2013-08-30 21:15 . 2013-08-30 21:16 -------- d-----w- c:\program files\Construction-Simulator 2012
2013-08-30 20:31 . 2013-09-04 14:47 -------- d-----w- c:\program files\MSI Afterburner
2013-08-29 18:12 . 2013-08-29 18:18 -------- d-----w- c:\documents and settings\Mamca\Local Settings\Data aplikací\NVIDIA
2013-08-26 14:45 . 2013-08-26 14:45 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Identities
2013-08-26 10:54 . 2013-08-26 11:03 -------- d-----w- c:\program files\Battlestations Midway
2013-08-26 09:47 . 2013-08-26 09:47 -------- d-----w- c:\program files\Defraggler
2013-08-23 19:34 . 2013-08-24 21:52 -------- d-----w- c:\program files\Euro Truck Simulator 2
2013-08-22 16:59 . 2005-11-28 12:43 2085345 ----a-w- c:\windows\T-72 BoF v103 patch.exe
2013-08-22 15:38 . 2013-08-22 15:38 -------- d-----w- c:\program files\Battlefront
2013-08-18 19:02 . 2013-08-18 19:02 -------- d-----w- c:\program files\EaseUS
2013-08-17 20:58 . 2013-08-17 20:58 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\Malwarebytes
2013-08-17 20:57 . 2013-08-17 20:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-08-17 10:19 . 2013-08-17 10:19 -------- d-----w- c:\documents and settings\oem\Data aplikací\GRETECH
2013-08-17 10:19 . 2013-08-17 18:59 -------- d-----w- c:\program files\GRETECH
2013-08-16 15:33 . 2013-08-23 19:33 -------- d-----w- c:\program files\Microsoft Games
2013-08-16 15:28 . 2013-08-16 15:29 -------- d-----w- c:\program files\PowerISO
2013-08-16 15:26 . 2013-08-16 15:26 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\PowerISO
2013-08-14 23:03 . 2013-08-26 18:54 -------- d-----w- c:\documents and settings\oem\Data aplikací\Might & Magic Heroes VI
2013-08-14 21:59 . 2013-09-09 12:10 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\Might & Magic Heroes VI
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 16:39 . 2013-07-15 11:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-11 16:39 . 2011-06-21 13:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 01:56 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:09 . 2008-04-14 12:00 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-07 18:36 . 2013-08-07 18:36 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-07 18:35 . 2013-08-07 18:36 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-08-07 18:35 . 2013-08-07 18:36 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-07 18:35 . 2013-08-07 18:36 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-07 18:31 . 2013-08-07 18:31 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-08-05 13:30 . 2008-04-14 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-08-02 17:18 . 2008-04-14 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-08-02 17:18 . 2008-04-14 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2013-08-02 17:18 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-08-02 17:18 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-07-17 12:11 . 2013-07-17 12:10 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-10 10:37 . 2008-04-14 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:34 . 2008-04-14 12:00 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-02 20:20 . 2010-03-08 08:24 5473496 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2013-07-02 14:20 . 2013-08-12 17:22 84696 ----a-w- c:\windows\system32\RtkCoInstIIXP.dll
2013-06-24 12:43 . 2010-03-08 08:24 20145368 ----a-w- c:\windows\RTHDCPL.EXE
2013-06-21 12:02 . 2013-08-07 18:44 893728 ----a-w- c:\windows\system32\nvdispgenco3232049.dll
2013-06-21 12:02 . 2013-08-07 18:44 1024288 ----a-w- c:\windows\system32\nvdispco3232049.dll
2013-06-21 12:02 . 2013-08-06 15:59 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:02 . 2013-08-06 15:59 6320128 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:02 . 2013-08-06 15:59 20197376 ----a-w- c:\windows\system32\nvoglnt.dll
2013-06-21 12:02 . 2013-08-06 15:59 7663616 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:02 . 2013-08-06 15:59 2783008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:02 . 2013-08-06 15:59 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:02 . 2013-08-06 15:59 4014592 ----a-w- c:\windows\system32\nv4_disp.dll
2013-06-21 12:02 . 2013-08-06 15:59 2548736 ----a-w- c:\windows\system32\nvapi.dll
2013-06-21 12:02 . 2013-08-06 15:59 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:02 . 2013-08-06 15:59 10973504 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-06-21 09:56 . 2013-08-06 16:00 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2013-06-21 09:56 . 2013-08-06 16:00 126976 ----a-w- c:\windows\system32\nvrszht.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrspt.dll
2013-06-21 09:56 . 2013-08-06 16:00 270336 ----a-w- c:\windows\system32\nvrsru.dll
2013-06-21 09:56 . 2013-08-06 16:00 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrstr.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrssl.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrssk.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsth.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrssv.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrsit.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsja.dll
2013-06-21 09:56 . 2013-08-06 16:00 266240 ----a-w- c:\windows\system32\nvrsko.dll
2013-06-21 09:56 . 2013-08-06 16:00 262144 ----a-w- c:\windows\system32\nvrshu.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrspl.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsno.dll
2013-06-21 09:56 . 2013-08-06 16:00 335872 ----a-w- c:\windows\system32\nvrshe.dll
2013-06-21 09:56 . 2013-08-06 16:00 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrses.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2013-06-21 09:56 . 2013-08-06 16:00 335872 ----a-w- c:\windows\system32\nvrsar.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrsel.dll
2013-06-21 09:56 . 2013-08-06 16:00 278528 ----a-w- c:\windows\system32\nvrsde.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsda.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrseng.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrscs.dll
2013-06-21 09:54 . 2013-08-06 16:00 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-06-21 09:54 . 2013-08-06 16:00 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-06-21 09:54 . 2013-08-06 16:00 15677728 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 09:54 . 2013-08-06 16:00 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 09:54 . 2013-08-06 16:00 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-06-18 19:50 . 2009-12-02 13:23 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Steam"="c:\program files\Steam\Steam.exe" [2013-09-06 1811368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-06-21 15677728]
"NvMediaCenter"="NvMCTray.dll" [2013-06-21 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-21 2586912]
"RTHDCPL"="RTHDCPL.EXE" [2013-06-24 20145368]
"QuickTime Task"="c:\windows\system32\qttask.exe" [2010-03-08 98304]
"RTSS"="c:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2013-01-23 166968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013Game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\america's army 3\\Binaries\\AA3Loader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\america's army 3\\Binaries\\AA3Game.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2055:TCP"= 2055:TCP:NWAC
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.7.2013 14:10 243128]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [24.12.2011 16:56 47360]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8.3.2010 10:23 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2.6.2011 11:08 11336]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [7.8.2013 20:31 23456]
S3 MSICDSetup;MSICDSetup;\??\i:\cdriver.sys --> i:\CDriver.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [3.8.2013 0:39 7680]
S3 NTIOLib_1_0_5;NTIOLib_1_0_5;\??\c:\program files\MSI\OverclockingCenter\NTIOLib.sys --> c:\program files\MSI\OverclockingCenter\NTIOLib.sys [?]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files\Setup Files\Ms7529v470\NTIOLib.sys [6.1.2011 11:04 7680]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15 16:39]
.
2013-09-12 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-06-20 16:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.ividi.org/?src=tbhp&id=40 ... 1&affilt=3
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Mamca\Data aplikací\Mozilla\Firefox\Profiles\w0yfzdw8.default\
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - google.com
FF - ExtSQL: 2013-08-11 00:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-08-26 15:22; translator@zoli.bod; c:\documents and settings\Mamca\Data aplikací\Mozilla\Firefox\Profiles\w0yfzdw8.default\extensions\translator@zoli.bod.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-13 18:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2776)
c:\program files\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RunDLL32.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2013-09-13 18:08:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-13 16:08
ComboFix2.txt 2013-09-12 16:33
.
Před spuštěním: Volných bajtů: 31 914 823 680
Po spuštění: Volných bajtů: 31 839 543 296
.
- - End Of File - - ABCE53F9D251262D2BD7169DD0AFC65C
413FC2A0C716421B3158746D63736515

[ventovr6]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:03, on 13.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21352)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\qttask.exe
C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Mamca\Dokumenty\Stažené soubory\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=40 ... 1&affilt=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RTSS] "C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" /s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.15.0.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5732 bytes

[ventovr6]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-13 18:21:01
-----------------------------
18:21:01.671 OS Version: Windows 5.1.2600 Service Pack 3
18:21:01.671 Number of processors: 2 586 0x605
18:21:01.687 ComputerName: JANIS UserName: Mamca
18:21:02.015 Initialize success
18:21:04.093 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6
18:21:04.093 Disk 0 Vendor: SAMSUNG_HD322HJ 1AC01118 Size: 305245MB BusType: 3
18:21:04.171 Disk 0 MBR read successfully
18:21:04.171 Disk 0 MBR scan
18:21:04.171 Disk 0 Windows XP default MBR code
18:21:04.171 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
18:21:04.171 Disk 0 Partition - 00 0F Extended LBA 155237 MB offset 307194930
18:21:04.187 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 155237 MB offset 307194993
18:21:04.187 Disk 0 scanning sectors +625121280
18:21:04.203 Disk 0 scanning C:\WINDOWS\system32\drivers
18:21:06.343 Service scanning
18:21:09.125 Service MSICDSetup I:\CDriver.sys **LOCKED** 21
18:21:12.328 Modules scanning
18:21:14.687 Disk 0 trace - called modules:
18:21:14.703 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:21:14.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89bafab8]
18:21:14.703 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000070[0x89bb5f18]
18:21:14.703 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-6[0x89bc3940]
18:21:14.703 Scan finished successfully
18:21:23.781 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Mamca\Plocha\MBR.dat"
18:21:23.781 The log file has been saved successfully to "C:\Documents and Settings\Mamca\Plocha\aswMBR.txt"

[memphisto]

Tohle znáš?

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2055:TCP"= 2055:TCP:NWAC

[ventovr6]

Ty poslední 4 písmena je zkratka hry ale už ji v pc nemám je odinstalovaná

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.15.0.cab

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

Driver::
NTIOLib_1_0_5

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2055:TCP"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[ventovr6]

ComboFix 13-09-12.01 - Mamca 13.09.2013 21:33:38.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1554 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mamca\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mamca\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NTIOLIB_1_0_5
-------\Service_NTIOLib_1_0_5
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-13 do 2013-09-13 )))))))))))))))))))))))))))))))
.
.
2013-09-13 16:29 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8D49B3EB-02FD-484F-B6CC-CA8317D03AA6}\mpengine.dll
2013-09-12 16:35 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-10 19:24 . 2013-09-11 16:29 -------- d-----w- C:\AdwCleaner
2013-09-09 14:42 . 2013-09-09 14:42 -------- d-----w- c:\program files\iVIDI.org plugin
2013-09-09 11:17 . 2013-09-09 11:17 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\.mono
2013-09-08 21:41 . 2013-09-08 21:42 17488 ----a-w- c:\windows\gdrv.sys
2013-09-07 20:45 . 2013-09-07 20:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-07 20:45 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-07 19:43 . 2013-09-13 19:19 298280 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-09-07 19:43 . 2013-09-07 19:43 -------- d-----w- c:\documents and settings\Mamca\Local Settings\Data aplikací\PunkBuster
2013-09-07 19:39 . 2013-09-13 19:19 140952 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-07 19:39 . 2013-09-07 19:39 138056 ----a-w- c:\documents and settings\Mamca\Data aplikací\PnkBstrK.sys
2013-09-07 19:38 . 2013-09-13 19:19 298280 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-09-07 19:38 . 2013-09-09 14:09 298280 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-09-07 19:38 . 2013-09-07 19:43 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-09-07 19:38 . 2013-09-07 19:37 3360624 ----a-w- c:\windows\system32\pbsvc.exe
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\program files\dumps
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2013-09-07 19:08 . 2013-09-07 19:08 -------- d-----w- c:\program files\Common Files\Steam
2013-09-07 19:08 . 2013-09-13 19:55 -------- d-----w- c:\program files\Steam
2013-09-06 22:08 . 2013-09-07 19:25 -------- d-----w- c:\program files\America's Army
2013-09-06 22:05 . 2013-09-07 19:23 188416 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\iGdiCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 266240 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IScrCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 32768 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\objpscnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 401408 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\ISRT.dll
2013-09-06 22:05 . 2013-09-07 19:23 192512 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IUserCnv.dll
2013-09-06 22:05 . 2013-09-07 19:23 761856 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe
2013-09-06 22:05 . 2013-09-07 19:23 299008 ----a-w- c:\program files\Common Files\InstallShield\Driver\9\Intel 32\_ISRES1033.dll
2013-09-06 19:17 . 2013-09-06 19:17 -------- d-----w- c:\program files\Paradox Interactive
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-09-03 13:32 . 2013-09-04 12:08 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\vlc
2013-09-03 13:30 . 2013-09-03 13:30 -------- d-----w- c:\program files\VideoLAN
2013-09-01 20:07 . 2013-09-01 20:07 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2013-09-01 20:07 . 2013-09-01 20:07 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2013-09-01 20:07 . 2013-09-01 20:07 -------- d-----w- c:\program files\OpenAL
2013-09-01 20:06 . 2013-09-07 19:27 -------- d-----w- c:\program files\Futuremark
2013-09-01 19:27 . 2013-09-03 16:28 -------- d-----w- c:\program files\CPU Speed Pro
2013-09-01 11:22 . 2013-09-03 20:31 -------- d-----w- c:\documents and settings\oem\Data aplikací\Skype
2013-08-31 21:09 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2013-08-31 21:09 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-31 16:49 . 2013-08-31 17:09 -------- d-----w- c:\program files\Farming Simulator 2013
2013-08-30 21:15 . 2013-08-30 21:16 -------- d-----w- c:\program files\Construction-Simulator 2012
2013-08-30 20:31 . 2013-09-04 14:47 -------- d-----w- c:\program files\MSI Afterburner
2013-08-29 18:12 . 2013-08-29 18:18 -------- d-----w- c:\documents and settings\Mamca\Local Settings\Data aplikací\NVIDIA
2013-08-26 14:45 . 2013-08-26 14:45 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Identities
2013-08-26 10:54 . 2013-08-26 11:03 -------- d-----w- c:\program files\Battlestations Midway
2013-08-26 09:47 . 2013-08-26 09:47 -------- d-----w- c:\program files\Defraggler
2013-08-23 19:34 . 2013-08-24 21:52 -------- d-----w- c:\program files\Euro Truck Simulator 2
2013-08-22 16:59 . 2005-11-28 12:43 2085345 ----a-w- c:\windows\T-72 BoF v103 patch.exe
2013-08-22 15:38 . 2013-08-22 15:38 -------- d-----w- c:\program files\Battlefront
2013-08-18 19:02 . 2013-08-18 19:02 -------- d-----w- c:\program files\EaseUS
2013-08-17 20:58 . 2013-08-17 20:58 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\Malwarebytes
2013-08-17 20:57 . 2013-08-17 20:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-08-17 10:19 . 2013-08-17 10:19 -------- d-----w- c:\documents and settings\oem\Data aplikací\GRETECH
2013-08-17 10:19 . 2013-08-17 18:59 -------- d-----w- c:\program files\GRETECH
2013-08-16 15:33 . 2013-08-23 19:33 -------- d-----w- c:\program files\Microsoft Games
2013-08-16 15:28 . 2013-08-16 15:29 -------- d-----w- c:\program files\PowerISO
2013-08-16 15:26 . 2013-08-16 15:26 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\PowerISO
2013-08-14 23:03 . 2013-08-26 18:54 -------- d-----w- c:\documents and settings\oem\Data aplikací\Might & Magic Heroes VI
2013-08-14 21:59 . 2013-09-09 12:10 -------- d-----w- c:\documents and settings\Mamca\Data aplikací\Might & Magic Heroes VI
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 16:39 . 2013-07-15 11:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-11 16:39 . 2011-06-21 13:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 01:56 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:09 . 2008-04-14 12:00 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-07 18:36 . 2013-08-07 18:36 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-07 18:35 . 2013-08-07 18:36 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-08-07 18:35 . 2013-08-07 18:36 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-07 18:35 . 2013-08-07 18:36 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-07 18:31 . 2013-08-07 18:31 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-08-05 13:30 . 2008-04-14 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-08-02 17:18 . 2008-04-14 12:00 841216 ----a-w- c:\windows\system32\wininet.dll
2013-08-02 17:18 . 2008-04-14 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2013-08-02 17:18 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-08-02 17:18 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2013-07-17 12:11 . 2013-07-17 12:10 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-10 10:37 . 2008-04-14 12:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 07:34 . 2008-04-14 12:00 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 07:33 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-02 20:20 . 2010-03-08 08:24 5473496 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2013-07-02 14:20 . 2013-08-12 17:22 84696 ----a-w- c:\windows\system32\RtkCoInstIIXP.dll
2013-06-24 12:43 . 2010-03-08 08:24 20145368 ----a-w- c:\windows\RTHDCPL.EXE
2013-06-21 12:02 . 2013-08-07 18:44 893728 ----a-w- c:\windows\system32\nvdispgenco3232049.dll
2013-06-21 12:02 . 2013-08-07 18:44 1024288 ----a-w- c:\windows\system32\nvdispco3232049.dll
2013-06-21 12:02 . 2013-08-06 15:59 57344 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:02 . 2013-08-06 15:59 6320128 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:02 . 2013-08-06 15:59 20197376 ----a-w- c:\windows\system32\nvoglnt.dll
2013-06-21 12:02 . 2013-08-06 15:59 7663616 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:02 . 2013-08-06 15:59 2783008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:02 . 2013-08-06 15:59 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:02 . 2013-08-06 15:59 4014592 ----a-w- c:\windows\system32\nv4_disp.dll
2013-06-21 12:02 . 2013-08-06 15:59 2548736 ----a-w- c:\windows\system32\nvapi.dll
2013-06-21 12:02 . 2013-08-06 15:59 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:02 . 2013-08-06 15:59 10973504 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-06-21 09:56 . 2013-08-06 16:00 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2013-06-21 09:56 . 2013-08-06 16:00 126976 ----a-w- c:\windows\system32\nvrszht.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrspt.dll
2013-06-21 09:56 . 2013-08-06 16:00 270336 ----a-w- c:\windows\system32\nvrsru.dll
2013-06-21 09:56 . 2013-08-06 16:00 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrstr.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrssl.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrssk.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsth.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrssv.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrsit.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsja.dll
2013-06-21 09:56 . 2013-08-06 16:00 266240 ----a-w- c:\windows\system32\nvrsko.dll
2013-06-21 09:56 . 2013-08-06 16:00 262144 ----a-w- c:\windows\system32\nvrshu.dll
2013-06-21 09:56 . 2013-08-06 16:00 258048 ----a-w- c:\windows\system32\nvrspl.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsno.dll
2013-06-21 09:56 . 2013-08-06 16:00 335872 ----a-w- c:\windows\system32\nvrshe.dll
2013-06-21 09:56 . 2013-08-06 16:00 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrses.dll
2013-06-21 09:56 . 2013-08-06 16:00 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2013-06-21 09:56 . 2013-08-06 16:00 335872 ----a-w- c:\windows\system32\nvrsar.dll
2013-06-21 09:56 . 2013-08-06 16:00 282624 ----a-w- c:\windows\system32\nvrsel.dll
2013-06-21 09:56 . 2013-08-06 16:00 278528 ----a-w- c:\windows\system32\nvrsde.dll
2013-06-21 09:56 . 2013-08-06 16:00 253952 ----a-w- c:\windows\system32\nvrsda.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrseng.dll
2013-06-21 09:56 . 2013-08-06 16:00 249856 ----a-w- c:\windows\system32\nvrscs.dll
2013-06-21 09:54 . 2013-08-06 16:00 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-06-21 09:54 . 2013-08-06 16:00 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-06-21 09:54 . 2013-08-06 16:00 15677728 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 09:54 . 2013-08-06 16:00 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 09:54 . 2013-08-06 16:00 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-06-18 19:50 . 2009-12-02 13:23 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"Steam"="c:\program files\Steam\Steam.exe" [2013-09-06 1811368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-06-21 15677728]
"NvMediaCenter"="NvMCTray.dll" [2013-06-21 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-06-21 2586912]
"RTHDCPL"="RTHDCPL.EXE" [2013-06-24 20145368]
"RTSS"="c:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2013-01-23 166968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013Game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\america's army 3\\Binaries\\AA3Loader.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\america's army 3\\Binaries\\AA3Game.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.7.2013 14:10 243128]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [24.12.2011 16:56 47360]
S1 MpKsl4038b6c9;MpKsl4038b6c9;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8D49B3EB-02FD-484F-B6CC-CA8317D03AA6}\MpKsl4038b6c9.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8D49B3EB-02FD-484F-B6CC-CA8317D03AA6}\MpKsl4038b6c9.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8.3.2010 10:23 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2.6.2011 11:08 11336]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [7.8.2013 20:31 23456]
S3 MSICDSetup;MSICDSetup;\??\i:\cdriver.sys --> i:\CDriver.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [3.8.2013 0:39 7680]
S3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files\Setup Files\Ms7529v470\NTIOLib.sys [6.1.2011 11:04 7680]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15 16:39]
.
2013-09-13 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-06-20 16:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.ividi.org/?src=tbhp&id=40 ... 1&affilt=3
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
FF - ProfilePath - c:\documents and settings\Mamca\Data aplikací\Mozilla\Firefox\Profiles\w0yfzdw8.default\
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - google.com
FF - ExtSQL: 2013-08-11 00:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-08-26 15:22; translator@zoli.bod; c:\documents and settings\Mamca\Data aplikací\Mozilla\Firefox\Profiles\w0yfzdw8.default\extensions\translator@zoli.bod.xpi
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-13 21:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1888)
c:\program files\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RunDLL32.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2013-09-13 21:58:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-13 19:58
ComboFix2.txt 2013-09-13 16:08
ComboFix3.txt 2013-09-12 16:33
.
Před spuštěním: Volných bajtů: 31 782 785 024
Po spuštění: Volných bajtů: 31 776 333 824
.
- - End Of File - - C7E71682C5ECEA4BB2D4D6C9692D1E57
413FC2A0C716421B3158746D63736515

[ventovr6]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:06, on 13.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21352)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Mamca\Dokumenty\Stažené soubory\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.ividi.org/?src=tbhp&id=40 ... 1&affilt=3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RTSS] "C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" /s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5418 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.