[HJT] Preventivka

CZechBoY · Příspěvekod **CZechBoY** » 01 črc 2011 15:35

jo to jsme zapoměl napsat že byl čistej jako Žbeky

Reklama

Příspěvekod **Žbeky** » 01 črc 2011 16:02

Tak to je potom špinavý jak prase :lol:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat

Folder::
c:\users\CZechBoY\AppData\Local\{3C70FB89-BFEB-40AC-B03D-A8FDD4B8007B}
c:\users\CZechBoY\AppData\Local\{74B38FE6-49BD-4061-AEBC-8599F4DBE2E1}
c:\users\CZechBoY\AppData\Local\{B8D65359-CE8A-4092-950E-D6DDFA07B6F8}
c:\users\CZechBoY\AppData\Local\{19A1D647-D7E4-4291-AC3D-21D572AFCC15}
c:\users\CZechBoY\AppData\Local\{573B1DC2-F347-4C63-96B6-52F56C35C018}
c:\users\CZechBoY\AppData\Local\{ABE28245-25F4-45A1-A5DB-EEDB66B43350}
c:\users\CZechBoY\AppData\Local\{D1A5AC0B-4093-4D11-A011-C8C037F9A093}
c:\users\CZechBoY\AppData\Local\{E694112C-C171-453F-A8C1-CCB1993674F7}
c:\users\CZechBoY\AppData\Local\{98B0C00A-DC8B-4032-B9AE-063F68D0086E}
c:\users\CZechBoY\AppData\Local\{ABB37429-B1BD-46DB-B56F-8864AA260F5B}
c:\users\CZechBoY\AppData\Local\{F512B8AC-673A-4587-A319-8C96A5182ABD}
c:\users\CZechBoY\AppData\Local\{9070C2FF-691D-4B68-9BBA-406A38CBAE1F}
c:\users\CZechBoY\AppData\Local\{A7762C89-7E4D-4087-8B3C-827DB84D6A40}
c:\users\CZechBoY\AppData\Local\{4ABF81ED-D28B-423B-8DD6-BB04C2D879F4}
c:\users\CZechBoY\AppData\Local\{8E1C438C-88C2-4EBC-881F-EFB9A61F7BAD}
c:\users\CZechBoY\AppData\Local\{1E76BFC6-3507-4E0F-8E69-9AB69C27DB9C}
c:\users\CZechBoY\AppData\Local\{CE43784C-FF64-4075-A00D-994FB98E2BAE}
c:\users\CZechBoY\AppData\Local\{0C9E0FB0-6802-4B92-871B-F45163EB0D46}
c:\users\CZechBoY\AppData\Local\{578811DB-84FA-4D6A-B160-BF466DF41B02}
c:\users\CZechBoY\AppData\Local\{BE9D9D6E-B892-4C70-88F1-4B7B1A79139C}
c:\users\CZechBoY\AppData\Local\{BFCF3F7A-3EDB-47B6-90F7-B9FC7CE84C03}
c:\users\CZechBoY\AppData\Local\{1FC90F19-9FC7-4084-AD7B-A3A595276F69}
c:\users\CZechBoY\AppData\Local\{033F3706-A854-41BF-9980-9D5321C31B11}
c:\users\CZechBoY\AppData\Local\{21EF22DC-E35F-498C-B748-F1568215C76D}
c:\users\CZechBoY\AppData\Local\{DF295844-5F97-4807-B684-25A53EF746BF}

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

CZechBoY · Příspěvekod **CZechBoY** » 27 črc 2011 14:25

tak jsem stáhl novej ComboFix, hodil tam ten script, něco to udělalo, resetlo PC a nešlo nic spustit

(klasika s CF u mě), tak jsem resetl PC a v poho

ComboFix 11-07-26.03 - CZechBoY 27.07.2011 1:30.4.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2309 [GMT 2:00]
Spuštěný z: c:\users\CZechBoY\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\CZechBoY\Desktop\CFScript.TXT
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\CZechBoY\AppData\Local\{033F3706-A854-41BF-9980-9D5321C31B11}
c:\users\CZechBoY\AppData\Local\{0C9E0FB0-6802-4B92-871B-F45163EB0D46}
c:\users\CZechBoY\AppData\Local\{19A1D647-D7E4-4291-AC3D-21D572AFCC15}
c:\users\CZechBoY\AppData\Local\{1E76BFC6-3507-4E0F-8E69-9AB69C27DB9C}
c:\users\CZechBoY\AppData\Local\{1FC90F19-9FC7-4084-AD7B-A3A595276F69}
c:\users\CZechBoY\AppData\Local\{21EF22DC-E35F-498C-B748-F1568215C76D}
c:\users\CZechBoY\AppData\Local\{3C70FB89-BFEB-40AC-B03D-A8FDD4B8007B}
c:\users\CZechBoY\AppData\Local\{4ABF81ED-D28B-423B-8DD6-BB04C2D879F4}
c:\users\CZechBoY\AppData\Local\{573B1DC2-F347-4C63-96B6-52F56C35C018}
c:\users\CZechBoY\AppData\Local\{578811DB-84FA-4D6A-B160-BF466DF41B02}
c:\users\CZechBoY\AppData\Local\{74B38FE6-49BD-4061-AEBC-8599F4DBE2E1}
c:\users\CZechBoY\AppData\Local\{8E1C438C-88C2-4EBC-881F-EFB9A61F7BAD}
c:\users\CZechBoY\AppData\Local\{9070C2FF-691D-4B68-9BBA-406A38CBAE1F}
c:\users\CZechBoY\AppData\Local\{98B0C00A-DC8B-4032-B9AE-063F68D0086E}
c:\users\CZechBoY\AppData\Local\{A7762C89-7E4D-4087-8B3C-827DB84D6A40}
c:\users\CZechBoY\AppData\Local\{ABB37429-B1BD-46DB-B56F-8864AA260F5B}
c:\users\CZechBoY\AppData\Local\{ABE28245-25F4-45A1-A5DB-EEDB66B43350}
c:\users\CZechBoY\AppData\Local\{B8D65359-CE8A-4092-950E-D6DDFA07B6F8}
c:\users\CZechBoY\AppData\Local\{BE9D9D6E-B892-4C70-88F1-4B7B1A79139C}
c:\users\CZechBoY\AppData\Local\{BFCF3F7A-3EDB-47B6-90F7-B9FC7CE84C03}
c:\users\CZechBoY\AppData\Local\{CE43784C-FF64-4075-A00D-994FB98E2BAE}
c:\users\CZechBoY\AppData\Local\{D1A5AC0B-4093-4D11-A011-C8C037F9A093}
c:\users\CZechBoY\AppData\Local\{DF295844-5F97-4807-B684-25A53EF746BF}
c:\users\CZechBoY\AppData\Local\{E694112C-C171-453F-A8C1-CCB1993674F7}
c:\users\CZechBoY\AppData\Local\{F512B8AC-673A-4587-A319-8C96A5182ABD}
c:\users\CZechBoY\AppData\Roaming\logs.dat
c:\users\CZechBoY\AppData\Roaming\Rock.exe
c:\users\CZechBoY\AppData\Roaming\sp\spoolsvs.exe
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh005.dat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-26 23:33 . 2011-07-26 23:33 -------- d-----w- c:\users\Server\AppData\Local\temp
2011-07-26 23:33 . 2011-07-26 23:33 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-07-26 23:33 . 2011-07-26 23:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-26 23:33 . 2011-07-26 23:33 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2011-07-26 23:29 . 2011-07-26 23:29 -------- d-----w- C:\32788R22FWJFW
2011-07-26 20:32 . 2011-07-26 20:32 -------- d-----w- c:\users\CZechBoY\AppData\Local\ABBYY
2011-07-26 20:32 . 2011-07-26 20:32 -------- d-----w- c:\users\CZechBoY\AppData\Roaming\ABBYY
2011-07-26 20:32 . 2011-07-26 20:32 -------- d-----w- c:\programdata\ABBYY
2011-07-26 14:19 . 2011-07-26 14:19 131336 ----a-w- c:\windows\system32\drivers\avfwot.sys
2011-07-26 14:19 . 2011-07-26 14:19 101984 ----a-w- c:\windows\system32\drivers\avfwim.sys
2011-07-14 16:11 . 2011-07-14 16:28 -------- d-----w- c:\users\CZechBoY\AppData\Roaming\.minecraft
2011-07-13 01:16 . 2011-06-11 02:56 3134464 ----a-w- c:\windows\system32\win32k.sys
2011-07-09 09:36 . 2011-07-09 09:36 -------- d-----w- c:\users\Server\AppData\Roaming\TuneUp Software
2011-07-08 14:39 . 2011-07-14 15:37 -------- d-----w- c:\users\Server\AppData\Local\Windows Live
2011-07-08 14:38 . 2011-07-08 14:38 -------- d-----w- c:\users\Server\Tracing
2011-07-08 14:38 . 2011-07-08 15:39 -------- d-----w- c:\users\Server\AppData\Roaming\Skype
2011-07-08 14:38 . 2011-07-09 15:51 -------- d-----w- c:\users\Server\AppData\Roaming\uTorrent
2011-07-08 14:38 . 2011-07-08 14:38 -------- d-----w- c:\users\Server\AppData\Local\Adobe
2011-07-08 11:08 . 2011-07-08 11:09 -------- d-----w- c:\users\InteleZid
2011-07-01 01:00 . 2011-07-01 01:00 -------- d-sh--w- c:\programdata\DSS
2011-07-01 01:00 . 2011-07-25 20:17 -------- d-----w- c:\programdata\Codemasters
2011-07-01 00:39 . 2010-09-22 11:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-07-01 00:39 . 2011-07-01 00:39 -------- d-----w- c:\program files (x86)\BRS
2011-07-01 00:39 . 2011-03-19 13:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2011-07-01 00:39 . 2011-07-01 00:39 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-01 00:39 . 2011-07-01 00:39 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-07-01 00:39 . 2011-07-01 00:39 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-01 00:39 . 2011-07-01 00:39 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-07-01 00:39 . 2011-07-01 00:39 -------- d-----w- c:\program files (x86)\OpenAL
2011-06-30 22:48 . 2011-06-30 22:48 -------- d-----w- c:\users\admin
2011-06-30 22:41 . 2011-06-24 13:04 219440 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-06-30 22:41 . 2011-06-24 13:05 44848 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-06-28 22:44 . 2011-05-24 11:21 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-28 22:44 . 2011-05-24 10:34 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-06-28 22:44 . 2011-05-24 10:34 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-06-28 22:44 . 2011-05-24 10:32 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-06-28 22:44 . 2011-05-24 10:34 64512 ----a-w- c:\windows\SysWow64\devobj.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 02:48 . 2011-03-21 19:37 131336 ----a-w- c:\windows\SysWow64\drivers\avfwot.sys
2011-06-24 13:05 . 2011-06-24 13:05 144688 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-06-24 13:05 . 2011-02-17 16:21 164656 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-06-24 13:04 . 2011-02-17 16:21 320816 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2011-06-18 13:30 . 2011-03-21 19:37 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-18 12:57 . 2011-03-21 19:37 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-16 00:05 . 2010-10-14 08:57 1835744 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2011-06-15 05:23 . 2011-05-30 15:30 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-03 06:00 . 2011-07-13 01:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-06-02 15:50 . 2010-10-13 15:33 25640 ----a-w- c:\windows\gdrv.sys
2011-05-31 15:21 . 2011-06-16 09:00 2886888 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2011-05-31 14:38 . 2011-06-16 09:00 91240 ----a-w- c:\windows\system32\RCoInst64.dll
2011-05-31 08:09 . 2011-06-16 09:00 3114088 ----a-w- c:\windows\system32\RtkAPO64.dll
2011-05-29 07:11 . 2010-12-08 15:25 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-12-08 15:25 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-27 15:58 . 2010-10-13 15:33 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-24 13:01 . 2011-06-16 09:00 1559656 ----a-w- c:\windows\system32\RTSnMg64.cpl
2011-05-23 15:12 . 2011-06-16 09:00 1245288 ----a-w- c:\windows\system32\RTCOM64.dll
2011-05-20 08:44 . 2011-06-16 09:00 2405992 ----a-w- c:\windows\system32\RtPgEx64.dll
2011-05-16 20:55 . 2011-06-02 15:24 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2011-05-16 20:55 . 2011-06-02 15:24 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2011-05-16 20:55 . 2011-06-02 15:24 533096 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2011-05-05 13:24 . 2011-06-16 09:00 2085440 ----a-w- c:\windows\system32\FMAPO64.dll
2011-05-04 23:28 . 2011-05-04 23:28 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-04 23:27 . 2011-05-04 23:27 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-04 05:54 . 2011-05-04 05:56 111960 ----a-w- c:\windows\dxsdkuninst.exe
2011-05-04 02:51 . 2011-06-15 10:41 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:51 . 2011-06-15 10:41 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-04 02:51 . 2011-06-15 10:41 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-03 05:21 . 2011-06-15 10:40 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-05-03 04:50 . 2011-06-15 10:40 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:13 . 2011-06-15 10:40 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 03:12 . 2011-06-15 10:40 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 03:12 . 2011-06-15 10:40 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2011-06-30_22.46.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-13 01:17 . 2011-06-03 05:59 25600 c:\windows\SysWOW64\setup16.exe
- 2010-10-14 05:11 . 2009-12-22 08:23 25600 c:\windows\SysWOW64\setup16.exe
- 2010-10-14 05:11 . 2009-12-22 08:24 14336 c:\windows\SysWOW64\ntvdm64.dll
+ 2011-07-13 01:17 . 2011-06-03 06:03 14336 c:\windows\SysWOW64\ntvdm64.dll
+ 2009-07-14 04:54 . 2011-07-26 14:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-30 22:29 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-30 22:29 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 14:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 14:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-30 22:29 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-13 23:26 . 2009-07-14 01:41 13312 c:\windows\system32\wow64cpu.dll
+ 2011-07-13 01:17 . 2011-06-03 07:00 13312 c:\windows\system32\wow64cpu.dll
+ 2011-03-27 08:59 . 2011-07-17 10:20 86672 c:\windows\system32\perfh009.dat
- 2011-03-27 08:59 . 2011-06-30 10:35 86672 c:\windows\system32\perfh009.dat
+ 2011-03-27 08:59 . 2011-07-17 10:20 33834 c:\windows\system32\perfc009.dat
- 2011-03-27 08:59 . 2011-06-30 10:35 33834 c:\windows\system32\perfc009.dat
+ 2011-07-13 01:17 . 2011-06-03 06:57 16384 c:\windows\system32\ntvdm64.dll
- 2009-07-13 23:26 . 2009-07-14 01:41 16384 c:\windows\system32\ntvdm64.dll
- 2009-07-14 05:30 . 2011-06-30 22:41 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-07-26 12:18 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2011-07-13 01:16 . 2011-04-28 03:58 80384 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\BTHUSB.SYS
+ 2009-07-14 00:06 . 2009-07-14 00:06 41984 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\bthenum.sys
+ 2010-10-22 19:35 . 2011-07-26 23:34 74728 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-10-13 15:32 . 2011-06-30 22:58 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-13 15:32 . 2011-05-10 18:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-10-14 05:11 . 2009-12-22 08:22 5120 c:\windows\SysWOW64\wow32.dll
+ 2011-07-13 01:17 . 2011-06-03 05:58 5120 c:\windows\SysWOW64\wow32.dll
+ 2011-07-13 01:17 . 2011-06-03 03:56 2048 c:\windows\SysWOW64\user.exe
- 2010-10-14 05:11 . 2009-12-22 04:28 2048 c:\windows\SysWOW64\user.exe
+ 2011-07-13 01:17 . 2011-06-03 03:56 7680 c:\windows\SysWOW64\instnm.exe
- 2010-10-14 05:11 . 2009-12-22 04:28 7680 c:\windows\SysWOW64\instnm.exe
- 2009-07-13 23:10 . 2009-07-13 23:10 6144 c:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 03:51 6144 c:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-13 23:10 3584 c:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 03:51 3584 c:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 03:51 3072 c:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-13 23:10 3072 c:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-13 23:10 4608 c:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 03:51 4608 c:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 4096 c:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 4096 c:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 4096 c:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 4096 c:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 4608 c:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 4608 c:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3584 c:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3584 c:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3584 c:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3584 c:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 4096 c:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 4096 c:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3584 c:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3584 c:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 4096 c:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 4096 c:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 4096 c:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 4096 c:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3584 c:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3584 c:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3584 c:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3584 c:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3584 c:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3584 c:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 5120 c:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 5120 c:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
- 2009-07-13 23:10 . 2009-07-14 01:03 3072 c:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 05:50 3072 c:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
- 2011-03-25 20:41 . 2011-06-30 14:24 8192 c:\windows\system32\Microsoft\Protect\Recovery\Recovery.dat
+ 2011-03-25 20:41 . 2011-07-15 05:27 8192 c:\windows\system32\Microsoft\Protect\Recovery\Recovery.dat
+ 2011-07-13 01:17 . 2011-06-03 06:39 6144 c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 6144 c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 4608 c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 4608 c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 4096 c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 4096 c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 4096 c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 4096 c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 4608 c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 4608 c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 4096 c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 4096 c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 4096 c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 4096 c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3584 c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3584 c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 5120 c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 5120 c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
- 2009-07-13 23:18 . 2009-07-14 01:24 3072 c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
+ 2011-07-13 01:17 . 2011-06-03 06:39 3072 c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
+ 2011-07-26 23:42 . 2011-07-26 23:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-30 22:46 . 2011-06-30 22:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-13 01:17 . 2011-06-03 05:58 272384 c:\windows\SysWOW64\KernelBase.dll
+ 2011-07-13 01:17 . 2011-06-03 07:00 362496 c:\windows\system32\wow64win.dll
+ 2011-07-13 01:17 . 2011-06-03 07:00 243200 c:\windows\system32\wow64.dll
- 2010-10-14 05:11 . 2009-12-22 08:36 243200 c:\windows\system32\wow64.dll
+ 2011-07-13 01:17 . 2011-06-03 06:59 214528 c:\windows\system32\winsrv.dll
+ 2011-07-13 01:17 . 2011-06-03 06:54 421888 c:\windows\system32\KernelBase.dll
+ 2009-07-14 04:45 . 2011-07-14 01:18 468120 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2011-06-16 08:59 468120 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:30 . 2011-06-30 22:41 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-07-26 12:18 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-06-30 22:41 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-07-26 12:18 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 00:06 . 2009-07-14 01:39 229376 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\fsquirt.exe
+ 2011-07-13 01:16 . 2011-04-28 03:58 552448 c:\windows\system32\DriverStore\FileRepository\bth.inf_amd64_neutral_6c7b4ac630551f33\bthport.sys
- 2009-07-14 05:31 . 2010-10-15 01:29 399360 c:\windows\system32\DriverStore\drvindex.dat
+ 2009-07-14 05:31 . 2011-07-14 01:16 399360 c:\windows\system32\DriverStore\drvindex.dat
+ 2011-07-13 01:17 . 2011-06-03 06:50 338944 c:\windows\system32\conhost.exe
- 2009-07-14 05:01 . 2011-06-30 22:45 417676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-26 23:34 417676 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-13 01:17 . 2011-06-03 05:58 1114112 c:\windows\SysWOW64\kernel32.dll
+ 2011-07-13 01:17 . 2011-06-03 06:54 1162240 c:\windows\system32\kernel32.dll
- 2009-07-14 04:45 . 2011-06-29 01:17 4410075 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-07-14 01:18 4410075 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2010-12-24 02:32 . 2011-07-26 23:34 1415168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-06-04 17:42 . 2011-07-14 01:16 1097568 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1913805740-196726431-4255557853-1007-8192.dat
+ 2005-09-23 05:48 . 2005-09-23 05:48 2483200 c:\windows\Installer\5fe714.msi
- 2009-07-14 02:34 . 2011-06-30 09:50 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-07-26 03:47 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-10-20 17:11 . 2011-07-14 01:00 50867144 c:\windows\system32\MRT.exe
+ 2011-02-07 21:07 . 2011-07-26 23:34 10125628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1913805740-196726431-4255557853-1001-8192.dat
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"uTorrent"="f:\programy(x86)\uTorrent\uTorrent.exe" [2011-04-07 399736]
"Infium"="f:\programy(x86)\QIP Infium\infium.exe" [2011-05-11 6848384]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="f:\programy(x86)\Avira Premium Security Suite\Avira\AntiVir Desktop\avgnt.exe" [2011-01-26 281768]
"StartCCC"="f:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"StartCCC"="f:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"avgnt"="f:\programy(x86)\Avira Premium Security Suite\Avira\AntiVir Desktop\avgnt.exe" /min
"iTunesHelper"="f:\programy(x86)\iTunes\iTunesHelper.exe"
"LogMeIn Hamachi Ui"="f:\programy(x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
R2 AntiVirMailService;Avira AntiVir MailGuard;f:\programy(x86)\Avira Premium Security Suite\Avira\AntiVir Desktop\avmailc.exe [2011-07-01 340136]
R2 AntiVirWebService;Avira AntiVir WebGuard;f:\programy(x86)\Avira Premium Security Suite\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-07-01 428200]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 CEDRIVER55;CEDRIVER55;e:\cheat engine\dbk64.sys [2010-06-25 40504]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RivaTuner64;RivaTuner64;f:\programy(x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2011-05-25 19952]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys [x]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [x]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [x]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [x]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [x]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [x]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [x]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;f:\programy(x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
R3 WMSVC;Služba webové správy;c:\windows\system32\inetsrv\wmsvc.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;f:\programy(x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
R4 MBAMService;MBAMService;f:\programy(x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;f:\programy(x86)\Avira Premium Security Suite\Avira\AntiVir Desktop\sched.exe [2011-07-01 136360]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3136328]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;f:\programy(x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-03-30 2026304]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;f:\programy(x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-02-10 11856]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 4012360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-31 11855976]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
IE: Download with GetRight - f:\programy(x86)\GetRight\GRdownload.htm
IE: E&xportovat do aplikace Microsoft Excel - f:\programy\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with GetRight Browser - f:\programy(x86)\GetRight\GRbrowse.htm
IE: Subscribe in Desktop Sidebar - f:\programy(x86)\Desktop Sidebar\sbhelp.dll/menuhandler.html
LSP: f:\programy(x86)\Avira Premium Security Suite\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{2038154B-2980-46B6-B116-3AA4AF93D7AF}: NameServer = 10.0.0.100,10.0.0.200
TCP: Interfaces\{5E509714-6D82-46A5-88A5-B2A714A244E0}: NameServer = 10.0.0.100,10.0.0.200
FF - ProfilePath - c:\users\CZechBoY\AppData\Roaming\Mozilla\Firefox\Profiles\s4n70o8v.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - f:\programy(x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - f:\programy(x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Check4Change: check4change-owner@mozdev.org - %profile%\extensions\check4change-owner@mozdev.org
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="EFAEAE5E593D7C8716F89B3EA7E79BA1E805394141A7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555BA7FD869164D6794FEBC9E127BECC74C9125369EC5C7D3D1A668AA2C6AD5B15539F8B31581FD2B51542DF10E2B43A4D50719DE93B1F13434A8C98DA47367497E679B42FD1F6B2B0BA99254EF36914815BC48E444E9344D65566EDFA84177140B655C57381562E2A8B4AB9D0BD10774CCD5E746D798B1D6DB66CB5EA92237988D2092092075C74376B5D363BFF6D6289F09F1B45A3D107E33269C75FCB65E4F3A975A25F02883B1E08526EC55F13CD554A32794BAA67B63AC7762485877A926E9E313294D6A82897A0C06B6F6E3F4E4D50206014CFC2119ABCA5D2DD92F58FB1A2B62C9BACBB4177847977230C0C230B399D7C747393528B72C1730817CAD296AAC30EDA02E8F1F354C4304F65269879F71A469C5286D8C7C36D80E33D1F073A03928B14F4B8BD4AEBF37039F35352D71243B1BC76D84B6CA98B3BAB9F5EF1A2535BAE3762E25E386DA64BD65D972D725E02E46B17DB98A9518F85A3E04F7CC061C1B08ABB5DC69826D00B26685F2B3D66B530AC8A24EDF750E404AD36A5DB072F843D6E89738F80D590319A4CF8BDE4C9BC4B6BAFA8A0227E5E5186C6C786041ED6D3A8A5ABF16B3152A568626966CE9DAE05115F737B188200885E221A3E669B01BD3D2D9FE3DA92AF789574AF2E4BC2A4915CC5E25A31ECF0A89F071BFC589099075E6C608DB42B6B081C4500141711DE46EB84A257E119E13CE3A1FB073E0D6D4A65124ED52F86FDCC3E0A0A5F05DD85D7E92A610DEAB490EB4C03A5C57D5883523FCC9CA786C18C90924F8CBD7F51A211B7CB7BD555F1E2A4CEDAAB0CEF0A5C05B3DE2B9985C8A8ABCE56861CC56B062CE78120F653E03DADC8D2A1BAADE46CCF147EF5D6E31B771006755D61ABDFE96566E9EE507827057E0504A11B07018EF3E33C459AEF21F9A28C8F722FE8EFCF8A3299DA8A686F01B064A6A89991A5B08CC8009567ED0D9DF3C12DC3D2FCF34865B589E42244926E3AF74C3009375E6B45C8E3801F59A8F65792CE4A651ACC582570F8822D270C4B675AA6073BDBF24D96024230926C87F8E51E6C5DE80F364F1254694397BC314D8202E9E682DD80F9F01EA6C240F747C05E67486EBCB98D720075750FE5AAEEF57AE233267EB46B87198EE0C0CA7DAECB5136A05D636B0FA1AF1021F6E9E414A7FD311A07AF6B1C701B8224E7BD8DDC9D26344722EB579BB338E6BB4066D2F266576E44532BEE57441A25AD2B303042250175F5283374FA0813C981C485E509B6130EFCEA2A8558DEACF508C7975F798E7A27EFE6B98B5BDDD8BF6333CFC21588CCF64C0610E9572796A22C416F7066316"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
f:\programy(x86)\Fraps\fraps.exe
c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 01:44:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 23:44
ComboFix2.txt 2011-06-30 22:48
ComboFix3.txt 2011-06-25 23:35
.
Před spuštěním: 9 746 874 368
Po spuštění: 9 787 355 136
.
- - End Of File - - 2EAC9B62C02B6D1CC205A8F4050A11D2

Příspěvekod **Žbeky** » 28 črc 2011 09:29

Sis ale dal na čas...

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

CZechBoY · Příspěvekod **CZechBoY** » 28 črc 2011 10:38

aspoň vidíš jak často resetuju kompa

no tak na PC jsem teď nainstaloval CoreTuner od Ashampoo takže se to seká jak prase no

ve čtvrtek dorazí Q9550 tak to bude snad lepší :)

HJT

► Zobrazit spoiler

Příspěvekod **Žbeky** » 28 črc 2011 11:25

Nechápu takové masochisty, co si nainstalujou program, ví, že to bude akorát brzdit a tolerujou ho

Log je už ok, tak můžeš dát vyřešeno.
P.S. Příště nedávej logy ani do code, ani do spoileru. Díky

CZechBoY · Příspěvekod **CZechBoY** » 28 črc 2011 11:36

však ten spoiler normálně rozevřeš a aspoň nemusim urolovat kolečko (už po 4. se mi seklo za 2 měsíce

)
já myslel že se ten CT už zlepšil, ale stejně se mi zasekává PC občas, když jsem koukal na taskmgr tak mm využití do 10% pak vyjede na sekundu na 99% a pak zase 10-15%

bych potřeboval nějakej program na správu rozdělení CPU k programům :)

Příspěvekod **Žbeky** » 28 črc 2011 11:38

i to seřaď podle vytížení CPU a hned zjistíš, co ti dělá ty výkyvy

CZechBoY · Příspěvekod **CZechBoY** » 28 črc 2011 11:41

právě že pokud dám rychlou aktualizaci tak to tam blikne na čtvrt sekundy (2 procesy na 50% jsem viděl akorát) a nestihl jsem už přečíst jméno

při pomalým se t tam ani neukáže :(

Příspěvekod **Žbeky** » 28 črc 2011 11:54

Vím, že říct zpětně, co vytížilo PC uměl norton internet security. Takže to určitě nějak jde, ale jméno jiného programu, co by to uměl, neznám

[HJT] Preventivka Vyřešeno

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka

Re: [HJT] Preventivka Vyřešeno

Kdo je online