Hijackthis - kontrola

Příspěvekod **Clorky** » 30 čer 2011 20:59

Zdravím, prosil bych o kontrolu, v poslední době hry jedou hrozně pomalu a nemám přistup ke všem "věcem" ale admin mám, když chci něco smazat tak se to tam po F5 zase objeví, nebo když smažu celou složku tak se nesmaže celý její obsah, ale jen něco bez nějakého upozornění nebo tak... Když kopíruju něco někde a chci to nahradit, tak selhává přístup, nemám možnost to překopírovat pač to napíše něco ohledně toho, že nemám přístup ke složce nebo něco takového, viz. viewtopic.php?f=36&t=69531
Prosil bych tedy o kontrolu logu. + Když zapnu Advanced System Care tak jeho lišta informující o stavu PC pořád hodnotí za C což znamená, že potřebuje rychlou údržbu, udělám ji a po restartu nebo po nějakém časovém intervalu je tam hned zase C, podle mě to souvisí... Už si nevím rady.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:00:08, on 1.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
D:\Optimalizace\Advanced SystemCare 4\PMonitor.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
D:\Optimalizace\Advanced SystemCare 4\ASC.exe
D:\Optimalizace\Advanced SystemCare 4\ASCTray.exe
D:\Programy\Mozilla Firefox 4.0 Beta 8\firefox.exe
D:\Programy\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
D:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 4] D:\Optimalizace\Advanced SystemCare 4\ASCTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: DAEMON Tools Lite.lnk = C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - Unknown owner - D:\Hry\DA Origins\bin_ship\DAUpdaterSvc.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7840 bytes

Reklama

Příspěvekod **Clorky** » 01 črc 2011 10:23

Prosil bych o vyřešení, spěchá to.

Příspěvekod **Žbeky** » 01 črc 2011 15:35

Odinstaluj Daemon tools toolbar

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Advanced SystemCare 4] D:\Optimalizace\Advanced SystemCare 4\ASCTray.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Udělej rychlý scan v MbAM a dej sem log

Příspěvekod **Clorky** » 01 črc 2011 16:40

HJT hotovo, díky za ozvání, zatím ale žádná zásadní změna. ATF taky hotovo, ale nemám přístup k Firefoxu ani k Opeře nevím proč, potřeboval bych potom i vyřešit problém s právami, kdy nemůžu chodit ani do běžných složek jako jsou "My Music" atd. Ale netýká se to jen toho. Zatím díky, pokračujem.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 6991

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

1.7.2011 16:13:50
mbam-log-2011-07-01 (16-13-50).txt

Typ: Rychlá kontrola
Kontrolované objekty: 160152
Uplynulý čas: 56 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Příspěvekod **Žbeky** » 01 črc 2011 16:46

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Příspěvekod **Clorky** » 01 črc 2011 16:54

cComboFix 11-06-30.05 - Petr 01.07.2011 16:47:59.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2567 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\TNod User & Password Finder\TNODUP.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-01 do 2011-07-01 )))))))))))))))))))))))))))))))
.
.
2011-07-01 14:49 . 2011-07-01 14:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-01 14:20 . 2011-07-01 14:20 -------- d-----w- c:\users\Petr\AppData\Local\ATI
2011-07-01 06:02 . 2011-07-01 06:03 -------- d-----w- c:\program files (x86)\Unlocker
2011-07-01 06:02 . 2011-07-01 06:02 -------- d-----w- c:\users\Petr\AppData\Roaming\QuickStoresToolbar
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\programdata\Malwarebytes
2011-07-01 05:18 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-01 05:18 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 05:09 . 2011-06-30 05:09 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-06-29 19:02 . 2011-06-29 19:02 -------- d-----w- c:\program files (x86)\Vypalovač
2011-06-29 10:30 . 2011-07-01 14:49 -------- d-----w- c:\program files (x86)\TNod User & Password Finder
2011-06-29 10:29 . 2011-06-29 10:29 -------- d-----w- c:\program files\ESET
2011-06-28 10:36 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FAE4468-1FB5-4554-B1B0-5EE7419687DB}\mpengine.dll
2011-06-27 11:46 . 2011-06-27 11:46 -------- d-----w- c:\program files (x86)\Nuclear Coffee
2011-06-26 18:16 . 2011-06-26 18:16 -------- d-----w- c:\users\Petr\AppData\Roaming\Day 1 Studios
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\programdata\ATI
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files (x86)\AMD APP
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-06-23 16:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2011-06-23 16:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-06-23 16:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2011-06-23 16:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2011-06-23 12:01 . 2011-06-23 12:01 -------- d-----w- c:\windows\system32\SPReview
2011-06-23 12:01 . 2011-06-23 12:03 -------- d-----w- C:\855ed9d5123b12e6f70aa97bcbba
2011-06-23 12:01 . 2011-06-23 12:01 -------- d-----w- c:\windows\system32\EventProviders
2011-06-22 11:27 . 2011-06-22 11:27 -------- d-----w- c:\program files (x86)\CAPCOM
2011-06-20 20:12 . 2011-06-23 19:02 -------- d-----w- C:\video_output
2011-06-20 17:42 . 2011-06-20 18:17 -------- d-----w- c:\users\Petr\AppData\Roaming\TeamViewer
2011-06-19 00:45 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-06-19 00:44 . 2010-11-20 13:27 611840 ----a-w- c:\windows\system32\wpd_ci.dll
2011-06-19 00:43 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-06-19 00:43 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-06-19 00:42 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-06-18 17:04 . 2011-06-18 17:04 -------- d-----w- c:\program files (x86)\CamStudio
2011-06-17 07:02 . 2005-11-13 21:22 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-06-17 07:02 . 2005-11-13 21:22 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-06-17 07:02 . 2005-11-13 21:21 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-06-17 07:02 . 2005-11-13 21:20 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-06-17 07:02 . 2005-11-13 21:19 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2011-06-17 07:02 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-06-17 07:02 . 2011-06-17 07:02 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-06-17 07:02 . 2011-06-17 07:02 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-06-15 13:27 . 2011-06-15 13:27 -------- d-----w- C:\03f3e0a56d69c6fb3928d433
2011-06-15 13:15 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-12 09:29 . 2011-06-12 09:29 -------- d-----w- c:\program files (x86)\MegaDev
2011-06-11 09:14 . 2011-06-11 09:14 -------- d-----w- c:\programdata\BioWare
2011-06-11 09:07 . 2011-06-11 09:07 -------- d-----w- c:\programdata\Media Center Programs
2011-06-11 08:51 . 2011-06-11 08:51 114688 ----a-w- C:\Trainer.dll
2011-06-10 15:10 . 2011-06-10 15:10 -------- d-----w- c:\users\Petr\Nová složka
2011-06-09 13:17 . 2011-06-09 13:43 -------- d-----w- c:\users\Petr\AppData\Roaming\Hamachi
2011-06-09 13:16 . 2011-06-09 13:17 -------- d-----w- c:\program files (x86)\Hamachi
2011-06-09 13:16 . 2011-06-09 13:16 21832 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-06-09 13:00 . 2011-06-09 13:00 -------- d-----w- c:\users\Petr\AppData\Local\Microsoft Games
2011-06-09 12:51 . 2009-07-04 11:47 11776 ----a-w- c:\windows\rtl120.bpl
2011-06-06 18:49 . 2011-06-06 18:49 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-06-06 17:41 . 2011-06-06 17:41 -------- d-----w- c:\programdata\MySQL
2011-06-06 17:41 . 2011-06-06 17:41 -------- d-----w- c:\program files\MySQL
2011-06-06 17:39 . 2011-06-09 16:03 1589248 ----a-w- c:\windows\SysWow64\libmysql_d.dll
2011-06-06 17:39 . 2011-06-06 17:39 -------- d-----w- c:\program files (x86)\PremiumSoft
2011-06-06 16:04 . 2011-06-07 12:26 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-06-05 19:23 . 2011-06-05 19:23 -------- d-----w- c:\program files (x86)\LG Electronics
2011-06-05 19:23 . 2011-01-13 02:07 1919968 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2011-06-05 19:23 . 2010-12-07 12:23 34304 ----a-w- c:\windows\system32\drivers\lgandmodem64.sys
2011-06-05 19:23 . 2010-12-07 12:23 27648 ----a-w- c:\windows\system32\drivers\lganddiag64.sys
2011-06-05 19:23 . 2010-12-07 12:23 27136 ----a-w- c:\windows\system32\drivers\lgandgps64.sys
2011-06-05 19:23 . 2010-12-07 12:22 19456 ----a-w- c:\windows\system32\drivers\lgandbus64.sys
2011-06-05 19:23 . 2010-08-02 14:19 31744 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2011-06-05 19:20 . 2011-06-05 19:20 -------- d-----w- C:\LGP350
2011-06-05 19:19 . 2011-06-09 16:03 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2011-06-05 19:19 . 2005-11-24 00:34 82432 ----a-w- c:\windows\SysWow64\msxml4r.dll
2011-06-05 19:19 . 2005-10-03 23:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2011-06-05 19:18 . 2011-06-05 19:19 -------- d-----w- c:\programdata\LGMOBILEAX
2011-06-05 18:55 . 2011-06-09 16:03 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2011-06-05 18:55 . 2011-06-09 16:03 258048 ----a-w- c:\windows\SysWow64\GplMpgDec.ax
2011-06-05 18:55 . 2007-04-12 12:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2011-06-05 18:55 . 2011-06-05 18:56 -------- d-----w- c:\program files (x86)\Allok 3GP PSP MP4 iPod Video Converter
2011-06-05 18:37 . 2011-06-05 18:37 -------- d-----w- c:\windows\SysWow64\Adobe
2011-06-05 18:26 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\AML Products
2011-06-04 14:11 . 2011-06-04 14:11 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-06-04 13:57 . 2011-06-09 15:58 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2011-06-03 19:15 . 2011-06-03 19:15 -------- d-----w- c:\windows\TiMoC
2011-06-03 19:15 . 2011-06-03 19:15 -------- d-----w- c:\program files (x86)\TiMoC
2011-06-03 17:28 . 2011-06-09 15:58 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-06-03 17:28 . 2011-06-09 15:58 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-06-03 17:28 . 2011-06-09 15:58 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-06-03 17:28 . 2011-06-03 17:28 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-06-03 17:28 . 2011-06-03 17:28 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-06-03 17:28 . 2005-11-13 21:16 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-06-03 17:28 . 2005-04-03 21:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-06-03 17:28 . 2005-04-03 21:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-06-03 17:28 . 2005-04-03 20:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-06-03 17:28 . 2011-06-03 19:40 -------- d-----w- c:\users\Petr\AppData\Local\Oblivion
2011-06-03 12:43 . 2011-06-03 12:43 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2011-06-02 19:23 . 2011-06-02 19:23 -------- d-----w- c:\users\Petr\AppData\Local\QuickStores
2011-06-02 19:22 . 2011-06-02 19:22 -------- d-----w- c:\program files (x86)\DsNET Corp
2011-06-02 19:17 . 2011-06-02 19:17 -------- d-----w- c:\program files (x86)\4U Computing
2011-06-01 17:04 . 2011-06-01 17:04 -------- d-----w- c:\users\Petr\AppData\Roaming\GHISLER
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-06-01 17:04 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-23 12:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-23 12:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-17 05:28 . 2011-05-27 17:51 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-09 16:03 . 2011-05-30 16:37 237568 ----a-w- c:\windows\SysWow64\mcstabs.ocx
2011-06-09 16:03 . 2011-04-26 05:58 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-06-09 16:03 . 2011-04-26 05:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-06-09 16:03 . 2011-03-31 21:48 86016 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-06-09 16:03 . 2008-08-19 00:18 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2011-06-09 16:01 . 2011-05-27 19:18 319488 ----a-w- c:\windows\HideWin.exe
2011-06-01 11:36 . 2011-06-01 11:36 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-30 11:05 . 2011-05-30 11:05 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-30 11:05 . 2011-05-30 11:05 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-30 11:05 . 2011-05-30 11:05 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-05-30 11:05 . 2011-05-30 11:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-05-30 11:05 . 2011-05-30 11:05 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-30 11:05 . 2011-05-30 11:05 321024 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-30 11:05 . 2011-05-30 11:05 219136 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-05-30 11:05 . 2011-05-30 11:05 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-30 11:05 . 2011-05-30 11:05 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-05-27 19:01 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-27 19:01 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-25 03:07 . 2011-04-20 02:09 688128 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-05-25 02:58 . 2011-04-20 01:59 4219904 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-05-25 02:26 . 2011-04-20 01:23 366592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:24 . 2011-04-20 01:21 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-05-25 02:24 . 2011-04-20 01:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-05-25 02:19 . 2011-04-20 01:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 16672768 ----a-w- c:\windows\system32\amdocl64.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-24 17:14 . 2011-05-27 17:33 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 23:27 . 2011-05-04 23:27 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-22 22:15 . 2011-05-27 20:21 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-09 07:02 . 2011-05-27 20:23 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-27 20:23 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-27 20:23 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-27 20:23 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-27 20:23 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-05-27 399736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
.
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2011-3-17 4523928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DAEMON Tools Lite.lnk - c:\program files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]
R3 ATICDSDr;ATICDSDr;c:\users\Petr\AppData\Local\Temp\ATICDSDr.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\hry\DA Origins\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3136328]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 4012360]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2918656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TNOD UP - c:\program files (x86)\TNod User & Password Finder\TNODUP.exe
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4290107199-3901289904-2400017597-1001\Software\SecuROM\License information*]
"datasecu"=hex:10,61,84,bc,3e,54,44,67,1c,91,53,31,d7,c4,28,21,f9,0c,b8,6c,4d,
3e,9d,90,00,e6,d3,a3,c9,54,f8,c8,97,eb,c1,89,ec,bc,ff,c5,66,13,6c,1c,5c,a0,\
"rkeysecu"=hex:65,cc,c6,35,ff,ce,8c,c0,0b,e5,d9,65,b6,56,6c,3b
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="9969121BCD032910016C29F53DF6190AA4824948AA9D04B3EDDA19FCAD26F5105293BF0EFAF5A82CFBBB640ED7530A0A06A539779EDA51DE43019CD04CC6A79C9CD445A8A68DDACF7AB582516F43FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E6679DB7CE019D40AA5CA6A0AC4980AC79332A1B19CB9A7AA957DD04F3A0F790FDA66DCE552BF0F80722A47347FAC9036D06A7EF8F770C4ACBCF29A51EA7BD7859A7B2030238B75BB8957986F6E67DC7BD89438200A62F515C39E142102E86CB10C2B370C6BCE6A06528BF55B83FFA73081958654EC3E215EC05519A2735F14E780ECB239AEAFEE84E3684DBBF1144A018F2C220084F49CF6FF947E269CFE2F451F2D91C9C8E458898EED808DFF79FA2992C65AD595A48EDBCAF1742FEA7816A3933C1D18C04C085CE5650B91427147C20AD257C188E8A908F959555B178378DB4DEECABCE3DBD9BDD4484C97AE56FE622B56CF0B925FD0F076D9DACF31335712CDDC3076D3ECBBB96631281550D434E7BD2296059EED471A64D104B57DAECDBEC6B393515A1C0082EB4199C080C65D2E7EA4B9635CE0575D51DCC29954896C8A6153F7B9613B259400CBD509FE36D4A0C374AD2313B488C601DBCB30AE82DE4ED3ECC9266D57FB8C690A9C0C82B3ABB6C449E4853419E5DF45DC84934DAEF133C1FDE289DBDC6E726BE0A09D30DEB647571C61DC6FD4740A74460BEB654616AEB40755C79346CD923E40E36B9C7673474F5C3EDDA264BC36F8BF5DB5C9B4935BD8013445AB79736E4286BCA12ACD5511BD89B48028073A729C101DC8F0FB2F15794BE68C558B7587B00593D1C22259381F6572FD3694DE291C6FAF1609DEB54418186C7E43CF8CFD73896F5B8248606210285990BCDAB9F4D5162BF824D8940E5A378D1039BD2604EF063556E3EEDEA587EB77485B2A53AE4EBBBDC4F3461521828A76B93C3FA00191D822B6794163669C3039CC730144342F38BD5BF7E90590A912D6FA8176E5D5585BD3F705C7A90FA8081E5F66E9503B51B5EAA75EE73D5D539A3A8FC8AEDD484C462CAFB61DD55973450975F300CEFF266C1CF34572F0076482BD86CA7FDFB0CCBC0FA2180C4182E35126CEE471EB90FB1C72D65222BC14EBC6836790AE419B55D2DF3972CF7998F2BEA93B99AB4420828081E91C9113A206A0168C7642F282E91804A3F6B04D4F212062FF5A5009CBC4D1EF3EB5FD0BB9477228C9F7CAFD986D3178798D8BB75F3BC11D77EF77194EF76267147861ECBB8DFF9B4EFA9778F366652AB4AA1B3DB0FCD3C9852B43EA6494C454F99F86FA6FB703EE3C75B5FE114D996A69E87449D28BFBE6E14936185D34F20B98101FE3833CE25165D12841D5F16CB5F81620C8204DED04E"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\optimalizace\Advanced SystemCare 4\PMonitor.exe
.
**************************************************************************
.
Celkový čas: 2011-07-01 16:53:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-01 14:53
.
Před spuštěním: Volných bajtů: 265 742 004 224
Po spuštění: Volných bajtů: 265 558 687 744
.
- - End Of File - - D5735C6FBE0FB91B9127001CF4600936

Příspěvekod **Žbeky** » 01 črc 2011 20:18

Takže ESET pryč a nainstaluj si něco free, když už se ti nechce platit

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\TNod User & Password Finder
c:\windows\1C4551A64743409391E41477CD655043.TMP

DirLook::
C:\855ed9d5123b12e6f70aa97bcbba
C:\03f3e0a56d69c6fb3928d433
c:\users\Petr\Nová složka

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableUIADesktopToggle"=-
"PromptOnSecureDesktop"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Příspěvekod **Clorky** » 01 črc 2011 20:54

ComboFix 11-06-30.05 - Petr 01.07.2011 20:46:59.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2051 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\1C4551A64743409391E41477CD655043.TMP
c:\windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-01 do 2011-07-01 )))))))))))))))))))))))))))))))
.
.
2011-07-01 18:49 . 2011-07-01 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-01 17:40 . 2011-07-01 17:40 -------- d-----w- c:\users\Petr\AppData\Roaming\LolClient
2011-07-01 17:06 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2011-07-01 17:06 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-07-01 17:06 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2011-07-01 16:14 . 2011-07-01 18:45 -------- d-----w- c:\users\Petr\AppData\Local\PMB Files
2011-07-01 16:14 . 2011-07-01 18:45 -------- d-----w- c:\programdata\PMB Files
2011-07-01 16:13 . 2011-07-01 16:13 -------- d-----w- c:\program files (x86)\Pando Networks
2011-07-01 15:33 . 2011-07-01 15:33 -------- d-----w- c:\users\Petr\AppData\Local\Garena
2011-07-01 15:30 . 2011-07-01 15:31 -------- d-----w- c:\program files (x86)\Garena
2011-07-01 14:20 . 2011-07-01 14:20 -------- d-----w- c:\users\Petr\AppData\Local\ATI
2011-07-01 06:02 . 2011-07-01 06:03 -------- d-----w- c:\program files (x86)\Unlocker
2011-07-01 06:02 . 2011-07-01 06:02 -------- d-----w- c:\users\Petr\AppData\Roaming\QuickStoresToolbar
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\programdata\Malwarebytes
2011-07-01 05:18 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-01 05:18 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 05:09 . 2011-06-30 05:09 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-06-29 19:02 . 2011-06-29 19:02 -------- d-----w- c:\program files (x86)\Vypalovač
2011-06-29 10:29 . 2011-06-29 10:29 -------- d-----w- c:\program files\ESET
2011-06-28 10:36 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FAE4468-1FB5-4554-B1B0-5EE7419687DB}\mpengine.dll
2011-06-27 11:46 . 2011-06-27 11:46 -------- d-----w- c:\program files (x86)\Nuclear Coffee
2011-06-26 18:16 . 2011-06-26 18:16 -------- d-----w- c:\users\Petr\AppData\Roaming\Day 1 Studios
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\programdata\ATI
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files (x86)\AMD APP
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-06-23 16:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2011-06-23 16:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-06-23 16:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2011-06-23 16:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2011-06-23 12:01 . 2011-06-23 12:01 -------- d-----w- c:\windows\system32\SPReview
2011-06-23 12:01 . 2011-06-23 12:03 -------- d-----w- C:\855ed9d5123b12e6f70aa97bcbba
2011-06-23 12:01 . 2011-06-23 12:01 -------- d-----w- c:\windows\system32\EventProviders
2011-06-22 11:27 . 2011-06-22 11:27 -------- d-----w- c:\program files (x86)\CAPCOM
2011-06-20 20:12 . 2011-06-23 19:02 -------- d-----w- C:\video_output
2011-06-20 17:42 . 2011-06-20 18:17 -------- d-----w- c:\users\Petr\AppData\Roaming\TeamViewer
2011-06-19 00:45 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-06-19 00:44 . 2010-11-20 13:27 611840 ----a-w- c:\windows\system32\wpd_ci.dll
2011-06-19 00:43 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-06-19 00:43 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-06-19 00:42 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-06-18 17:04 . 2011-06-18 17:04 -------- d-----w- c:\program files (x86)\CamStudio
2011-06-17 07:02 . 2005-11-13 21:22 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-06-17 07:02 . 2005-11-13 21:22 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-06-17 07:02 . 2005-11-13 21:21 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-06-17 07:02 . 2005-11-13 21:20 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-06-17 07:02 . 2005-11-13 21:19 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2011-06-17 07:02 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-06-17 07:02 . 2011-06-17 07:02 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-06-17 07:02 . 2011-06-17 07:02 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-06-15 13:27 . 2011-06-15 13:27 -------- d-----w- C:\03f3e0a56d69c6fb3928d433
2011-06-15 13:15 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-12 09:29 . 2011-06-12 09:29 -------- d-----w- c:\program files (x86)\MegaDev
2011-06-11 09:14 . 2011-06-11 09:14 -------- d-----w- c:\programdata\BioWare
2011-06-11 09:07 . 2011-06-11 09:07 -------- d-----w- c:\programdata\Media Center Programs
2011-06-11 08:51 . 2011-06-11 08:51 114688 ----a-w- C:\Trainer.dll
2011-06-10 15:10 . 2011-06-10 15:10 -------- d-----w- c:\users\Petr\Nová složka
2011-06-09 13:17 . 2011-06-09 13:43 -------- d-----w- c:\users\Petr\AppData\Roaming\Hamachi
2011-06-09 13:16 . 2011-06-09 13:17 -------- d-----w- c:\program files (x86)\Hamachi
2011-06-09 13:16 . 2011-06-09 13:16 21832 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-06-09 13:00 . 2011-06-09 13:00 -------- d-----w- c:\users\Petr\AppData\Local\Microsoft Games
2011-06-09 12:51 . 2009-07-04 11:47 11776 ----a-w- c:\windows\rtl120.bpl
2011-06-06 18:49 . 2011-06-06 18:49 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-06-06 17:41 . 2011-06-06 17:41 -------- d-----w- c:\programdata\MySQL
2011-06-06 17:41 . 2011-06-06 17:41 -------- d-----w- c:\program files\MySQL
2011-06-06 17:39 . 2011-06-09 16:03 1589248 ----a-w- c:\windows\SysWow64\libmysql_d.dll
2011-06-06 17:39 . 2011-06-06 17:39 -------- d-----w- c:\program files (x86)\PremiumSoft
2011-06-06 16:04 . 2011-06-07 12:26 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-06-05 19:23 . 2011-06-05 19:23 -------- d-----w- c:\program files (x86)\LG Electronics
2011-06-05 19:23 . 2011-01-13 02:07 1919968 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2011-06-05 19:23 . 2010-12-07 12:23 34304 ----a-w- c:\windows\system32\drivers\lgandmodem64.sys
2011-06-05 19:23 . 2010-12-07 12:23 27648 ----a-w- c:\windows\system32\drivers\lganddiag64.sys
2011-06-05 19:23 . 2010-12-07 12:23 27136 ----a-w- c:\windows\system32\drivers\lgandgps64.sys
2011-06-05 19:23 . 2010-12-07 12:22 19456 ----a-w- c:\windows\system32\drivers\lgandbus64.sys
2011-06-05 19:23 . 2010-08-02 14:19 31744 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2011-06-05 19:20 . 2011-06-05 19:20 -------- d-----w- C:\LGP350
2011-06-05 19:19 . 2011-06-09 16:03 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2011-06-05 19:19 . 2005-11-24 00:34 82432 ----a-w- c:\windows\SysWow64\msxml4r.dll
2011-06-05 19:19 . 2005-10-03 23:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2011-06-05 19:18 . 2011-06-05 19:19 -------- d-----w- c:\programdata\LGMOBILEAX
2011-06-05 18:55 . 2011-06-09 16:03 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2011-06-05 18:55 . 2011-06-09 16:03 258048 ----a-w- c:\windows\SysWow64\GplMpgDec.ax
2011-06-05 18:55 . 2007-04-12 12:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2011-06-05 18:55 . 2011-06-05 18:56 -------- d-----w- c:\program files (x86)\Allok 3GP PSP MP4 iPod Video Converter
2011-06-05 18:37 . 2011-06-05 18:37 -------- d-----w- c:\windows\SysWow64\Adobe
2011-06-05 18:26 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\AML Products
2011-06-04 14:11 . 2011-06-04 14:11 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-06-04 13:57 . 2011-06-09 15:58 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2011-06-03 19:15 . 2011-06-03 19:15 -------- d-----w- c:\windows\TiMoC
2011-06-03 19:15 . 2011-06-03 19:15 -------- d-----w- c:\program files (x86)\TiMoC
2011-06-03 17:28 . 2011-06-09 15:58 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-06-03 17:28 . 2011-06-09 15:58 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-06-03 17:28 . 2011-06-09 15:58 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-06-03 17:28 . 2011-06-03 17:28 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-06-03 17:28 . 2011-06-03 17:28 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-06-03 17:28 . 2005-11-13 21:16 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-06-03 17:28 . 2005-04-03 21:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-06-03 17:28 . 2005-04-03 21:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-06-03 17:28 . 2005-04-03 20:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-06-03 17:28 . 2011-06-03 19:40 -------- d-----w- c:\users\Petr\AppData\Local\Oblivion
2011-06-02 19:23 . 2011-06-02 19:23 -------- d-----w- c:\users\Petr\AppData\Local\QuickStores
2011-06-02 19:22 . 2011-06-02 19:22 -------- d-----w- c:\program files (x86)\DsNET Corp
2011-06-02 19:17 . 2011-06-02 19:17 -------- d-----w- c:\program files (x86)\4U Computing
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-23 12:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-23 12:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-17 05:28 . 2011-05-27 17:51 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-09 16:03 . 2011-05-30 16:37 237568 ----a-w- c:\windows\SysWow64\mcstabs.ocx
2011-06-09 16:03 . 2011-04-26 05:58 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-06-09 16:03 . 2011-04-26 05:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-06-09 16:03 . 2011-03-31 21:48 86016 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-06-09 16:03 . 2008-08-19 00:18 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2011-06-09 16:01 . 2011-05-27 19:18 319488 ----a-w- c:\windows\HideWin.exe
2011-06-01 11:36 . 2011-06-01 11:36 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-30 11:05 . 2011-05-30 11:05 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-30 11:05 . 2011-05-30 11:05 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-30 11:05 . 2011-05-30 11:05 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-05-30 11:05 . 2011-05-30 11:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-05-30 11:05 . 2011-05-30 11:05 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-30 11:05 . 2011-05-30 11:05 321024 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-30 11:05 . 2011-05-30 11:05 219136 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-05-30 11:05 . 2011-05-30 11:05 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-30 11:05 . 2011-05-30 11:05 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-05-27 19:01 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-27 19:01 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-25 03:07 . 2011-04-20 02:09 688128 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-05-25 02:58 . 2011-04-20 01:59 4219904 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-05-25 02:26 . 2011-04-20 01:23 366592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:24 . 2011-04-20 01:21 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-05-25 02:24 . 2011-04-20 01:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-05-25 02:19 . 2011-04-20 01:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 16672768 ----a-w- c:\windows\system32\amdocl64.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-24 17:14 . 2011-05-27 17:33 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 23:27 . 2011-05-04 23:27 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-22 22:15 . 2011-05-27 20:21 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-09 07:02 . 2011-05-27 20:23 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-27 20:23 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-27 20:23 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-27 20:23 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-27 20:23 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\03f3e0a56d69c6fb3928d433 ----
.
2011-06-03 16:30 . 2011-06-03 16:30 75720 ----a-w- c:\03f3e0a56d69c6fb3928d433\mrtstub.exe
.
---- Directory of C:\855ed9d5123b12e6f70aa97bcbba ----
.
.
---- Directory of c:\users\Petr\Nová složka ----
.
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-01_14.51.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-27 17:02 . 2011-07-01 14:52 29328 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-01 14:52 33138 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-05-27 17:02 . 2011-07-01 14:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-27 17:02 . 2011-07-01 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-27 17:02 . 2011-07-01 18:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-05-27 17:02 . 2011-07-01 14:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-27 17:02 . 2011-07-01 14:52 5942 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4290107199-3901289904-2400017597-1001_UserData.bin
- 2011-07-01 14:50 . 2011-07-01 14:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-01 18:50 . 2011-07-01 18:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2011-07-01 14:55 615810 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-07-01 12:42 615810 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2011-07-01 14:55 631054 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2011-07-01 12:42 631054 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-07-01 12:42 106190 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-07-01 14:55 106190 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-07-01 12:42 121708 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-07-01 14:55 121708 c:\windows\system32\perfc005.dat
+ 2011-05-27 17:52 . 2011-07-01 18:49 918312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-05-27 17:52 . 2011-07-01 14:50 918312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-05-27 399736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-01 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
.
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2011-3-17 4523928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DAEMON Tools Lite.lnk - c:\program files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]
R3 ATICDSDr;ATICDSDr;c:\users\Petr\AppData\Local\Temp\ATICDSDr.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\hry\DA Origins\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3136328]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 4012360]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2918656]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4290107199-3901289904-2400017597-1001\Software\SecuROM\License information*]
"datasecu"=hex:10,61,84,bc,3e,54,44,67,1c,91,53,31,d7,c4,28,21,f9,0c,b8,6c,4d,
3e,9d,90,00,e6,d3,a3,c9,54,f8,c8,97,eb,c1,89,ec,bc,ff,c5,66,13,6c,1c,5c,a0,\
"rkeysecu"=hex:65,cc,c6,35,ff,ce,8c,c0,0b,e5,d9,65,b6,56,6c,3b
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="9969121BCD032910016C29F53DF6190AA4824948AA9D04B3EDDA19FCAD26F5105293BF0EFAF5A82CFBBB640ED7530A0A06A539779EDA51DE43019CD04CC6A79C9CD445A8A68DDACF7AB582516F43FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E6679DB7CE019D40AA5CA6A0AC4980AC79332A1B19CB9A7AA957DD04F3A0F790FDA66DCE552BF0F80722A47347FAC9036D06A7EF8F770C4ACBCF29A51EA7BD7859A7B2030238B75BB8957986F6E67DC7BD89438200A62F515C39E142102E86CB10C2B370C6BCE6A06528BF55B83FFA73081958654EC3E215EC05519A2735F14E780ECB239AEAFEE84E3684DBBF1144A018F2C220084F49CF6FF947E269CFE2F451F2D91C9C8E458898EED808DFF79FA2992C65AD595A48EDBCAF1742FEA7816A3933C1D18C04C085CE5650B91427147C20AD257C188E8A908F959555B178378DB4DEECABCE3DBD9BDD4484C97AE56FE622B56CF0B925FD0F076D9DACF31335712CDDC3076D3ECBBB96631281550D434E7BD2296059EED471A64D104B57DAECDBEC6B393515A1C0082EB4199C080C65D2E7EA4B9635CE0575D51DCC29954896C8A6153F7B9613B259400CBD509FE36D4A0C374AD2313B488C601DBCB30AE82DE4ED3ECC9266D57FB8C690A9C0C82B3ABB6C449E4853419E5DF45DC84934DAEF133C1FDE289DBDC6E726BE0A09D30DEB647571C61DC6FD4740A74460BEB654616AEB40755C79346CD923E40E36B9C7673474F5C3EDDA264BC36F8BF5DB5C9B4935BD8013445AB79736E4286BCA12ACD5511BD89B48028073A729C101DC8F0FB2F15794BE68C558B7587B00593D1C22259381F6572FD3694DE291C6FAF1609DEB54418186C7E43CF8CFD73896F5B8248606210285990BCDAB9F4D5162BF824D8940E5A378D1039BD2604EF063556E3EEDEA587EB77485B2A53AE4EBBBDC4F3461521828A76B93C3FA00191D822B6794163669C3039CC730144342F38BD5BF7E90590A912D6FA8176E5D5585BD3F705C7A90FA8081E5F66E9503B51B5EAA75EE73D5D539A3A8FC8AEDD484C462CAFB61DD55973450975F300CEFF266C1CF34572F0076482BD86CA7FDFB0CCBC0FA2180C4182E35126CEE471EB90FB1C72D65222BC14EBC6836790AE419B55D2DF3972CF7998F2BEA93B99AB4420828081E91C9113A206A0168C7642F282E91804A3F6B04D4F212062FF5A5009CBC4D1EF3EB5FD0BB9477228C9F7CAFD986D3178798D8BB75F3BC11D77EF77194EF76267147861ECBB8DFF9B4EFA9778F366652AB4AA1B3DB0FCD3C9852B43EA6494C454F99F86FA6FB703EE3C75B5FE114D996A69E87449D28BFBE6E14936185D34F20B98101FE3833CE25165D12841D5F16CB5F81620C8204DED04E"
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\optimalizace\Advanced SystemCare 4\PMonitor.exe
d:\programy\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
.
**************************************************************************
.
Celkový čas: 2011-07-01 20:52:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-01 18:52
ComboFix2.txt 2011-07-01 14:53
.
Před spuštěním: Volných bajtů: 265 477 459 968
Po spuštění: Volných bajtů: 265 471 082 496
.
- - End Of File - - BF20D4CDD180C8C59DF3F7C942A9EC24

Příspěvekod **Žbeky** » 01 črc 2011 22:50

Něco jsem psal o tom ESETu :evil:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat

Folder::
C:\855ed9d5123b12e6f70aa97bcbba
C:\03f3e0a56d69c6fb3928d433
c:\users\Petr\Nová složka

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Příspěvekod **Clorky** » 01 črc 2011 23:41

Mám teď už BitDefender od kámoše kterej má více licencí. Ten ESET byla jen nouzovka, pač jsem nevěděl co jinýho použít. Buď zůstanu u tohohle pač nová verze Avastu mi vadí nebo nevím.

ComboFix 11-06-30.05 - Petr 01.07.2011 23:21:03.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.1718 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: BitDefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
FW: BitDefender Firewall *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
SP: BitDefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
.
/wow section - STAGE 31
Systém nemůže nalézt uvedený soubor.
Systém nemůže najít soubor SoftAV00.
Systém nemůže najít soubor LockedB.
Systém nemůže najít soubor lockedB.
.0.\\. není názvem vnitřního ani vnějšího příkazu
Systém nemůže najít soubor LockedB.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\03f3e0a56d69c6fb3928d433
c:\03f3e0a56d69c6fb3928d433\mrtstub.exe
C:\855ed9d5123b12e6f70aa97bcbba
c:\users\Petr\Nová složka
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh005.dat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-01 do 2011-07-01 )))))))))))))))))))))))))))))))
.
.
2011-07-01 21:31 . 2011-07-01 21:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-01 21:24 . 2011-07-01 21:24 0 ----a-w- c:\windows\system32\wnlogon.sys
2011-07-01 20:26 . 2011-07-01 20:26 -------- d-----w- c:\users\Petr\AppData\Roaming\BitDefender
2011-07-01 20:25 . 2011-07-01 20:26 -------- d-----w- c:\program files\BitDefender
2011-07-01 20:25 . 2011-07-01 20:25 -------- d-----w- c:\program files (x86)\MSSOAP
2011-07-01 20:21 . 2011-07-01 20:21 -------- d-----w- c:\users\Petr\AppData\Roaming\QuickScan
2011-07-01 20:21 . 2011-07-01 20:29 -------- d-----w- c:\programdata\BitDefender
2011-07-01 20:21 . 2011-07-01 20:25 -------- d-----w- c:\program files\Common Files\BitDefender
2011-07-01 20:20 . 2011-07-01 20:29 84165 ----a-w- c:\programdata\bdinstall.bin
2011-07-01 20:20 . 2011-03-24 13:36 431176 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-07-01 19:56 . 2011-07-01 19:56 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2011-07-01 17:40 . 2011-07-01 17:40 -------- d-----w- c:\users\Petr\AppData\Roaming\LolClient
2011-07-01 17:06 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2011-07-01 17:06 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-07-01 17:06 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2011-07-01 16:14 . 2011-07-01 21:31 -------- d-----w- c:\users\Petr\AppData\Local\PMB Files
2011-07-01 16:14 . 2011-07-01 19:08 -------- d-----w- c:\programdata\PMB Files
2011-07-01 16:13 . 2011-07-01 16:13 -------- d-----w- c:\program files (x86)\Pando Networks
2011-07-01 15:33 . 2011-07-01 15:33 -------- d-----w- c:\users\Petr\AppData\Local\Garena
2011-07-01 15:30 . 2011-07-01 15:31 -------- d-----w- c:\program files (x86)\Garena
2011-07-01 14:20 . 2011-07-01 14:20 -------- d-----w- c:\users\Petr\AppData\Local\ATI
2011-07-01 06:02 . 2011-07-01 06:03 -------- d-----w- c:\program files (x86)\Unlocker
2011-07-01 06:02 . 2011-07-01 06:02 -------- d-----w- c:\users\Petr\AppData\Roaming\QuickStoresToolbar
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2011-07-01 05:18 . 2011-07-01 05:18 -------- d-----w- c:\programdata\Malwarebytes
2011-07-01 05:18 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-30 05:09 . 2011-06-30 05:09 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-06-29 19:02 . 2011-06-29 19:02 -------- d-----w- c:\program files (x86)\Vypalovač
2011-06-28 10:36 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FAE4468-1FB5-4554-B1B0-5EE7419687DB}\mpengine.dll
2011-06-27 11:46 . 2011-06-27 11:46 -------- d-----w- c:\program files (x86)\Nuclear Coffee
2011-06-26 18:16 . 2011-06-26 18:16 -------- d-----w- c:\users\Petr\AppData\Roaming\Day 1 Studios
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\programdata\ATI
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files (x86)\AMD APP
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-06-24 15:49 . 2011-06-24 15:49 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-06-23 16:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2011-06-23 16:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-06-23 16:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2011-06-23 16:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2011-06-23 12:01 . 2011-06-23 12:01 -------- d-----w- c:\windows\system32\SPReview
2011-06-23 12:01 . 2011-06-23 12:01 -------- d-----w- c:\windows\system32\EventProviders
2011-06-22 11:27 . 2011-06-22 11:27 -------- d-----w- c:\program files (x86)\CAPCOM
2011-06-20 20:12 . 2011-06-23 19:02 -------- d-----w- C:\video_output
2011-06-20 17:42 . 2011-06-20 18:17 -------- d-----w- c:\users\Petr\AppData\Roaming\TeamViewer
2011-06-19 00:45 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-06-19 00:44 . 2010-11-20 13:27 611840 ----a-w- c:\windows\system32\wpd_ci.dll
2011-06-19 00:43 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-06-19 00:43 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-06-19 00:42 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-06-18 17:04 . 2011-06-18 17:04 -------- d-----w- c:\program files (x86)\CamStudio
2011-06-17 07:02 . 2005-11-13 21:22 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-06-17 07:02 . 2005-11-13 21:22 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-06-17 07:02 . 2005-11-13 21:21 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-06-17 07:02 . 2005-11-13 21:20 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-06-17 07:02 . 2005-11-13 21:19 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2011-06-17 07:02 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-06-17 07:02 . 2011-06-17 07:02 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-06-17 07:02 . 2011-06-17 07:02 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-06-15 13:15 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-12 09:29 . 2011-06-12 09:29 -------- d-----w- c:\program files (x86)\MegaDev
2011-06-11 09:14 . 2011-06-11 09:14 -------- d-----w- c:\programdata\BioWare
2011-06-11 09:07 . 2011-06-11 09:07 -------- d-----w- c:\programdata\Media Center Programs
2011-06-11 08:51 . 2011-06-11 08:51 114688 ----a-w- C:\Trainer.dll
2011-06-09 13:17 . 2011-06-09 13:43 -------- d-----w- c:\users\Petr\AppData\Roaming\Hamachi
2011-06-09 13:16 . 2011-06-09 13:17 -------- d-----w- c:\program files (x86)\Hamachi
2011-06-09 13:16 . 2011-06-09 13:16 21832 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-06-09 13:00 . 2011-06-09 13:00 -------- d-----w- c:\users\Petr\AppData\Local\Microsoft Games
2011-06-09 12:51 . 2009-07-04 11:47 11776 ----a-w- c:\windows\rtl120.bpl
2011-06-06 18:49 . 2011-06-06 18:49 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-06-06 17:41 . 2011-06-06 17:41 -------- d-----w- c:\programdata\MySQL
2011-06-06 17:41 . 2011-06-06 17:41 -------- d-----w- c:\program files\MySQL
2011-06-06 17:39 . 2011-06-09 16:03 1589248 ----a-w- c:\windows\SysWow64\libmysql_d.dll
2011-06-06 17:39 . 2011-06-06 17:39 -------- d-----w- c:\program files (x86)\PremiumSoft
2011-06-06 16:04 . 2011-06-07 12:26 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-06-05 19:23 . 2011-06-05 19:23 -------- d-----w- c:\program files (x86)\LG Electronics
2011-06-05 19:23 . 2011-01-13 02:07 1919968 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2011-06-05 19:23 . 2010-12-07 12:23 34304 ----a-w- c:\windows\system32\drivers\lgandmodem64.sys
2011-06-05 19:23 . 2010-12-07 12:23 27648 ----a-w- c:\windows\system32\drivers\lganddiag64.sys
2011-06-05 19:23 . 2010-12-07 12:23 27136 ----a-w- c:\windows\system32\drivers\lgandgps64.sys
2011-06-05 19:23 . 2010-12-07 12:22 19456 ----a-w- c:\windows\system32\drivers\lgandbus64.sys
2011-06-05 19:23 . 2010-08-02 14:19 31744 ----a-w- c:\windows\system32\drivers\lgandadb.sys
2011-06-05 19:20 . 2011-06-05 19:20 -------- d-----w- C:\LGP350
2011-06-05 19:19 . 2011-06-09 16:03 53248 ----a-w- c:\windows\SysWow64\CommonDL.dll
2011-06-05 19:19 . 2005-11-24 00:34 82432 ----a-w- c:\windows\SysWow64\msxml4r.dll
2011-06-05 19:19 . 2005-10-03 23:39 44544 ----a-w- c:\windows\SysWow64\msxml4a.dll
2011-06-05 19:18 . 2011-06-05 19:19 -------- d-----w- c:\programdata\LGMOBILEAX
2011-06-05 18:55 . 2011-06-09 16:03 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2011-06-05 18:55 . 2011-06-09 16:03 258048 ----a-w- c:\windows\SysWow64\GplMpgDec.ax
2011-06-05 18:55 . 2007-04-12 12:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2011-06-05 18:55 . 2011-06-05 18:56 -------- d-----w- c:\program files (x86)\Allok 3GP PSP MP4 iPod Video Converter
2011-06-05 18:37 . 2011-06-05 18:37 -------- d-----w- c:\windows\SysWow64\Adobe
2011-06-05 18:26 . 2010-03-15 09:31 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\AviSynth 2.5
2011-06-05 18:26 . 2011-06-05 18:26 -------- d-----w- c:\program files (x86)\AML Products
2011-06-04 14:11 . 2011-06-04 14:11 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-06-04 13:57 . 2011-06-09 15:58 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2011-06-03 19:15 . 2011-06-03 19:15 -------- d-----w- c:\windows\TiMoC
2011-06-03 19:15 . 2011-06-03 19:15 -------- d-----w- c:\program files (x86)\TiMoC
2011-06-03 17:28 . 2011-06-09 15:58 753664 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-06-03 17:28 . 2011-06-09 15:58 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-06-03 17:28 . 2011-06-09 15:58 184320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-06-03 17:28 . 2011-06-03 17:28 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-06-03 17:28 . 2011-06-03 17:28 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-06-03 17:28 . 2005-11-13 21:16 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-06-03 17:28 . 2005-04-03 21:02 69714 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-06-03 17:28 . 2005-04-03 21:00 63488 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-06-03 17:28 . 2005-04-03 20:59 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-06-03 17:28 . 2011-06-03 19:40 -------- d-----w- c:\users\Petr\AppData\Local\Oblivion
2011-06-02 19:23 . 2011-06-02 19:23 -------- d-----w- c:\users\Petr\AppData\Local\QuickStores
2011-06-02 19:22 . 2011-06-02 19:22 -------- d-----w- c:\program files (x86)\DsNET Corp
2011-06-02 19:17 . 2011-06-02 19:17 -------- d-----w- c:\program files (x86)\4U Computing
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-23 12:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-23 12:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-06-17 05:28 . 2011-05-27 17:51 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-09 16:03 . 2011-05-30 16:37 237568 ----a-w- c:\windows\SysWow64\mcstabs.ocx
2011-06-09 16:03 . 2011-04-26 05:58 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-06-09 16:03 . 2011-04-26 05:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-06-09 16:03 . 2011-03-31 21:48 86016 ----a-w- c:\windows\SysWow64\frapsvid.dll
2011-06-09 16:03 . 2008-08-19 00:18 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2011-06-09 16:01 . 2011-05-27 19:18 319488 ----a-w- c:\windows\HideWin.exe
2011-06-01 11:36 . 2011-06-01 11:36 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-30 11:05 . 2011-05-30 11:05 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-05-30 11:05 . 2011-05-30 11:05 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-05-30 11:05 . 2011-05-30 11:05 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-05-30 11:05 . 2011-05-30 11:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-05-30 11:05 . 2011-05-30 11:05 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-05-30 11:05 . 2011-05-30 11:05 321024 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-30 11:05 . 2011-05-30 11:05 219136 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-05-30 11:05 . 2011-05-30 11:05 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-30 11:05 . 2011-05-30 11:05 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-05-27 19:01 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-27 19:01 . 2009-08-18 09:24 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-25 03:07 . 2011-04-20 02:09 688128 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-05-25 02:58 . 2011-04-20 01:59 4219904 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-05-25 02:26 . 2011-04-20 01:23 366592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:24 . 2011-04-20 01:21 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-05-25 02:24 . 2011-04-20 01:21 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-05-25 02:19 . 2011-04-20 01:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 16672768 ----a-w- c:\windows\system32\amdocl64.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-24 17:14 . 2011-05-27 17:33 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 23:27 . 2011-05-04 23:27 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-04-22 22:15 . 2011-05-27 20:21 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-09 07:02 . 2011-05-27 20:23 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-27 20:23 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-27 20:23 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-27 20:23 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-27 20:23 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-01_14.51.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-27 17:02 . 2011-07-01 21:34 32064 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-01 21:34 33648 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:30 . 2011-06-29 10:29 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2011-07-01 20:26 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2010-08-20 13:42 . 2010-08-20 13:42 88144 c:\windows\system32\DriverStore\FileRepository\netlwf.inf_amd64_neutral_0cc1d80e8d64f670\BdfNdisf6.sys
+ 2010-08-20 13:42 . 2010-08-20 13:42 88144 c:\windows\system32\drivers\BdfNdisf6.sys
- 2011-05-27 16:58 . 2011-07-01 06:02 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-27 16:58 . 2011-07-01 21:33 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-27 16:58 . 2011-07-01 06:02 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-05-27 16:58 . 2011-07-01 21:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-01 06:02 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-01 21:33 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-07-01 20:39 87488 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-05-27 17:02 . 2011-07-01 21:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-27 17:02 . 2011-07-01 14:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-05-27 17:02 . 2011-07-01 14:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-27 17:02 . 2011-07-01 21:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-01 20:26 . 2011-07-01 20:26 57344 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\texticon.exe
+ 2011-07-01 20:26 . 2011-07-01 20:26 32768 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\maintenance_icon.exe
+ 2011-07-01 20:26 . 2011-07-01 20:26 61440 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\helpicon.exe
+ 2011-05-27 17:02 . 2011-07-01 21:34 6668 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4290107199-3901289904-2400017597-1001_UserData.bin
+ 2011-07-01 21:32 . 2011-07-01 21:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-01 14:50 . 2011-07-01 14:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-01 21:32 . 2011-07-01 21:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2001-09-07 09:41 . 2001-09-07 09:41 290816 c:\windows\SysWOW64\WINHTTP5.DLL
+ 2007-04-11 09:11 . 2007-04-11 09:11 511328 c:\windows\SysWOW64\capicom.dll
- 2009-07-14 02:36 . 2011-07-01 12:42 615810 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-01 20:42 615810 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-01 20:42 106190 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-07-01 12:42 106190 c:\windows\system32\perfc009.dat
- 2009-07-14 05:30 . 2011-06-29 10:29 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-07-01 20:26 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-06-29 10:29 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2011-07-01 20:26 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2010-01-19 17:32 . 2010-01-19 17:32 103944 c:\windows\system32\drivers\bdvedisk.sys
+ 2010-05-13 14:52 . 2010-05-13 14:52 101968 c:\windows\system32\drivers\bdhv.sys
+ 2010-05-13 14:52 . 2010-05-13 14:52 162896 c:\windows\system32\drivers\bdfm.sys
+ 2010-11-29 12:14 . 2010-11-29 12:14 591968 c:\windows\system32\drivers\avc3.sys
- 2011-05-27 17:52 . 2011-07-01 14:50 918312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-05-27 17:52 . 2011-07-01 21:31 918312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2008-08-08 12:46 . 2008-08-08 12:46 242176 c:\windows\Installer\15798a.msi
+ 2011-07-01 20:26 . 2011-07-01 20:26 336782 c:\windows\Installer\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\register_icon.exe
+ 2010-11-29 12:14 . 2010-11-29 12:14 1186272 c:\windows\system32\drivers\avckf.sys
- 2009-07-14 04:45 . 2011-06-30 05:39 5980439 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-07-01 20:38 5980439 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2003-02-28 09:28 . 2003-02-28 09:28 4059648 c:\windows\Installer\157992.msi
+ 2011-07-01 20:10 . 2011-07-01 20:10 83462144 c:\windows\Installer\15799a.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-05-27 399736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-01 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe" [2011-07-01 92352]
.
c:\users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
SpeedFan.lnk - c:\program files (x86)\SpeedFan\speedfan.exe [2011-3-17 4523928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DAEMON Tools Lite.lnk - c:\program files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [x]
R3 ATICDSDr;ATICDSDr;c:\users\Petr\AppData\Local\Temp\ATICDSDr.sys [x]
R3 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\hry\DA Origins\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-11-30 467248]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2010-08-20 88144]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-08-20 99408]
S1 Bdvedisk;Bdvedisk;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-25 3136328]
S2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [2011-07-01 53224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 bdfm;bdfm;c:\windows\system32\DRIVERS\bdfm.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 4012360]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2011-07-01 109344]
"BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2011-07-01 2026680]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\SetId\Internal]
@Denied: (A 2) (LocalSystem)
"DEVICE2"="vaaur8rPygA="
"DATA2"="<settings accountStatus=\"4\" oldDevice=\"\" timeDiff=\"1106312873\" expireTime=\"1309830893\" productStatus=\"1\" obSize=\"2\" InstallTS=\"1289332796\" isSubsc=\"0\" authStat_ts=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"1\" moduleId1=\"7\" moduleId2=\"10\" relType=\"1\" />"
.
[HKEY_USERS\S-1-5-21-4290107199-3901289904-2400017597-1001\Software\SecuROM\License information*]
"datasecu"=hex:10,61,84,bc,3e,54,44,67,1c,91,53,31,d7,c4,28,21,f9,0c,b8,6c,4d,
3e,9d,90,00,e6,d3,a3,c9,54,f8,c8,97,eb,c1,89,ec,bc,ff,c5,66,13,6c,1c,5c,a0,\
"rkeysecu"=hex:65,cc,c6,35,ff,ce,8c,c0,0b,e5,d9,65,b6,56,6c,3b
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="9969121BCD032910016C29F53DF6190AA4824948AA9D04B3EDDA19FCAD26F5105293BF0EFAF5A82CFBBB640ED7530A0A06A539779EDA51DE43019CD04CC6A79C9CD445A8A68DDACF7AB582516F43FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E6679DB7CE019D40AA5CA6A0AC4980AC79332A1B19CB9A7AA957DD04F3A0F790FDA66DCE552BF0F80722A47347FAC9036D06A7EF8F770C4ACBCF29A51EA7BD7859A7B2030238B75BB8957986F6E67DC7BD89438200A62F515C39E142102E86CB10C2B370C6BCE6A06528BF55B83FFA73081958654EC3E215EC05519A2735F14E780ECB239AEAFEE84E3684DBBF1144A018F2C220084F49CF6FF947E269CFE2F451F2D91C9C8E458898EED808DFF79FA2992C65AD595A48EDBCAF1742FEA7816A3933C1D18C04C085CE5650B91427147C20AD257C188E8A908F959555B178378DB4DEECABCE3DBD9BDD4484C97AE56FE622B56CF0B925FD0F076D9DACF31335712CDDC3076D3ECBBB96631281550D434E7BD2296059EED471A64D104B57DAECDBEC6B393515A1C0082EB4199C080C65D2E7EA4B9635CE0575D51DCC29954896C8A6153F7B9613B259400CBD509FE36D4A0C374AD2313B488C601DBCB30AE82DE4ED3ECC9266D57FB8C690A9C0C82B3ABB6C449E4853419E5DF45DC84934DAEF133C1FDE289DBDC6E726BE0A09D30DEB647571C61DC6FD4740A74460BEB654616AEB40755C79346CD923E40E36B9C7673474F5C3EDDA264BC36F8BF5DB5C9B4935BD8013445AB79736E4286BCA12ACD5511BD89B48028073A729C101DC8F0FB2F15794BE68C558B7587B00593D1C22259381F6572FD3694DE291C6FAF1609DEB54418186C7E43CF8CFD73896F5B8248606210285990BCDAB9F4D5162BF824D8940E5A378D1039BD2604EF063556E3EEDEA587EB77485B2A53AE4EBBBDC4F3461521828A76B93C3FA00191D822B6794163669C3039CC730144342F38BD5BF7E90590A912D6FA8176E5D5585BD3F705C7A90FA8081E5F66E9503B51B5EAA75EE73D5D539A3A8FC8AEDD484C462CAFB61DD55973450975F300CEFF266C1CF34572F0076482BD86CA7FDFB0CCBC0FA2180C4182E35126CEE471EB90FB1C72D65222BC14EBC6836790AE419B55D2DF3972CF7998F2BEA93B99AB4420828081E91C9113A206A0168C7642F282E91804A3F6B04D4F212062FF5A5009CBC4D1EF3EB5FD0BB9477228C9F7CAFD986D3178798D8BB75F3BC11D77EF77194EF76267147861ECBB8DFF9B4EFA9778F366652AB4AA1B3DB0FCD3C9852B43EA6494C454F99F86FA6FB703EE3C75B5FE114D996A69E87449D28BFBE6E14936185D34F20B98101FE3833CE25165D12841D5F16CB5F81620C8204DED04E"
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\optimalizace\Advanced SystemCare 4\PMonitor.exe
c:\program files\BitDefender\BitDefender 2011\Antispam32\pchooklaunch32.exe
.
**************************************************************************
.
Celkový čas: 2011-07-01 23:40:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-01 21:40
ComboFix2.txt 2011-07-01 18:52
ComboFix3.txt 2011-07-01 14:53
.
Před spuštěním: Volných bajtů: 264 444 776 448
Po spuštění: Volných bajtů: 273 939 619 840
.
- - End Of File - - 27D74D12CE25C182FBE616E3F6E2D28E

Příspěvekod **Žbeky** » 02 črc 2011 06:48

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

Příspěvekod **Clorky** » 02 črc 2011 08:09

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:07:39, on 2.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
D:\Optimalizace\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\BitDefender\BitDefender 2011\Antispam32\pchooklaunch32.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
D:\Programy\Mozilla Firefox 4.0 Beta 8\firefox.exe
D:\Programy\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
D:\Hry\Warcraft 3\Maps\Download\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bitdefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: DAEMON Tools Lite.lnk = C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - Unknown owner - D:\Hry\DA Origins\bin_ship\DAUpdaterSvc.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6092 bytes

Nespozoroval jsem žádný větší rozdíl, pokud by to nevadilo mohli bysme skusit ještě něco z možností, pokud něco je. Díky

Hijackthis - kontrola Vyřešeno

Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Re: Hijackthis - kontrola

Kdo je online