Pc sa sám vypína

[Roli]

Že jsi jednu položku nenašel nevadí, ale ten ComboFix udělej abychom se hlouběji podívali zda se tam nějaký šmejd ještě neukrývá.

[dusan612]

ComboFix 11-09-01.03 - Dušan . 09. 2011 19:24:42.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2047.1313 [GMT 2:00]
Running from: c:\users\Dušan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\CleanupFiles.exe
c:\users\Dušan\AppData\Roaming\pcouffin.sys
c:\windows\system32\mfc100deu.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-08-01 to 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 17:32 . 2011-09-01 17:32 -------- d-----w- c:\users\Dušan\AppData\Local\temp
2011-09-01 17:32 . 2011-09-01 17:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-01 17:08 . 2011-09-01 17:08 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A71D7CD-7225-4604-8058-7147E2F93C43}\MpKslb9a0cb56.sys
2011-09-01 10:39 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-01 10:39 . 2011-09-01 10:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-01 10:39 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-01 09:28 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A71D7CD-7225-4604-8058-7147E2F93C43}\mpengine.dll
2011-08-30 18:58 . 2011-09-01 10:26 -------- d-----w- c:\program files\trend micro
2011-08-30 18:58 . 2011-08-30 18:59 -------- d-----w- C:\rsit
2011-08-28 12:48 . 2011-08-28 12:48 -------- d-----w- c:\users\Dušan\AppData\Local\Funcom
2011-08-24 07:53 . 2011-07-09 04:29 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-18 11:28 . 2011-08-18 11:28 -------- d-sh--w- c:\programdata\DSS
2011-08-13 20:56 . 2011-08-13 20:56 -------- d-----w- c:\programdata\YouTube Downloader
2011-08-13 20:56 . 2011-08-13 20:56 -------- d-----w- c:\program files\YouTube Downloader
2011-08-11 10:43 . 2011-01-27 06:18 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E26F237-D018-4F55-AD93-4E156E25D258}\gapaengine.dll
2011-08-10 08:49 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-08 18:49 . 2011-08-08 18:49 -------- d-----w- c:\users\Dušan\AppData\Local\DDMSettings
2011-08-06 19:55 . 2011-06-02 00:10 644608 ----a-w- c:\windows\system32\xvidcore.dll
2011-08-06 19:55 . 2009-09-27 21:02 797184 ----a-w- c:\windows\system32\ac3filter.ax
2011-08-06 19:55 . 2007-10-07 13:36 258048 ----a-w- c:\windows\system32\libFLAC.dll
2011-08-05 15:00 . 2011-08-29 14:33 -------- d-----w- c:\users\Dušan\AppData\Local\ALLPlayer
2011-08-04 10:32 . 2011-08-04 10:32 -------- d-----w- c:\users\Dušan\AppData\Roaming\Malwarebytes
2011-08-04 10:32 . 2011-08-04 10:32 -------- d-----w- c:\programdata\Malwarebytes
2011-08-03 18:14 . 2011-08-03 18:14 -------- d-----w- c:\program files\Crawler
2011-08-03 18:14 . 2011-08-03 18:14 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-03 18:14 . 2011-09-01 09:31 -------- d-----w- c:\users\Dušan\AppData\Roaming\Spyware Terminator
2011-08-03 18:14 . 2011-09-01 09:31 -------- d-----w- c:\programdata\Spyware Terminator
2011-08-03 18:13 . 2011-08-18 18:04 -------- d-----w- c:\program files\Spyware Terminator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 02:44 . 2010-10-14 19:29 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-08-04 18:16 . 2011-04-26 15:53 87608 ----a-w- c:\users\Dušan\AppData\Roaming\inst.exe
2011-08-04 18:16 . 2011-04-26 15:53 87608 ----a-w- c:\users\Dušan\AppData\Roaming\inst.exe
2011-07-20 11:51 . 2010-10-13 19:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-13 03:39 . 2011-07-31 19:23 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-06-11 02:29 . 2011-07-13 08:04 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-06-10 20:18 . 2011-06-10 20:18 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2010-02-10 02:18 . 2010-10-15 12:13 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Dušan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" "sleep"
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe"
.
R1 MpKsl03c4e6ac;MpKsl03c4e6ac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{69E2B319-0F37-4E4C-A714-7FC9F6D51339}\MpKsl03c4e6ac.sys [x]
R1 MpKsl0c28b09d;MpKsl0c28b09d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12FB8358-DFF3-4D60-B420-9FEED1D9D487}\MpKsl0c28b09d.sys [x]
R1 MpKsl11c1134d;MpKsl11c1134d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DE675892-7F89-420D-B425-9DF88A08B458}\MpKsl11c1134d.sys [x]
R1 MpKsl12062f92;MpKsl12062f92;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FB60907F-28C0-44B8-A9A3-37463BE015E6}\MpKsl12062f92.sys [x]
R1 MpKsl170d11de;MpKsl170d11de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8302F8EA-649A-4E31-8E4C-9950A040EE39}\MpKsl170d11de.sys [x]
R1 MpKsl172f0ca7;MpKsl172f0ca7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1CE6D4A8-7542-4D64-A9B4-5F0AD7607BB1}\MpKsl172f0ca7.sys [x]
R1 MpKsl18a1eda5;MpKsl18a1eda5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12BB1603-7823-42E5-BA6A-ABB495D05336}\MpKsl18a1eda5.sys [x]
R1 MpKsl1988829c;MpKsl1988829c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F2E8B68E-7B32-465A-AA16-75D5D53D08FD}\MpKsl1988829c.sys [x]
R1 MpKsl1a9e966e;MpKsl1a9e966e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{090AA2A8-CE9E-4761-B931-7391028B36A5}\MpKsl1a9e966e.sys [x]
R1 MpKsl3295b8c2;MpKsl3295b8c2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA302088-8FDA-4B48-9024-7B3094E7BDDE}\MpKsl3295b8c2.sys [x]
R1 MpKsl36614ce2;MpKsl36614ce2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7001CD0C-B9BC-4781-9DA2-B02D17C09616}\MpKsl36614ce2.sys [x]
R1 MpKsl3d393658;MpKsl3d393658;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{24E2202A-1CE0-4FAD-B3BE-2D278A6FFED5}\MpKsl3d393658.sys [x]
R1 MpKsl3dccb04d;MpKsl3dccb04d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKsl3dccb04d.sys [x]
R1 MpKsl433fa0ed;MpKsl433fa0ed;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53173D2C-2261-4AE0-83A6-1CE23D7EA4AA}\MpKsl433fa0ed.sys [x]
R1 MpKsl460649c2;MpKsl460649c2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49286B8D-34BB-4DD1-8B85-5756EF242215}\MpKsl460649c2.sys [x]
R1 MpKsl500aeef6;MpKsl500aeef6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F690FF61-0429-4E94-920F-9F8DC5F1E489}\MpKsl500aeef6.sys [x]
R1 MpKsl52763898;MpKsl52763898;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5116658-67BD-4448-A902-26101280424F}\MpKsl52763898.sys [x]
R1 MpKsl69e78aea;MpKsl69e78aea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7001CD0C-B9BC-4781-9DA2-B02D17C09616}\MpKsl69e78aea.sys [x]
R1 MpKsl6b7cad75;MpKsl6b7cad75;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6969BE-728E-466D-A32E-1F9FDDB6B457}\MpKsl6b7cad75.sys [x]
R1 MpKsl6d981125;MpKsl6d981125;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{752ADD2A-3C50-4C08-AB84-C6B78EBE8E29}\MpKsl6d981125.sys [x]
R1 MpKsl7085f062;MpKsl7085f062;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3986A4DF-C1CD-4927-B7BD-D42A278940C0}\MpKsl7085f062.sys [x]
R1 MpKsl79d69de6;MpKsl79d69de6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1EA33B73-861C-44DB-895C-9664763E6316}\MpKsl79d69de6.sys [x]
R1 MpKsl85cca17d;MpKsl85cca17d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BCC8B18E-BD2C-4E6A-A001-125CF1FD3FEA}\MpKsl85cca17d.sys [x]
R1 MpKsl8bee57e2;MpKsl8bee57e2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E646F625-395B-436A-98AF-F14F47165B22}\MpKsl8bee57e2.sys [x]
R1 MpKsl8d71438d;MpKsl8d71438d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12BB1603-7823-42E5-BA6A-ABB495D05336}\MpKsl8d71438d.sys [x]
R1 MpKsl8e72935a;MpKsl8e72935a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7F526401-E667-484E-95B1-5A9EC99DE802}\MpKsl8e72935a.sys [x]
R1 MpKsla3a0e9c1;MpKsla3a0e9c1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18384657-D054-4096-889D-CC8F9C03B9D7}\MpKsla3a0e9c1.sys [x]
R1 MpKsla3bd7dbc;MpKsla3bd7dbc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{63852031-BB2B-4752-85B4-BDE630D8AAB6}\MpKsla3bd7dbc.sys [x]
R1 MpKsla4fb4f9a;MpKsla4fb4f9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{69E2B319-0F37-4E4C-A714-7FC9F6D51339}\MpKsla4fb4f9a.sys [x]
R1 MpKsla8453b9f;MpKsla8453b9f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{161340BA-5442-4532-B3D3-400311324D33}\MpKsla8453b9f.sys [x]
R1 MpKslaaae1338;MpKslaaae1338;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3986A4DF-C1CD-4927-B7BD-D42A278940C0}\MpKslaaae1338.sys [x]
R1 MpKslb08e7532;MpKslb08e7532;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2B5FDAE-404A-4F1B-9163-E381D662EBFE}\MpKslb08e7532.sys [x]
R1 MpKslb17b5ddd;MpKslb17b5ddd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7EEE9BC-5D0F-404E-B0FE-D28B87B6D92A}\MpKslb17b5ddd.sys [x]
R1 MpKslb571f52e;MpKslb571f52e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A5908B6-832D-4D57-99F3-F7C2BE6C3E67}\MpKslb571f52e.sys [x]
R1 MpKslbcca1e30;MpKslbcca1e30;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFA2217A-BE34-413C-94E0-7CFDDDD64E87}\MpKslbcca1e30.sys [x]
R1 MpKslc08678a8;MpKslc08678a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKslc08678a8.sys [x]
R1 MpKslca8f1572;MpKslca8f1572;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFA2217A-BE34-413C-94E0-7CFDDDD64E87}\MpKslca8f1572.sys [x]
R1 MpKslcb79496f;MpKslcb79496f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B4035BC-B4FA-4415-9A75-40A20240572F}\MpKslcb79496f.sys [x]
R1 MpKsld418d5ff;MpKsld418d5ff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FE6284D1-342A-4435-BB8C-ECDD042430D7}\MpKsld418d5ff.sys [x]
R1 MpKsld4c9a884;MpKsld4c9a884;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3DFBB518-995A-4F1B-8BFB-AB450611229F}\MpKsld4c9a884.sys [x]
R1 MpKsld6e15be5;MpKsld6e15be5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30E00535-D9A1-431A-8C4A-CF19F71A6C68}\MpKsld6e15be5.sys [x]
R1 MpKsld93e4e4a;MpKsld93e4e4a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E311586E-D45B-4152-87F8-33214875E7B8}\MpKsld93e4e4a.sys [x]
R1 MpKsldb26f16c;MpKsldb26f16c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6FC6B59F-C708-49B8-98AB-4F31C530655F}\MpKsldb26f16c.sys [x]
R1 MpKslde413246;MpKslde413246;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9CB1C2C1-8290-4E6C-957E-EC26E645F87D}\MpKslde413246.sys [x]
R1 MpKsle16423d1;MpKsle16423d1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47441456-1F56-4ADE-B39A-9AA5954D3EAF}\MpKsle16423d1.sys [x]
R1 MpKsle23fdec6;MpKsle23fdec6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKsle23fdec6.sys [x]
R1 MpKsle5d1bb20;MpKsle5d1bb20;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{890D40F1-98CD-4645-81FB-F77324D94FBC}\MpKsle5d1bb20.sys [x]
R1 MpKsle96de0b1;MpKsle96de0b1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{14B0724C-727B-4D94-BCEC-ECE1B56D7801}\MpKsle96de0b1.sys [x]
R1 MpKslf547cb09;MpKslf547cb09;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FA212CE-B59F-43D9-8A49-9D7ACD31F329}\MpKslf547cb09.sys [x]
R1 MpKslfbcba3cc;MpKslfbcba3cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1CE6D4A8-7542-4D64-A9B4-5F0AD7607BB1}\MpKslfbcba3cc.sys [x]
R1 MpKslfc1b8d3b;MpKslfc1b8d3b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FA212CE-B59F-43D9-8A49-9D7ACD31F329}\MpKslfc1b8d3b.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-12 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-14 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-10 218688]
S1 MpKslb9a0cb56;MpKslb9a0cb56;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A71D7CD-7225-4604-8058-7147E2F93C43}\MpKslb9a0cb56.sys [2011-09-01 28752]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-08-03 142592]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 176128]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-30 1523008]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
S3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2010-10-12 1517056]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLB9A0CB56
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
IE: Crawler Search - tbr:iemenu
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: Interfaces\{D29B24BE-E87B-452D-A296-5EC66F041B1E}: NameServer = 192.168.100.2,192.168.0.200
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=hex:51,66,7a,6c,4c,1d,38,12,84,00,2b,
4f,02,1c,ad,08,d8,ea,70,23,8a,63,71,56
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,
9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}"=hex:51,66,7a,6c,4c,1d,38,12,9e,08,a1,
18,9c,f5,c9,05,ec,e2,27,75,fa,63,40,05
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,
2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}"=hex:51,66,7a,6c,4c,1d,38,12,9d,5d,81,
db,b5,34,8a,01,e3,b9,ce,3b,2d,55,b2,02
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:dc,0b,58,76,b9,67,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c3,8a,b3,3a,cd,df,e1,4b,b3,fb,ae,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c3,8a,b3,3a,cd,df,e1,4b,b3,fb,ae,\
.
[HKEY_USERS\S-1-5-21-2077639707-384719932-3077192631-1000\Software\SecuROM\License information*]
"datasecu"=hex:ac,20,76,60,8d,b7,50,c0,32,3d,82,86,49,06,25,28,0e,d4,4b,b6,3b,
69,01,bc,73,f8,4c,4c,60,1a,d6,a9,e4,50,df,17,e9,6d,02,3e,3a,a0,e5,58,c3,02,\
"rkeysecu"=hex:c3,24,47,7d,b0,88,da,c4,17,de,73,64,37,ba,6b,1f
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-09-01 19:36:05
ComboFix-quarantined-files.txt 2011-09-01 17:36
.
Pre-Run: 72 142 450 688 bytes free
Post-Run: 71 968 153 600 bytes free
.
- - End Of File - - 7CE754620DF0FA02912D6CCFAAA8C72F

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\program files\Common Files\AskToolbarInstaller.exe

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[dusan612]

ale ja som ten program už vymazal ten combofix vadí to ?

[Roli]

A řekl ti někdo abys ho vymazal

Tak že ho stáhni znovu na Plochu a udělej tu akci s tím skriptem, pak mi sem zase hoď log.

[dusan612]

jj ale nemože mi to urobit s niečo s windows ? treba že budem muset preištalovat pc a budem to robit zajtra až

[Roli]

Tak že buď chceš pomoct a budeš dělat co píšu nebo se na to můžeme vykašlat.

[dusan612]

ComboFix 11-09-01.03 - Dušan . 09. 2011 0:19.2.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2047.1311 [GMT 2:00]
Running from: c:\users\Dušan\Desktop\ComboFix.exe
Command switches used :: c:\users\Dušan\Desktop\CFScript.txt.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\program files\Common Files\AskToolbarInstaller.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\AskToolbarInstaller.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-08-01 to 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 22:26 . 2011-09-01 22:26 -------- d-----w- c:\users\Dušan\AppData\Local\temp
2011-09-01 22:26 . 2011-09-01 22:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-01 17:43 . 2011-09-01 17:43 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A71D7CD-7225-4604-8058-7147E2F93C43}\MpKsl433bdff9.sys
2011-09-01 17:22 . 2011-09-01 17:53 -------- d-----w- C:\ZZZZZZ
2011-09-01 10:39 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-01 10:39 . 2011-09-01 10:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-01 10:39 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-01 09:28 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A71D7CD-7225-4604-8058-7147E2F93C43}\mpengine.dll
2011-08-30 18:58 . 2011-09-01 10:26 -------- d-----w- c:\program files\trend micro
2011-08-30 18:58 . 2011-08-30 18:59 -------- d-----w- C:\rsit
2011-08-28 12:48 . 2011-08-28 12:48 -------- d-----w- c:\users\Dušan\AppData\Local\Funcom
2011-08-24 07:53 . 2011-07-09 04:29 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-18 11:28 . 2011-08-18 11:28 -------- d-sh--w- c:\programdata\DSS
2011-08-13 20:56 . 2011-08-13 20:56 -------- d-----w- c:\programdata\YouTube Downloader
2011-08-13 20:56 . 2011-08-13 20:56 -------- d-----w- c:\program files\YouTube Downloader
2011-08-11 10:43 . 2011-01-27 06:18 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E26F237-D018-4F55-AD93-4E156E25D258}\gapaengine.dll
2011-08-10 08:49 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-08 18:49 . 2011-08-08 18:49 -------- d-----w- c:\users\Dušan\AppData\Local\DDMSettings
2011-08-06 19:55 . 2011-06-02 00:10 644608 ----a-w- c:\windows\system32\xvidcore.dll
2011-08-06 19:55 . 2009-09-27 21:02 797184 ----a-w- c:\windows\system32\ac3filter.ax
2011-08-06 19:55 . 2007-10-07 13:36 258048 ----a-w- c:\windows\system32\libFLAC.dll
2011-08-05 15:00 . 2011-08-29 14:33 -------- d-----w- c:\users\Dušan\AppData\Local\ALLPlayer
2011-08-04 10:32 . 2011-08-04 10:32 -------- d-----w- c:\users\Dušan\AppData\Roaming\Malwarebytes
2011-08-04 10:32 . 2011-08-04 10:32 -------- d-----w- c:\programdata\Malwarebytes
2011-08-03 18:14 . 2011-08-03 18:14 -------- d-----w- c:\program files\Crawler
2011-08-03 18:14 . 2011-08-03 18:14 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-03 18:14 . 2011-09-01 09:31 -------- d-----w- c:\users\Dušan\AppData\Roaming\Spyware Terminator
2011-08-03 18:14 . 2011-09-01 09:31 -------- d-----w- c:\programdata\Spyware Terminator
2011-08-03 18:13 . 2011-08-18 18:04 -------- d-----w- c:\program files\Spyware Terminator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 02:44 . 2010-10-14 19:29 7152464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-08-04 18:16 . 2011-04-26 15:53 87608 ----a-w- c:\users\Dušan\AppData\Roaming\inst.exe
2011-08-04 18:16 . 2011-04-26 15:53 87608 ----a-w- c:\users\Dušan\AppData\Roaming\inst.exe
2011-07-20 11:51 . 2010-10-13 19:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-13 03:39 . 2011-07-31 19:23 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-06-11 02:29 . 2011-07-13 08:04 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-06-10 20:18 . 2011-06-10 20:18 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Dušan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" "sleep"
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe"
.
R1 MpKsl03c4e6ac;MpKsl03c4e6ac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{69E2B319-0F37-4E4C-A714-7FC9F6D51339}\MpKsl03c4e6ac.sys [x]
R1 MpKsl0c28b09d;MpKsl0c28b09d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12FB8358-DFF3-4D60-B420-9FEED1D9D487}\MpKsl0c28b09d.sys [x]
R1 MpKsl11c1134d;MpKsl11c1134d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DE675892-7F89-420D-B425-9DF88A08B458}\MpKsl11c1134d.sys [x]
R1 MpKsl12062f92;MpKsl12062f92;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FB60907F-28C0-44B8-A9A3-37463BE015E6}\MpKsl12062f92.sys [x]
R1 MpKsl170d11de;MpKsl170d11de;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8302F8EA-649A-4E31-8E4C-9950A040EE39}\MpKsl170d11de.sys [x]
R1 MpKsl172f0ca7;MpKsl172f0ca7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1CE6D4A8-7542-4D64-A9B4-5F0AD7607BB1}\MpKsl172f0ca7.sys [x]
R1 MpKsl18a1eda5;MpKsl18a1eda5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12BB1603-7823-42E5-BA6A-ABB495D05336}\MpKsl18a1eda5.sys [x]
R1 MpKsl1988829c;MpKsl1988829c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F2E8B68E-7B32-465A-AA16-75D5D53D08FD}\MpKsl1988829c.sys [x]
R1 MpKsl1a9e966e;MpKsl1a9e966e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{090AA2A8-CE9E-4761-B931-7391028B36A5}\MpKsl1a9e966e.sys [x]
R1 MpKsl3295b8c2;MpKsl3295b8c2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DA302088-8FDA-4B48-9024-7B3094E7BDDE}\MpKsl3295b8c2.sys [x]
R1 MpKsl36614ce2;MpKsl36614ce2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7001CD0C-B9BC-4781-9DA2-B02D17C09616}\MpKsl36614ce2.sys [x]
R1 MpKsl3d393658;MpKsl3d393658;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{24E2202A-1CE0-4FAD-B3BE-2D278A6FFED5}\MpKsl3d393658.sys [x]
R1 MpKsl3dccb04d;MpKsl3dccb04d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKsl3dccb04d.sys [x]
R1 MpKsl433fa0ed;MpKsl433fa0ed;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{53173D2C-2261-4AE0-83A6-1CE23D7EA4AA}\MpKsl433fa0ed.sys [x]
R1 MpKsl460649c2;MpKsl460649c2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49286B8D-34BB-4DD1-8B85-5756EF242215}\MpKsl460649c2.sys [x]
R1 MpKsl500aeef6;MpKsl500aeef6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F690FF61-0429-4E94-920F-9F8DC5F1E489}\MpKsl500aeef6.sys [x]
R1 MpKsl52763898;MpKsl52763898;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B5116658-67BD-4448-A902-26101280424F}\MpKsl52763898.sys [x]
R1 MpKsl69e78aea;MpKsl69e78aea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7001CD0C-B9BC-4781-9DA2-B02D17C09616}\MpKsl69e78aea.sys [x]
R1 MpKsl6b7cad75;MpKsl6b7cad75;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E6969BE-728E-466D-A32E-1F9FDDB6B457}\MpKsl6b7cad75.sys [x]
R1 MpKsl6d981125;MpKsl6d981125;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{752ADD2A-3C50-4C08-AB84-C6B78EBE8E29}\MpKsl6d981125.sys [x]
R1 MpKsl7085f062;MpKsl7085f062;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3986A4DF-C1CD-4927-B7BD-D42A278940C0}\MpKsl7085f062.sys [x]
R1 MpKsl79d69de6;MpKsl79d69de6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1EA33B73-861C-44DB-895C-9664763E6316}\MpKsl79d69de6.sys [x]
R1 MpKsl85cca17d;MpKsl85cca17d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BCC8B18E-BD2C-4E6A-A001-125CF1FD3FEA}\MpKsl85cca17d.sys [x]
R1 MpKsl8bee57e2;MpKsl8bee57e2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E646F625-395B-436A-98AF-F14F47165B22}\MpKsl8bee57e2.sys [x]
R1 MpKsl8d71438d;MpKsl8d71438d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{12BB1603-7823-42E5-BA6A-ABB495D05336}\MpKsl8d71438d.sys [x]
R1 MpKsl8e72935a;MpKsl8e72935a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7F526401-E667-484E-95B1-5A9EC99DE802}\MpKsl8e72935a.sys [x]
R1 MpKsla3a0e9c1;MpKsla3a0e9c1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18384657-D054-4096-889D-CC8F9C03B9D7}\MpKsla3a0e9c1.sys [x]
R1 MpKsla3bd7dbc;MpKsla3bd7dbc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{63852031-BB2B-4752-85B4-BDE630D8AAB6}\MpKsla3bd7dbc.sys [x]
R1 MpKsla4fb4f9a;MpKsla4fb4f9a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{69E2B319-0F37-4E4C-A714-7FC9F6D51339}\MpKsla4fb4f9a.sys [x]
R1 MpKsla8453b9f;MpKsla8453b9f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{161340BA-5442-4532-B3D3-400311324D33}\MpKsla8453b9f.sys [x]
R1 MpKslaaae1338;MpKslaaae1338;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3986A4DF-C1CD-4927-B7BD-D42A278940C0}\MpKslaaae1338.sys [x]
R1 MpKslb08e7532;MpKslb08e7532;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C2B5FDAE-404A-4F1B-9163-E381D662EBFE}\MpKslb08e7532.sys [x]
R1 MpKslb17b5ddd;MpKslb17b5ddd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7EEE9BC-5D0F-404E-B0FE-D28B87B6D92A}\MpKslb17b5ddd.sys [x]
R1 MpKslb571f52e;MpKslb571f52e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A5908B6-832D-4D57-99F3-F7C2BE6C3E67}\MpKslb571f52e.sys [x]
R1 MpKslbcca1e30;MpKslbcca1e30;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFA2217A-BE34-413C-94E0-7CFDDDD64E87}\MpKslbcca1e30.sys [x]
R1 MpKslc08678a8;MpKslc08678a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKslc08678a8.sys [x]
R1 MpKslca8f1572;MpKslca8f1572;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFA2217A-BE34-413C-94E0-7CFDDDD64E87}\MpKslca8f1572.sys [x]
R1 MpKslcb79496f;MpKslcb79496f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B4035BC-B4FA-4415-9A75-40A20240572F}\MpKslcb79496f.sys [x]
R1 MpKsld418d5ff;MpKsld418d5ff;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FE6284D1-342A-4435-BB8C-ECDD042430D7}\MpKsld418d5ff.sys [x]
R1 MpKsld4c9a884;MpKsld4c9a884;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3DFBB518-995A-4F1B-8BFB-AB450611229F}\MpKsld4c9a884.sys [x]
R1 MpKsld6e15be5;MpKsld6e15be5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30E00535-D9A1-431A-8C4A-CF19F71A6C68}\MpKsld6e15be5.sys [x]
R1 MpKsld93e4e4a;MpKsld93e4e4a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E311586E-D45B-4152-87F8-33214875E7B8}\MpKsld93e4e4a.sys [x]
R1 MpKsldb26f16c;MpKsldb26f16c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6FC6B59F-C708-49B8-98AB-4F31C530655F}\MpKsldb26f16c.sys [x]
R1 MpKslde413246;MpKslde413246;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9CB1C2C1-8290-4E6C-957E-EC26E645F87D}\MpKslde413246.sys [x]
R1 MpKsle16423d1;MpKsle16423d1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47441456-1F56-4ADE-B39A-9AA5954D3EAF}\MpKsle16423d1.sys [x]
R1 MpKsle23fdec6;MpKsle23fdec6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKsle23fdec6.sys [x]
R1 MpKsle5d1bb20;MpKsle5d1bb20;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{890D40F1-98CD-4645-81FB-F77324D94FBC}\MpKsle5d1bb20.sys [x]
R1 MpKsle96de0b1;MpKsle96de0b1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{14B0724C-727B-4D94-BCEC-ECE1B56D7801}\MpKsle96de0b1.sys [x]
R1 MpKslf547cb09;MpKslf547cb09;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FA212CE-B59F-43D9-8A49-9D7ACD31F329}\MpKslf547cb09.sys [x]
R1 MpKslfbcba3cc;MpKslfbcba3cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1CE6D4A8-7542-4D64-A9B4-5F0AD7607BB1}\MpKslfbcba3cc.sys [x]
R1 MpKslfc1b8d3b;MpKslfc1b8d3b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1FA212CE-B59F-43D9-8A49-9D7ACD31F329}\MpKslfc1b8d3b.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-12 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-14 691696]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-10 218688]
S1 MpKsl433bdff9;MpKsl433bdff9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A71D7CD-7225-4604-8058-7147E2F93C43}\MpKsl433bdff9.sys [2011-09-01 28752]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-08-03 142592]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 176128]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-30 1523008]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
S3 c65013264;C-Media CM6501 Like Sound UDAX Interface;c:\windows\system32\drivers\c6501.sys [2010-10-12 1517056]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL433BDFF9
*Deregistered* - MBAMSwissArmy
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Supplementary Scan -------
.
IE: Crawler Search - tbr:iemenu
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: Interfaces\{D29B24BE-E87B-452D-A296-5EC66F041B1E}: NameServer = 192.168.100.2,192.168.0.200
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=hex:51,66,7a,6c,4c,1d,38,12,84,00,2b,
4f,02,1c,ad,08,d8,ea,70,23,8a,63,71,56
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,
9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}"=hex:51,66,7a,6c,4c,1d,38,12,9e,08,a1,
18,9c,f5,c9,05,ec,e2,27,75,fa,63,40,05
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,
2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}"=hex:51,66,7a,6c,4c,1d,38,12,9d,5d,81,
db,b5,34,8a,01,e3,b9,ce,3b,2d,55,b2,02
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:dc,0b,58,76,b9,67,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c3,8a,b3,3a,cd,df,e1,4b,b3,fb,ae,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c3,8a,b3,3a,cd,df,e1,4b,b3,fb,ae,\
.
[HKEY_USERS\S-1-5-21-2077639707-384719932-3077192631-1000\Software\SecuROM\License information*]
"datasecu"=hex:ac,20,76,60,8d,b7,50,c0,32,3d,82,86,49,06,25,28,0e,d4,4b,b6,3b,
69,01,bc,73,f8,4c,4c,60,1a,d6,a9,e4,50,df,17,e9,6d,02,3e,3a,a0,e5,58,c3,02,\
"rkeysecu"=hex:c3,24,47,7d,b0,88,da,c4,17,de,73,64,37,ba,6b,1f
.
Completion time: 2011-09-02 00:29:41
ComboFix-quarantined-files.txt 2011-09-01 22:29
ComboFix2.txt 2011-09-01 17:36
.
Pre-Run: 73 097 871 360 bytes free
Post-Run: 72 913 403 904 bytes free
.
- - End Of File - - 79329BE6609C5A330C76EF5DCA65CF8E

[Roli]

Nyní už jen uklidíme.


Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

[dusan612]

stav pc je poriadku nevidim žiadny problem v pc

[Roli]

Tak v tom případě máme hotovo

[dusan612]

TuneUp Utilities 2011 3 problemy
ako vyriešit tento problem ?

Kód: Vybrat vše

http://imghost.sk/share/440728-Beznzvu.jpeg

Kód: Vybrat vše

http://imghost.sk/share/440729-Beznzvu2.jpeg

Kód: Vybrat vše

http://imghost.sk/share/440730-Beznzvu3.jpeg

[Roli]

Tak softíky tohohle tipu já osobně nemám rád, ale to co našel patří k Microsoft Security Essentials

Jednoduše řečeno se jedná o starší ovladač antiviru který se s novou aktualizací přepíše.

Tak že v pohodě.

[dusan612]

ako to vyriešit ? mi vypisalo toto v bubline

[Roli]

Ovladač od grafiky přestal reagovat a byl úspěšně obnoven.

Jestliže se hláška bude opakovat, ovladače přeinstaluj a přestaň se vrtat

v tom čemu nerozumíš.