POMALÉ PC HELP

Zpráva

curtissek · #1 Příspěvek od **curtissek** » 18 zář 2011 11:35

ComboFix 11-09-17.04 - User 18.09.2011 11:52:35.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2046.1039 [GMT 2:00]
Spuštěný z: c:\users\User\AppData\Local\temp\3582-490\ComboFix.exe
AV: AVG Internet Security 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-18 do 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 10:09 . 2011-09-18 10:09 -------- d-----w- c:\users\User\AppData\Local\temp
2011-09-18 10:09 . 2011-09-18 10:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-18 09:46 . 2011-09-18 09:46 41472 ----a-w- c:\windows\svchost.com
2011-09-18 08:50 . 2011-09-18 08:50 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-09-18 08:50 . 2011-09-18 08:50 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-09-18 08:50 . 2011-09-18 08:50 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-09-18 08:50 . 2011-09-18 08:50 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-09-18 08:50 . 2011-09-18 08:50 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2011-09-18 08:50 . 2011-09-18 08:50 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-09-18 08:50 . 2011-09-18 08:50 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2011-09-18 08:50 . 2011-09-18 08:50 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2011-09-18 08:50 . 2011-09-18 08:50 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2011-09-18 08:49 . 2011-09-18 08:49 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2011-09-18 08:49 . 2011-09-18 08:49 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2011-09-18 08:49 . 2011-09-18 08:49 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2011-09-18 08:49 . 2011-09-18 08:49 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-09-18 08:49 . 2011-09-18 08:49 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-09-18 08:49 . 2011-09-18 08:49 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2011-09-18 08:49 . 2011-09-18 08:49 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-09-18 08:49 . 2011-09-18 08:49 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2011-09-15 23:23 . 2011-09-15 23:29 1409 ----a-w- c:\windows\QTFont.for
2011-09-15 21:31 . 2004-08-04 18:00 3584 ----a-w- c:\windows\system32\temp.001
2011-09-15 21:25 . 2011-09-15 21:25 -------- d-----w- c:\program files\GreenVantage LLC
2011-09-15 21:18 . 2011-09-15 21:18 -------- d-----w- c:\program files\CPUID
2011-09-15 21:18 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-09-15 18:16 . 2011-09-15 18:16 -------- d-----w- c:\windows\system32\RTCOM
2011-09-15 18:14 . 2010-07-22 14:37 175200 ----a-w- c:\windows\system32\AERTACap.dll
2011-09-15 17:37 . 2011-09-15 17:37 -------- d-----w- c:\program files\RMClock
2011-09-15 17:35 . 2011-09-15 18:21 32544 ----a-w- c:\windows\system32\drivers\lladrv.sys
2011-09-15 17:35 . 2004-08-22 00:52 81920 ----a-w- c:\windows\system32\lladrv.dll
2011-09-15 17:35 . 2004-08-22 00:21 73728 ----a-w- c:\windows\system32\lladrv.exe
2011-09-15 17:35 . 2004-02-29 09:44 45056 ----a-w- c:\windows\system32\lladrv.cpl
2011-09-15 17:10 . 2010-03-04 16:04 758784 ----a-w- c:\windows\system32\cohelper.dll
2011-09-15 17:10 . 2010-02-22 05:45 10084 ----a-w- c:\windows\system32\drivers\nvphy.bin
2011-09-15 17:09 . 2011-09-15 17:13 -------- d-----w- c:\program files\NVIDIA Corporation
2011-09-15 17:08 . 2011-09-15 22:42 -------- d-----w- C:\NVIDIA
2011-09-15 17:08 . 2004-08-04 18:00 3584 ----a-w- c:\windows\system32\temp.000
2011-09-15 17:08 . 2004-03-08 22:00 212240 ----a-w- c:\windows\system32\RichTx32.ocx
2011-09-15 17:08 . 2000-05-21 22:00 608448 ----a-w- c:\windows\system32\ComCtl32.ocx
2011-09-15 17:08 . 2000-05-21 22:00 244416 ----a-w- c:\windows\system32\MsFlxGrd.ocx
2011-09-15 17:08 . 2011-09-15 17:08 -------- d-----w- c:\program files\Phoenix Technologies Ltd
2011-09-15 17:08 . 2004-03-08 22:00 152848 ----a-w- c:\windows\system32\COMDLG32.OCX
2011-09-15 16:44 . 2011-09-15 16:44 -------- d-----w- c:\program files\Driver-Soft
2011-09-15 16:27 . 2011-09-15 16:28 -------- d-----w- c:\program files\HPQ
2011-09-15 16:27 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-09-15 16:27 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-09-15 16:27 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-09-15 16:27 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-09-15 16:27 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-09-15 16:27 . 2011-09-15 16:27 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-09-15 16:27 . 2011-09-15 16:27 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-09-15 16:17 . 2011-09-15 16:17 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-09-15 16:16 . 2011-09-18 09:43 -------- d-----w- c:\users\User\AppData\Local\eSupport.com
2011-09-15 16:16 . 2011-09-15 16:16 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-09-15 15:47 . 2011-09-15 15:47 709968 ----a-w- c:\windows\is-TMSK1.exe
2011-09-15 15:29 . 2011-09-15 15:29 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2011-09-15 15:29 . 2011-09-15 15:29 -------- d-----w- c:\programdata\Malwarebytes
2011-09-15 15:29 . 2011-09-15 16:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-15 15:29 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-15 15:17 . 2009-06-25 11:39 413696 ----a-w- c:\windows\system32\imkr80.ime
2011-09-15 15:17 . 2009-06-25 11:39 883712 ----a-w- c:\windows\system32\IMJP10.IME
2011-09-15 15:07 . 2009-06-03 23:56 675152 ----a-w- c:\windows\system32\gpprefcl.dll
2011-09-15 13:36 . 2011-09-15 13:36 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-09-15 05:37 . 2011-09-15 05:37 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-09-15 05:37 . 2011-09-15 05:37 -------- d-----w- c:\windows\PCHEALTH
2011-09-15 05:37 . 2011-09-15 05:37 -------- d-----w- c:\program files\Microsoft Sync Framework
2011-09-15 05:37 . 2011-09-15 05:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-09-15 05:35 . 2011-09-15 05:35 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-09-15 04:44 . 2011-09-15 04:44 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-09-15 04:43 . 2011-09-15 04:43 -------- d-----w- c:\users\User\AppData\Local\Microsoft Help
2011-09-15 04:43 . 2011-09-15 13:45 -------- d-----w- c:\programdata\Microsoft Help
2011-09-15 00:10 . 2011-09-15 00:10 -------- d-----w- c:\users\User\AppData\Local\AMD
2011-09-14 23:46 . 2011-09-14 23:46 -------- d-----w- c:\users\User\AppData\Roaming\ATI
2011-09-14 23:46 . 2011-09-14 23:46 -------- d-----w- c:\users\User\AppData\Local\ATI
2011-09-14 23:46 . 2011-09-14 23:46 -------- d-----w- c:\programdata\ATI
2011-09-14 23:46 . 2011-09-14 23:46 -------- d-----w- c:\program files\AMD APP
2011-09-14 23:46 . 2011-09-14 23:46 -------- d-----w- c:\programdata\AMD
2011-09-14 23:45 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2011-09-14 23:34 . 2011-09-14 23:34 -------- d-----w- c:\program files\Western Digital Corporation
2011-09-14 23:28 . 2011-09-14 23:46 -------- d-----w- c:\program files\ATI Technologies
2011-09-14 23:28 . 2011-09-14 23:28 -------- d-----w- c:\program files\ATI
2011-09-14 23:27 . 2011-09-14 23:27 -------- d-----w- C:\ATI
2011-09-14 23:18 . 2011-09-14 23:18 -------- d-----w- c:\windows\Sun
2011-09-14 18:36 . 2011-09-14 18:36 -------- d-----w- c:\users\User\AppData\Local\Deployment
2011-09-14 18:36 . 2011-09-14 18:36 -------- d-----w- c:\users\User\AppData\Local\Apps
2011-09-14 17:31 . 2011-09-14 17:31 -------- d-----w- c:\programdata\KONAMI
2011-09-14 17:31 . 2011-09-14 17:31 -------- d-----w- c:\program files\KONAMI
2011-09-14 13:14 . 2011-08-16 06:48 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6BC7A55-B9BD-4A8B-88A6-5C7F6B680161}\mpengine.dll
2011-09-14 12:21 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-14 12:15 . 2011-09-14 12:15 -------- d--h--r- c:\users\User\AppData\Roaming\SecuROM
2011-09-14 08:39 . 2011-09-14 08:39 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-07 12:03 . 2011-07-19 03:05 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-09-07 12:03 . 2011-07-19 03:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-07 11:37 . 2011-09-07 11:37 -------- d-----w- c:\program files\Seznam.cz
2011-09-02 11:28 . 2011-09-02 11:28 -------- d-----w- c:\program files\CCleaner
2011-09-02 08:45 . 2011-09-02 08:45 -------- d-----w- c:\users\User\kbpki
2011-08-25 20:09 . 2011-08-25 20:37 -------- d-----w- c:\users\User\AppData\Roaming\vlc
2011-08-25 20:09 . 2011-08-25 20:09 -------- d-----w- c:\program files\VideoLAN
2011-08-25 20:03 . 2011-08-25 20:03 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-08-25 20:03 . 2011-08-25 20:03 -------- d-----w- c:\program files\Common Files\xing shared
2011-08-25 20:02 . 2011-08-25 20:02 150696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-08-25 20:02 . 2011-08-25 20:02 107008 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-08-25 19:58 . 2011-08-25 20:03 -------- d-----w- c:\program files\Real
2011-08-24 17:18 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-15 18:16 . 2009-02-20 22:45 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-09-14 07:55 . 2011-05-22 16:28 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-31 17:12 . 2009-02-20 22:45 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-08-25 20:02 . 2009-02-20 22:49 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-08-25 20:02 . 2009-02-20 22:49 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-28 22:22 . 2011-07-28 22:22 8396800 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-28 21:44 . 2011-07-28 21:44 18388480 ----a-w- c:\windows\system32\atioglxx.dll
2011-07-28 21:40 . 2011-07-28 21:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-28 21:40 . 2011-07-28 21:40 726528 ----a-w- c:\windows\system32\aticfx32.dll
2011-07-28 21:36 . 2011-07-28 21:36 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-28 21:35 . 2011-07-28 21:35 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-28 21:35 . 2011-07-28 21:35 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-28 21:34 . 2011-07-28 21:34 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-07-28 21:33 . 2011-07-28 21:33 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-07-28 21:33 . 2011-07-28 21:33 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-07-28 21:33 . 2011-07-28 21:33 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-28 21:33 . 2011-07-28 21:33 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-07-28 21:30 . 2011-07-28 21:30 4198912 ----a-w- c:\windows\system32\atidxx32.dll
2011-07-28 21:11 . 2011-07-28 21:11 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-07-28 21:11 . 2011-07-28 21:11 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-28 21:11 . 2011-07-28 21:11 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-28 21:09 . 2009-02-20 23:21 4256768 ----a-w- c:\windows\system32\atiumdag.dll
2011-07-28 21:07 . 2011-07-28 21:07 8247296 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-28 21:03 . 2009-02-20 23:21 4056064 ----a-w- c:\windows\system32\atiumdva.dll
2011-07-28 21:01 . 2011-07-28 21:01 52736 ----a-w- c:\windows\system32\coinst.dll
2011-07-28 20:54 . 2011-07-28 20:54 266240 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-28 20:54 . 2011-07-28 20:54 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-07-28 20:53 . 2011-07-28 20:53 247296 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-28 20:53 . 2011-07-28 20:53 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-07-28 20:53 . 2011-07-28 20:53 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-07-28 20:52 . 2011-07-28 20:52 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-07-28 20:52 . 2011-07-28 20:52 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-28 20:51 . 2011-07-28 20:51 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-07-28 15:49 . 2011-07-28 15:49 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-07-28 15:48 . 2011-07-28 15:48 43520 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-28 15:48 . 2011-07-28 15:48 13555712 ----a-w- c:\windows\system32\amdocl.dll
2011-07-22 02:54 . 2011-08-10 16:42 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-22 02:48 . 2011-08-10 16:42 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-07-22 02:44 . 2011-08-10 16:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-06 15:31 . 2011-08-10 06:46 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-09-09 17:31 . 2011-05-06 09:45 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-04-22 2495816]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-04-22 11:56 2495816 ----a-w- c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-04-22 2495816]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-04-22 2495816]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2009-09-23 434840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-20 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-5-20 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableStartupSound"= 1 (0x1)
"DisableStatusMessages"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
"DisableThumbnailsOnNetworkFolders"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Automatické vypnutí počítače.lnk]
backup=c:\windows\pss\Automatické vypnutí počítače.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 11:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
2004-06-22 22:15 729088 ----a-w- c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-08-22 12:13 2363392 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2011-08-31 15:00 1047208 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-10 07:45 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-20 15:55 77824 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2006-09-18 12:12 843776 ----a-w- c:\windows\vsnpstd3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2007-03-30 15:44 262144 ----a-w- c:\windows\tsnpstd3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-12-26 11:42 511352 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-17 7390560]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;p:\zkoušky\Downloads\Install\AIDA64\aida64extreme160\kerneld.x32 [2011-02-17 28312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-06-06 81936]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-04-22 984392]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 CPUgenieDriver;CPUgenieDriver;c:\program files\GreenVantage LLC\CPUgenie\NBFreezer.sys [2010-02-12 16496]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-09-15 23456]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS [x]
R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-14 232512]
S1 FSLX;FSLX;c:\windows\system32\drivers\fslx.sys [2008-07-11 191872]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
S2 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [2011-05-25 136616]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 lladrv;lladrv;c:\windows\system32\Drivers\lladrv.sys [2011-09-15 32544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-04-07 576024]
S2 SMILEYCENTRAL_1VSERVICE;SmileyCentral Service;c:\program files\SMILEYCENTRAL_1V\BAR\2.BIN\1VBARSVC.EXE [2011-03-25 36864]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
S3 AODDriver4.01;AODDriver4.01;c:\program files\AMD\OverDrive\i386\AODDriver2.sys [2011-05-25 39424]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - RTCore32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-08-22 12:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZNxpt740YYCZ&ptb=IFldOZJB.g49adWmDpyFcA
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=92&bd=all&pf=cmdt
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: Interfaces\{2681F624-3DA1-4AC7-A3EC-53FDEE5A2A4F}: NameServer = 10.10.10.1,10.10.10.2
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\63qmmevu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb001YYCZ_ZNzfb014&ptb=6C06F47B-8633-4610-8BD4-6EB8DB2FC788&psa=&ind=2010112212&ptnrS=ZNzfb001YYCZ_ZNzfb014&si=&st=kwd&n=77cfe0d4&searchfor=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Google Chrome - c:\users\User\AppData\Local\Google\Chrome\Application\13.0.782.215\Installer\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-18 12:09
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AIDA64Driver]
"ImagePath"="\??\p:\zkoušky\Downloads\Install\AIDA64\aida64extreme160\kerneld.x32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2556)
c:\program files\Logitech\SetPoint\lgscroll.dll
.
Celkový čas: 2011-09-18 12:13:34
ComboFix-quarantined-files.txt 2011-09-18 10:13
ComboFix2.txt 2011-09-15 23:29
ComboFix3.txt 2011-09-15 14:40
.
Před spuštěním: Volných bajtů: 46 083 076 096
Po spuštění: Volných bajtů: 46 049 759 232
.
- - End Of File - - 0E5B39EFD0B8767E52252A4F2FB2CB3E

#2 Příspěvek od **Rudy** » 18 zář 2011 12:01

Proč spouštíte ComboFix bez předchozí kontroly RSIT? Toto je nejlepší cesta k poškození systému.

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-

Firefox::
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\63qmmevu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsear ... searchfor=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

VIRY.CZ

POMALÉ PC HELP

POMALÉ PC HELP

Re: POMALÉ PC HELP