Prosím o kontrolu logu

Zpráva

Jazz · #1 Příspěvek od **Jazz** » 30 čer 2012 10:18

Ahoj, prosím o kontrolu logu. Bojím, se, že jsem něco chytil... Poslední dobou mám strašně pomalý internet a než zavolám providerovi, tak se chci nejprve ujistit, že je u mě vše v pořádku.
Díky předem

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random) 
 Run by Jazz at 2012-06-29 16:51:02 
 Microsoft Windows 7 Ultimate  Service Pack 1 
 System drive C: has 182 GB (48%) free of 377 GB 
 Total RAM: 4095 MB (35% free) 

 Logfile of Trend Micro HijackThis v2.0.4 
 Scan saved at 16:51:09, on 29.6.2012 
 Platform: Windows 7 SP1 (WinNT 6.00.3505) 
 MSIE: Internet Explorer v9.00 (9.00.8112.16446) 
 Boot mode: Normal 

 Running processes: 
 C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe 
 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe 
 C:\Program Files (x86)\Steam\Steam.exe 
 C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe 
 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 
 C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe 
 C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe 
 C:\Program Files (x86)\Opera\opera.exe 
 C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe 
 C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
 C:\Users\Jazz\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe 
 C:\Program Files (x86)\trend micro\Jazz.exe 

 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 
 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/ 
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 
 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?src=maxpc 
 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm 
 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
 R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll 
 F2 - REG:system.ini: UserInit=userinit.exe 
 O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll 
 O2 - BHO: CorePluginIEBHO - {13FA2453-9287-4F18-8554-976D7C02F4EE} - C:\Perfect World Entertainment\CORE Client\Plugins\CorePluginIE.dll (file missing) 
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
 O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
 O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" 
 O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 
 O4 - HKLM\..\Run: [Razer Blackwidow Driver] C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe 
 O4 - HKLM\..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe 
 O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 
 O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin 
 O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe 
 O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun 
 O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent 
 O4 - HKCU\..\Run: [Easy ShutDown] C:\Program Files (x86)\Easy ShutDown\EasyShutDown.exe :silent 
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') 
 O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') 
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') 
 O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') 
 O4 - HKUS\S-1-5-21-2307076852-3469143082-3762679886-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') 
 O4 - HKUS\S-1-5-21-2307076852-3469143082-3762679886-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') 
 O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm 
 O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm 
 O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll 
 O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll 
 O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll 
 O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll 
 O10 - Unknown file in Winsock LSP: c:\program files (x86)\flyvpn\flyvpnbind.dll 
 O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics 
 O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) 
 O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe 
 O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe 
 O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) 
 O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe 
 O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) 
 O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe 
 O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 
 O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) 
 O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
 O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) 
 O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) 
 O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 
 O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe 
 O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe 
 O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
 O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) 
 O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
 O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) 
 O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) 
 O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) 
 O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe 
 O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 
 O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 
 O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 
 O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe 
 O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) 
 O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
 O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) 
 O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) 
 O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) 
 O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) 
 O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) 
 O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) 

 -- 
 End of file - 9894 bytes 

 ======Scheduled tasks folder====== 

 C:\Windows\tasks\GoogleUpdateTaskMachineCore.job 
 C:\Windows\tasks\GoogleUpdateTaskMachineUA.job 

 =========Mozilla firefox========= 

 ProfilePath - C:\Users\Jazz\AppData\Roaming\Mozilla\Firefox\Profiles\3u2cwrk3.default 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] 
 "Description"=Adobe® Flash® Player 11.3.300.257 Plugin 
 "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] 
 "Description"=ESN Sonar browser plugin 
 "Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.118.0] 
 "Description"= 
 "Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0] 
 "Description"= 
 "Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0] 
 "Description"= 
 "Path"=C:\Windows\SysWOW64\npDeployJava1.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] 
 "Description"= 
 "Path"=disabled 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] 
 "Description"=Ag Player Plugin 
 "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] 
 "Description"=NVIDIA stereo images plugin for Mozilla browsers 
 "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] 
 "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers 
 "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] 
 "Description"=This plugin detects and launches Pando Media Booster 
 "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@perfectworld.com/npPlayNowPlugin] 
 "Description"=CORE Client PlayNow plugin for Mozilla browsers 
 "Path"=C:\Perfect World Entertainment\CORE Client\Plugins\npCorePluginFF.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] 
 "Description"=Google Update 
 "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] 
 "Description"=Google Update 
 "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll 

 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] 
 "Description"=Handles PDFs in-place in Firefox 
 "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll 

 C:\Program Files (x86)\Remobo\apps\Firefox\extensions\ 
 {972ce4c6-7e08-4474-a285-3208198ce6fd} 

 C:\Program Files (x86)\Remobo\apps\Firefox\components\ 
 binary.manifest 
 browsercomps.dll 

 C:\Program Files (x86)\Remobo\apps\Firefox\plugins\ 
 NPSWF32.dll 

 C:\Program Files (x86)\Remobo\apps\Firefox\searchplugins\ 
 amazondotcom.xml 
 bing.xml 
 eBay.xml 
 google.xml 
 twitter.xml 
 wikipedia.xml 
 yahoo.xml 

 ======Registry dump====== 

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] 
 IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2012-05-02 226736] 

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13FA2453-9287-4F18-8554-976D7C02F4EE}] 
 CorePluginIEBHO Class - C:\Perfect World Entertainment\CORE Client\Plugins\CorePluginIE.dll [] 

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 
 Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912] 

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] 
 Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] 

 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
 "BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864] 
 "NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496] 
 "Razer Blackwidow Driver"=C:\Program Files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe [2011-05-16 887712] 
 "Razer Imperator Driver"=C:\Program Files (x86)\Razer\Imperator\RazerImperatorTray.exe [2010-03-18 2787224] 
 "SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] 
 "AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] 
 "amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824] 

 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
 "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-01-19 3477312] 
 "Steam"=C:\Program Files (x86)\Steam\steam.exe [2012-05-08 1242448] 
 "AdobeBridge"= [] 
 "Easy ShutDown"=C:\Program Files (x86)\Easy ShutDown\EasyShutDown.exe :silent [] 

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 
 WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} 

 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] 
 "SecurityProviders"=credssp.dll 

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] 

 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] 
 "ConsentPromptBehaviorAdmin"=5 
 "ConsentPromptBehaviorUser"=3 
 "EnableUIADesktopToggle"=0 
 "PromptOnSecureDesktop"=0 
 "dontdisplaylastusername"=0 
 "legalnoticecaption"= 
 "legalnoticetext"= 
 "shutdownwithoutlogon"=1 
 "undockwithoutlogon"=1 

 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] 
 "NoActiveDesktop"=1 
 "NoActiveDesktopChanges"=1 
 "ForceActiveDesktopOn"=0 

 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] 

 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] 

 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 
 "vidc.mrle"=msrle32.dll 
 "vidc.msvc"=msvidc32.dll 
 "msacm.imaadpcm"=imaadp32.acm 
 "msacm.msg711"=msg711.acm 
 "msacm.msgsm610"=msgsm32.acm 
 "msacm.msadpcm"=msadp32.acm 
 "midimapper"=midimap.dll 
 "wavemapper"=msacm32.drv 
 "vidc.uyvy"=msyuv.dll 
 "vidc.yuy2"=msyuv.dll 
 "vidc.yvyu"=msyuv.dll 
 "vidc.iyuv"=iyuv_32.dll 
 "vidc.i420"=iyuv_32.dll 
 "vidc.yvu9"=tsbyuv.dll 
 "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm 
 "vidc.cvid"=iccvid.dll 
 "wave"=wdmaud.drv 
 "midi"=wdmaud.drv 
 "mixer"=wdmaud.drv 
 "aux"=wdmaud.drv 
 "wave1"=wdmaud.drv 
 "midi1"=wdmaud.drv 
 "mixer1"=wdmaud.drv 
 "wave2"=wdmaud.drv 
 "midi2"=wdmaud.drv 
 "mixer2"=wdmaud.drv 
 "wave3"=wdmaud.drv 
 "midi3"=wdmaud.drv 
 "mixer3"=wdmaud.drv 
 "wave4"=wdmaud.drv 
 "midi4"=wdmaud.drv 
 "mixer4"=wdmaud.drv 
 "wave5"=wdmaud.drv 
 "midi5"=wdmaud.drv 
 "mixer5"=wdmaud.drv 
 "wave6"=wdmaud.drv 
 "midi6"=wdmaud.drv 
 "mixer6"=wdmaud.drv 
 "wave7"=wdmaud.drv 
 "midi7"=wdmaud.drv 
 "mixer7"=wdmaud.drv 
 "wave8"=wdmaud.drv 
 "midi8"=wdmaud.drv 
 "mixer8"=wdmaud.drv 
 "VIDC.FPS1"=frapsvid.dll 
 "wave9"=wdmaud.drv 
 "midi9"=wdmaud.drv 
 "mixer9"=wdmaud.drv 
 "vidc.tscc"=C:\Windows\SysWOW64\tsccvid.dll 
 "VIDC.LAGS"=lagarith.dll 

 ======File associations====== 

 .js - edit - C:\Windows\System32\Notepad.exe %1 
 .js - open - C:\Windows\System32\WScript.exe "%1" %* 

 ======List of files/folders created in the last 1 month====== 

 2012-06-29 16:51:02 ----D---- C:\rsit 
 2012-06-29 16:51:02 ----D---- C:\Program Files (x86)\trend micro 
 2012-06-29 15:06:51 ----D---- C:\Program Files (x86)\ESET 
 2012-06-29 14:07:54 ----D---- C:\Program Files (x86)\Remobo 
 2012-06-27 12:45:14 ----D---- C:\Windows\SWAT 4 
 2012-06-27 12:45:14 ----D---- C:\Program Files (x86)\SWAT 4 
 2012-06-26 18:21:48 ----A---- C:\Windows\SysWOW64\OpenCL.dll 
 2012-06-26 18:21:40 ----D---- C:\ProgramData\NVIDIA Corporation 
 2012-06-26 18:20:11 ----A---- C:\Windows\SysWOW64\nvwgf2um.dll 
 2012-06-26 18:20:11 ----A---- C:\Windows\SysWOW64\nvumdshim.dll 
 2012-06-26 18:20:11 ----A---- C:\Windows\SysWOW64\nvoglv32.dll 
 2012-06-26 18:20:11 ----A---- C:\Windows\SysWOW64\nvinit.dll 
 2012-06-26 18:20:11 ----A---- C:\Windows\SysWOW64\nvd3dum.dll 
 2012-06-26 18:20:10 ----A---- C:\Windows\SysWOW64\nvcuvid.dll 
 2012-06-26 18:20:10 ----A---- C:\Windows\SysWOW64\nvcuvenc.dll 
 2012-06-26 18:20:10 ----A---- C:\Windows\SysWOW64\nvcuda.dll 
 2012-06-26 18:20:10 ----A---- C:\Windows\SysWOW64\nvcompiler.dll 
 2012-06-26 18:20:10 ----A---- C:\Windows\SysWOW64\nvapi.dll 
 2012-06-23 16:42:37 ----D---- C:\Users\Jazz\AppData\Roaming\Ubisoft 
 2012-06-23 13:48:24 ----A---- C:\Windows\SysWOW64\msstdfmt.dll 
 2012-06-21 10:37:14 ----N---- C:\Windows\SysWOW64\pbsvc.exe 
 2012-06-19 16:26:38 ----D---- C:\Users\Jazz\AppData\Roaming\GameRanger 
 2012-06-18 20:30:10 ----D---- C:\Program Files (x86)\EA GAMES 
 2012-06-17 16:53:13 ----D---- C:\Program Files (x86)\Atari 
 2012-06-16 14:12:18 ----D---- C:\Users\Jazz\AppData\Roaming\iSilo 
 2012-06-16 10:44:15 ----D---- C:\Program Files (x86)\Batman Arkham City 
 2012-06-14 20:11:04 ----A---- C:\Windows\SysWOW64\url.dll 
 2012-06-14 20:11:04 ----A---- C:\Windows\SysWOW64\mshtmled.dll 
 2012-06-14 20:11:03 ----A---- C:\Windows\SysWOW64\urlmon.dll 
 2012-06-14 20:11:03 ----A---- C:\Windows\SysWOW64\ieUnatt.exe 
 2012-06-14 20:11:03 ----A---- C:\Windows\SysWOW64\ieui.dll 
 2012-06-14 20:11:03 ----A---- C:\Windows\SysWOW64\iertutil.dll 
 2012-06-14 20:11:02 ----A---- C:\Windows\SysWOW64\wininet.dll 
 2012-06-14 20:11:01 ----A---- C:\Windows\SysWOW64\jscript9.dll 
 2012-06-14 20:11:01 ----A---- C:\Windows\SysWOW64\jscript.dll 
 2012-06-14 20:11:00 ----A---- C:\Windows\SysWOW64\jsproxy.dll 
 2012-06-14 20:10:59 ----A---- C:\Windows\SysWOW64\mshtml.dll 
 2012-06-14 20:10:57 ----A---- C:\Windows\SysWOW64\ieframe.dll 
 2012-06-14 12:19:54 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 
 2012-06-14 12:19:53 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 
 2012-06-14 12:05:17 ----A---- C:\Windows\SysWOW64\msi.dll 
 2012-06-14 12:04:44 ----A---- C:\Windows\SysWOW64\cryptsvc.dll 
 2012-06-14 12:04:44 ----A---- C:\Windows\SysWOW64\cryptnet.dll 
 2012-06-14 12:04:44 ----A---- C:\Windows\SysWOW64\crypt32.dll 
 2012-06-12 06:51:06 ----D---- C:\Users\Jazz\AppData\Roaming\Mozilla 
 2012-06-11 20:51:04 ----A---- C:\Windows\SysWOW64\nvStreaming.exe 
 2012-06-04 15:26:16 ----D---- C:\Program Files (x86)\Aurora 
 2012-06-03 18:40:54 ----A---- C:\Windows\RFC4DPluginUninstall.exe 
 2012-06-02 07:46:51 ----D---- C:\ProgramData\Rockstar Games 
 2012-06-02 07:46:34 ----D---- C:\Program Files (x86)\Rockstar Games 
 2012-06-01 16:51:58 ----D---- C:\Users\Jazz\AppData\Roaming\Dropbox 

 ======List of files/folders modified in the last 1 month====== 

 2012-06-29 16:51:09 ----D---- C:\Windows\Prefetch 
 2012-06-29 16:51:06 ----D---- C:\Windows\Temp 
 2012-06-29 16:51:02 ----RD---- C:\Program Files (x86) 
 2012-06-29 16:29:56 ----D---- C:\Program Files (x86)\Cheat Engine 6.1 
 2012-06-29 16:29:45 ----D---- C:\Program Files (x86)\TNod User & Password Finder 
 2012-06-29 14:08:39 ----D---- C:\Windows\inf 
 2012-06-29 14:08:35 ----SHD---- C:\System Volume Information 
 2012-06-29 12:36:08 ----D---- C:\Program Files (x86)\Steam 
 2012-06-29 12:23:59 ----D---- C:\Users\Jazz\AppData\Roaming\Audacity 
 2012-06-29 08:36:26 ----D---- C:\ProgramData\NVIDIA 
 2012-06-27 12:45:17 ----D---- C:\Windows\System32 
 2012-06-27 12:45:14 ----D---- C:\Windows 
 2012-06-26 18:23:13 ----D---- C:\Windows\SysWOW64 
 2012-06-26 18:23:12 ----D---- C:\Program Files (x86)\NVIDIA Corporation 
 2012-06-26 18:23:03 ----SHD---- C:\Windows\Installer 
 2012-06-26 18:22:48 ----RD---- C:\Users 
 2012-06-26 18:21:54 ----D---- C:\Windows\Help 
 2012-06-26 18:21:40 ----HD---- C:\ProgramData 
 2012-06-25 19:20:55 ----D---- C:\Program Files (x86)\PoselSmrti 
 2012-06-25 18:48:47 ----D---- C:\Windows\rescache 
 2012-06-25 15:01:31 ----D---- C:\Users\Jazz\AppData\Roaming\DMCache 
 2012-06-24 16:07:50 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 
 2012-06-23 16:51:40 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe 
 2012-06-23 16:51:03 ----RSD---- C:\Windows\assembly 
 2012-06-23 16:37:19 ----D---- C:\Program Files (x86)\Ubisoft 
 2012-06-23 16:37:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 
 2012-06-23 09:52:11 ----D---- C:\ProgramData\Origin 
 2012-06-23 09:52:01 ----HD---- C:\Program Files (x86)\Common Files\EAInstaller 
 2012-06-21 13:34:04 ----D---- C:\Users\Jazz\AppData\Roaming\TS3Client 
 2012-06-21 13:28:21 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client 
 2012-06-20 16:55:13 ----D---- C:\ProgramData\Tunngle 
 2012-06-20 06:19:45 ----D---- C:\Program Files (x86)\Common Files\Steam 
 2012-06-20 06:19:35 ----D---- C:\Windows\winsxs 
 2012-06-19 15:57:55 ----D---- C:\Fraps 
 2012-06-17 11:51:18 ----RSD---- C:\Windows\Fonts 
 2012-06-17 07:59:55 ----D---- C:\Program Files (x86)\Battlelog Web Plugins 
 2012-06-16 07:53:24 ----D---- C:\Program Files (x86)\Opera 
 2012-06-15 19:19:32 ----D---- C:\Users\Jazz\AppData\Roaming\uTorrent 
 2012-06-15 19:06:50 ----D---- C:\Users\Jazz\AppData\Roaming\MAXON 
 2012-06-15 15:30:31 ----D---- C:\Windows\Microsoft.NET 
 2012-06-15 13:37:13 ----D---- C:\Windows\SysWOW64\cs-CZ 
 2012-06-15 13:37:13 ----D---- C:\Program Files (x86)\Internet Explorer 
 2012-06-15 13:37:12 ----D---- C:\Windows\SysWOW64\migration 
 2012-06-14 16:46:05 ----D---- C:\Program Files (x86)\Google 
 2012-06-14 16:35:57 ----D---- C:\Windows\Tasks 
 2012-06-12 06:51:27 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 
 2012-06-11 06:03:00 ----D---- C:\Program Files (x86)\FlyVPN 
 2012-06-10 20:09:35 ----D---- C:\ProgramData\FlyVPN 
 2012-06-04 18:57:53 ----D---- C:\Program Files (x86)\uTorrent 
 2012-06-04 16:14:32 ----D---- C:\Program Files (x86)\Mozilla Firefox 
 2012-06-03 18:51:56 ----RD---- C:\Program Files 

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== 

 R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [] 
 R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] 
 R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] 
 R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [] 
 R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [] 
 R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440] 
 R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] 
 R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [] 
 R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2011-10-14 55936] 
 R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [] 
 R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [] 
 R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [] 
 R3 hipeer20;Remobo Instant Private Network; C:\Windows\system32\DRIVERS\remobo64.sys [] 
 R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] 
 R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [] 
 R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [] 
 R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [] 
 R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] 
 R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] 
 R3 RzSynapse;Razer Driver; C:\Windows\system32\DRIVERS\RzSynapse.sys [] 
 R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [] 
 S3 alk2cjra;alk2cjra; C:\Windows\SysWOW64\drivers\alk2cjra.sys [] 
 S3 ATP;Comodo Unite Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys [] 
 S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [] 
 S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [] 
 S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] 
 S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [] 
 S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] 
 S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [] 
 S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] 
 S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] 
 S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] 
 S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] 
 S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] 
 S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] 
 S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] 
 S3 X6va005;X6va005; \??\C:\Users\Jazz\AppData\Local\Temp\005CA64.tmp [] 

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== 

 R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752] 
 R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] 
 R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944] 
 R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] 
 R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-12 1258856] 
 R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2011-11-17 3273552] 
 R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-06-23 76888] 
 R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-11 382312] 
 R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840] 
 R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] 
 R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] 
 R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-06-19 529232] 
 S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2011-10-14 136616] 
 S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] 
 S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] 
 S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 116648] 
 S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] 
 S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584] 
 S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 116648] 
 S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2012-03-06 3953632] 
 S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] 
 S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] 
 S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104] 
 S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] 
 S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] 
 S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] 
 S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] 
 S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] 
 S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] 

 -----------------EOF-----------------

#2 Příspěvek od **Rudy** » 30 čer 2012 12:06

dravím!
Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Jazz · #3 Příspěvek od **Jazz** » 30 čer 2012 12:34

Tak jsem to projel

Kód: Vybrat vše

ComboFix 12-06-28.03 - Jazz 30.06.2012  13:23:36.1.6 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.420.1029.18.4095.2183 [GMT 2:00]
Spuštěný z: c:\users\Jazz\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\TNod User & Password Finder\TNODUP.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-05-28 do 2012-06-30  )))))))))))))))))))))))))))))))
.
.
2012-06-30 11:30 . 2012-06-30 11:30	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-06-29 15:27 . 2012-06-29 15:29	--------	d-----w-	c:\program files (x86)\GIT
2012-06-29 15:04 . 2012-06-29 15:14	--------	d-----w-	c:\users\Jazz\.remobo
2012-06-29 14:51 . 2012-06-29 14:51	--------	d-----w-	C:\rsit
2012-06-29 14:51 . 2012-06-29 14:51	--------	d-----w-	c:\program files (x86)\trend micro
2012-06-29 12:03 . 2012-06-30 08:13	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{979D5A45-3A8E-4AE1-9219-55EE85E1C048}\offreg.dll
2012-06-29 09:13 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{979D5A45-3A8E-4AE1-9219-55EE85E1C048}\mpengine.dll
2012-06-27 10:45 . 2012-06-27 11:00	--------	d-----w-	c:\program files (x86)\SWAT 4
2012-06-27 10:45 . 2012-06-27 10:45	--------	d-----w-	c:\windows\SWAT 4
2012-06-26 16:22 . 2012-06-26 16:22	--------	d-----w-	c:\users\UpdatusUser
2012-06-26 16:22 . 2012-06-12 02:30	2653573	----a-w-	c:\windows\system32\nvcoproc.bin
2012-06-26 16:22 . 2012-06-12 02:29	3264360	----a-w-	c:\windows\system32\nvsvc64.dll
2012-06-26 16:22 . 2012-06-12 02:29	6189928	----a-w-	c:\windows\system32\nvcpl.dll
2012-06-26 16:22 . 2012-06-12 02:28	891240	----a-w-	c:\windows\system32\nvvsvc.exe
2012-06-26 16:22 . 2012-06-12 02:28	63336	----a-w-	c:\windows\system32\nvshext.dll
2012-06-26 16:22 . 2012-06-12 02:28	118120	----a-w-	c:\windows\system32\nvmctray.dll
2012-06-26 16:21 . 2012-06-12 06:26	60776	----a-w-	c:\windows\system32\OpenCL.dll
2012-06-26 16:21 . 2012-06-12 06:26	52584	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-06-26 16:21 . 2012-06-26 16:21	--------	d-----w-	c:\programdata\NVIDIA Corporation
2012-06-25 16:53 . 2012-06-25 16:53	--------	d-----w-	c:\users\Jazz\KBang
2012-06-23 14:42 . 2012-06-23 14:42	--------	d-----w-	c:\users\Jazz\AppData\Roaming\Ubisoft
2012-06-23 11:48 . 2000-04-03 20:05	118784	----a-w-	c:\windows\SysWow64\msstdfmt.dll
2012-06-21 08:37 . 2012-06-21 08:37	3166792	------w-	c:\windows\SysWow64\pbsvc.exe
2012-06-19 14:26 . 2012-06-19 14:26	--------	d-----w-	c:\users\Jazz\AppData\Roaming\GameRanger
2012-06-19 13:17 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-19 13:17 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-19 13:17 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-19 13:17 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-19 13:17 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-19 13:17 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-19 13:17 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-19 13:17 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-19 13:17 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-18 18:53 . 2012-06-21 13:38	--------	d-----w-	c:\users\Jazz\AppData\Local\NFS Underground 2
2012-06-18 18:30 . 2012-06-18 18:30	--------	d-----w-	c:\program files (x86)\EA GAMES
2012-06-17 14:53 . 2012-06-17 14:53	--------	d-----w-	c:\program files (x86)\Atari
2012-06-16 14:48 . 2012-06-16 14:48	--------	d-----w-	c:\users\Jazz\AppData\Local\Macromedia
2012-06-16 12:12 . 2012-06-16 12:12	--------	d-----w-	c:\users\Jazz\AppData\Roaming\iSilo
2012-06-16 08:44 . 2012-06-16 08:54	--------	d-----w-	c:\program files (x86)\Batman Arkham City
2012-06-14 18:10 . 2012-05-18 02:02	887296	----a-w-	c:\program files\Internet Explorer\iedvtool.dll
2012-06-14 18:10 . 2012-05-17 22:38	678912	----a-w-	c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-06-14 14:38 . 2012-06-14 14:44	--------	d-s---w-	c:\users\Jazz\Disk Google
2012-06-14 10:19 . 2012-05-04 11:06	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-06-14 10:19 . 2012-05-04 10:03	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 10:19 . 2012-05-04 10:03	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 10:19 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-14 10:14 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-14 10:14 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-14 10:14 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-14 10:09 . 2012-06-14 10:09	--------	d-----w-	c:\users\Jazz\AppData\Local\4A Games
2012-06-14 10:06 . 2012-05-15 01:32	3146752	----a-w-	c:\windows\system32\win32k.sys
2012-06-14 10:05 . 2012-04-28 05:32	1112064	----a-w-	c:\windows\system32\rdpcorets.dll
2012-06-14 10:05 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-14 10:05 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-14 10:05 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-14 10:04 . 2012-04-24 05:37	1462272	----a-w-	c:\windows\system32\crypt32.dll
2012-06-14 10:04 . 2012-04-24 05:37	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-06-14 10:04 . 2012-04-24 05:37	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-06-14 10:04 . 2012-04-24 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-06-14 10:04 . 2012-04-24 04:36	1158656	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-06-14 10:04 . 2012-04-24 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-06-11 18:51 . 2012-06-11 18:51	428392	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2012-06-04 13:26 . 2012-06-04 13:31	--------	d-----w-	c:\program files (x86)\Aurora
2012-06-03 16:56 . 2012-06-03 16:56	--------	d-----w-	c:\users\Jazz\scenes
2012-06-03 16:56 . 2012-06-03 16:56	--------	d-----w-	c:\users\Jazz\AppData\Local\Next Limit
2012-06-03 16:51 . 2012-06-03 16:51	--------	d-----w-	c:\program files\Next Limit
2012-06-03 16:40 . 2012-06-03 16:40	52170	----a-w-	c:\windows\RFC4DPluginUninstall.exe
2012-06-02 05:46 . 2012-06-02 05:46	--------	d-----w-	c:\users\Jazz\AppData\Local\Chromium
2012-06-02 05:46 . 2012-06-02 05:46	--------	d-----w-	c:\programdata\Rockstar Games
2012-06-02 05:46 . 2012-06-02 05:46	--------	d-----w-	c:\program files (x86)\Rockstar Games
2012-06-01 14:53 . 2012-06-01 14:53	--------	d-----r-	c:\users\Jazz\Dropbox
2012-06-01 14:51 . 2012-06-02 05:38	--------	d-----w-	c:\users\Jazz\AppData\Roaming\Dropbox
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-24 14:07 . 2012-02-06 09:58	282696	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-06-24 14:07 . 2012-02-05 08:41	282696	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-06-24 09:21 . 2012-02-05 08:41	282696	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-06-23 14:51 . 2012-02-05 08:41	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-06-12 04:51 . 2012-04-05 15:59	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-12 04:51 . 2012-04-05 15:59	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-15 12:21 . 2012-05-15 12:22	772552	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-05-15 12:21 . 2012-02-08 13:18	687560	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-04-30 11:58 . 2012-04-30 11:58	715038	----a-w-	c:\windows\unins000.exe
2012-04-28 10:21 . 2012-04-28 10:21	750488	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-04-28 10:21 . 2012-02-08 13:23	660368	----a-w-	c:\windows\system32\deployJava1.dll
2012-04-23 11:26 . 2012-05-02 10:21	154272	----a-w-	c:\windows\system32\drivers\idmwfp.sys
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-05-08 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorTray.exe" [2010-03-18 2787224]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2011-10-13 136616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys [2010-08-01 30720]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-04 1255736]
R3 X6va005;X6va005;c:\users\Jazz\AppData\Local\Temp\005CA64.tmp [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S2 AODDriver4.1;AODDriver4.1;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2011-10-13 55936]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-12 1258856]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-11 382312]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2011-05-12 154624]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 14:35]
.
2012-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 14:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49	23432	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-17 10134560]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.youtube.com/
mStart Page = hxxp://www.hao123.com/?src=maxpc
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
LSP: c:\program files (x86)\FlyVPN\FlyVPNBind.dll
TCP: DhcpNameServer = 192.168.2.1 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{13FA2453-9287-4F18-8554-976D7C02F4EE} - c:\perfect world entertainment\CORE Client\Plugins\CorePluginIE.dll
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Easy ShutDown - c:\program files (x86)\Easy ShutDown\EasyShutDown.exe
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Mozilla Firefox 8.0.1 (x86 en-US) - c:\program files (x86)\Remobo\apps\Firefox\uninstall\helper.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Jazz\AppData\Local\Temp\005CA64.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2307076852-3469143082-3762679886-1000\Software\SecuROM\License information*]
"datasecu"=hex:02,9b,31,77,07,f5,df,dc,4c,f3,36,b9,c9,07,c5,d7,2a,20,bf,6e,ed,
   2e,40,0b,60,84,18,07,d4,cc,94,9c,fc,0b,a5,e1,7e,56,1f,68,58,d2,1b,ba,82,38,\
"rkeysecu"=hex:c1,06,d4,c8,47,66,27,b6,06,cc,4a,92,e5,19,e8,68
.
[HKEY_USERS\S-1-5-21-2307076852-3469143082-3762679886-1000_Classes\Wow6432Node\CLSID\{55805fec-da3c-4d99-b22f-a919a738d18a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000097
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-2307076852-3469143082-3762679886-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):43,9c,fb,72,18,53,02,87,bf,33,a6,5c,a5,73,2b,0b,4b,eb,1e,12,b5,
   5a,bf,bc,48,f6,c3,96,78,a2,07,15,b4,ce,32,c4,8c,64,05,1e,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="4DFA0A3FBAEE3764723C26012E0B94EED2908ECFE919191AC7434FCEBE619AD845A76B81F42A1076405B10C353F93059E6230CD70801D05A27CB20FAD3829B240CA599960BD31423E1073F76E6686B0CB0E38E16A97725EE04F5C6F587A38CD383EFC48EEC3AF474DD4AB2C18E87D4F9FB1082EB46AC25510ECEB9FB4895170CE286101C20729AD78E35D9F082C9B0F6E7E744DFED158F60C9E7E5E99B6E1955B1E91598BCD29E1BA45A997711E875BD69B0A69B42EAD85E1157A8C4960BA3984F225EFEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14079DB7CE019D40AA5CFEBC9E127BECC74CCE318A670C42FD938E6932D512C31E24EAFA8FED06D4D5A7182F18DAC6233A8B3D46EF8A07B4630BA3629E0922DF845B3D09177B4955DA65ED3209187431698E2F61854434258698025B76ACC12E37832E5EDF7F6D59DA1151F5732BD29E2A4A40D47A2FE5C10097B8C60504464C7B72622EF0886D93E71A1C8FBC8820CDF7611DB52FCABF3CD907EADCC6B6D9DD0A9E91EE848696B50590BA57FB0B70A3C7A08A5C36F7BA4B92885014ED4FF8090CA389DA8A4D8DF62EA830E67B6E2C077DF45CE65A7EA2279DE5B22D5F3EF67824C2A8F2A3964914CD3C10223CD58D66F4707D3697879A0EE107722A34D6F85A655FE3F9287C924D464784AAF1C4A6B0FA47ECEE9CA295C0BA7C04513ACFF862D801C3F5200109E46B6C4B690226D8DB51D5BB7950C1DD8677786BABF3C5C447F8D3E3B3CD08A02287EDB48A0AC7DDDFAF981284C9BB8EA85AD1470716367D4236A7F5C19FDA1E535736A6FD5859C03A3D32288157C918F39B05C5770A061A9374703D723F241FC48BD219F7F171E0E91A69CDA3770BC1B9E3AEA8D16EFC637C0DC591DC85F58F4DC8F21BF00D0972755925E4665F02A1D1D4924930134577C4CA64605D01C3B342A96CCCA415FD7DE4FE756384F615A792011912F17E6E47B5EE2CA813F466217FB93964932A905DC4050CD2015C8E915D6D4B0337EAEC9A9F2B9F00DFD799C4E57AF42B822067C1A55A3FD3215F9CF49017D72D68441609D3A9670E6CD3FEDAD861DF7CF77D8B2E9B618796EC84D1BA146D933AAD2D28022A86508E22C69AF73F56E04B417EEAFBC0EE84E1B0032521D0D0F3E576FAC0C6FC4FC95332C4548285377F1DED1355D4304D761000CAEF36B31B14FCF43763EC2A0B663E8D9378351AD5E80B535E82B98BBBC40F2F78F1E02F95B1639E1FF7DE95B060CA6DAE389D7275EDC18737097EF7EAF8E2D5E2CB593901B2122DA34958242B91024CC2272105CF0403E82AE84B1D813F9F539006ACCA0F9B9221EB076D42DB7A866833BD744D9143A317F5811BA698EB704841883B626619063950C4"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-06-30  13:32:56
ComboFix-quarantined-files.txt  2012-06-30 11:32
.
Před spuštěním: Volných bajtů: 188 316 176 384
Po spuštění: Volných bajtů: 196 982 431 744
.
- - End Of File - - 71E10A5C2645AE003FD2A8C26B1C4AAA

#4 Příspěvek od **Rudy** » 30 čer 2012 12:50

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\users\Jazz\AppData\Local\Temp\005CA64.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
X6va005

Regnull::
[HKEY_USERS\S-1-5-21-2307076852-3469143082-3762679886-1000\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

RegLock::
[HKEY_USERS\S-1-5-21-2307076852-3469143082-3762679886-1000_Classes\Wow6432Node\CLSID\{55805fec-da3c-4d99-b22f-a919a738d18a}]
[HKEY_USERS\S-1-5-21-2307076852-3469143082-3762679886-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. pak jej myší přetáhěte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Jazz · #5 Příspěvek od **Jazz** » 30 čer 2012 13:34

Tak poslední log, jestli je tedy ještě třeba:

Kód: Vybrat vše

ComboFix 12-06-28.03 - Jazz 30.06.2012  13:56:58.2.6 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.420.1029.18.4095.1857 [GMT 2:00]
Spuštěný z: c:\users\Jazz\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jazz\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladače/Služby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA005
-------\Service_X6va005
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-05-28 do 2012-06-30  )))))))))))))))))))))))))))))))
.
.
2012-06-30 12:00 . 2012-06-30 12:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-06-29 15:27 . 2012-06-29 15:29	--------	d-----w-	c:\program files (x86)\GIT
2012-06-29 15:04 . 2012-06-29 15:14	--------	d-----w-	c:\users\Jazz\.remobo
2012-06-29 14:51 . 2012-06-29 14:51	--------	d-----w-	C:\rsit
2012-06-29 14:51 . 2012-06-29 14:51	--------	d-----w-	c:\program files (x86)\trend micro
2012-06-29 09:13 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{979D5A45-3A8E-4AE1-9219-55EE85E1C048}\mpengine.dll
2012-06-27 10:45 . 2012-06-27 11:00	--------	d-----w-	c:\program files (x86)\SWAT 4
2012-06-27 10:45 . 2012-06-27 10:45	--------	d-----w-	c:\windows\SWAT 4
2012-06-26 16:22 . 2012-06-26 16:22	--------	d-----w-	c:\users\UpdatusUser
2012-06-26 16:22 . 2012-06-12 02:30	2653573	----a-w-	c:\windows\system32\nvcoproc.bin
2012-06-26 16:22 . 2012-06-12 02:29	3264360	----a-w-	c:\windows\system32\nvsvc64.dll
2012-06-26 16:22 . 2012-06-12 02:29	6189928	----a-w-	c:\windows\system32\nvcpl.dll
2012-06-26 16:22 . 2012-06-12 02:28	891240	----a-w-	c:\windows\system32\nvvsvc.exe
2012-06-26 16:22 . 2012-06-12 02:28	63336	----a-w-	c:\windows\system32\nvshext.dll
2012-06-26 16:22 . 2012-06-12 02:28	118120	----a-w-	c:\windows\system32\nvmctray.dll
2012-06-26 16:21 . 2012-06-12 06:26	60776	----a-w-	c:\windows\system32\OpenCL.dll
2012-06-26 16:21 . 2012-06-12 06:26	52584	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-06-26 16:21 . 2012-06-26 16:21	--------	d-----w-	c:\programdata\NVIDIA Corporation
2012-06-25 16:53 . 2012-06-25 16:53	--------	d-----w-	c:\users\Jazz\KBang
2012-06-23 14:42 . 2012-06-23 14:42	--------	d-----w-	c:\users\Jazz\AppData\Roaming\Ubisoft
2012-06-23 11:48 . 2000-04-03 20:05	118784	----a-w-	c:\windows\SysWow64\msstdfmt.dll
2012-06-21 08:37 . 2012-06-21 08:37	3166792	------w-	c:\windows\SysWow64\pbsvc.exe
2012-06-19 14:26 . 2012-06-19 14:26	--------	d-----w-	c:\users\Jazz\AppData\Roaming\GameRanger
2012-06-19 13:17 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-19 13:17 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-19 13:17 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-19 13:17 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-19 13:17 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-19 13:17 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-19 13:17 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-19 13:17 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-19 13:17 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-18 18:53 . 2012-06-21 13:38	--------	d-----w-	c:\users\Jazz\AppData\Local\NFS Underground 2
2012-06-18 18:30 . 2012-06-18 18:30	--------	d-----w-	c:\program files (x86)\EA GAMES
2012-06-17 14:53 . 2012-06-17 14:53	--------	d-----w-	c:\program files (x86)\Atari
2012-06-16 14:48 . 2012-06-16 14:48	--------	d-----w-	c:\users\Jazz\AppData\Local\Macromedia
2012-06-16 12:12 . 2012-06-16 12:12	--------	d-----w-	c:\users\Jazz\AppData\Roaming\iSilo
2012-06-16 08:44 . 2012-06-16 08:54	--------	d-----w-	c:\program files (x86)\Batman Arkham City
2012-06-14 18:10 . 2012-05-18 02:02	887296	----a-w-	c:\program files\Internet Explorer\iedvtool.dll
2012-06-14 18:10 . 2012-05-17 22:38	678912	----a-w-	c:\program files (x86)\Internet Explorer\iedvtool.dll
2012-06-14 14:38 . 2012-06-14 14:44	--------	d-s---w-	c:\users\Jazz\Disk Google
2012-06-14 10:19 . 2012-05-04 11:06	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-06-14 10:19 . 2012-05-04 10:03	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-06-14 10:19 . 2012-05-04 10:03	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-06-14 10:19 . 2012-05-01 05:40	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-06-14 10:14 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-06-14 10:14 . 2012-04-26 05:41	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-06-14 10:14 . 2012-04-26 05:34	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-06-14 10:09 . 2012-06-14 10:09	--------	d-----w-	c:\users\Jazz\AppData\Local\4A Games
2012-06-14 10:06 . 2012-05-15 01:32	3146752	----a-w-	c:\windows\system32\win32k.sys
2012-06-14 10:05 . 2012-04-28 05:32	1112064	----a-w-	c:\windows\system32\rdpcorets.dll
2012-06-14 10:05 . 2012-04-28 03:55	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-06-14 10:05 . 2012-04-07 12:31	3216384	----a-w-	c:\windows\system32\msi.dll
2012-06-14 10:05 . 2012-04-07 11:26	2342400	----a-w-	c:\windows\SysWow64\msi.dll
2012-06-14 10:04 . 2012-04-24 05:37	1462272	----a-w-	c:\windows\system32\crypt32.dll
2012-06-14 10:04 . 2012-04-24 05:37	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-06-14 10:04 . 2012-04-24 05:37	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-06-14 10:04 . 2012-04-24 04:36	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-06-14 10:04 . 2012-04-24 04:36	1158656	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-06-14 10:04 . 2012-04-24 04:36	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-06-11 18:51 . 2012-06-11 18:51	428392	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2012-06-04 13:26 . 2012-06-04 13:31	--------	d-----w-	c:\program files (x86)\Aurora
2012-06-03 16:56 . 2012-06-03 16:56	--------	d-----w-	c:\users\Jazz\scenes
2012-06-03 16:56 . 2012-06-03 16:56	--------	d-----w-	c:\users\Jazz\AppData\Local\Next Limit
2012-06-03 16:51 . 2012-06-03 16:51	--------	d-----w-	c:\program files\Next Limit
2012-06-03 16:40 . 2012-06-03 16:40	52170	----a-w-	c:\windows\RFC4DPluginUninstall.exe
2012-06-02 05:46 . 2012-06-02 05:46	--------	d-----w-	c:\users\Jazz\AppData\Local\Chromium
2012-06-02 05:46 . 2012-06-02 05:46	--------	d-----w-	c:\programdata\Rockstar Games
2012-06-02 05:46 . 2012-06-02 05:46	--------	d-----w-	c:\program files (x86)\Rockstar Games
2012-06-01 14:53 . 2012-06-01 14:53	--------	d-----r-	c:\users\Jazz\Dropbox
2012-06-01 14:51 . 2012-06-02 05:38	--------	d-----w-	c:\users\Jazz\AppData\Roaming\Dropbox
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-24 14:07 . 2012-02-06 09:58	282696	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-06-24 14:07 . 2012-02-05 08:41	282696	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-06-24 09:21 . 2012-02-05 08:41	282696	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-06-23 14:51 . 2012-02-05 08:41	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-06-12 04:51 . 2012-04-05 15:59	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-12 04:51 . 2012-04-05 15:59	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-15 12:21 . 2012-05-15 12:22	772552	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-05-15 12:21 . 2012-02-08 13:18	687560	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-04-30 11:58 . 2012-04-30 11:58	715038	----a-w-	c:\windows\unins000.exe
2012-04-28 10:21 . 2012-04-28 10:21	750488	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-04-28 10:21 . 2012-02-08 13:23	660368	----a-w-	c:\windows\system32\deployJava1.dll
2012-04-23 11:26 . 2012-05-02 10:21	154272	----a-w-	c:\windows\system32\drivers\idmwfp.sys
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-06-30_11.30.37   )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-30 12:02 . 2012-06-30 12:02	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-30 05:53 . 2012-06-30 05:53	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-30 05:53 . 2012-06-30 05:53	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-30 12:02 . 2012-06-30 12:02	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-06-30 12:01	367616              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-29 18:09	367616              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-04 16:11 . 2012-06-30 12:01	29376656              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2307076852-3469143082-3762679886-1000-8192.dat
- 2012-02-04 16:11 . 2012-06-29 18:09	29376656              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2307076852-3469143082-3762679886-1000-8192.dat
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{13FA2453-9287-4F18-8554-976D7C02F4EE}]
c:\perfect world entertainment\CORE Client\Plugins\CorePluginIE.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-05-08 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorTray.exe" [2010-03-18 2787224]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2011-10-13 136616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
R3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 116648]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys [2010-08-01 30720]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-04 1255736]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S2 AODDriver4.1;AODDriver4.1;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2011-10-13 55936]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-12 1258856]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-11-17 3273552]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-11 382312]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2011-05-12 154624]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49	23432	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-17 10134560]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
"combofix"="c:\combofix\CF16852.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.youtube.com/
mStart Page = hxxp://www.hao123.com/?src=maxpc
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
LSP: c:\program files (x86)\FlyVPN\FlyVPNBind.dll
TCP: DhcpNameServer = 192.168.2.1 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="4DFA0A3FBAEE3764723C26012E0B94EED2908ECFE919191AC7434FCEBE619AD845A76B81F42A1076405B10C353F93059E6230CD70801D05A27CB20FAD3829B240CA599960BD31423E1073F76E6686B0CB0E38E16A97725EE04F5C6F587A38CD383EFC48EEC3AF474DD4AB2C18E87D4F9FB1082EB46AC25510ECEB9FB4895170CE286101C20729AD78E35D9F082C9B0F6E7E744DFED158F60C9E7E5E99B6E1955B1E91598BCD29E1BA45A997711E875BD69B0A69B42EAD85E1157A8C4960BA3984F225EFEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D14079DB7CE019D40AA5CFEBC9E127BECC74CCE318A670C42FD938E6932D512C31E24EAFA8FED06D4D5A7182F18DAC6233A8B3D46EF8A07B4630BA3629E0922DF845B3D09177B4955DA65ED3209187431698E2F61854434258698025B76ACC12E37832E5EDF7F6D59DA1151F5732BD29E2A4A40D47A2FE5C10097B8C60504464C7B72622EF0886D93E71A1C8FBC8820CDF7611DB52FCABF3CD907EADCC6B6D9DD0A9E91EE848696B50590BA57FB0B70A3C7A08A5C36F7BA4B92885014ED4FF8090CA389DA8A4D8DF62EA830E67B6E2C077DF45CE65A7EA2279DE5B22D5F3EF67824C2A8F2A3964914CD3C10223CD58D66F4707D3697879A0EE107722A34D6F85A655FE3F9287C924D464784AAF1C4A6B0FA47ECEE9CA295C0BA7C04513ACFF862D801C3F5200109E46B6C4B690226D8DB51D5BB7950C1DD8677786BABF3C5C447F8D3E3B3CD08A02287EDB48A0AC7DDDFAF981284C9BB8EA85AD1470716367D4236A7F5C19FDA1E535736A6FD5859C03A3D32288157C918F39B05C5770A061A9374703D723F241FC48BD219F7F171E0E91A69CDA3770BC1B9E3AEA8D16EFC637C0DC591DC85F58F4DC8F21BF00D0972755925E4665F02A1D1D4924930134577C4CA64605D01C3B342A96CCCA415FD7DE4FE756384F615A792011912F17E6E47B5EE2CA813F466217FB93964932A905DC4050CD2015C8E915D6D4B0337EAEC9A9F2B9F00DFD799C4E57AF42B822067C1A55A3FD3215F9CF49017D72D68441609D3A9670E6CD3FEDAD861DF7CF77D8B2E9B618796EC84D1BA146D933AAD2D28022A86508E22C69AF73F56E04B417EEAFBC0EE84E1B0032521D0D0F3E576FAC0C6FC4FC95332C4548285377F1DED1355D4304D761000CAEF36B31B14FCF43763EC2A0B663E8D9378351AD5E80B535E82B98BBBC40F2F78F1E02F95B1639E1FF7DE95B060CA6DAE389D7275EDC18737097EF7EAF8E2D5E2CB593901B2122DA34958242B91024CC2272105CF0403E82AE84B1D813F9F539006ACCA0F9B9221EB076D42DB7A866833BD744D9143A317F5811BA698EB704841883B626619063950C4"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files\ASUS\GPU Boost Driver\GpuBoostServer.exe
.
**************************************************************************
.
Celkový čas: 2012-06-30  14:06:40 - počítač byl restartován
ComboFix-quarantined-files.txt  2012-06-30 12:06
ComboFix2.txt  2012-06-30 11:32
.
Před spuštěním: Volných bajtů: 197 021 302 784
Po spuštění: Volných bajtů: 196 547 256 320
.
- - End Of File - - 9240179F5C6AD48C49BCF5DDFE1B9487
Nahr nˇ probŘhlo ŁspŘçnŘ

Díky za pomoc

#6 Příspěvek od **Rudy** » 30 čer 2012 15:06

Log již vypadá čistý. Nastala nějaká změna?

Ještě poznámka. Odinstalujte cracklý Eset a přejděte na některé free řešení: http://forum.viry.cz/viewforum.php?f=29 .

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu