Takže přikladám log protože mi nejede league of legends a 20Dollars2Surf a předtím mi nejel IE takže to asi pokračuje.
Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2011-02-12 17:33:37
Microsoft Windows 7 Ultimate
System drive C: has 17 GB (34%) free of 50 GB
Total RAM: 3068 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:34:21, on 12.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\stažene soubory\barel.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
D:\Games\spelunky_1_1\Spelunky.exe
C:\Windows\system32\taskhost.exe
D:\Dokumenty\kbang-client-win-sound\kbang-client.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iConfig-z300] "C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" -nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Epson Stylus SX420W(Síť)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S4F4C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: sunnybarre.exe – zástupce (2).lnk = ?
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files\20Dollars2Surf\20dollars2surf.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: WEP/WPA-PMK key recovery service (WZCOOK) - Unknown owner - D:\stažene soubory\aircrack-ng-1.1-win\aircrack-ng-1.1-win\bin\wzcook.exe (file missing)
--
End of file - 9104 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ygwjhfcyr.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]
{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"iConfig-z300"=C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe [2010-06-13 358912]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"TWCU"=C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe [2010-05-21 561263]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Epson Stylus SX420W(Síť)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2010-10-14 487424]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-10-11 14940040]
"ATnotes.exe"=C:\Program Files\ATnotes\ATnotes.exe [2005-01-05 1015808]
"Pidgin"=C:\Program Files\Pidgin\pidgin.exe [2011-02-07 48618]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Games\Steam\steam.exe [2010-11-17 1242448]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
20Dollars2Surf.lnk - C:\Program Files\20Dollars2Surf\20dollars2surf.exe
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
sunnybarre.exe – zástupce (2).lnk - D:\stažene soubory\barel.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-02-12 16:33:09 ----D---- C:\Program Files\20Dollars2Surf
2011-02-12 15:55:32 ----D---- C:\ProgramData\PMB Files
2011-02-12 15:41:49 ----D---- C:\Program Files\Pando Networks
2011-02-12 14:53:15 ----D---- C:\ProgramData\ZA_PreservedFiles
2011-02-09 19:11:01 ----A---- C:\Windows\system32\win32k.sys
2011-02-09 19:11:00 ----A---- C:\Windows\system32\kerberos.dll
2011-02-09 19:10:58 ----A---- C:\Windows\system32\vbscript.dll
2011-02-09 19:10:58 ----A---- C:\Windows\system32\jscript.dll
2011-02-09 19:10:57 ----A---- C:\Windows\system32\mshtml.dll
2011-02-09 19:10:52 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-09 19:10:52 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-09 19:10:51 ----A---- C:\Windows\system32\mstime.dll
2011-02-09 19:10:51 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-09 19:10:51 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-09 19:10:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-09 19:10:51 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-09 19:10:51 ----A---- C:\Windows\system32\iertutil.dll
2011-02-09 19:10:51 ----A---- C:\Windows\system32\iepeers.dll
2011-02-09 19:10:44 ----A---- C:\Windows\system32\ntdll.dll
2011-02-09 19:10:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-09 19:10:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-09 19:10:41 ----A---- C:\Windows\system32\atmlib.dll
2011-02-09 19:10:41 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 19:10:38 ----A---- C:\Windows\system32\urlmon.dll
2011-02-09 19:10:38 ----A---- C:\Windows\system32\upnp.dll
2011-02-09 19:10:37 ----A---- C:\Windows\system32\wininet.dll
2011-02-09 19:10:37 ----A---- C:\Windows\system32\msxml6.dll
2011-02-09 19:10:37 ----A---- C:\Windows\system32\msxml3.dll
2011-02-09 19:10:37 ----A---- C:\Windows\system32\ieframe.dll
2011-02-09 19:10:36 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-09 19:10:36 ----A---- C:\Windows\system32\wscapi.dll
2011-02-09 19:10:36 ----A---- C:\Windows\system32\winhttp.dll
2011-02-09 19:10:36 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-09 19:10:36 ----A---- C:\Windows\system32\slwga.dll
2011-02-09 19:10:36 ----A---- C:\Windows\system32\davclnt.dll
2011-02-09 19:10:35 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-08 18:41:59 ----D---- C:\Users\PC\AppData\Roaming\Altap
2011-02-05 17:27:57 ----D---- C:\Users\PC\AppData\Roaming\kLoOge
2011-02-05 14:47:13 ----D---- C:\Program Files\Zod Engine
2011-02-05 13:17:59 ----A---- C:\Windows\system32\msvcr90.dll
2011-02-05 13:17:41 ----D---- C:\Program Files\Miranda Micro 1.2
2011-02-03 15:02:50 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-02-03 15:01:56 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-02-02 19:25:28 ----A---- C:\Windows\system32\IPTests.dll
2011-02-02 19:25:28 ----A---- C:\Windows\system32\acs.exe
2011-02-02 19:25:03 ----A---- C:\Windows\system32\drivers\wsimd.sys
2011-02-02 19:25:02 ----A---- C:\Windows\system32\wsimd.sys
2011-02-02 19:25:02 ----A---- C:\Windows\system32\wsimd.dll
2011-02-02 19:25:02 ----A---- C:\Windows\system32\wsfwDS.dll
2011-02-02 19:25:02 ----A---- C:\Windows\system32\dsaNac.dll
2011-02-02 19:25:02 ----A---- C:\Windows\system32\dsa.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\wgapiloc.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\wgapi.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\wcapiU.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\wcapi.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\athcfg20U.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\athcfg20resU.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\athcfg20res.dll
2011-02-02 19:24:53 ----A---- C:\Windows\system32\athcfg20.dll
2011-02-02 19:24:52 ----D---- C:\Program Files\TP-LINK
2011-02-02 18:24:32 ----A---- C:\Windows\ntbtlog.txt
2011-02-02 17:24:26 ----D---- C:\Program Files\Feedback Tool
2011-02-01 22:13:33 ----RA---- C:\Windows\system32\athuw.sys
2011-02-01 20:29:11 ----D---- C:\Windows\Options
2011-02-01 20:10:21 ----A---- C:\Windows\system32\drivers\athur.sys
2011-02-01 20:10:13 ----RA---- C:\Windows\system32\athur.sys
2011-02-01 20:09:57 ----D---- C:\ProgramData\TP-LINK
2011-02-01 18:10:39 ----D---- C:\Users\PC\AppData\Roaming\Canneverbe Limited
2011-02-01 18:10:39 ----D---- C:\ProgramData\Canneverbe Limited
2011-02-01 18:10:23 ----D---- C:\Program Files\CDBurnerXP
2011-01-31 21:02:41 ----D---- C:\Users\PC\AppData\Roaming\Foxit Software
2011-01-31 18:21:12 ----RASH---- C:\Windows\system32\wdscoreh.dll
2011-01-31 18:03:20 ----D---- C:\ProgramData\TamoSoft
2011-01-31 17:11:00 ----A---- C:\wifiny_v_okol3i.txt
2011-01-31 17:07:41 ----A---- C:\wifiny_v_okoli.txt
2011-01-29 17:36:46 ----D---- C:\Program Files\GURPS ® NPC Generator
2011-01-29 17:35:34 ----A---- C:\Windows\system32\VB5DB.dll
2011-01-29 17:35:34 ----A---- C:\Windows\system32\ODBCTL32.dll
2011-01-29 17:35:34 ----A---- C:\Windows\system32\MsRepl35.dll
2011-01-29 17:35:34 ----A---- C:\Windows\system32\MSRD2x35.dll
2011-01-29 17:35:34 ----A---- C:\Windows\system32\MSJet35.dll
2011-01-29 17:35:33 ----A---- C:\Windows\system32\MSJtEr35.dll
2011-01-29 17:35:33 ----A---- C:\Windows\system32\MSJInt35.dll
2011-01-29 17:34:03 ----A---- C:\Windows\system32\VB5StKit.dll
2011-01-29 17:34:03 ----A---- C:\Windows\system32\MSVBVM50.dll
2011-01-29 17:34:03 ----A---- C:\Windows\ST5UNST.EXE
2011-01-23 12:42:32 ----A---- C:\Windows\(null)toolkit.ini
2011-01-23 12:31:45 ----D---- C:\Users\PC\AppData\Roaming\Trillian
2011-01-23 12:30:22 ----D---- C:\Program Files\Trillian
2011-01-23 11:26:56 ----D---- C:\Program Files\Digsby
2011-01-19 23:03:12 ----D---- C:\Users\PC\AppData\Roaming\AnvSoft
2011-01-19 23:03:08 ----D---- C:\Program Files\AnvSoft
2011-01-18 17:43:26 ----A---- C:\Windows\system32\drivers\VBoxNetAdp.sys
2011-01-17 20:39:31 ----D---- C:\Users\PC\AppData\Roaming\AIMP
2011-01-17 20:39:26 ----D---- C:\Program Files\AIMP2
2011-01-15 19:43:06 ----D---- C:\Program Files\Common Files\SWF Studio
2011-01-15 19:42:56 ----D---- C:\Program Files\gabob
2011-01-15 18:23:16 ----D---- C:\Python26
2011-01-15 13:31:42 ----D---- C:\Program Files\nbos
2011-01-15 13:08:48 ----AH---- C:\Windows\system32\hamachi.sys
2011-01-14 20:57:08 ----D---- C:\Program Files\The KMPlayer
======List of files/folders modified in the last 1 months======
2011-02-12 17:34:14 ----D---- C:\Windows\Temp
2011-02-12 17:33:41 ----D---- C:\Program Files\trend micro
2011-02-12 17:30:09 ----D---- C:\Users\PC\AppData\Roaming\.purple
2011-02-12 17:30:01 ----D---- C:\Users\PC\AppData\Roaming\Skype
2011-02-12 17:17:39 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-12 17:17:35 ----SHD---- C:\System Volume Information
2011-02-12 16:37:06 ----D---- C:\Windows\system32\config
2011-02-12 16:33:09 ----RD---- C:\Program Files
2011-02-12 16:33:09 ----D---- C:\Windows\System32
2011-02-12 16:04:47 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2011-02-12 15:59:08 ----SHD---- C:\Windows\Installer
2011-02-12 15:58:59 ----D---- C:\Windows\system32\Tasks
2011-02-12 15:55:32 ----HD---- C:\ProgramData
2011-02-12 15:52:34 ----D---- C:\Windows\system32\catroot
2011-02-12 15:50:55 ----D---- C:\Windows\system32\DriverStore
2011-02-12 15:50:54 ----D---- C:\Windows\inf
2011-02-12 15:50:19 ----D---- C:\Windows\system32\drivers
2011-02-12 15:48:05 ----D---- C:\Program Files\GCFExplorer
2011-02-12 15:47:08 ----D---- C:\Windows
2011-02-12 15:46:52 ----D---- C:\Program Files\DebugMode
2011-02-12 15:43:32 ----D---- C:\Program Files\Altitude
2011-02-12 15:38:00 ----D---- C:\Program Files\Common Files
2011-02-12 15:38:00 ----D---- C:\Program Files\Adobe
2011-02-12 15:33:22 ----D---- C:\Windows\pss
2011-02-12 14:51:50 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8
2011-02-12 10:36:24 ----D---- C:\Users\PC\AppData\Roaming\FileZilla
2011-02-10 19:29:52 ----D---- C:\Program Files\Pidgin
2011-02-10 06:22:48 ----D---- C:\Windows\winsxs
2011-02-10 06:21:06 ----D---- C:\Program Files\Internet Explorer
2011-02-09 22:04:56 ----D---- C:\Windows\debug
2011-02-09 22:04:55 ----A---- C:\Windows\system32\MRT.exe
2011-02-09 19:28:51 ----D---- C:\Users\PC\AppData\Roaming\gtk-2.0
2011-02-09 19:10:24 ----D---- C:\Windows\system32\catroot2
2011-02-09 16:31:14 ----D---- C:\Users\PC\AppData\Roaming\GHISLER
2011-02-07 16:14:51 ----D---- C:\Users\PC\AppData\Roaming\X-Chat 2
2011-02-07 14:10:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-06 19:01:47 ----D---- C:\Windows\rescache
2011-02-06 10:59:25 ----D---- C:\Users\PC\AppData\Roaming\vlc
2011-02-06 10:46:17 ----D---- C:\Program Files\CamStudio
2011-02-05 21:18:51 ----D---- C:\Windows\system32\uk-UA
2011-02-05 21:18:51 ----D---- C:\Windows\PolicyDefinitions
2011-02-05 21:18:50 ----D---- C:\Windows\system32\sk-SK
2011-02-05 21:18:50 ----D---- C:\Windows\system32\ru-RU
2011-02-05 21:18:50 ----D---- C:\Windows\system32\migration
2011-02-05 21:18:50 ----D---- C:\Windows\system32\en-US
2011-02-05 20:46:54 ----D---- C:\Windows\Downloaded Program Files
2011-02-05 19:29:39 ----D---- C:\Users\PC\AppData\Roaming\Xfire
2011-02-05 13:26:44 ----A---- C:\Windows\system32\OpenAL32.dll
2011-02-05 13:17:59 ----RSD---- C:\Windows\Fonts
2011-02-04 12:03:18 ----D---- C:\Windows\system32\FxsTmp
2011-02-03 16:07:39 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-03 16:03:28 ----D---- C:\Windows\system32\NDF
2011-02-02 17:37:54 ----D---- C:\Windows\system32\cs-CZ
2011-02-02 17:31:31 ----D---- C:\Windows\system32\drivers\etc
2011-02-02 17:24:07 ----D---- C:\Windows\Logs
2011-02-01 20:13:55 ----D---- C:\ProgramData\Atheros
2011-02-01 18:10:35 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2011-02-01 17:16:32 ----D---- C:\Windows\Prefetch
2011-01-31 21:02:11 ----D---- C:\Program Files\Foxit Software
2011-01-31 18:21:38 ----D---- C:\Windows\Tasks
2011-01-29 09:54:13 ----D---- C:\Program Files\Opera
2011-01-27 18:35:02 ----D---- C:\Windows\ModemLogs
2011-01-24 15:04:36 ----D---- C:\Program Files\SugarSync
2011-01-20 17:23:33 ----D---- C:\ProgramData\TrackMania
2011-01-19 22:28:41 ----D---- C:\Users\PC\AppData\Roaming\Opera
2011-01-15 20:39:25 ----D---- C:\Program Files\Windows Media Player
2011-01-15 15:45:35 ----D---- C:\Program Files\Fantasy Grounds II
2011-01-13 21:53:15 ----D---- C:\Program Files\ATnotes
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 psdrv02;CD Guard Environment Driver (v2); C:\Windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-17 691696]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-12-13 135096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SSHDRV65;SSHDRV65; \??\C:\Windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-08 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-13 61960]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-08 25888]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
R3 I7Z300Filter;Icon7_Z300; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 netr28;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 17920]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-13 1068032]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 cpuz130;cpuz130; \??\C:\Users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\PC\AppData\Local\Temp\UDC2BE0.tmp []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys []
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
S3 NPF;Netgroup Packet Filter; C:\Windows\system32\drivers\npf.sys []
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 PCD65X2;PCD65X2; \??\C:\Users\PC\AppData\Local\Temp\PCD65X2.sys []
S3 PCD65X3;PCD65X3; \??\C:\Users\PC\AppData\Local\Temp\PCD65X3.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 1053288]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;TP-LINK Configuration Service; C:\Windows\system32\acs.exe [2010-05-21 499796]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-13 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-11-21 403240]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nejedou některé online věci.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nejedou některé online věci.
Dejte log z ComboFix.
PC vám zkontrolujeme na přítomnost viru, příp. odvirujeme, ale samotnou problematiku her neřešíme.Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nejedou některé online věci.
ComboFix 11-02-12.01 - PC 12.02.2011 19:58:32.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3068.1895 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 24 bytes in 2 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\PC\AppData\Roaming\Love
c:\users\PC\AppData\Roaming\Love\TSW\data.lua
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
D:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-12 do 2011-02-12 )))))))))))))))))))))))))))))))
.
2011-02-12 19:06 . 2011-02-12 19:09 -------- d-----w- c:\users\PC\AppData\Local\temp
2011-02-12 19:06 . 2011-02-12 19:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-12 15:33 . 2011-02-12 15:33 -------- d-----w- c:\program files\20Dollars2Surf
2011-02-12 15:33 . 2004-08-05 12:00 59904 ----a-w- c:\windows\system32\wbemdisp.tlb
2011-02-12 14:55 . 2011-02-12 16:16 -------- d-----w- c:\programdata\PMB Files
2011-02-12 14:42 . 2011-02-12 18:55 -------- d-----w- c:\users\PC\AppData\Local\PMB Files
2011-02-12 14:41 . 2011-02-12 14:55 -------- d-----w- c:\program files\Pando Networks
2011-02-12 13:53 . 2011-02-12 13:53 -------- d-----w- c:\programdata\ZA_PreservedFiles
2011-02-09 18:11 . 2011-01-05 03:37 2329088 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 18:11 . 2010-12-18 05:29 541184 ----a-w- c:\windows\system32\kerberos.dll
2011-02-08 17:41 . 2011-02-08 17:41 -------- d-----w- c:\users\PC\AppData\Roaming\Altap
2011-02-05 16:27 . 2011-02-05 16:27 -------- d-----w- c:\users\PC\AppData\Roaming\kLoOge
2011-02-05 13:47 . 2011-02-05 13:49 -------- d-----w- c:\program files\Zod Engine
2011-02-05 12:17 . 2007-11-06 23:19 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-02-05 12:17 . 2011-02-05 12:18 -------- d-----w- c:\program files\Miranda Micro 1.2
2011-02-03 14:02 . 2011-01-18 16:43 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-03 14:01 . 2011-01-18 16:43 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-02 18:25 . 2010-05-21 12:56 499796 ----a-w- c:\windows\system32\acs.exe
2011-02-02 18:25 . 2010-05-21 12:56 262216 ----a-w- c:\windows\system32\IPTests.dll
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\drivers\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:55 82017 ----a-w- c:\windows\system32\dsaNac.dll
2011-02-02 18:25 . 2010-05-21 12:55 254022 ----a-w- c:\windows\system32\wsfwDS.dll
2011-02-02 18:25 . 2010-05-21 12:55 249924 ----a-w- c:\windows\system32\wsimd.dll
2011-02-02 18:25 . 2010-05-21 12:55 1269854 ----a-w- c:\windows\system32\dsa.dll
2011-02-02 18:24 . 2010-05-21 12:55 77824 ----a-w- c:\windows\system32\wgapiloc.dll
2011-02-02 18:24 . 2010-05-21 12:55 422000 ----a-w- c:\windows\system32\wgapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 405504 ----a-w- c:\windows\system32\wcapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 360539 ----a-w- c:\windows\system32\wcapiU.dll
2011-02-02 18:24 . 2010-05-21 12:55 311390 ----a-w- c:\windows\system32\athcfg20U.dll
2011-02-02 18:24 . 2010-05-21 12:55 237568 ----a-w- c:\windows\system32\athcfg20.dll
2011-02-02 18:24 . 2010-05-21 12:55 127079 ----a-w- c:\windows\system32\athcfg20resU.dll
2011-02-02 18:24 . 2010-05-21 12:55 127053 ----a-w- c:\windows\system32\athcfg20res.dll
2011-02-02 18:24 . 2011-02-02 18:24 -------- d-----w- c:\program files\TP-LINK
2011-02-02 17:33 . 2011-02-02 17:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-02-02 16:24 . 2011-02-02 16:24 -------- d-----w- c:\program files\Feedback Tool
2011-02-01 21:13 . 2010-01-05 02:31 1714176 ----a-r- c:\windows\system32\athuw.sys
2011-02-01 19:29 . 2011-02-01 19:29 -------- d-----w- c:\windows\Options
2011-02-01 19:10 . 2010-01-05 02:20 1500160 ----a-w- c:\windows\system32\drivers\athur.sys
2011-02-01 19:10 . 2010-01-05 18:20 1500160 ----a-r- c:\windows\system32\athur.sys
2011-02-01 19:09 . 2011-02-02 18:25 -------- d-----w- c:\programdata\TP-LINK
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\users\PC\AppData\Roaming\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\programdata\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\program files\CDBurnerXP
2011-01-31 20:02 . 2011-01-31 20:02 -------- d-----w- c:\users\PC\AppData\Roaming\Foxit Software
2011-01-31 17:21 . 2011-01-31 17:21 135168 --sha-r- c:\windows\system32\wdscoreh.dll
2011-01-31 17:03 . 2011-02-01 20:25 -------- d-----w- c:\programdata\TamoSoft
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 16:36 . 2011-01-29 16:38 -------- d-----w- c:\program files\GURPS ® NPC Generator
2011-01-29 16:34 . 1997-07-19 14:55 1347344 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-01-29 16:34 . 1997-01-15 23:00 71680 ----a-w- c:\windows\ST5UNST.EXE
2011-01-29 16:34 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll
2011-01-23 11:31 . 2011-01-23 11:37 -------- d-----w- c:\users\PC\AppData\Roaming\Trillian
2011-01-23 11:30 . 2011-01-23 11:52 -------- d-----w- c:\program files\Trillian
2011-01-23 10:26 . 2011-01-23 10:27 -------- d-----w- c:\program files\Digsby
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\users\PC\AppData\Roaming\AnvSoft
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\program files\AnvSoft
2011-01-18 19:49 . 2011-02-08 15:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-01-18 19:49 . 2011-01-18 19:49 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-18 16:43 . 2011-01-18 16:43 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-01-17 19:39 . 2011-01-27 19:45 -------- d-----w- c:\users\PC\AppData\Roaming\AIMP
2011-01-17 19:39 . 2011-01-17 19:39 -------- d-----w- c:\program files\AIMP2
2011-01-15 18:43 . 2011-01-15 18:43 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-01-15 18:42 . 2011-01-15 18:43 -------- d-----w- c:\program files\gabob
2011-01-15 17:36 . 2011-01-15 17:36 -------- d-----w- c:\users\PC\.idlerc
2011-01-15 17:23 . 2011-01-15 17:35 -------- d-----w- C:\Python26
2011-01-15 12:31 . 2011-01-15 12:31 -------- d-----w- c:\program files\nbos
2011-01-15 12:08 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-14 19:57 . 2011-01-14 20:03 -------- d-----w- c:\program files\The KMPlayer
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-05 12:26 . 2010-06-18 19:05 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-26 07:28 . 2009-10-16 11:03 22632 ----a-w- c:\windows\system32\drivers\TsLwWfF.sys
2011-01-12 15:54 . 2010-05-22 07:16 1053288 ----a-w- c:\windows\system32\drivers\ts_arusb.sys
2011-01-10 21:07 . 2011-01-10 21:07 34064 ----a-w- c:\windows\system32\lhacm.acm
2010-12-23 09:49 . 2010-12-23 09:39 2829 ----a-w- c:\windows\War3Unin.pif
2010-12-23 09:49 . 2010-12-23 09:39 139264 ----a-w- c:\windows\War3Unin.exe
2010-12-13 07:40 . 2011-01-07 18:40 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-13 07:40 . 2011-01-07 18:40 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2006-05-03 09:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\System32\nbDX.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Pidgin"="c:\program files\Pidgin\pidgin.exe" [2011-02-07 48618]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iConfig-z300"="c:\program files\Icon7\iConfig for Gamers\Z300\hid300.exe" [2010-06-13 358912]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
sunnybarre.exe - z stupce (2).lnk - d:\sta§ene soubory\barel.exe [2010-12-23 6064128]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
20Dollars2Surf.lnk - c:\program files\20Dollars2Surf\20dollars2surf.exe [2011-2-12 89088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
2009-09-14 07:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-17 18:52 1242448 ----a-w- d:\games\Steam\steam.exe
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R3 cpuz130;cpuz130;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 GarenaPEngine;GarenaPEngine;c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
R3 PCD65X2;PCD65X2;c:\users\PC\AppData\Local\Temp\PCD65X2.sys [x]
R3 PCD65X3;PCD65X3;c:\users\PC\AppData\Local\Temp\PCD65X3.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 15:54 1053288]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WZCOOK;WEP/WPA-PMK key recovery service;d:\stažene soubory\aircrack-ng-1.1-win\aircrack-ng-1.1-win\bin\wzcook.exe [x]
R3 Z300Fltr;Icon7 Z300 Gaming Laser Mouse;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [2006-11-03 61312]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-17 691696]
S1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
S3 I7Z300Filter;Icon7_Z300;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
S3 netr28;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15000
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?AF=15000
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 8\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
FF - Ext: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0} - c:\program files\InstallShield Installation Information\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}\setup.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:88,74,fa,c9,82,ef,34,6c,ec,3e,fd,17,60,90,d9,ef,42,b7,e2,2d,eb,fd,c8,
54,dc,b9,7c,df,82,7e,72,d5,61,c0,a9,48,c5,f0,5d,94,ae,32,58,74,81,a1,a9,70,\
"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\License information*]
"datasecu"=hex:ed,9b,c9,68,6f,b7,5a,f6,9d,a2,c1,61,aa,cb,10,ee,b7,03,be,c5,c8,
82,e9,2e,fd,89,3e,21,c8,12,f7,73,df,6d,70,74,08,e1,17,8c,11,f7,c2,82,af,cd,\
"rkeysecu"=hex:7e,8c,e0,5d,ab,dc,aa,0f,a1,1b,cb,4e,3b,88,1a,e6
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(4080)
c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
c:\program files\SugarSync\SugarSyncShellExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\acs.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-02-12 20:14:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-12 19:14
Před spuštěním: Volných bajtů: 18 957 905 920
Po spuštění: Volných bajtů: 19 313 217 536
- - End Of File - - 1B997DFA05971F65277ED7B25829BB7C
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3068.1895 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 24 bytes in 2 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\PC\AppData\Roaming\Love
c:\users\PC\AppData\Roaming\Love\TSW\data.lua
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
D:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-12 do 2011-02-12 )))))))))))))))))))))))))))))))
.
2011-02-12 19:06 . 2011-02-12 19:09 -------- d-----w- c:\users\PC\AppData\Local\temp
2011-02-12 19:06 . 2011-02-12 19:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-12 15:33 . 2011-02-12 15:33 -------- d-----w- c:\program files\20Dollars2Surf
2011-02-12 15:33 . 2004-08-05 12:00 59904 ----a-w- c:\windows\system32\wbemdisp.tlb
2011-02-12 14:55 . 2011-02-12 16:16 -------- d-----w- c:\programdata\PMB Files
2011-02-12 14:42 . 2011-02-12 18:55 -------- d-----w- c:\users\PC\AppData\Local\PMB Files
2011-02-12 14:41 . 2011-02-12 14:55 -------- d-----w- c:\program files\Pando Networks
2011-02-12 13:53 . 2011-02-12 13:53 -------- d-----w- c:\programdata\ZA_PreservedFiles
2011-02-09 18:11 . 2011-01-05 03:37 2329088 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 18:11 . 2010-12-18 05:29 541184 ----a-w- c:\windows\system32\kerberos.dll
2011-02-08 17:41 . 2011-02-08 17:41 -------- d-----w- c:\users\PC\AppData\Roaming\Altap
2011-02-05 16:27 . 2011-02-05 16:27 -------- d-----w- c:\users\PC\AppData\Roaming\kLoOge
2011-02-05 13:47 . 2011-02-05 13:49 -------- d-----w- c:\program files\Zod Engine
2011-02-05 12:17 . 2007-11-06 23:19 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-02-05 12:17 . 2011-02-05 12:18 -------- d-----w- c:\program files\Miranda Micro 1.2
2011-02-03 14:02 . 2011-01-18 16:43 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-03 14:01 . 2011-01-18 16:43 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-02 18:25 . 2010-05-21 12:56 499796 ----a-w- c:\windows\system32\acs.exe
2011-02-02 18:25 . 2010-05-21 12:56 262216 ----a-w- c:\windows\system32\IPTests.dll
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\drivers\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:55 82017 ----a-w- c:\windows\system32\dsaNac.dll
2011-02-02 18:25 . 2010-05-21 12:55 254022 ----a-w- c:\windows\system32\wsfwDS.dll
2011-02-02 18:25 . 2010-05-21 12:55 249924 ----a-w- c:\windows\system32\wsimd.dll
2011-02-02 18:25 . 2010-05-21 12:55 1269854 ----a-w- c:\windows\system32\dsa.dll
2011-02-02 18:24 . 2010-05-21 12:55 77824 ----a-w- c:\windows\system32\wgapiloc.dll
2011-02-02 18:24 . 2010-05-21 12:55 422000 ----a-w- c:\windows\system32\wgapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 405504 ----a-w- c:\windows\system32\wcapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 360539 ----a-w- c:\windows\system32\wcapiU.dll
2011-02-02 18:24 . 2010-05-21 12:55 311390 ----a-w- c:\windows\system32\athcfg20U.dll
2011-02-02 18:24 . 2010-05-21 12:55 237568 ----a-w- c:\windows\system32\athcfg20.dll
2011-02-02 18:24 . 2010-05-21 12:55 127079 ----a-w- c:\windows\system32\athcfg20resU.dll
2011-02-02 18:24 . 2010-05-21 12:55 127053 ----a-w- c:\windows\system32\athcfg20res.dll
2011-02-02 18:24 . 2011-02-02 18:24 -------- d-----w- c:\program files\TP-LINK
2011-02-02 17:33 . 2011-02-02 17:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-02-02 16:24 . 2011-02-02 16:24 -------- d-----w- c:\program files\Feedback Tool
2011-02-01 21:13 . 2010-01-05 02:31 1714176 ----a-r- c:\windows\system32\athuw.sys
2011-02-01 19:29 . 2011-02-01 19:29 -------- d-----w- c:\windows\Options
2011-02-01 19:10 . 2010-01-05 02:20 1500160 ----a-w- c:\windows\system32\drivers\athur.sys
2011-02-01 19:10 . 2010-01-05 18:20 1500160 ----a-r- c:\windows\system32\athur.sys
2011-02-01 19:09 . 2011-02-02 18:25 -------- d-----w- c:\programdata\TP-LINK
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\users\PC\AppData\Roaming\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\programdata\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\program files\CDBurnerXP
2011-01-31 20:02 . 2011-01-31 20:02 -------- d-----w- c:\users\PC\AppData\Roaming\Foxit Software
2011-01-31 17:21 . 2011-01-31 17:21 135168 --sha-r- c:\windows\system32\wdscoreh.dll
2011-01-31 17:03 . 2011-02-01 20:25 -------- d-----w- c:\programdata\TamoSoft
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 16:36 . 2011-01-29 16:38 -------- d-----w- c:\program files\GURPS ® NPC Generator
2011-01-29 16:34 . 1997-07-19 14:55 1347344 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-01-29 16:34 . 1997-01-15 23:00 71680 ----a-w- c:\windows\ST5UNST.EXE
2011-01-29 16:34 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll
2011-01-23 11:31 . 2011-01-23 11:37 -------- d-----w- c:\users\PC\AppData\Roaming\Trillian
2011-01-23 11:30 . 2011-01-23 11:52 -------- d-----w- c:\program files\Trillian
2011-01-23 10:26 . 2011-01-23 10:27 -------- d-----w- c:\program files\Digsby
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\users\PC\AppData\Roaming\AnvSoft
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\program files\AnvSoft
2011-01-18 19:49 . 2011-02-08 15:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-01-18 19:49 . 2011-01-18 19:49 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-18 16:43 . 2011-01-18 16:43 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-01-17 19:39 . 2011-01-27 19:45 -------- d-----w- c:\users\PC\AppData\Roaming\AIMP
2011-01-17 19:39 . 2011-01-17 19:39 -------- d-----w- c:\program files\AIMP2
2011-01-15 18:43 . 2011-01-15 18:43 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-01-15 18:42 . 2011-01-15 18:43 -------- d-----w- c:\program files\gabob
2011-01-15 17:36 . 2011-01-15 17:36 -------- d-----w- c:\users\PC\.idlerc
2011-01-15 17:23 . 2011-01-15 17:35 -------- d-----w- C:\Python26
2011-01-15 12:31 . 2011-01-15 12:31 -------- d-----w- c:\program files\nbos
2011-01-15 12:08 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-14 19:57 . 2011-01-14 20:03 -------- d-----w- c:\program files\The KMPlayer
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-05 12:26 . 2010-06-18 19:05 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-26 07:28 . 2009-10-16 11:03 22632 ----a-w- c:\windows\system32\drivers\TsLwWfF.sys
2011-01-12 15:54 . 2010-05-22 07:16 1053288 ----a-w- c:\windows\system32\drivers\ts_arusb.sys
2011-01-10 21:07 . 2011-01-10 21:07 34064 ----a-w- c:\windows\system32\lhacm.acm
2010-12-23 09:49 . 2010-12-23 09:39 2829 ----a-w- c:\windows\War3Unin.pif
2010-12-23 09:49 . 2010-12-23 09:39 139264 ----a-w- c:\windows\War3Unin.exe
2010-12-13 07:40 . 2011-01-07 18:40 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-13 07:40 . 2011-01-07 18:40 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2006-05-03 09:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\System32\nbDX.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Pidgin"="c:\program files\Pidgin\pidgin.exe" [2011-02-07 48618]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iConfig-z300"="c:\program files\Icon7\iConfig for Gamers\Z300\hid300.exe" [2010-06-13 358912]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
sunnybarre.exe - z stupce (2).lnk - d:\sta§ene soubory\barel.exe [2010-12-23 6064128]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
20Dollars2Surf.lnk - c:\program files\20Dollars2Surf\20dollars2surf.exe [2011-2-12 89088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
2009-09-14 07:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-17 18:52 1242448 ----a-w- d:\games\Steam\steam.exe
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R3 cpuz130;cpuz130;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 GarenaPEngine;GarenaPEngine;c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
R3 PCD65X2;PCD65X2;c:\users\PC\AppData\Local\Temp\PCD65X2.sys [x]
R3 PCD65X3;PCD65X3;c:\users\PC\AppData\Local\Temp\PCD65X3.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 15:54 1053288]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WZCOOK;WEP/WPA-PMK key recovery service;d:\stažene soubory\aircrack-ng-1.1-win\aircrack-ng-1.1-win\bin\wzcook.exe [x]
R3 Z300Fltr;Icon7 Z300 Gaming Laser Mouse;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [2006-11-03 61312]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-17 691696]
S1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
S3 I7Z300Filter;Icon7_Z300;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
S3 netr28;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15000
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?AF=15000
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 8\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
FF - Ext: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0} - c:\program files\InstallShield Installation Information\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}\setup.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:88,74,fa,c9,82,ef,34,6c,ec,3e,fd,17,60,90,d9,ef,42,b7,e2,2d,eb,fd,c8,
54,dc,b9,7c,df,82,7e,72,d5,61,c0,a9,48,c5,f0,5d,94,ae,32,58,74,81,a1,a9,70,\
"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\License information*]
"datasecu"=hex:ed,9b,c9,68,6f,b7,5a,f6,9d,a2,c1,61,aa,cb,10,ee,b7,03,be,c5,c8,
82,e9,2e,fd,89,3e,21,c8,12,f7,73,df,6d,70,74,08,e1,17,8c,11,f7,c2,82,af,cd,\
"rkeysecu"=hex:7e,8c,e0,5d,ab,dc,aa,0f,a1,1b,cb,4e,3b,88,1a,e6
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(4080)
c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
c:\program files\SugarSync\SugarSyncShellExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\acs.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-02-12 20:14:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-12 19:14
Před spuštěním: Volných bajtů: 18 957 905 920
Po spuštění: Volných bajtů: 19 313 217 536
- - End Of File - - 1B997DFA05971F65277ED7B25829BB7C
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nejedou některé online věci.
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\users\PC\AppData\Local\Temp\PCD65X2.sys
c:\users\PC\AppData\Local\Temp\PCD65X3.sys
Driver::
PCD65X2
PCD65X3
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nejedou některé online věci.
Už je to nejspíš ok zatím jede vše jak má.
ComboFix 11-02-12.01 - PC 12.02.2011 21:02:35.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3068.2012 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_PCD65X2
-------\Legacy_PCD65X3
-------\Service_PCD65X2
-------\Service_PCD65X3
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-12 do 2011-02-12 )))))))))))))))))))))))))))))))
.
2011-02-12 20:08 . 2011-02-12 20:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-12 19:06 . 2011-02-12 20:12 -------- d-----w- c:\users\PC\AppData\Local\temp
2011-02-12 15:33 . 2011-02-12 15:33 -------- d-----w- c:\program files\20Dollars2Surf
2011-02-12 15:33 . 2004-08-05 12:00 59904 ----a-w- c:\windows\system32\wbemdisp.tlb
2011-02-12 14:55 . 2011-02-12 16:16 -------- d-----w- c:\programdata\PMB Files
2011-02-12 14:42 . 2011-02-12 18:55 -------- d-----w- c:\users\PC\AppData\Local\PMB Files
2011-02-12 14:41 . 2011-02-12 14:55 -------- d-----w- c:\program files\Pando Networks
2011-02-12 13:53 . 2011-02-12 13:53 -------- d-----w- c:\programdata\ZA_PreservedFiles
2011-02-09 18:11 . 2011-01-05 03:37 2329088 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 18:11 . 2010-12-18 05:29 541184 ----a-w- c:\windows\system32\kerberos.dll
2011-02-08 17:41 . 2011-02-08 17:41 -------- d-----w- c:\users\PC\AppData\Roaming\Altap
2011-02-05 16:27 . 2011-02-05 16:27 -------- d-----w- c:\users\PC\AppData\Roaming\kLoOge
2011-02-05 13:47 . 2011-02-05 13:49 -------- d-----w- c:\program files\Zod Engine
2011-02-05 12:17 . 2007-11-06 23:19 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-02-05 12:17 . 2011-02-05 12:18 -------- d-----w- c:\program files\Miranda Micro 1.2
2011-02-03 14:02 . 2011-01-18 16:43 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-03 14:01 . 2011-01-18 16:43 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-02 18:25 . 2010-05-21 12:56 499796 ----a-w- c:\windows\system32\acs.exe
2011-02-02 18:25 . 2010-05-21 12:56 262216 ----a-w- c:\windows\system32\IPTests.dll
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\drivers\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:55 82017 ----a-w- c:\windows\system32\dsaNac.dll
2011-02-02 18:25 . 2010-05-21 12:55 254022 ----a-w- c:\windows\system32\wsfwDS.dll
2011-02-02 18:25 . 2010-05-21 12:55 249924 ----a-w- c:\windows\system32\wsimd.dll
2011-02-02 18:25 . 2010-05-21 12:55 1269854 ----a-w- c:\windows\system32\dsa.dll
2011-02-02 18:24 . 2010-05-21 12:55 77824 ----a-w- c:\windows\system32\wgapiloc.dll
2011-02-02 18:24 . 2010-05-21 12:55 422000 ----a-w- c:\windows\system32\wgapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 405504 ----a-w- c:\windows\system32\wcapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 360539 ----a-w- c:\windows\system32\wcapiU.dll
2011-02-02 18:24 . 2010-05-21 12:55 311390 ----a-w- c:\windows\system32\athcfg20U.dll
2011-02-02 18:24 . 2010-05-21 12:55 237568 ----a-w- c:\windows\system32\athcfg20.dll
2011-02-02 18:24 . 2010-05-21 12:55 127079 ----a-w- c:\windows\system32\athcfg20resU.dll
2011-02-02 18:24 . 2010-05-21 12:55 127053 ----a-w- c:\windows\system32\athcfg20res.dll
2011-02-02 18:24 . 2011-02-02 18:24 -------- d-----w- c:\program files\TP-LINK
2011-02-02 17:33 . 2011-02-02 17:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-02-02 16:24 . 2011-02-02 16:24 -------- d-----w- c:\program files\Feedback Tool
2011-02-01 21:13 . 2010-01-05 02:31 1714176 ----a-r- c:\windows\system32\athuw.sys
2011-02-01 19:29 . 2011-02-01 19:29 -------- d-----w- c:\windows\Options
2011-02-01 19:10 . 2010-01-05 02:20 1500160 ----a-w- c:\windows\system32\drivers\athur.sys
2011-02-01 19:10 . 2010-01-05 18:20 1500160 ----a-r- c:\windows\system32\athur.sys
2011-02-01 19:09 . 2011-02-02 18:25 -------- d-----w- c:\programdata\TP-LINK
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\users\PC\AppData\Roaming\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\programdata\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\program files\CDBurnerXP
2011-01-31 20:02 . 2011-01-31 20:02 -------- d-----w- c:\users\PC\AppData\Roaming\Foxit Software
2011-01-31 17:21 . 2011-01-31 17:21 135168 --sha-r- c:\windows\system32\wdscoreh.dll
2011-01-31 17:03 . 2011-02-01 20:25 -------- d-----w- c:\programdata\TamoSoft
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 16:36 . 2011-01-29 16:38 -------- d-----w- c:\program files\GURPS ® NPC Generator
2011-01-29 16:34 . 1997-07-19 14:55 1347344 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-01-29 16:34 . 1997-01-15 23:00 71680 ----a-w- c:\windows\ST5UNST.EXE
2011-01-29 16:34 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll
2011-01-23 11:31 . 2011-01-23 11:37 -------- d-----w- c:\users\PC\AppData\Roaming\Trillian
2011-01-23 11:30 . 2011-01-23 11:52 -------- d-----w- c:\program files\Trillian
2011-01-23 10:26 . 2011-01-23 10:27 -------- d-----w- c:\program files\Digsby
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\users\PC\AppData\Roaming\AnvSoft
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\program files\AnvSoft
2011-01-18 19:49 . 2011-02-08 15:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-01-18 19:49 . 2011-01-18 19:49 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-18 16:43 . 2011-01-18 16:43 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-01-17 19:39 . 2011-01-27 19:45 -------- d-----w- c:\users\PC\AppData\Roaming\AIMP
2011-01-17 19:39 . 2011-01-17 19:39 -------- d-----w- c:\program files\AIMP2
2011-01-15 18:43 . 2011-01-15 18:43 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-01-15 18:42 . 2011-01-15 18:43 -------- d-----w- c:\program files\gabob
2011-01-15 17:36 . 2011-01-15 17:36 -------- d-----w- c:\users\PC\.idlerc
2011-01-15 17:23 . 2011-01-15 17:35 -------- d-----w- C:\Python26
2011-01-15 12:31 . 2011-01-15 12:31 -------- d-----w- c:\program files\nbos
2011-01-15 12:08 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-14 19:57 . 2011-01-14 20:03 -------- d-----w- c:\program files\The KMPlayer
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-05 12:26 . 2010-06-18 19:05 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-26 07:28 . 2009-10-16 11:03 22632 ----a-w- c:\windows\system32\drivers\TsLwWfF.sys
2011-01-12 15:54 . 2010-05-22 07:16 1053288 ----a-w- c:\windows\system32\drivers\ts_arusb.sys
2011-01-10 21:07 . 2011-01-10 21:07 34064 ----a-w- c:\windows\system32\lhacm.acm
2010-12-23 09:49 . 2010-12-23 09:39 2829 ----a-w- c:\windows\War3Unin.pif
2010-12-23 09:49 . 2010-12-23 09:39 139264 ----a-w- c:\windows\War3Unin.exe
2010-12-13 07:40 . 2011-01-07 18:40 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-13 07:40 . 2011-01-07 18:40 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2006-05-03 09:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\System32\nbDX.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Pidgin"="c:\program files\Pidgin\pidgin.exe" [2011-02-07 48618]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iConfig-z300"="c:\program files\Icon7\iConfig for Gamers\Z300\hid300.exe" [2010-06-13 358912]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
sunnybarre.exe - z stupce (2).lnk - d:\sta§ene soubory\barel.exe [2010-12-23 6064128]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
20Dollars2Surf.lnk - c:\program files\20Dollars2Surf\20dollars2surf.exe [2011-2-12 89088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
2009-09-14 07:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-17 18:52 1242448 ----a-w- d:\games\Steam\steam.exe
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R3 cpuz130;cpuz130;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 GarenaPEngine;GarenaPEngine;c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 15:54 1053288]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WZCOOK;WEP/WPA-PMK key recovery service;d:\stažene soubory\aircrack-ng-1.1-win\aircrack-ng-1.1-win\bin\wzcook.exe [x]
R3 Z300Fltr;Icon7 Z300 Gaming Laser Mouse;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [2006-11-03 61312]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-17 691696]
S1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
S3 I7Z300Filter;Icon7_Z300;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
S3 netr28;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
------- Doplňkový sken -------
.
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15000
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?AF=15000
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 8\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
FF - Ext: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:88,74,fa,c9,82,ef,34,6c,ec,3e,fd,17,60,90,d9,ef,42,b7,e2,2d,eb,fd,c8,
54,dc,b9,7c,df,82,7e,72,d5,61,c0,a9,48,c5,f0,5d,94,ae,32,58,74,81,a1,a9,70,\
"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\License information*]
"datasecu"=hex:ed,9b,c9,68,6f,b7,5a,f6,9d,a2,c1,61,aa,cb,10,ee,b7,03,be,c5,c8,
82,e9,2e,fd,89,3e,21,c8,12,f7,73,df,6d,70,74,08,e1,17,8c,11,f7,c2,82,af,cd,\
"rkeysecu"=hex:7e,8c,e0,5d,ab,dc,aa,0f,a1,1b,cb,4e,3b,88,1a,e6
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(2428)
c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
c:\program files\SugarSync\SugarSyncShellExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\Icon7\iConfig for Gamers\Tray.exe
d:\stažene soubory\barel.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-02-12 21:17:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-12 20:17
ComboFix2.txt 2011-02-12 19:14
Před spuštěním: Volných bajtů: 19 308 191 744
Po spuštění: Volných bajtů: 19 267 313 664
- - End Of File - - D9295F2D74BEF0FF153F9F1D74724C4E
ComboFix 11-02-12.01 - PC 12.02.2011 21:02:35.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3068.2012 [GMT 1:00]
Spuštěný z: c:\users\PC\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PC\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_PCD65X2
-------\Legacy_PCD65X3
-------\Service_PCD65X2
-------\Service_PCD65X3
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-12 do 2011-02-12 )))))))))))))))))))))))))))))))
.
2011-02-12 20:08 . 2011-02-12 20:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-12 19:06 . 2011-02-12 20:12 -------- d-----w- c:\users\PC\AppData\Local\temp
2011-02-12 15:33 . 2011-02-12 15:33 -------- d-----w- c:\program files\20Dollars2Surf
2011-02-12 15:33 . 2004-08-05 12:00 59904 ----a-w- c:\windows\system32\wbemdisp.tlb
2011-02-12 14:55 . 2011-02-12 16:16 -------- d-----w- c:\programdata\PMB Files
2011-02-12 14:42 . 2011-02-12 18:55 -------- d-----w- c:\users\PC\AppData\Local\PMB Files
2011-02-12 14:41 . 2011-02-12 14:55 -------- d-----w- c:\program files\Pando Networks
2011-02-12 13:53 . 2011-02-12 13:53 -------- d-----w- c:\programdata\ZA_PreservedFiles
2011-02-09 18:11 . 2011-01-05 03:37 2329088 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 18:11 . 2010-12-18 05:29 541184 ----a-w- c:\windows\system32\kerberos.dll
2011-02-08 17:41 . 2011-02-08 17:41 -------- d-----w- c:\users\PC\AppData\Roaming\Altap
2011-02-05 16:27 . 2011-02-05 16:27 -------- d-----w- c:\users\PC\AppData\Roaming\kLoOge
2011-02-05 13:47 . 2011-02-05 13:49 -------- d-----w- c:\program files\Zod Engine
2011-02-05 12:17 . 2007-11-06 23:19 655872 ----a-w- c:\windows\system32\msvcr90.dll
2011-02-05 12:17 . 2011-02-05 12:18 -------- d-----w- c:\program files\Miranda Micro 1.2
2011-02-03 14:02 . 2011-01-18 16:43 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-02-03 14:01 . 2011-01-18 16:43 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-02-02 18:25 . 2010-05-21 12:56 499796 ----a-w- c:\windows\system32\acs.exe
2011-02-02 18:25 . 2010-05-21 12:56 262216 ----a-w- c:\windows\system32\IPTests.dll
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\drivers\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:56 58208 ----a-w- c:\windows\system32\wsimd.sys
2011-02-02 18:25 . 2010-05-21 12:55 82017 ----a-w- c:\windows\system32\dsaNac.dll
2011-02-02 18:25 . 2010-05-21 12:55 254022 ----a-w- c:\windows\system32\wsfwDS.dll
2011-02-02 18:25 . 2010-05-21 12:55 249924 ----a-w- c:\windows\system32\wsimd.dll
2011-02-02 18:25 . 2010-05-21 12:55 1269854 ----a-w- c:\windows\system32\dsa.dll
2011-02-02 18:24 . 2010-05-21 12:55 77824 ----a-w- c:\windows\system32\wgapiloc.dll
2011-02-02 18:24 . 2010-05-21 12:55 422000 ----a-w- c:\windows\system32\wgapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 405504 ----a-w- c:\windows\system32\wcapi.dll
2011-02-02 18:24 . 2010-05-21 12:55 360539 ----a-w- c:\windows\system32\wcapiU.dll
2011-02-02 18:24 . 2010-05-21 12:55 311390 ----a-w- c:\windows\system32\athcfg20U.dll
2011-02-02 18:24 . 2010-05-21 12:55 237568 ----a-w- c:\windows\system32\athcfg20.dll
2011-02-02 18:24 . 2010-05-21 12:55 127079 ----a-w- c:\windows\system32\athcfg20resU.dll
2011-02-02 18:24 . 2010-05-21 12:55 127053 ----a-w- c:\windows\system32\athcfg20res.dll
2011-02-02 18:24 . 2011-02-02 18:24 -------- d-----w- c:\program files\TP-LINK
2011-02-02 17:33 . 2011-02-02 17:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-02-02 16:24 . 2011-02-02 16:24 -------- d-----w- c:\program files\Feedback Tool
2011-02-01 21:13 . 2010-01-05 02:31 1714176 ----a-r- c:\windows\system32\athuw.sys
2011-02-01 19:29 . 2011-02-01 19:29 -------- d-----w- c:\windows\Options
2011-02-01 19:10 . 2010-01-05 02:20 1500160 ----a-w- c:\windows\system32\drivers\athur.sys
2011-02-01 19:10 . 2010-01-05 18:20 1500160 ----a-r- c:\windows\system32\athur.sys
2011-02-01 19:09 . 2011-02-02 18:25 -------- d-----w- c:\programdata\TP-LINK
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\users\PC\AppData\Roaming\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\programdata\Canneverbe Limited
2011-02-01 17:10 . 2011-02-01 17:10 -------- d-----w- c:\program files\CDBurnerXP
2011-01-31 20:02 . 2011-01-31 20:02 -------- d-----w- c:\users\PC\AppData\Roaming\Foxit Software
2011-01-31 17:21 . 2011-01-31 17:21 135168 --sha-r- c:\windows\system32\wdscoreh.dll
2011-01-31 17:03 . 2011-02-01 20:25 -------- d-----w- c:\programdata\TamoSoft
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 16:36 . 2011-01-29 16:38 -------- d-----w- c:\program files\GURPS ® NPC Generator
2011-01-29 16:34 . 1997-07-19 14:55 1347344 ----a-w- c:\windows\system32\MSVBVM50.dll
2011-01-29 16:34 . 1997-01-15 23:00 71680 ----a-w- c:\windows\ST5UNST.EXE
2011-01-29 16:34 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5StKit.dll
2011-01-23 11:31 . 2011-01-23 11:37 -------- d-----w- c:\users\PC\AppData\Roaming\Trillian
2011-01-23 11:30 . 2011-01-23 11:52 -------- d-----w- c:\program files\Trillian
2011-01-23 10:26 . 2011-01-23 10:27 -------- d-----w- c:\program files\Digsby
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\users\PC\AppData\Roaming\AnvSoft
2011-01-19 22:03 . 2011-01-19 22:03 -------- d-----w- c:\program files\AnvSoft
2011-01-18 19:49 . 2011-02-08 15:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-01-18 19:49 . 2011-01-18 19:49 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-18 16:43 . 2011-01-18 16:43 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-01-17 19:39 . 2011-01-27 19:45 -------- d-----w- c:\users\PC\AppData\Roaming\AIMP
2011-01-17 19:39 . 2011-01-17 19:39 -------- d-----w- c:\program files\AIMP2
2011-01-15 18:43 . 2011-01-15 18:43 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-01-15 18:42 . 2011-01-15 18:43 -------- d-----w- c:\program files\gabob
2011-01-15 17:36 . 2011-01-15 17:36 -------- d-----w- c:\users\PC\.idlerc
2011-01-15 17:23 . 2011-01-15 17:35 -------- d-----w- C:\Python26
2011-01-15 12:31 . 2011-01-15 12:31 -------- d-----w- c:\program files\nbos
2011-01-15 12:08 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-14 19:57 . 2011-01-14 20:03 -------- d-----w- c:\program files\The KMPlayer
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-05 12:26 . 2010-06-18 19:05 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-26 07:28 . 2009-10-16 11:03 22632 ----a-w- c:\windows\system32\drivers\TsLwWfF.sys
2011-01-12 15:54 . 2010-05-22 07:16 1053288 ----a-w- c:\windows\system32\drivers\ts_arusb.sys
2011-01-10 21:07 . 2011-01-10 21:07 34064 ----a-w- c:\windows\system32\lhacm.acm
2010-12-23 09:49 . 2010-12-23 09:39 2829 ----a-w- c:\windows\War3Unin.pif
2010-12-23 09:49 . 2010-12-23 09:39 139264 ----a-w- c:\windows\War3Unin.exe
2010-12-13 07:40 . 2011-01-07 18:40 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-13 07:40 . 2011-01-07 18:40 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2006-05-03 09:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\System32\nbDX.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2010-10-14 23:31 147456 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2010-10-14 487424]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Pidgin"="c:\program files\Pidgin\pidgin.exe" [2011-02-07 48618]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-20 7625248]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"iConfig-z300"="c:\program files\Icon7\iConfig for Gamers\Z300\hid300.exe" [2010-06-13 358912]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"TWCU"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" [2010-05-21 561263]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
sunnybarre.exe - z stupce (2).lnk - d:\sta§ene soubory\barel.exe [2010-12-23 6064128]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
20Dollars2Surf.lnk - c:\program files\20Dollars2Surf\20dollars2surf.exe [2011-2-12 89088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX420W Series]
2009-09-14 07:00 200704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-17 18:52 1242448 ----a-w- d:\games\Steam\steam.exe
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc [x]
R3 cpuz130;cpuz130;c:\users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 GarenaPEngine;GarenaPEngine;c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 15:54 1053288]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-01-18 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WZCOOK;WEP/WPA-PMK key recovery service;d:\stažene soubory\aircrack-ng-1.1-win\aircrack-ng-1.1-win\bin\wzcook.exe [x]
R3 Z300Fltr;Icon7 Z300 Gaming Laser Mouse;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
S0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [2006-11-03 61312]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-17 691696]
S1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
S3 I7Z300Filter;Icon7_Z300;c:\windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
S3 netr28;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
------- Doplňkový sken -------
.
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
Trusted Zone: com\www.msi
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\gle2vz0z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15000
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?AF=15000
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 8\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
FF - Ext: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\PC\AppData\Local\Temp\UDC2BE0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:88,74,fa,c9,82,ef,34,6c,ec,3e,fd,17,60,90,d9,ef,42,b7,e2,2d,eb,fd,c8,
54,dc,b9,7c,df,82,7e,72,d5,61,c0,a9,48,c5,f0,5d,94,ae,32,58,74,81,a1,a9,70,\
"??"=hex:e2,06,90,c3,a9,ab,f7,ca,1c,f7,63,d7,3e,f2,89,5d
[HKEY_USERS\S-1-5-21-3491727313-2059114097-998879636-1000\Software\SecuROM\License information*]
"datasecu"=hex:ed,9b,c9,68,6f,b7,5a,f6,9d,a2,c1,61,aa,cb,10,ee,b7,03,be,c5,c8,
82,e9,2e,fd,89,3e,21,c8,12,f7,73,df,6d,70,74,08,e1,17,8c,11,f7,c2,82,af,cd,\
"rkeysecu"=hex:7e,8c,e0,5d,ab,dc,aa,0f,a1,1b,cb,4e,3b,88,1a,e6
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(2428)
c:\users\PC\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll
c:\program files\SugarSync\SugarSyncShellExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\Icon7\iConfig for Gamers\Tray.exe
d:\stažene soubory\barel.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-02-12 21:17:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-12 20:17
ComboFix2.txt 2011-02-12 19:14
Před spuštěním: Volných bajtů: 19 308 191 744
Po spuštění: Volných bajtů: 19 267 313 664
- - End Of File - - D9295F2D74BEF0FF153F9F1D74724C4E
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nejedou některé online věci.
Log již vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?