Řekl bych, že bude fungovat lépe, protože se mi díky tomu TDSSKiller podařilo spustit ten ComboFix.
Jinak PC samovolně nepadá, spadne jen když se něco pokazí s nějakým souborem co chci otevřít, jako např. ten ComboFix a dokonce ani pak nepadá při startu jako předtím. Doufám, že to vydrží.
Přikládám log z ComboFixu, který se potom konečně povedlo spustit:
ComboFix 11-02-05.01 - Ondřej 06.02.2011 22:21:15.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.6142.4594 [GMT 1:00]
Spuštěný z: c:\users\Ondřej\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ZoneAlarm Firewall *Disabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\twunk_32.exe
c:\windows\SysWow64\twunk_32.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-06 do 2011-02-06 )))))))))))))))))))))))))))))))
.
2011-02-06 21:27 . 2011-02-06 21:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-05 20:18 . 2011-02-05 20:18 -------- d-----w- c:\program files (x86)\Minecraft
2011-02-04 20:36 . 2011-02-04 20:36 -------- d-----w- C:\_OTL
2011-02-04 15:51 . 2011-02-04 15:51 -------- d-----w- c:\program files\CCleaner
2011-02-04 13:22 . 2010-11-16 16:45 104448 ------w- c:\windows\SysWow64\zlcommdb.dll
2011-02-04 13:22 . 2010-11-16 16:45 69120 ------w- c:\windows\SysWow64\zlcomm.dll
2011-02-04 13:22 . 2010-11-16 16:45 1238528 ------w- c:\windows\SysWow64\zpeng25.dll
2011-02-04 13:22 . 2011-02-04 13:22 -------- d-----w- c:\windows\SysWow64\ZoneLabs
2011-02-04 13:22 . 2011-02-04 13:22 -------- d-----w- c:\program files (x86)\Zone Labs
2011-02-04 13:22 . 2010-05-15 15:30 458840 ------w- c:\windows\system32\drivers\vsdatant.sys
2011-02-04 12:50 . 2011-02-06 21:02 -------- d-----w- c:\windows\Internet Logs
2011-02-04 12:27 . 2011-02-04 12:27 -------- d-----w- c:\users\Ondřej\AppData\Roaming\CheckPoint
2011-02-04 12:27 . 2011-02-04 12:27 -------- d-----w- c:\program files (x86)\Conduit
2011-02-04 12:26 . 2011-02-04 12:26 -------- d-----w- c:\program files\CheckPoint
2011-02-04 12:25 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-04 12:23 . 2011-02-04 12:23 -------- d-----w- c:\programdata\CheckPoint
2011-02-04 11:21 . 2011-02-04 11:21 -------- d-----w- c:\program files\ESET
2011-02-04 09:38 . 2011-02-04 14:45 -------- d-----w- c:\program files\trend micro
2011-02-04 08:38 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF45F3DC-5043-4381-BAE2-532C55778E8B}\mpengine.dll
2011-02-04 07:37 . 2011-02-04 07:37 -------- d-----w- c:\windows\system32\drivers\N360x64
2011-02-03 20:55 . 2011-02-03 21:17 -------- d-----w- c:\program files (x86)\Norton 360
2011-02-03 20:53 . 2011-02-03 20:53 -------- d-----w- c:\program files (x86)\NortonInstaller
2011-02-03 20:45 . 2011-02-04 08:06 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-02-03 20:43 . 2011-02-03 20:44 -------- d-----w- c:\program files (x86)\Symantec
2011-02-03 20:43 . 2011-02-03 20:45 -------- d-----w- c:\programdata\Symantec
2011-02-03 20:35 . 2011-02-03 21:07 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-02-03 20:28 . 2011-02-03 20:55 -------- d-----w- c:\programdata\Norton
2011-02-03 18:36 . 2011-02-03 19:45 -------- d-----w- c:\programdata\Kaspersky Lab
2011-02-03 17:20 . 2011-02-04 07:19 -------- d-----w- C:\rafazon
2011-02-03 16:57 . 2011-02-04 07:19 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2011-02-02 15:43 . 2011-02-02 15:43 -------- d-----w- c:\windows\Roaming
2011-02-02 15:43 . 2011-02-02 15:43 -------- d-----w- c:\programdata\Motive
2011-02-01 12:28 . 2011-02-04 08:21 -------- d-----w- c:\program files (x86)\PFPortChecker
2011-02-01 12:19 . 2011-02-04 08:22 -------- d-----w- c:\windows\Simple Port Forwarding
2011-02-01 12:19 . 2011-02-04 08:21 -------- d-----w- c:\program files (x86)\Simple Port Forwarding
2011-01-31 16:22 . 2011-02-01 15:51 -------- d-----w- C:\mineserver
2011-01-31 10:18 . 2011-01-31 10:18 -------- d-----w- c:\users\Ondřej\AppData\Local\LogMeIn
2011-01-31 10:18 . 2010-12-08 12:12 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-01-31 10:18 . 2010-12-08 12:12 60800 ----a-w- c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll
2011-01-31 10:18 . 2010-12-08 12:12 33152 ----a-w- c:\windows\system32\LMIport.dll
2011-01-31 10:18 . 2010-09-17 14:40 72216 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2011-01-31 10:18 . 2010-12-08 12:12 80768 ----a-w- c:\windows\system32\LMIinit.dll
2011-01-31 10:18 . 2011-02-04 08:21 -------- d-----w- c:\program files (x86)\LogMeIn
2011-01-31 10:12 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2011-01-31 10:11 . 2011-02-04 08:22 -------- d-----w- c:\users\Ondřej\AppData\Local\LogMeIn Hamachi
2011-01-29 15:22 . 2011-02-06 09:18 -------- d-----w- c:\users\Ondřej\AppData\Roaming\.minecraft
2011-01-29 14:26 . 2011-01-29 14:26 -------- d-----w- c:\users\Ondřej\AppData\Roaming\minecraft záloha
2011-01-29 13:44 . 2011-01-29 13:45 -------- d-----w- c:\users\Ondřej\AppData\Roaming\.minecraft – kopie
2011-01-29 12:22 . 2011-01-29 12:22 -------- d-----w- c:\users\Ondřej\AppData\Local\AMD
2011-01-29 12:22 . 2011-01-29 12:22 -------- d-----w- c:\programdata\ATI
2011-01-29 12:21 . 2011-01-29 12:21 -------- d-----w- c:\program files (x86)\ATI Stream
2011-01-29 12:21 . 2011-01-29 12:21 -------- d-----w- c:\programdata\AMD
2011-01-29 12:21 . 2010-02-18 08:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-01-29 12:21 . 2011-01-29 12:21 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-01-28 16:43 . 2011-01-28 16:43 -------- d-----w- c:\program files\iPod
2011-01-28 16:43 . 2011-01-28 16:44 -------- d-----w- c:\program files\iTunes
2011-01-28 16:43 . 2011-01-28 16:44 -------- d-----w- c:\program files (x86)\iTunes
2011-01-28 14:00 . 2011-01-28 14:00 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-28 13:58 . 2011-01-28 14:00 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-01-28 13:41 . 2011-01-28 13:41 -------- d-----w- c:\program files (x86)\MagicISO
2011-01-28 13:34 . 2011-01-28 13:34 -------- d-----w- c:\program files (x86)\Pixbyte
2011-01-28 12:41 . 2011-01-28 12:41 -------- d-----w- c:\users\Ondřej\AppData\Local\Mumble
2011-01-28 12:23 . 2011-02-06 20:05 -------- d-----w- c:\users\Ondřej\AppData\Roaming\X-Chat 2
2011-01-28 12:23 . 2011-01-28 12:23 -------- d-----w- c:\program files (x86)\X-Chat 2
2011-01-27 19:58 . 2011-01-27 20:00 -------- d-----w- c:\program files (x86)\CDex
2011-01-27 14:59 . 2011-01-27 15:01 -------- d-----w- c:\program files (x86)\EOM
2011-01-22 18:15 . 2011-01-22 18:15 -------- d-----w- C:\NST
2011-01-22 18:06 . 2011-01-22 18:06 -------- d-----w- c:\users\Ondřej\AppData\Local\NeoSmart_Technologies
2011-01-22 18:06 . 2011-01-22 18:06 -------- d-----w- c:\program files (x86)\NeoSmart Technologies
2011-01-22 15:27 . 2011-01-22 15:27 -------- d-----w- c:\program files (x86)\1C
2011-01-22 15:27 . 2005-08-23 04:40 1963520 ----a-w- c:\windows\setup_rangers_2.exe
2011-01-21 16:43 . 2011-01-28 09:29 -------- d-----w- c:\users\Ondřej\AppData\Roaming\2.minecraft- starý minecraft
2011-01-19 15:58 . 2011-01-19 15:58 -------- d-----w- c:\program files (x86)\Charles Forsyth
2011-01-18 20:08 . 2011-01-18 20:08 -------- d-----w- c:\users\Ondřej\AppData\Roaming\SynthMaker
2011-01-18 20:06 . 2011-01-18 20:06 -------- d-----w- c:\users\Ondřej\AppData\Roaming\Acoustica
2011-01-18 20:06 . 2009-12-14 15:25 57344 ------w- c:\windows\SysWow64\Wnaspint.dll
2011-01-18 20:05 . 2011-01-18 20:05 -------- d-----w- c:\program files (x86)\Acoustica Shared Effects
2011-01-18 20:00 . 2011-01-18 20:37 -------- d-----w- c:\program files (x86)\VST
2011-01-18 19:09 . 2011-01-18 19:09 -------- d-----w- c:\users\Ondřej\AppData\Roaming\PACE Anti-Piracy
2011-01-18 19:09 . 2011-01-18 19:09 -------- d-----w- c:\users\Ondřej\AppData\Local\PACE Anti-Piracy
2011-01-18 19:09 . 2011-01-18 19:09 -------- d-----w- c:\programdata\PACE Anti-Piracy
2011-01-18 19:09 . 2011-01-18 19:09 -------- d-----w- c:\program files (x86)\Common Files\PACE Anti-Piracy
2011-01-18 15:00 . 2011-01-18 15:00 -------- d-----w- c:\programdata\PaceAP
2011-01-16 17:22 . 2011-01-19 15:27 -------- d-----w- c:\users\Public\CyberLink
2011-01-16 17:22 . 2011-01-16 17:22 -------- d-----w- c:\users\Ondřej\AppData\Roaming\CyberLink
2011-01-16 17:22 . 2011-01-16 17:23 -------- d-----w- c:\programdata\CyberLink
2011-01-16 17:18 . 2011-01-16 17:18 -------- d-----w- c:\programdata\SmartSound Software Inc
2011-01-16 17:18 . 2011-01-16 17:18 -------- d-----w- c:\programdata\eSellerate
2011-01-16 17:18 . 2011-01-16 17:18 -------- d-----w- c:\program files (x86)\SmartSound Software
2011-01-16 17:18 . 2011-01-16 17:18 -------- d-----w- c:\program files (x86)\Cyberlink
2011-01-16 17:17 . 2011-01-16 17:25 -------- d-----w- c:\program files\CyberLink
2011-01-16 17:16 . 2011-01-16 17:16 -------- d-----w- c:\programdata\CLSK
2011-01-15 20:17 . 2011-01-15 20:17 -------- d-----w- c:\program files (x86)\Lame For Audacity
2011-01-15 20:17 . 2011-01-15 20:17 -------- d-----w- c:\program files (x86)\Audacity
2011-01-15 20:15 . 2011-01-28 14:02 -------- d-----w- c:\users\Ondřej\AppData\Roaming\Audacity
2011-01-15 20:15 . 2011-01-15 20:15 -------- d-----w- c:\program files (x86)\Audacity 1.3 Beta (Unicode)
2011-01-15 19:51 . 2011-01-15 19:51 -------- d-----w- c:\program files (x86)\MP4Converter
2011-01-15 16:32 . 2011-01-15 16:32 -------- d-----w- C:\test
2011-01-08 11:33 . 2011-01-08 11:33 -------- d-----w- c:\program files (x86)\MSXML 4.0
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2010-07-20 09:24 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-01 16:01 . 2011-02-01 15:59 13138607 ----a-w- C:\mineserver.zip
2011-01-26 19:16 . 2010-07-25 17:39 270904 ------w- c:\windows\SysWow64\PnkBstrB.xtr
2011-01-26 19:16 . 2010-07-25 16:54 270904 ------w- c:\windows\SysWow64\PnkBstrB.exe
2011-01-26 19:14 . 2010-07-25 16:54 215128 ------w- c:\windows\SysWow64\PnkBstrB.ex0
2011-01-24 20:49 . 2010-07-25 16:54 75136 ------w- c:\windows\SysWow64\PnkBstrA.exe
2011-01-08 16:13 . 2010-12-24 15:00 109144 ------w- c:\windows\SysWow64\OpenAL32.dll
2011-01-08 16:13 . 2010-07-20 09:04 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2011-01-08 16:13 . 2010-07-20 09:04 445016 ------w- c:\windows\SysWow64\wrap_oal.dll
2011-01-08 16:13 . 2010-07-20 09:04 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2011-01-05 03:37 . 2011-01-05 03:37 8283136 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-01-05 03:22 . 2011-01-05 03:22 22100480 ----a-w- c:\windows\system32\atio6axx.dll
2011-01-05 03:03 . 2011-01-05 03:03 17043968 ------w- c:\windows\SysWow64\atioglxx.dll
2011-01-05 03:02 . 2011-01-05 03:02 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-05 03:02 . 2010-05-27 17:02 596480 ------w- c:\windows\SysWow64\aticfx32.dll
2011-01-05 03:01 . 2010-05-27 17:02 708608 ----a-w- c:\windows\system32\aticfx64.dll
2011-01-05 02:58 . 2011-01-05 02:58 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-05 02:58 . 2011-01-05 02:58 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-05 02:57 . 2011-01-05 02:57 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-05 02:56 . 2011-01-05 02:56 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-01-05 02:56 . 2011-01-05 02:56 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-01-05 02:56 . 2011-01-05 02:56 356352 ------w- c:\windows\SysWow64\atipdlxx.dll
2011-01-05 02:55 . 2011-01-05 02:55 278528 ------w- c:\windows\SysWow64\Oemdspif.dll
2011-01-05 02:55 . 2011-01-05 02:55 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-05 02:55 . 2011-01-05 02:55 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-01-05 02:55 . 2011-01-05 02:55 43520 ------w- c:\windows\SysWow64\ati2edxx.dll
2011-01-05 02:52 . 2011-01-05 02:52 4101632 ------w- c:\windows\SysWow64\atidxx32.dll
2011-01-05 02:43 . 2010-05-27 16:46 4844544 ----a-w- c:\windows\system32\atidxx64.dll
2011-01-05 02:33 . 2011-01-05 02:33 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-01-05 02:33 . 2011-01-05 02:33 46080 ------w- c:\windows\SysWow64\aticalrt.dll
2011-01-05 02:33 . 2011-01-05 02:33 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-01-05 02:33 . 2010-07-07 01:28 4162048 ------w- c:\windows\SysWow64\atiumdag.dll
2011-01-05 02:33 . 2011-01-05 02:33 44032 ------w- c:\windows\SysWow64\aticalcl.dll
2011-01-05 02:33 . 2011-01-05 02:33 6815232 ----a-w- c:\windows\system32\aticaldd64.dll
2011-01-05 02:32 . 2011-01-05 02:32 1208320 ----a-w- c:\windows\system32\atiumd6v.dll
2011-01-05 02:32 . 2011-01-05 02:32 3218944 ----a-w- c:\windows\system32\atiumd6a.dll
2011-01-05 02:31 . 2011-01-05 02:31 5441024 ------w- c:\windows\SysWow64\aticaldd.dll
2011-01-05 02:28 . 2010-05-27 16:35 58880 ----a-w- c:\windows\system32\coinst.dll
2011-01-05 02:27 . 2011-01-05 02:27 5305856 ----a-w- c:\windows\system32\atiumd64.dll
2011-01-05 02:25 . 2010-07-07 01:23 3461120 ------w- c:\windows\SysWow64\atiumdva.dll
2011-01-05 02:20 . 2011-01-05 02:20 353792 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-05 02:20 . 2011-01-05 02:20 249856 ------w- c:\windows\SysWow64\atiadlxy.dll
2011-01-05 02:19 . 2011-01-05 02:19 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 12800 ------w- c:\windows\SysWow64\atiglpxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 32256 ----a-w- c:\windows\system32\atig6txx.dll
2011-01-05 02:19 . 2011-01-05 02:19 27648 ------w- c:\windows\SysWow64\atigktxx.dll
2011-01-05 02:19 . 2011-01-05 02:19 294400 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-01-05 02:18 . 2010-05-27 16:25 39936 ----a-w- c:\windows\system32\atiuxp64.dll
2011-01-05 02:18 . 2011-01-05 02:18 30720 ------w- c:\windows\SysWow64\atiuxpag.dll
2011-01-05 02:18 . 2010-09-16 19:31 38400 ----a-w- c:\windows\system32\atiu9p64.dll
2011-01-05 02:18 . 2010-05-27 16:24 28672 ------w- c:\windows\SysWow64\atiu9pag.dll
2011-01-05 02:17 . 2011-01-05 02:17 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-01-05 02:11 . 2011-01-05 02:11 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-01-05 02:11 . 2011-01-05 02:11 52736 ------w- c:\windows\SysWow64\atimpc32.dll
2011-01-05 02:11 . 2011-01-05 02:11 52736 ------w- c:\windows\SysWow64\amdpcom32.dll
2010-12-24 08:15 . 2010-12-24 08:15 86016 ------w- c:\windows\SysWow64\frapsvid.dll
2010-12-24 08:15 . 2010-12-24 08:15 84992 ----a-w- c:\windows\system32\frapsv64.dll
2010-12-21 14:04 . 2010-12-21 14:04 170640 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-12-21 14:04 . 2010-12-21 14:04 141264 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-12-21 12:47 . 2010-12-21 12:47 125296 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2010-12-07 11:17 . 2010-12-07 11:17 51200 ------w- c:\windows\SysWow64\OpenCL.dll
2010-12-07 11:15 . 2010-12-07 11:15 52736 ----a-w- c:\windows\system32\OpenCL.dll
2010-11-29 16:38 . 2010-11-29 16:38 94208 ------w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ------w- c:\windows\SysWow64\QuickTime.qts
2010-11-17 12:04 . 2010-11-17 12:04 115216 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2010-11-12 17:53 . 2010-07-22 16:48 472808 ------w- c:\windows\SysWow64\deployJava1.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2010-11-16 1043968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
R2 IObitBarService;IObit Toolbar Service;c:\progra~2\IObitBar\toolbar\1.bin\i0barsvc.exe [x]
R3 ALSysIO;ALSysIO;c:\users\ONDEJ~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cmudaxp;ASUS Xonar DX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [x]
R3 cpuz130;cpuz130;c:\users\ADMINI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-08-03 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-08-03 79360]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-11-03 1030600]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-22 1255736]
R3 WPFFontCache_v0400;WPFFontCache_v0400;c:\windows\Microsoft.NET\Framework64\v4.0.21006\WPF\WPFFontCache_v0400.exe [x]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-31 834544]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-28 254528]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-05 203776]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 354304]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-12-08 373640]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-05 8283136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-05 294400]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
S3 Ctafiltv;Ctafiltv;c:\windows\system32\drivers\Ctafiltv.sys [2008-08-14 24064]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-10-19 39480]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - klmd25
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2011-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 13:30]
2011-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-29 13:30]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-11-16 500208]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://
www.google.cz/
uInternet Settings,ProxyServer = http=
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
FF - ProfilePath - c:\users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\5163027y.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Translate:
jayakrishnan@gmail.com - %profile%\extensions\
jayakrishnan@gmail.com
FF - Ext: FastestFox:
smarterwiki@wikiatic.com - %profile%\extensions\
smarterwiki@wikiatic.com
FF - Ext: Auto Hide IP:
support@auto-hide-ip.com - %profile%\extensions\
support@auto-hide-ip.com
FF - Ext: YouTube to MP3:
youtube2mp3@mondayx.de - %profile%\extensions\
youtube2mp3@mondayx.de
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
FF - Ext: All-in-One Sidebar: {097d3191-e6fa-4728-9826-b533d755359d} - %profile%\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: ZoneAlarm Security Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: BBCode: {AE37D527-6604-461c-8102-975CF8053A2F} - %profile%\extensions\{AE37D527-6604-461c-8102-975CF8053A2F}
FF - Ext: Adaptive Referer Remover: {4df2d0b1-441c-423f-b7a4-f7516f170aab} - %profile%\extensions\{4df2d0b1-441c-423f-b7a4-f7516f170aab}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - c:\program files (x86)\IObitBar\toolbar\1.bin\i0bar.dll
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-Empire of Magic - c:\program files (x86)\EOM\Uninstall.exe[ProgramFilesPath]\EOM
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Ondřej\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_ \00\00 \00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~ \00\00 \00\00\00\00 \00\00\00\00\00\00\00\00‘’“"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3662217667-1811486626-224088579-1001\Software\SecuROM\License information*]
"datasecu"=hex:37,8b,31,d9,04,e6,82,5c,f1,e1,07,c8,a4,72,b0,85,ef,2b,9c,ce,c2,
59,d6,59,c2,56,3f,e4,56,ce,6c,e5,bc,2a,b5,fc,34,46,96,18,b4,79,6a,f9,99,6b,\
"rkeysecu"=hex:07,fe,44,64,e0,c3,42,c0,05,e6,63,fe,aa,19,a1,fb
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10g.ocx, 1"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-02-06 22:28:40
ComboFix-quarantined-files.txt 2011-02-06 21:28
Před spuštěním: Volných bajtů: 203 485 663 232
Po spuštění: Volných bajtů: 202 901 540 864
- - End Of File - - 6A1A24494B9C126A86459B570F0DC692
Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe