VIRY.CZ

Dobrý večer,

Prosím o pomoc s kontrolou počítače. Zdá se mi poslední dobou pomalejší, v task manageru se objevuje igfxpers.exe (jde killnout) z Windows\System32, nicméně tam je vidět jen občas a nejde např. nabrowsit pro kontrolu na virustotal.com. Dříve se myslím neobjevoval. Počítač je notebook Lenovo ThinkPad W500 s ATI Mobility Radeon HD 3650. Přikládám log z RSIT a screenshot System32.

Děkuji, Zdeněk.

Logfile of random's system information tool 1.06 (written by random/random)
Run by slavikz at 2010-04-30 21:35:33
Microsoft® Windows Vista™ Enterprise Service Pack 1
System drive C: has 30 GB (20%) free of 153 GB
Total RAM: 4025 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:35:47 PM, on 4/30/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18444)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\conime.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files (x86)\FeedReader30\feedreader.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Symantec AntiVirus\VPTray.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files (x86)\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files (x86)\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe
C:\PROGRA~2\COMMON~1\Nokia\Services\SERVIC~1.EXE
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\totalcmd\TOTALCMD.EXE
C:\_zdenek\sw downloads\antivir\RSIT.exe
C:\_zdenek\sw downloads\antivir\slavikz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://infosys.autodesk.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://infosys.autodesk.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by IT Desktop Productivity
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~2\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPKMAPHELPER] "C:\Program Files (x86)\ThinkPad\Utilities\TpKmapAp.exe" -helper
O4 - HKLM\..\Run: [TPFNF7] "C:\Program Files (x86)\Lenovo\NPDIRECT\TPFNF7SP.exe" /r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Nokia Tray Application] "C:\Program Files (x86)\Common Files\Nokia\NCLTools\NclTray.exe"
O4 - HKLM\..\Run: [Communicator] "C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe" /fromrunkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files (x86)\FeedReader30\feedreader.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files (x86)\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CCTray.lnk = C:\Program Files (x86)\CCTray\cctray.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: MozyEnterprise Status.lnk = C:\Program Files\MozyEnterprise\mozyentstat.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: *.autodesk.ca
O15 - Trusted Zone: *.autodesk.co.jp
O15 - Trusted Zone: *.autodesk.co.kr
O15 - Trusted Zone: *.autodesk.co.nz
O15 - Trusted Zone: *.autodesk.co.uk
O15 - Trusted Zone: *.ads.autodesk.com
O15 - Trusted Zone: cbprd.autodesk.com
O15 - Trusted Zone: http://petaim-vip.autodesk.com
O15 - Trusted Zone: sblst.autodesk.com
O15 - Trusted Zone: *.autodesk.com
O15 - Trusted Zone: *.autodesk.cz
O15 - Trusted Zone: *.autodesk.de
O15 - Trusted Zone: *.autodesk.dk
O15 - Trusted Zone: *.autodesk.es
O15 - Trusted Zone: *.autodesk.fr
O15 - Trusted Zone: *.autodesk.hu
O15 - Trusted Zone: *.autodesk.it
O15 - Trusted Zone: *.autodesk.nl
O15 - Trusted Zone: *.autodesk.no
O15 - Trusted Zone: *.autodesk.pl
O15 - Trusted Zone: *.autodesk.pt
O15 - Trusted Zone: *.autodesk.ru
O15 - Trusted Zone: *.autodesk.se
O15 - Trusted Zone: *.autodesk.com.au
O15 - Trusted Zone: *.autodesk.com.br
O15 - Trusted Zone: *.autodesk.com.cn
O15 - Trusted Zone: *.autodesk.com.hk
O15 - Trusted Zone: *.autodesk.com.my
O15 - Trusted Zone: *.autodesk.com.sg
O15 - Trusted Zone: *.autodesk.com.tw
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://kauai.autodesk.com/dana-cached/ ... Client.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ads.autodesk.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ads.autodesk.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Altiris Deployment Agent - Altiris, Inc. - C:\Program Files (x86)\Altiris\Dagent\dagent.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9ab26a9ed7bf0) (gupdate1c9ab26a9ed7bf0) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MozyEnterprise Backup Service (mozyentbackup) - EMC Corporation - C:\Program Files\MozyEnterprise\mozyentbackup.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SessionLauncher - Unknown owner - C:\Windows\TEMP\DX9\SessionLauncher.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Verdiem Surveyor Client (SurveyorSD) - Verdiem Corporation - C:\Program Files\Verdiem\SurveyorSD\Bin\SurveyorSD.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\Windows\system32\TpKmpSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 12410 bytes

======Scheduled tasks folder======

C:\Windows\tasks\At1.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"ccApp"=C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2006-12-07 107112]
"vptray"=C:\PROGRA~2\SYMANT~1\VPTray.exe [2006-12-14 134808]
"EZEJMNAP"=C:\PROGRA~2\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-06-05 242976]
"TPKMAPHELPER"=C:\Program Files (x86)\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"TPFNF7"=C:\Program Files (x86)\Lenovo\NPDIRECT\TPFNF7SP.exe [2008-07-31 60192]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Nokia Tray Application"=C:\Program Files (x86)\Common Files\Nokia\NCLTools\NclTray.exe [2003-01-03 425984]
"Communicator"=C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe [2009-12-12 5114208]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"feedreader.exe"=C:\Program Files (x86)\FeedReader30\feedreader.exe [2009-03-29 2058240]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-10-09 25623336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\ThinkPad\Bluetooth Software\BTTray.exe
MozyEnterprise Status.lnk - C:\Program Files (x86)\MozyEnterprise\mozyentstat.exe

C:\Users\slavikz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CCTray.lnk - C:\Program Files (x86)\CCTray\cctray.exe
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FCSAM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FCSAM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=0
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3e7f8ee-f049-11dd-9597-002186a0634e}]
shell\AutoRun\command - E:\Autorun\Autorun.exe


======File associations======

.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - C:\Program Files (x86)\Crimson Editor\cedt.exe "%1"

======List of files/folders created in the last 1 months======

2010-04-30 21:35:33 ----D---- C:\rsit
2010-04-30 21:34:32 ----D---- C:\32788R22FWJFW
2010-04-30 21:11:45 ----A---- C:\Windows\system32\dobhdy.txt
2010-04-30 21:11:31 ----D---- C:\deleted
2010-04-30 20:57:20 ----A---- C:\cytbok.txt
2010-04-25 22:09:47 ----D---- C:\Users\slavikz\AppData\Roaming\vlc
2010-04-25 22:08:58 ----D---- C:\Program Files (x86)\VideoLAN
2010-04-20 08:01:48 ----D---- C:\Users\slavikz\AppData\Roaming\FLVPlayer4Free
2010-04-20 07:57:12 ----D---- C:\Users\slavikz\AppData\Roaming\Media Player Classic
2010-04-16 13:49:54 ----D---- C:\Program Files (x86)\MSECache
2010-04-14 08:29:08 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 08:28:59 ----A---- C:\Windows\system32\cabview.dll
2010-04-14 08:28:49 ----A---- C:\Windows\system32\wintrust.dll
2010-03-31 08:25:30 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 08:25:25 ----A---- C:\Windows\system32\occache.dll
2010-03-31 08:25:24 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 08:25:24 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 08:25:23 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 08:25:20 ----A---- C:\Windows\system32\ieapfltr.dll
2010-03-31 08:25:19 ----A---- C:\Windows\system32\mshtmled.dll
2010-03-31 08:25:19 ----A---- C:\Windows\system32\iertutil.dll
2010-03-31 08:25:18 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-31 08:25:17 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-31 08:25:16 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 08:25:16 ----A---- C:\Windows\system32\ieaksie.dll
2010-03-31 08:25:15 ----A---- C:\Windows\system32\mstime.dll
2010-03-31 08:25:15 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-31 08:25:15 ----A---- C:\Windows\system32\ieencode.dll
2010-03-31 08:25:14 ----A---- C:\Windows\system32\jsproxy.dll

======List of files/folders modified in the last 1 months======

2010-04-30 21:30:41 ----D---- C:\Users\slavikz\AppData\Roaming\Skype
2010-04-30 21:17:39 ----A---- C:\Windows\SMSCFG.ini
2010-04-30 21:15:38 ----D---- C:\Windows\Temp
2010-04-30 21:11:45 ----D---- C:\Windows\SysWOW64
2010-04-30 21:11:45 ----D---- C:\Windows\system32\drivers
2010-04-30 21:09:16 ----DC---- C:\_zdenek
2010-04-30 21:05:21 ----D---- C:\Users\slavikz\AppData\Roaming\skypePM
2010-04-30 20:57:13 ----SHD---- C:\System Volume Information
2010-04-30 20:39:18 ----SHD---- C:\Windows\Installer
2010-04-30 20:39:18 ----A---- C:\Windows\wininit.ini
2010-04-30 20:39:17 ----D---- C:\Program Files (x86)\Common Files
2010-04-30 20:37:09 ----RD---- C:\Program Files (x86)
2010-04-30 20:37:09 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2010-04-30 20:37:09 ----D---- C:\Program Files (x86)\Common Files\Sonic Shared
2010-04-30 20:37:09 ----AD---- C:\_evo
2010-04-30 20:35:15 ----RSD---- C:\Windows\Fonts
2010-04-30 20:34:57 ----D---- C:\ProgramData\Roxio
2010-04-30 16:05:03 ----D---- C:\_swap
2010-04-30 15:56:55 ----D---- C:\_evo setup
2010-04-30 10:59:31 ----D---- C:\Windows\Prefetch
2010-04-30 09:11:32 ----D---- C:\Windows
2010-04-27 18:56:00 ----D---- C:\Users\slavikz\AppData\Roaming\Simple Sudoku
2010-04-27 14:29:23 ----HD---- C:\ProgramData
2010-04-26 17:55:19 ----D---- C:\Windows\System32
2010-04-26 17:55:19 ----D---- C:\Windows\inf
2010-04-20 08:03:11 ----RD---- C:\Program Files
2010-04-14 23:20:28 ----D---- C:\Users\slavikz\AppData\Roaming\Adobe
2010-04-14 23:20:28 ----D---- C:\ProgramData\Adobe
2010-04-14 12:08:36 ----D---- C:\ProgramData\Microsoft Help
2010-04-14 12:04:36 ----D---- C:\Windows\winsxs
2010-04-14 12:04:11 ----A---- C:\Windows\vbaddin.ini
2010-04-02 16:02:30 ----RD---- C:\Users
2010-04-02 14:24:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-03-31 18:10:00 ----D---- C:\Program Files (x86)\Google
2010-03-31 18:06:54 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R1 DLACDBHE;DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS []
R1 DLARTL_E;DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2009-08-27 475696]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys []
R1 mozyentFilter;mozyentFilter; C:\Windows\system32\DRIVERS\mozyent.sys []
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [2006-11-22 394600]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [2006-11-22 30104]
R2 DLABMFSE;DLABMFSE; C:\Windows\System32\DLA\DLABMFSE.SYS []
R2 DLABOIOE;DLABOIOE; C:\Windows\System32\DLA\DLABOIOE.SYS []
R2 DLADResE;DLADResE; C:\Windows\System32\DLA\DLADResE.SYS []
R2 DLAIFS_E;DLAIFS_E; C:\Windows\System32\DLA\DLAIFS_E.SYS []
R2 DLAOPIOE;DLAOPIOE; C:\Windows\System32\DLA\DLAOPIOE.SYS []
R2 DLAPoolE;DLAPoolE; C:\Windows\System32\DLA\DLAPoolE.SYS []
R2 DLAUDF_E;DLAUDF_E; C:\Windows\System32\DLA\DLAUDF_E.SYS []
R2 DLAUDFAE;DLAUDFAE; C:\Windows\System32\DLA\DLAUDFAE.SYS []
R2 DRVEDDM;DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS []
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys []
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys []
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys []
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys []
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
R3 dsNcAdpt;Juniper Network Connect Adapter; C:\Windows\system32\DRIVERS\dsNcAdpt.sys []
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys []
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-27 132656]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys []
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2008-07-28 255424]
R3 NAVENG;NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20100429.003\ENG64.SYS [2010-02-16 116272]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20100429.003\EX64.SYS [2010-02-16 1742896]
R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ; C:\Windows\system32\DRIVERS\NETw5v64.sys []
R3 prepdrvr;SMS Process Event Driver; \??\C:\Windows\SysWOW64\CCM\prepdrv.sys [2009-09-18 26992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys []
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\Windows\system32\DRIVERS\MSIRCOMM.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [2006-11-22 426392]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\Windows\system32\DRIVERS\irstusb.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S3 VSPerfDrv90;Performance Tools Driver 9.0; \??\C:\Program Files (x86)\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\x64\VSPerfDrv90.sys [2007-09-04 71024]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 iaNvStor;Intel(R) Turbo Memory Controller; C:\Windows\system32\drivers\ianvstor.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Altiris Deployment Agent;Altiris Deployment Agent; C:\Program Files (x86)\Altiris\Dagent\dagent.exe [2007-07-21 557568]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2008-03-17 794664]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2006-12-07 107624]
R2 CcmExec;SMS Agent Host; C:\Windows\SysWOW64\CCM\CcmExec.exe [2009-09-18 764768]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2006-12-07 107624]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe [2006-12-14 30872]
R2 dsNcService;Juniper Network Connect Service; C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe [2009-12-09 615720]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-06 1371136]
R2 FCSAM;Microsoft Forefront Client Security Antimalware Service; c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe [2010-01-19 16368]
R2 FcsSas;Microsoft Forefront Client Security State Assessment Service; c:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe [2007-04-06 77216]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe []
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MOM;MOM; c:\Program Files (x86)\Microsoft Forefront\Client Security\Client\Microsoft Operations Manager 2005\MOMService.exe [2005-07-21 134656]
R2 mozyentbackup;MozyEnterprise Backup Service; C:\Program Files\MozyEnterprise\mozyentbackup.exe [2010-01-04 83280]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 NMSAccessU;NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-06 826368]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 SurveyorSD;Verdiem Surveyor Client; C:\Program Files\Verdiem\SurveyorSD\Bin\SurveyorSD.exe [2009-03-20 3628800]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe [2006-12-14 1962136]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2008-03-27 58736]
R2 TpKmpSVC;IBM KCU Service; C:\Windows\system32\TpKmpSVC.exe [2006-06-30 32768]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe []
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 gupdate1c9ab26a9ed7bf0;Google Update Service (gupdate1c9ab26a9ed7bf0); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-03-22 133104]
S2 SessionLauncher;SessionLauncher; C:\Windows\TEMP\DX9\SessionLauncher.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-24 68096]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 smstsmgr;SMS Task Sequence Agent; C:\Windows\SysWOW64\CCM\TSManager.exe [2009-09-18 246624]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-11-08 4761416]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Nokia Tray Application] "C:\Program Files (x86)\Common Files\Nokia\NCLTools\NclTray.exe"
O4 - HKLM\..\Run: [Communicator] "C:\Program Files (x86)\Microsoft Office Communicator\communicator.exe" /fromrunkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files (x86)\FeedReader30\feedreader.exe"
O4 - Startup: CCTray.lnk = C:\Program Files (x86)\CCTray\cctray.exe
O4 - Global Startup: MozyEnterprise Status.lnk = C:\Program Files\MozyEnterprise\mozyentstat.exe

HJT najdeš zde :

C:\_zdenek\sw downloads\antivir\slavikz.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !


Nakonec použij Mbam z mého podpisu.

Má to nějakou souvislost s tím problémem s igfxpers.exe? Přijde mi že to jsou jen malé utilitky spouštěné při startu compu, podle virustotal.com jsou čisté.

Děkuji,
Zdeněk

Nejde o to že jsou ty prográmky malé ale o to že je zbytečné aby se při startu PC spouštěli a tím zatěžovali paměť,

tak proto je chci fixnout.

Jinak igfxpers.exe patří k integrované grafice, smazat nejde ale můžeš ho trvale vypnout na Startup kartě ve složce Systém.

Pak bych rád ten log z Mbam.

"fixnul" jsem Reader_sl.exe, NClTray.exe a QTTask.exe, ostatní jsou používané.

Log z MBamu:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4065

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

5/4/2010 8:00:10 PM
mbam-log-2010-05-04 (20-00-10).txt

Scan type: Quick scan
Objects scanned: 140356
Time elapsed: 5 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lbsucck (Rootkit.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uekghfqx (Rootkit.Agent) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\System32\drivers\amxfhmo.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\enxvlqr.sys (Rootkit.Agent) -> No action taken.

Vše co Mbam našel nech smazat.

Stáhni Gmer rozbal archiv a spusť

proběhne sken kdy po jeho ukončení na tebe vypadne výsledek

poté klikni na Save tím se log uloží, zkopíruj ho sem.

Pokud není něco jasné je ZDE návod.

Dobrý večer,

Mbam-em odstraněno co našel, Gmer nenašel už nic. Pokud nejsou další kroky, dám vědět, jak se počítač chová po krátkém prozkoušení.

Díky,
Zdeněk

Dobře, zatím se měj.