VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=107998

Stránka 1 z 1

Kontrola logu

Napsal: 30 pro 2010 19:10
od marek23275111
Prosím o kontrolu logu.Zdá se mi,že PC je trošku pomalejší..............



Logfile of random's system information tool 1.08 (written by random/random)
Run by Marek at 2010-12-30 19:07:00
Microsoft Windows 7 Home Premium
System drive C: has 34 GB (62%) free of 55 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:38, on 30.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\System32\UGMPan.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Vuze\Azureus.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [UGMPan.exe] UGMPan.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F4589AA-ED4C-4A84-AF6B-9106E273F651}: NameServer = 192.168.0.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8E6B093-BE70-410A-978B-DF8FC839E346}: NameServer = 10.0.150.150,213.195.202.5
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 6951 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3855398630-1744261165-1773741348-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3855398630-1744261165-1773741348-1000UA.job
C:\Windows\tasks\PCConfidential.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2010-11-28 54704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-11-28 775696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-22 2732896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-11-28 775696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"UGMPan.exe"=C:\Windows\system32\UGMPan.exe [2009-12-01 326240]
"NPSStartup"= []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-11-28 28783]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\Windows\system32\CTHELPER.EXE [2010-03-18 19456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-11-28 28783]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-30 19:07:01 ----D---- C:\Program Files\trend micro
2010-12-30 19:07:00 ----D---- C:\rsit
2010-12-24 13:09:13 ----D---- C:\Program Files\Avanquest update
2010-12-24 10:29:41 ----A---- C:\Windows\system32\drivers\ss_bwh.sys
2010-12-24 10:29:41 ----A---- C:\Windows\system32\drivers\ss_bcm.sys
2010-12-24 10:29:05 ----D---- C:\ProgramData\Samsung
2010-12-24 10:28:23 ----A---- C:\Windows\system32\FsUsbExService.Exe
2010-12-24 10:28:23 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2010-12-24 10:28:23 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2010-12-24 10:28:07 ----D---- C:\Users\Marek\AppData\Roaming\Samsung
2010-12-24 10:27:22 ----D---- C:\Program Files\Samsung
2010-12-22 21:06:22 ----D---- C:\Users\Marek\AppData\Roaming\vghd
2010-12-22 19:54:37 ----D---- C:\Users\Marek\AppData\Roaming\Ahead
2010-12-22 19:54:14 ----D---- C:\ProgramData\Ahead
2010-12-22 19:53:02 ----D---- C:\ProgramData\Nero
2010-12-22 19:53:02 ----D---- C:\Program Files\Nero
2010-12-22 19:53:02 ----D---- C:\Program Files\Common Files\Ahead
2010-12-22 19:49:13 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-12-22 19:49:12 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-12-21 20:08:24 ----D---- C:\Program Files\CCleaner
2010-12-20 16:30:06 ----D---- C:\Users\Marek\AppData\Roaming\FastStone
2010-12-20 16:29:57 ----D---- C:\Program Files\FastStone Image Viewer
2010-12-19 19:59:21 ----D---- C:\Program Files\TomTom HOME 2
2010-12-19 18:17:36 ----D---- C:\Users\Marek\AppData\Roaming\VitySoft
2010-12-15 19:58:24 ----D---- C:\ProgramData\NVIDIA
2010-12-15 19:30:04 ----D---- C:\ProgramData\NVIDIA Corporation
2010-12-15 19:30:01 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-15 19:29:31 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-12-15 19:29:27 ----A---- C:\Windows\system32\drivers\ks.sys
2010-12-15 19:15:10 ----A---- C:\Windows\system32\CPFilters.dll
2010-12-15 19:15:09 ----A---- C:\Windows\system32\psisdecd.dll
2010-12-15 19:15:09 ----A---- C:\Windows\system32\msdri.dll
2010-12-15 19:14:45 ----A---- C:\Windows\system32\ntdll.dll
2010-12-15 19:14:45 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-12-15 19:14:44 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-12-15 19:14:44 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-12-15 19:14:44 ----A---- C:\Windows\system32\secproc_isv.dll
2010-12-15 19:14:44 ----A---- C:\Windows\system32\secproc.dll
2010-12-15 19:14:44 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-12-15 19:14:44 ----A---- C:\Windows\system32\RMActivate.exe
2010-12-15 19:14:43 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-12-15 19:14:43 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-12-15 19:14:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-12-15 19:14:22 ----A---- C:\Windows\system32\oleaut32.dll
2010-12-15 19:00:33 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 19:00:32 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 19:00:32 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 19:00:31 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 19:00:30 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 19:00:30 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 19:00:29 ----A---- C:\Windows\system32\tzres.dll
2010-12-15 19:00:22 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 19:00:22 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 19:00:22 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 19:00:22 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 19:00:22 ----A---- C:\Windows\system32\schtasks.exe
2010-12-15 19:00:22 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 19:00:21 ----A---- C:\Windows\system32\webio.dll
2010-12-15 19:00:21 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 19:00:21 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 19:00:20 ----A---- C:\Windows\system32\win32k.sys
2010-12-15 19:00:20 ----A---- C:\Windows\system32\consent.exe
2010-12-14 17:50:24 ----D---- C:\ProgramData\TomTom
2010-12-14 17:50:14 ----D---- C:\Users\Marek\AppData\Roaming\TomTom
2010-12-14 17:50:07 ----D---- C:\Program Files\TomTom International B.V
2010-12-14 17:47:32 ----D---- C:\Program Files\TomTom DesktopSuite
2010-12-14 14:50:27 ----D---- C:\Users\Marek\AppData\Roaming\VS Revo Group
2010-12-14 13:05:55 ----D---- C:\Program Files\MagicISO
2010-12-13 21:02:26 ----A---- C:\Windows\treeskp.sys
2010-12-12 23:09:12 ----D---- C:\Program Files\Common Files\Totem Shared
2010-12-11 22:44:11 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2010-12-11 22:44:11 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2010-12-11 22:44:11 ----A---- C:\Windows\system32\drivers\ggflt.sys
2010-12-11 22:43:49 ----D---- C:\ProgramData\Sun
2010-12-11 22:43:49 ----D---- C:\Program Files\Common Files\Java
2010-12-11 22:42:13 ----A---- C:\Windows\system32\javaws.exe
2010-12-11 22:42:13 ----A---- C:\Windows\system32\javaw.exe
2010-12-11 22:42:13 ----A---- C:\Windows\system32\java.exe
2010-12-11 22:42:13 ----A---- C:\Windows\system32\deployJava1.dll
2010-12-11 22:41:50 ----D---- C:\Program Files\Java
2010-12-11 22:18:25 ----D---- C:\ProgramData\BVRP Software
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017whnt.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017wh.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017unic.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017obex.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017nd5.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017mgmt.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017mdm.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017mdfl.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017cr.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017cmnt.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017cm.sys
2010-12-11 22:17:23 ----A---- C:\Windows\system32\drivers\s0017bus.sys
2010-12-11 22:17:18 ----D---- C:\ProgramData\Sony Ericsson
2010-12-11 22:17:18 ----D---- C:\Program Files\Sony Ericsson
2010-12-08 04:12:38 ----A---- C:\Windows\system32\drivers\avgldx86.sys
2010-12-02 22:26:01 ----D---- C:\ProgramData\Google
2010-12-02 21:21:20 ----D---- C:\Program Files\Google
2010-12-02 17:34:22 ----D---- C:\Program Files\MSXML 4.0

======List of files/folders modified in the last 1 months======

2010-12-30 19:07:33 ----D---- C:\Windows\Temp
2010-12-30 19:07:31 ----D---- C:\Windows\Prefetch
2010-12-30 19:07:01 ----RD---- C:\Program Files
2010-12-30 19:06:36 ----D---- C:\Users\Marek\AppData\Roaming\Azureus
2010-12-30 18:34:11 ----A---- C:\Windows\system32\REMOTEDEVICE.INI
2010-12-30 18:30:45 ----A---- C:\Windows\system32\LOCALSERVICE.INI
2010-12-30 18:30:45 ----A---- C:\Windows\system32\LOCALDEVICE.INI
2010-12-30 18:30:45 ----A---- C:\Windows\system32\bscs.ini
2010-12-30 14:56:23 ----D---- C:\Windows\System32
2010-12-30 14:56:23 ----D---- C:\Windows\inf
2010-12-30 14:56:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-30 14:50:10 ----D---- C:\Windows\system32\catroot2
2010-12-30 14:50:06 ----SHD---- C:\System Volume Information
2010-12-30 14:32:05 ----D---- C:\Windows\system32\config
2010-12-30 14:24:25 ----D---- C:\Windows\system32\drivers\AVG
2010-12-29 19:28:58 ----SHD---- C:\Windows\Installer
2010-12-28 15:57:08 ----D---- C:\Windows\system32\Tasks
2010-12-28 15:49:18 ----D---- C:\Windows
2010-12-25 19:03:34 ----D---- C:\Windows\system32\DriverStore
2010-12-25 18:38:30 ----A---- C:\Windows\system32\SHORTCUT.INI
2010-12-25 18:23:32 ----D---- C:\Windows\system32\NDF
2010-12-25 09:40:33 ----D---- C:\Windows\system32\catroot
2010-12-24 21:03:45 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2010-12-24 16:47:06 ----D---- C:\Users\Marek\AppData\Roaming\skypePM
2010-12-24 13:11:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-24 12:44:31 ----D---- C:\Users\Marek\AppData\Roaming\Free Download Manager
2010-12-24 11:57:08 ----D---- C:\Windows\winsxs
2010-12-24 11:55:22 ----D---- C:\Windows\system32\drivers
2010-12-24 10:29:05 ----HD---- C:\ProgramData
2010-12-24 10:28:03 ----D---- C:\Windows\SoftwareDistribution
2010-12-22 19:53:40 ----D---- C:\Windows\ehome
2010-12-22 19:53:02 ----D---- C:\Program Files\Common Files
2010-12-21 20:12:04 ----D---- C:\Windows\debug
2010-12-18 10:59:40 ----D---- C:\Program Files\AVG
2010-12-18 10:59:28 ----AD---- C:\ProgramData\TEMP
2010-12-16 20:33:04 ----D---- C:\Windows\rescache
2010-12-16 19:32:15 ----D---- C:\Windows\Microsoft.NET
2010-12-16 19:31:34 ----RSD---- C:\Windows\assembly
2010-12-15 19:55:04 ----D---- C:\Windows\system32\migration
2010-12-15 19:55:04 ----D---- C:\Windows\system32\cs-CZ
2010-12-15 19:55:04 ----D---- C:\Program Files\Windows Mail
2010-12-15 19:55:04 ----D---- C:\Program Files\Internet Explorer
2010-12-15 19:55:03 ----D---- C:\Windows\AppPatch
2010-12-15 19:30:28 ----D---- C:\Windows\Help
2010-12-15 19:28:26 ----A---- C:\Windows\system32\MRT.exe
2010-12-11 22:18:38 ----SD---- C:\ProgramData\Microsoft
2010-12-11 18:41:41 ----D---- C:\Windows\system32\drivers\UMDF
2010-12-02 22:26:01 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
R1 UGM96_AA;Service for ESI UGM96 Controller driver; C:\Windows\system32\DRIVERS\UGMDRV.sys [2009-12-01 51808]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 21072]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2008-07-02 38920]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-03-18 511064]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 528472]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 14424]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 157272]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-03-18 92760]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 798808]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 162904]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-04-01 50688]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 127576]
R3 UGM96_01;Service for ESI UGM96 Audio driver; C:\Windows\system32\DRIVERS\UGMwdm.sys [2009-12-01 27232]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2008-01-21 14856]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2008-07-02 29960]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2010-03-18 347144]
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-12-11 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-12-11 25512]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 189528]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 169064]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 49400]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG10\avgfws.exe [2010-11-22 3226632]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2010-08-29 775168]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-11-28 28762]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-03-25 3622912]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-08-01 69735]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-21 79360]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-16 1343400]

-----------------EOF-----------------

Re: Kontrola logu

Napsal: 30 pro 2010 22:38
od Roli
Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

HJT najdeš zde :

C:\Program Files\trend micro\Marek.exe

Fix znamená že spustíš HJT Obrázek jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

My Web Search Service

NBService

NMIndexingService

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Pak použij Mbam z mého podpisu a dej mi sem z něj log dříve než něco smažeš, pokud něco najde.

Re: Kontrola logu

Napsal: 31 pro 2010 14:34
od marek23275111
Vše jsem udělal a yde je log z MBAM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5427

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31.12.2010 14:32:11
mbam-log-2010-12-31 (14-32-00).txt

Typ kontroly: Rychlý test
Testované objekty: 135179
Uplynulý čas: 1 minut, 58 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 13
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\uninstall fun web products.dll (Adware.MyWebSearch) -> No action taken.
c:\$Recycle.Bin\s-1-5-21-3855398630-1744261165-1773741348-1000\$R3VRZTD.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
c:\$Recycle.Bin\s-1-5-21-3855398630-1744261165-1773741348-1000\$R3VRZTD.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.

Re: Kontrola logu

Napsal: 31 pro 2010 17:53
od Roli
Vše co Mbam našel nech smazat.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

Re: Kontrola logu

Napsal: 31 pro 2010 21:12
od marek23275111
Zde je prosím ten log z C Fixu



ComboFix 10-12-31.01 - Marek 31.12.2010 20:59:04.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2046.1394 [GMT 1:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Marek\AppData\Local\Temp\429B.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-31 )))))))))))))))))))))))))))))))
.

2010-12-31 20:02 . 2010-12-31 20:04 -------- d-----w- c:\users\Marek\AppData\Local\temp
2010-12-31 20:02 . 2010-12-31 20:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-31 19:14 . 2010-12-31 19:14 -------- d-----w- c:\program files\Common Files\Adobe
2010-12-31 19:13 . 2010-12-31 19:13 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-12-31 19:13 . 2010-12-31 19:13 -------- d-----w- c:\users\Marek\AppData\Local\Adobe
2010-12-31 19:11 . 2010-11-29 09:41 35136 ----a-w- c:\program files\Mozilla Firefox\plugins\np_gp.dll
2010-12-31 19:11 . 2010-12-31 19:12 -------- d-----w- c:\programdata\NOS
2010-12-31 19:11 . 2010-12-31 19:11 -------- d-----w- c:\program files\NOS
2010-12-31 17:03 . 2010-12-31 17:04 -------- d-----w- c:\program files\eLicenser
2010-12-31 17:03 . 2010-12-31 17:03 -------- d-----w- c:\programdata\eLicenser
2010-12-31 17:03 . 2010-12-31 17:03 -------- d-----w- c:\program files\Syncrosoft
2010-12-31 17:03 . 2009-05-19 15:21 86016 ----a-w- c:\windows\system32\SYNSOPOS.exe
2010-12-31 16:49 . 2010-12-31 16:49 -------- d-----w- c:\users\Marek\AppData\Local\Diagnostics
2010-12-31 13:19 . 2010-12-31 13:19 -------- d-----w- c:\users\Marek\AppData\Roaming\Malwarebytes
2010-12-31 13:19 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-31 13:19 . 2010-12-31 13:19 -------- d-----w- c:\programdata\Malwarebytes
2010-12-31 13:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-31 13:19 . 2010-12-31 13:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-30 19:52 . 2010-12-30 19:52 -------- d-----w- c:\users\Marek\AppData\Roaming\VST3 Presets
2010-12-30 19:51 . 2010-12-30 19:51 -------- d-----w- c:\program files\Common Files\VST3
2010-12-30 18:07 . 2010-12-31 13:13 -------- d-----w- c:\program files\trend micro
2010-12-30 18:07 . 2010-12-30 18:07 -------- d-----w- C:\rsit
2010-12-30 17:30 . 2010-12-30 17:30 -------- d-----w- c:\users\Marek\AppData\Local\bluesoleil
2010-12-24 12:09 . 2010-12-24 12:09 -------- d-----w- c:\program files\Avanquest update
2010-12-24 09:29 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2010-12-24 09:29 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2010-12-24 09:29 . 2010-12-24 09:29 -------- d-----w- c:\programdata\Samsung
2010-12-24 09:28 . 2010-07-04 18:07 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2010-12-24 09:28 . 2010-06-14 08:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2010-12-24 09:28 . 2010-06-14 08:32 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2010-12-24 09:28 . 2010-12-24 10:47 -------- d-----w- c:\users\Marek\AppData\Roaming\Samsung
2010-12-24 09:27 . 2010-12-24 10:56 -------- d-----w- c:\program files\Samsung
2010-12-22 20:06 . 2010-12-25 14:37 -------- d-----w- c:\users\Marek\AppData\Roaming\vghd
2010-12-22 18:58 . 2010-12-30 17:17 -------- d-----w- c:\users\Marek\AppData\Local\Ahead
2010-12-22 18:54 . 2010-12-22 20:04 -------- d-----w- c:\users\Marek\AppData\Roaming\Ahead
2010-12-22 18:54 . 2010-12-22 18:54 -------- d-----w- c:\programdata\Ahead
2010-12-22 18:53 . 2010-12-22 18:53 -------- d-----w- c:\program files\Common Files\Ahead
2010-12-22 18:53 . 2010-12-22 18:53 -------- d-----w- c:\programdata\Nero
2010-12-22 18:53 . 2010-12-22 18:53 -------- d-----w- c:\program files\Nero
2010-12-21 19:08 . 2010-12-25 14:45 -------- d-----w- c:\program files\CCleaner
2010-12-20 15:30 . 2010-12-20 15:30 -------- d-----w- c:\users\Marek\AppData\Roaming\FastStone
2010-12-20 15:29 . 2010-12-20 15:30 -------- d-----w- c:\program files\FastStone Image Viewer
2010-12-19 18:59 . 2010-12-19 18:59 -------- d-----w- c:\program files\TomTom HOME 2
2010-12-19 17:17 . 2010-12-19 17:17 -------- d-----w- c:\users\Marek\AppData\Roaming\VitySoft
2010-12-15 18:58 . 2010-12-15 18:58 -------- d-----w- c:\programdata\NVIDIA
2010-12-15 18:30 . 2010-12-15 18:30 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-12-15 18:30 . 2010-12-15 18:30 -------- d-----w- c:\program files\NVIDIA Corporation
2010-12-15 18:29 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-12-15 18:29 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-15 18:15 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-12-15 18:15 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll
2010-12-15 18:15 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-12-15 18:15 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-12-15 18:15 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-12-15 18:14 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-12-15 18:14 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-12-15 18:14 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-12-15 18:14 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-12-15 18:14 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-12-15 18:14 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-12-15 18:14 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-12-15 18:14 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-12-15 18:14 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-12-15 18:14 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-12-15 18:14 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-12-15 18:14 . 2010-04-07 07:10 571904 ----a-w- c:\windows\system32\oleaut32.dll
2010-12-15 18:13 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\programdata\TomTom
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\users\Marek\AppData\Roaming\TomTom
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\users\Marek\AppData\Local\TomTom
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\program files\TomTom International B.V
2010-12-14 16:47 . 2010-12-14 16:47 -------- d-----w- c:\program files\TomTom DesktopSuite
2010-12-14 13:50 . 2010-12-14 13:50 -------- d-----w- c:\users\Marek\AppData\Roaming\VS Revo Group
2010-12-14 12:54 . 2010-12-14 12:54 -------- d-----w- c:\users\Marek\dwhelper
2010-12-14 12:05 . 2010-12-14 12:06 -------- d-----w- c:\program files\MagicISO
2010-12-13 20:02 . 2010-12-20 17:59 5 ----a-w- c:\windows\treeskp.sys
2010-12-13 19:29 . 2010-12-20 17:59 5 ----a-w- c:\windows\sbacknt.bin
2010-12-13 19:29 . 2010-12-13 20:05 152904 ----a-w- c:\windows\system32\vghd.scr
2010-12-12 22:09 . 2010-12-12 22:09 -------- d-----w- c:\program files\Common Files\Totem Shared
2010-12-11 21:44 . 2010-12-11 21:44 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-12-11 21:44 . 2010-12-11 21:44 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-12-11 21:44 . 2010-12-11 21:44 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-12-11 21:43 . 2010-12-11 21:43 -------- d-----w- c:\program files\Common Files\Java
2010-12-11 21:42 . 2010-12-11 21:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-11 21:42 . 2010-12-11 21:42 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-11 21:41 . 2010-12-11 21:41 -------- d-----w- c:\program files\Java
2010-12-11 21:18 . 2010-12-11 21:18 -------- d-----w- c:\programdata\BVRP Software
2010-12-11 21:18 . 2010-12-24 12:19 -------- d-----w- c:\users\Marek\AppData\Local\Sony Ericsson
2010-12-02 20:21 . 2010-12-31 19:12 -------- d-----w- c:\program files\Google
2010-12-02 16:34 . 2010-12-02 16:34 -------- d-----w- c:\program files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 17:15 . 2010-11-18 17:15 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-18 17:15 . 2010-11-18 17:15 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-11-18 17:15 . 2010-11-18 17:15 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-11-02 04:39 . 2010-12-15 18:00 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-15 18:00 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-19 09:41 . 2010-11-15 19:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 07:41 . 2010-11-15 19:32 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A97FE7C0-884F-41CC-9841-77097CAC49A7}\mpengine.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UGMPan.exe"="UGMPan.exe" [2009-12-01 326240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2010-03-18 18:17 19456 ----a-w- c:\windows\System32\CtHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-31 136176]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-21 79360]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-12-11 13224]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-16 1343400]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
S1 UGM96_AA;Service for ESI UGM96 Controller driver;c:\windows\system32\DRIVERS\UGMDRV.sys [2009-12-01 51808]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-03-25 3622912]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-01 50688]
S3 UGM96_01;Service for ESI UGM96 Audio driver;c:\windows\system32\DRIVERS\UGMwdm.sys [2009-12-01 27232]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2010-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-31 19:12]

2010-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-31 19:12]

2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3855398630-1744261165-1773741348-1000Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-16 12:24]

2010-12-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3855398630-1744261165-1773741348-1000UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-16 12:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {4F4589AA-ED4C-4A84-AF6B-9106E273F651} = 192.168.0.2
TCP: {D8E6B093-BE70-410A-978B-DF8FC839E346} = 10.0.150.150,213.195.202.5
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\1uwn3dt3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-NPSStartup - (no file)
MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
AddRemove-ESI- UGM96 Audio Driver Setup - c:\program files\ESI\UGM96\uninst.exe Software\ESI\UGM96\Setup
AddRemove-Advanced Archive Password Recovery - c:\program files\ElcomSoft\Advanced Archive Password Recovery\uninstall.exe


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1468)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\UGMPan.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-12-31 21:06:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-31 20:06

Před spuštěním: Volných bajtů: 36 339 650 560
Po spuštění: Volných bajtů: 36 040 581 120

- - End Of File - - 886CA24D2033DB759E3E23347CF6BDAC

Re: Kontrola logu

Napsal: 01 led 2011 19:08
od Roli
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Re: Kontrola logu

Napsal: 02 led 2011 12:40
od marek23275111
omlouvám se za zpořdění

zde je ten log


ComboFix 11-01-01.02 - Marek 02.01.2011 12:28:35.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2046.1430 [GMT 1:00]
Spuštěný z: c:\users\Marek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Marek\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-02 do 2011-01-02 )))))))))))))))))))))))))))))))
.

2011-01-02 11:32 . 2011-01-02 11:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-01 10:00 . 2011-01-01 10:00 -------- d-----w- c:\programdata\VST3 Presets
2011-01-01 09:49 . 2011-01-01 09:49 -------- d-----w- c:\program files\Common Files\Steinberg
2011-01-01 09:38 . 2011-01-01 09:38 -------- d-----w- c:\program files\Steinberg
2010-12-31 20:56 . 2010-12-31 20:56 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-12-31 20:46 . 2010-12-31 20:46 -------- d-----w- c:\programdata\Syncrosoft
2010-12-31 20:33 . 2010-12-31 21:01 -------- d-----w- c:\program files\Real
2010-12-31 20:20 . 2010-12-31 20:20 -------- d-----w- c:\program files\AVG
2010-12-31 20:02 . 2011-01-02 11:32 -------- d-----w- c:\users\Marek\AppData\Local\temp
2010-12-31 19:14 . 2010-12-31 19:14 -------- d-----w- c:\program files\Common Files\Adobe
2010-12-31 19:13 . 2010-12-31 19:13 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-12-31 19:13 . 2010-12-31 21:10 -------- d-----w- c:\users\Marek\AppData\Local\Adobe
2010-12-31 19:11 . 2010-11-29 09:41 35136 ----a-w- c:\program files\Mozilla Firefox\plugins\np_gp.dll
2010-12-31 19:11 . 2010-12-31 19:12 -------- d-----w- c:\programdata\NOS
2010-12-31 19:11 . 2010-12-31 19:11 -------- d-----w- c:\program files\NOS
2010-12-31 17:03 . 2010-12-31 20:55 -------- d-----w- c:\programdata\eLicenser
2010-12-31 17:03 . 2009-05-19 15:21 86016 ------w- c:\windows\system32\SYNSOPOS.exe
2010-12-31 16:49 . 2010-12-31 16:49 -------- d-----w- c:\users\Marek\AppData\Local\Diagnostics
2010-12-31 13:19 . 2010-12-31 13:19 -------- d-----w- c:\users\Marek\AppData\Roaming\Malwarebytes
2010-12-31 13:19 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-31 13:19 . 2010-12-31 13:19 -------- d-----w- c:\programdata\Malwarebytes
2010-12-31 13:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-31 13:19 . 2010-12-31 13:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-30 19:52 . 2010-12-30 19:52 -------- d-----w- c:\users\Marek\AppData\Roaming\VST3 Presets
2010-12-30 19:51 . 2010-12-30 19:51 -------- d-----w- c:\program files\Common Files\VST3
2010-12-30 18:07 . 2010-12-31 13:13 -------- d-----w- c:\program files\trend micro
2010-12-30 18:07 . 2010-12-30 18:07 -------- d-----w- C:\rsit
2010-12-30 17:30 . 2010-12-30 17:30 -------- d-----w- c:\users\Marek\AppData\Local\bluesoleil
2010-12-24 12:09 . 2010-12-24 12:09 -------- d-----w- c:\program files\Avanquest update
2010-12-24 09:29 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2010-12-24 09:29 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2010-12-24 09:29 . 2010-12-24 09:29 -------- d-----w- c:\programdata\Samsung
2010-12-24 09:28 . 2010-07-04 18:07 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2010-12-24 09:28 . 2010-06-14 08:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2010-12-24 09:28 . 2010-06-14 08:32 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2010-12-24 09:28 . 2010-12-24 10:47 -------- d-----w- c:\users\Marek\AppData\Roaming\Samsung
2010-12-24 09:27 . 2010-12-24 10:56 -------- d-----w- c:\program files\Samsung
2010-12-22 20:06 . 2010-12-25 14:37 -------- d-----w- c:\users\Marek\AppData\Roaming\vghd
2010-12-22 18:58 . 2010-12-30 17:17 -------- d-----w- c:\users\Marek\AppData\Local\Ahead
2010-12-22 18:54 . 2010-12-22 20:04 -------- d-----w- c:\users\Marek\AppData\Roaming\Ahead
2010-12-22 18:54 . 2010-12-22 18:54 -------- d-----w- c:\programdata\Ahead
2010-12-22 18:53 . 2010-12-22 18:53 -------- d-----w- c:\program files\Common Files\Ahead
2010-12-22 18:53 . 2010-12-22 18:53 -------- d-----w- c:\programdata\Nero
2010-12-22 18:53 . 2010-12-22 18:53 -------- d-----w- c:\program files\Nero
2010-12-21 19:08 . 2010-12-25 14:45 -------- d-----w- c:\program files\CCleaner
2010-12-20 15:30 . 2010-12-20 15:30 -------- d-----w- c:\users\Marek\AppData\Roaming\FastStone
2010-12-20 15:29 . 2010-12-20 15:30 -------- d-----w- c:\program files\FastStone Image Viewer
2010-12-19 18:59 . 2010-12-19 18:59 -------- d-----w- c:\program files\TomTom HOME 2
2010-12-19 17:17 . 2010-12-19 17:17 -------- d-----w- c:\users\Marek\AppData\Roaming\VitySoft
2010-12-15 18:58 . 2010-12-15 18:58 -------- d-----w- c:\programdata\NVIDIA
2010-12-15 18:30 . 2010-12-15 18:30 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-12-15 18:30 . 2010-12-15 18:30 -------- d-----w- c:\program files\NVIDIA Corporation
2010-12-15 18:29 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-12-15 18:29 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-15 18:15 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-12-15 18:15 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll
2010-12-15 18:15 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-12-15 18:15 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-12-15 18:15 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-12-15 18:14 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-12-15 18:14 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-12-15 18:14 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-12-15 18:14 . 2010-01-18 23:29 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-12-15 18:14 . 2010-01-18 23:29 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-12-15 18:14 . 2010-01-18 23:29 369152 ----a-w- c:\windows\system32\secproc.dll
2010-12-15 18:14 . 2010-01-18 23:28 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-12-15 18:14 . 2010-01-18 23:28 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-12-15 18:14 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-12-15 18:14 . 2010-01-18 23:28 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-12-15 18:14 . 2010-01-18 23:28 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-12-15 18:14 . 2010-04-07 07:10 571904 ----a-w- c:\windows\system32\oleaut32.dll
2010-12-15 18:13 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\programdata\TomTom
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\users\Marek\AppData\Roaming\TomTom
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\users\Marek\AppData\Local\TomTom
2010-12-14 16:50 . 2010-12-14 16:50 -------- d-----w- c:\program files\TomTom International B.V
2010-12-14 16:47 . 2010-12-14 16:47 -------- d-----w- c:\program files\TomTom DesktopSuite
2010-12-14 13:50 . 2010-12-14 13:50 -------- d-----w- c:\users\Marek\AppData\Roaming\VS Revo Group
2010-12-14 12:54 . 2010-12-14 12:54 -------- d-----w- c:\users\Marek\dwhelper
2010-12-14 12:05 . 2010-12-14 12:06 -------- d-----w- c:\program files\MagicISO
2010-12-13 20:02 . 2010-12-20 17:59 5 ----a-w- c:\windows\treeskp.sys
2010-12-13 19:29 . 2010-12-20 17:59 5 ----a-w- c:\windows\sbacknt.bin
2010-12-13 19:29 . 2010-12-13 20:05 152904 ----a-w- c:\windows\system32\vghd.scr
2010-12-12 22:09 . 2010-12-12 22:09 -------- d-----w- c:\program files\Common Files\Totem Shared
2010-12-11 21:44 . 2010-12-11 21:44 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-12-11 21:44 . 2010-12-11 21:44 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-12-11 21:44 . 2010-12-11 21:44 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-12-11 21:43 . 2010-12-11 21:43 -------- d-----w- c:\program files\Common Files\Java
2010-12-11 21:42 . 2010-12-11 21:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-11 21:42 . 2010-12-11 21:42 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-12-11 21:41 . 2010-12-11 21:41 -------- d-----w- c:\program files\Java
2010-12-11 21:18 . 2010-12-11 21:18 -------- d-----w- c:\programdata\BVRP Software
2010-12-11 21:18 . 2010-12-24 12:19 -------- d-----w- c:\users\Marek\AppData\Local\Sony Ericsson

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-31 20:33 . 2010-11-18 17:15 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-12-31 20:33 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-18 17:15 . 2010-11-18 17:15 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-11-18 17:15 . 2010-11-18 17:15 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-11-02 04:39 . 2010-12-15 18:00 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-15 18:00 179712 ----a-w- c:\windows\system32\schtasks.exe
2010-10-19 09:41 . 2010-11-15 19:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-18 07:41 . 2010-11-15 19:32 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A97FE7C0-884F-41CC-9841-77097CAC49A7}\mpengine.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-31 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UGMPan.exe"="UGMPan.exe" [2009-12-01 326240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2010-03-18 18:17 19456 ----a-w- c:\windows\System32\CtHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-31 136176]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-11-21 79360]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-12-11 13224]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-16 1343400]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
S1 UGM96_AA;Service for ESI UGM96 Controller driver;c:\windows\system32\DRIVERS\UGMDRV.sys [2009-12-01 51808]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-03-25 3622912]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-01 50688]
S3 UGM96_01;Service for ESI UGM96 Audio driver;c:\windows\system32\DRIVERS\UGMwdm.sys [2009-12-01 27232]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2011-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-31 19:12]

2011-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-31 19:12]

2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3855398630-1744261165-1773741348-1000Core.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-16 12:24]

2011-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3855398630-1744261165-1773741348-1000UA.job
- c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-16 12:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {4F4589AA-ED4C-4A84-AF6B-9106E273F651} = 192.168.0.2
TCP: {D8E6B093-BE70-410A-978B-DF8FC839E346} = 10.0.150.150,213.195.202.5
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\1uwn3dt3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1068)
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
Celkový čas: 2011-01-02 12:33:27
ComboFix-quarantined-files.txt 2011-01-02 11:33
ComboFix2.txt 2010-12-31 20:06

Před spuštěním: Volných bajtů: 33 044 439 040
Po spuštění: Volných bajtů: 33 000 685 568

- - End Of File - - 7E64F4D3FB8AD15127DAD7547C638F85

Re: Kontrola logu

Napsal: 02 led 2011 21:53
od Roli
V pohodě já mám času dost.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Pak dej vědět jaký je stav PC.

Re: Kontrola logu

Napsal: 02 led 2011 22:06
od marek23275111
Vypadá to,že pc je v pohodě a šlape bezchybně....Moc moc díky za trpělivost se mnou :-))

Re: Kontrola logu

Napsal: 02 led 2011 22:07
od Roli
Není zač.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz