Prosím o pomoc s internetem kohokoli hlavně co nejdříve!!!
Napsal: 30 led 2011 20:54
Problé nastal ihned od nového roku. Padají mi pořád online hry jako např metin2, combar arms. Ráno to skoro vůbec nepadá, ale jak odbije 10hodina ještě ranní tak to jede. tady přikládám log
ComboFix 11-01-29.03 - Noris 30.01.2011 19:58:08.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2048.1350 [GMT 1:00]
Spuštěný z: c:\users\Noris\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Noris\AppData\Roaming\Microsoft\Internet Explorer\qsTAtsrv.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-30 )))))))))))))))))))))))))))))))
.
2011-01-30 19:02 . 2011-01-30 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-30 18:46 . 2011-01-30 18:47 14656 ----a-w- c:\windows\gdrv.sys
2011-01-30 18:29 . 2011-01-30 18:29 -------- d-----w- c:\program files\QIP Infium
2011-01-30 07:54 . 2011-01-30 07:54 -------- d-----w- c:\program files\Win7codecs
2011-01-30 07:45 . 2011-01-30 07:45 -------- d-----w- c:\programdata\Avira
2011-01-30 07:45 . 2011-01-30 07:45 -------- d-----w- c:\program files\Avira
2011-01-30 07:45 . 2010-03-01 09:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-30 07:45 . 2010-02-16 13:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-30 07:45 . 2009-05-11 11:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-01-30 07:45 . 2009-05-11 11:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-01-29 10:11 . 2011-01-29 10:11 -------- d-----w- C:\SWSetup
2011-01-27 19:02 . 2011-01-27 19:02 -------- d-----w- c:\program files\GameTop.com
2011-01-27 15:08 . 2011-01-27 15:08 -------- d-----w- c:\programdata\Nexon
2011-01-25 15:44 . 2011-01-29 14:21 -------- d-----w- c:\users\noris1
2011-01-24 15:51 . 1999-02-26 19:31 45568 ----a-w- c:\windows\UniFish3.exe
2011-01-24 15:04 . 2011-01-24 15:04 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-01-24 14:08 . 2011-01-24 14:17 2829 ----a-w- c:\windows\War3Unin.pif
2011-01-24 14:08 . 2011-01-24 14:17 139264 ----a-w- c:\windows\War3Unin.exe
2011-01-22 14:12 . 2011-01-22 14:12 -------- d-----w- c:\program files\Planet of Cartmans 2
2011-01-22 13:56 . 2011-01-22 13:56 -------- d-----w- C:\Junkman Productions
2011-01-22 11:26 . 2011-01-23 12:09 -------- d-----w- c:\program files\FileZilla FTP Client
2011-01-22 09:24 . 2011-01-22 09:24 -------- d-----w- C:\XAMPP
2011-01-21 18:56 . 2011-01-21 20:38 -------- d-----w- C:\wamp
2011-01-21 17:45 . 2011-01-21 20:37 -------- d-----w- C:\AppServ
2011-01-21 16:12 . 2009-07-10 11:43 1589248 ----a-w- c:\windows\system32\libmysql_d.dll
2011-01-21 13:46 . 2010-12-22 14:31 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-01-21 13:46 . 2011-01-23 12:10 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-21 13:46 . 2010-12-22 14:31 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-01-20 19:02 . 2011-01-20 19:01 205312 ----a-w- c:\windows\system32\Patchw32.dll
2011-01-19 17:55 . 2011-01-19 17:55 -------- d-----w- c:\programdata\Locktime
2011-01-19 17:35 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2011-01-19 17:35 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2011-01-19 17:34 . 2011-01-19 17:34 -------- d-----w- c:\program files\Microsoft Works
2011-01-19 17:34 . 2011-01-19 17:34 -------- d-----w- c:\windows\PCHEALTH
2011-01-19 17:34 . 2011-01-19 17:34 -------- d-----w- c:\program files\Microsoft.NET
2011-01-17 17:09 . 2011-01-29 16:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-01-17 17:09 . 2011-01-17 17:11 -------- d-----w- c:\program files\Valve
2011-01-17 17:09 . 2011-01-29 16:28 -------- d-----w- c:\program files\Common Files\InstallShield
2011-01-17 16:46 . 2011-01-28 20:34 234576 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-01-17 16:29 . 2011-01-17 16:29 -------- d-----w- c:\program files\Zaparit
2011-01-16 17:49 . 2011-01-16 17:49 -------- d-----w- c:\windows\system32\Macromed
2011-01-16 16:06 . 2011-01-16 16:06 -------- d--h--w- c:\windows\PIF
2011-01-16 13:34 . 2011-01-26 13:12 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-01-16 13:34 . 2011-01-28 20:34 234576 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-16 13:34 . 2011-01-17 16:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-01-16 09:00 . 2011-01-16 09:00 -------- d-----w- C:\directx
2011-01-16 08:50 . 2011-01-16 08:50 -------- d-----w- c:\program files\Bonjour
2011-01-16 08:47 . 2011-01-16 08:50 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-16 08:47 . 2011-01-16 08:47 -------- d-----w- c:\program files\VideoLAN
2011-01-16 08:46 . 2011-01-30 07:54 -------- d-----w- c:\programdata\Win7codecs
2011-01-16 08:43 . 2011-01-16 08:43 -------- d-----w- c:\programdata\NVIDIA
2011-01-16 08:42 . 2011-01-16 08:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-01-16 08:42 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-16 08:42 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2011-01-16 08:42 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-16 08:42 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-16 08:42 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-16 08:42 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-16 08:42 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2011-01-16 08:42 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-16 08:42 . 2010-10-16 18:55 1719912 ----a-w- c:\windows\system32\nvapi.dll
2011-01-16 08:42 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-16 08:41 . 2011-01-16 08:42 -------- d-----w- c:\program files\NVIDIA Corporation
2011-01-15 16:17 . 2011-01-15 16:17 -------- d-----w- c:\programdata\Skype
2011-01-15 13:39 . 2011-01-15 13:39 34064 ----a-w- c:\windows\system32\lhacm.acm
2011-01-15 12:01 . 2010-08-29 19:55 3739080 ----a-w- c:\windows\system32\GameMon.des
2011-01-15 12:01 . 2005-01-04 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2011-01-15 12:01 . 2003-07-20 09:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2011-01-15 12:01 . 2011-01-15 12:01 -------- d-----w- c:\program files\Common Files\INCA Shared
2011-01-15 07:45 . 2011-01-30 07:54 -------- d-sh--w- c:\windows\Installer
2011-01-14 20:37 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{96F3ECB5-3803-4679-A4E9-5802AF0D7026}\mpengine.dll
2011-01-14 20:37 . 2010-10-19 09:41 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-14 20:25 . 2011-01-14 20:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-14 20:25 . 2011-01-14 20:25 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-14 20:25 . 2011-01-14 20:25 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-14 20:25 . 2011-01-14 20:25 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-14 20:24 . 2011-01-14 20:26 -------- d-----w- C:\totalcmd
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2011-01-14 20:24 . 2011-01-30 15:27 -------- d-----w- c:\windows\system32\wbem\Performance
2011-01-14 20:23 . 2009-05-27 10:56 457248 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-01-14 20:12 . 2011-01-14 20:22 -------- d-----w- c:\windows\Panther
2011-01-14 20:12 . 2011-01-14 20:12 -------- d-----w- C:\Boot
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-22 14:31 . 2010-12-22 14:31 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Google Update"="c:\users\Noris\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-01-27 136176]
"QIP Internet Guardian"="c:\users\Noris\AppData\Roaming\QipGuard\QipGuard.exe" [2010-10-25 190928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-29 3739080]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-14 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - GDRV
*NewlyCreated* - SSMDRV
.
Obsah adresáře 'Naplánované úlohy'
2011-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1821313145-2016487169-2346408170-1000Core.job
- c:\users\Noris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-27 17:57]
2011-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1821313145-2016487169-2346408170-1000UA.job
- c:\users\Noris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-27 17:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyServer = 192.168.1.1:3128
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Noris\AppData\Roaming\Mozilla\Firefox\Profiles\9h2yyyeq.default\
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: network.proxy.http - 192.168.1.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-NetLimiter - c:\program files\NetLimiter 3\NLClientApp.exe
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-30 20:04:06
ComboFix-quarantined-files.txt 2011-01-30 19:04
Před spuštěním: Volných bajtů: 23 028 342 784
Po spuštění: Volných bajtů: 23 348 809 728
- - End Of File - - 627B5A0F5A785C3DD0F3477F8C8A9E7F
ComboFix 11-01-29.03 - Noris 30.01.2011 19:58:08.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2048.1350 [GMT 1:00]
Spuštěný z: c:\users\Noris\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Noris\AppData\Roaming\Microsoft\Internet Explorer\qsTAtsrv.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-30 )))))))))))))))))))))))))))))))
.
2011-01-30 19:02 . 2011-01-30 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-30 18:46 . 2011-01-30 18:47 14656 ----a-w- c:\windows\gdrv.sys
2011-01-30 18:29 . 2011-01-30 18:29 -------- d-----w- c:\program files\QIP Infium
2011-01-30 07:54 . 2011-01-30 07:54 -------- d-----w- c:\program files\Win7codecs
2011-01-30 07:45 . 2011-01-30 07:45 -------- d-----w- c:\programdata\Avira
2011-01-30 07:45 . 2011-01-30 07:45 -------- d-----w- c:\program files\Avira
2011-01-30 07:45 . 2010-03-01 09:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-30 07:45 . 2010-02-16 13:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-30 07:45 . 2009-05-11 11:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-01-30 07:45 . 2009-05-11 11:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-01-29 10:11 . 2011-01-29 10:11 -------- d-----w- C:\SWSetup
2011-01-27 19:02 . 2011-01-27 19:02 -------- d-----w- c:\program files\GameTop.com
2011-01-27 15:08 . 2011-01-27 15:08 -------- d-----w- c:\programdata\Nexon
2011-01-25 15:44 . 2011-01-29 14:21 -------- d-----w- c:\users\noris1
2011-01-24 15:51 . 1999-02-26 19:31 45568 ----a-w- c:\windows\UniFish3.exe
2011-01-24 15:04 . 2011-01-24 15:04 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-01-24 14:08 . 2011-01-24 14:17 2829 ----a-w- c:\windows\War3Unin.pif
2011-01-24 14:08 . 2011-01-24 14:17 139264 ----a-w- c:\windows\War3Unin.exe
2011-01-22 14:12 . 2011-01-22 14:12 -------- d-----w- c:\program files\Planet of Cartmans 2
2011-01-22 13:56 . 2011-01-22 13:56 -------- d-----w- C:\Junkman Productions
2011-01-22 11:26 . 2011-01-23 12:09 -------- d-----w- c:\program files\FileZilla FTP Client
2011-01-22 09:24 . 2011-01-22 09:24 -------- d-----w- C:\XAMPP
2011-01-21 18:56 . 2011-01-21 20:38 -------- d-----w- C:\wamp
2011-01-21 17:45 . 2011-01-21 20:37 -------- d-----w- C:\AppServ
2011-01-21 16:12 . 2009-07-10 11:43 1589248 ----a-w- c:\windows\system32\libmysql_d.dll
2011-01-21 13:46 . 2010-12-22 14:31 158736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-01-21 13:46 . 2011-01-23 12:10 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-21 13:46 . 2010-12-22 14:31 42960 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-01-20 19:02 . 2011-01-20 19:01 205312 ----a-w- c:\windows\system32\Patchw32.dll
2011-01-19 17:55 . 2011-01-19 17:55 -------- d-----w- c:\programdata\Locktime
2011-01-19 17:35 . 2003-06-19 00:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2011-01-19 17:35 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2011-01-19 17:34 . 2011-01-19 17:34 -------- d-----w- c:\program files\Microsoft Works
2011-01-19 17:34 . 2011-01-19 17:34 -------- d-----w- c:\windows\PCHEALTH
2011-01-19 17:34 . 2011-01-19 17:34 -------- d-----w- c:\program files\Microsoft.NET
2011-01-17 17:09 . 2011-01-29 16:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-01-17 17:09 . 2011-01-17 17:11 -------- d-----w- c:\program files\Valve
2011-01-17 17:09 . 2011-01-29 16:28 -------- d-----w- c:\program files\Common Files\InstallShield
2011-01-17 16:46 . 2011-01-28 20:34 234576 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-01-17 16:29 . 2011-01-17 16:29 -------- d-----w- c:\program files\Zaparit
2011-01-16 17:49 . 2011-01-16 17:49 -------- d-----w- c:\windows\system32\Macromed
2011-01-16 16:06 . 2011-01-16 16:06 -------- d--h--w- c:\windows\PIF
2011-01-16 13:34 . 2011-01-26 13:12 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-01-16 13:34 . 2011-01-28 20:34 234576 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-16 13:34 . 2011-01-17 16:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-01-16 09:00 . 2011-01-16 09:00 -------- d-----w- C:\directx
2011-01-16 08:50 . 2011-01-16 08:50 -------- d-----w- c:\program files\Bonjour
2011-01-16 08:47 . 2011-01-16 08:50 -------- d-----w- c:\program files\Common Files\Adobe
2011-01-16 08:47 . 2011-01-16 08:47 -------- d-----w- c:\program files\VideoLAN
2011-01-16 08:46 . 2011-01-30 07:54 -------- d-----w- c:\programdata\Win7codecs
2011-01-16 08:43 . 2011-01-16 08:43 -------- d-----w- c:\programdata\NVIDIA
2011-01-16 08:42 . 2011-01-16 08:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-01-16 08:42 . 2010-10-16 18:55 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-16 08:42 . 2010-10-16 18:55 813672 ----a-w- c:\windows\system32\nvgenco322030.dll
2011-01-16 08:42 . 2010-10-16 18:55 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-16 08:42 . 2010-10-16 18:55 4837480 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-16 08:42 . 2010-10-16 18:55 2912360 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-16 08:42 . 2010-10-16 18:55 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-16 08:42 . 2010-10-16 18:55 14899816 ----a-w- c:\windows\system32\nvoglv32.dll
2011-01-16 08:42 . 2010-10-16 18:55 10084360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-01-16 08:42 . 2010-10-16 18:55 1719912 ----a-w- c:\windows\system32\nvapi.dll
2011-01-16 08:42 . 2010-10-16 18:55 13019752 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-16 08:41 . 2011-01-16 08:42 -------- d-----w- c:\program files\NVIDIA Corporation
2011-01-15 16:17 . 2011-01-15 16:17 -------- d-----w- c:\programdata\Skype
2011-01-15 13:39 . 2011-01-15 13:39 34064 ----a-w- c:\windows\system32\lhacm.acm
2011-01-15 12:01 . 2010-08-29 19:55 3739080 ----a-w- c:\windows\system32\GameMon.des
2011-01-15 12:01 . 2005-01-04 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2011-01-15 12:01 . 2003-07-20 09:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2011-01-15 12:01 . 2011-01-15 12:01 -------- d-----w- c:\program files\Common Files\INCA Shared
2011-01-15 07:45 . 2011-01-30 07:54 -------- d-sh--w- c:\windows\Installer
2011-01-14 20:37 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{96F3ECB5-3803-4679-A4E9-5802AF0D7026}\mpengine.dll
2011-01-14 20:37 . 2010-10-19 09:41 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-14 20:25 . 2011-01-14 20:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-14 20:25 . 2011-01-14 20:25 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-14 20:25 . 2011-01-14 20:25 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-14 20:25 . 2011-01-14 20:25 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-14 20:24 . 2011-01-14 20:26 -------- d-----w- C:\totalcmd
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2011-01-14 20:24 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2011-01-14 20:24 . 2011-01-30 15:27 -------- d-----w- c:\windows\system32\wbem\Performance
2011-01-14 20:23 . 2009-05-27 10:56 457248 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-01-14 20:12 . 2011-01-14 20:22 -------- d-----w- c:\windows\Panther
2011-01-14 20:12 . 2011-01-14 20:12 -------- d-----w- C:\Boot
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-22 14:31 . 2010-12-22 14:31 109328 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Google Update"="c:\users\Noris\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-01-27 136176]
"QIP Internet Guardian"="c:\users\Noris\AppData\Roaming\QipGuard\QipGuard.exe" [2010-10-25 190928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-29 3739080]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 109328]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-01-14 691696]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - GDRV
*NewlyCreated* - SSMDRV
.
Obsah adresáře 'Naplánované úlohy'
2011-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1821313145-2016487169-2346408170-1000Core.job
- c:\users\Noris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-27 17:57]
2011-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1821313145-2016487169-2346408170-1000UA.job
- c:\users\Noris\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-27 17:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyServer = 192.168.1.1:3128
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Noris\AppData\Roaming\Mozilla\Firefox\Profiles\9h2yyyeq.default\
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: network.proxy.http - 192.168.1.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-NetLimiter - c:\program files\NetLimiter 3\NLClientApp.exe
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-01-30 20:04:06
ComboFix-quarantined-files.txt 2011-01-30 19:04
Před spuštěním: Volných bajtů: 23 028 342 784
Po spuštění: Volných bajtů: 23 348 809 728
- - End Of File - - 627B5A0F5A785C3DD0F3477F8C8A9E7F
