podivně chovající se internet

Zpráva

msn · #1 Příspěvek od **msn** » 01 zář 2011 19:00

Na mém počítači se vyskytl problém který se vyznačuje tím ,že při startu počítače nelze zapnout firefox, najede až tak po minutě s tím že i internet se načítá tímhle způsobem (dlouho nefunguje skoro vůbec ale pak se rozjede jako by nebyl žádný problém)
I po projetím kasperským se tento jev vyskytuje i na ostatních prohlížečích či na qipu.
Za jakoukoliv pomoc předem děkuji
Výpis z combofixu před kasperským

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Dan\Data aplikací\10.tmp
c:\documents and settings\Dan\Data aplikací\11.tmp
c:\documents and settings\Dan\Data aplikací\12.tmp
c:\documents and settings\Dan\Data aplikací\13.tmp
c:\documents and settings\Dan\Data aplikací\14.tmp
c:\documents and settings\Dan\Data aplikací\15.tmp
c:\documents and settings\Dan\Data aplikací\17.tmp
c:\documents and settings\Dan\Data aplikací\18.tmp
c:\documents and settings\Dan\Data aplikací\296.tmp
c:\documents and settings\Dan\Data aplikací\297.tmp
c:\documents and settings\Dan\Data aplikací\2B.tmp
c:\documents and settings\Dan\Data aplikací\2C.tmp
c:\documents and settings\Dan\Data aplikací\2E0C.tmp
c:\documents and settings\Dan\Data aplikací\2E0D.tmp
c:\documents and settings\Dan\Data aplikací\2E42.tmp
c:\documents and settings\Dan\Data aplikací\2E43.tmp
c:\documents and settings\Dan\Data aplikací\4.tmp
c:\documents and settings\Dan\Data aplikací\5.tmp
c:\documents and settings\Dan\Data aplikací\6.tmp
c:\documents and settings\Dan\Data aplikací\6471.tmp
c:\documents and settings\Dan\Data aplikací\6472.tmp
c:\documents and settings\Dan\Data aplikací\7.tmp
c:\documents and settings\Dan\Data aplikací\8.tmp
c:\documents and settings\Dan\Data aplikací\9.tmp
c:\documents and settings\Dan\Data aplikací\A.tmp
c:\documents and settings\Dan\Data aplikací\B9.tmp
c:\documents and settings\Dan\Data aplikací\BA.tmp
c:\documents and settings\Dan\Data aplikací\C7.tmp
c:\documents and settings\Dan\Data aplikací\C8.tmp
c:\documents and settings\Dan\Data aplikací\C9.tmp
c:\documents and settings\Dan\Data aplikací\CABC.tmp
c:\documents and settings\Dan\Data aplikací\CABD.tmp
c:\documents and settings\Dan\Data aplikací\CABE.tmp
c:\documents and settings\Dan\Data aplikací\CAC1.tmp
c:\documents and settings\Dan\Data aplikací\CAC2.tmp
c:\documents and settings\Dan\Data aplikací\CAC5.tmp
c:\documents and settings\Dan\Data aplikací\CAC6.tmp
c:\documents and settings\Dan\Data aplikací\CAF0.tmp
c:\documents and settings\Dan\Data aplikací\CAF1.tmp
c:\documents and settings\Dan\Data aplikací\CAF2.tmp
c:\documents and settings\Dan\Data aplikací\CAF7.tmp
c:\documents and settings\Dan\Data aplikací\D.tmp
c:\documents and settings\Dan\Data aplikací\E.tmp
c:\documents and settings\Dan\Data aplikací\F.tmp
c:\documents and settings\Dan\Data aplikací\FB0.tmp
c:\windows\ehome\medctrro.exe
c:\windows\regedit.com
c:\windows\system32\mfc100deu.dll
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\rundll16.exe
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\logo1_.exe
2011-09-01 08:32 . 2011-09-01 08:32 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Download Manager
2011-08-31 16:02 . 2011-08-31 16:02 -------- d-----w- c:\documents and settings\Dan\riotsGamesLogs
2011-08-31 15:06 . 2011-08-31 15:06 -------- d-----w- c:\documents and settings\Dan\Data aplikací\LolClient
2011-08-31 12:50 . 2011-09-01 10:02 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PMB Files
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\program files\Pando Networks
2011-08-30 08:35 . 2011-08-30 08:35 -------- d-----w- c:\program files\Microsoft XNA
2011-08-26 11:08 . 2011-08-27 18:47 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\dxhr
2011-08-26 11:03 . 2011-08-26 11:03 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\28050
2011-08-23 14:29 . 2008-04-13 22:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-08-23 14:29 . 2008-04-13 22:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-08-21 07:56 . 2011-08-21 07:56 -------- d--h--r- c:\documents and settings\Dan\Data aplikací\SecuROM
2011-08-21 07:55 . 2011-08-21 07:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\drivers\umdf
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\xlive
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-08-20 15:21 . 2011-08-20 15:23 -------- d-----w- c:\program files\Balance
2011-08-18 06:06 . 2011-08-18 06:06 -------- d-----w- c:\documents and settings\Dan\dwhelper
2011-08-14 12:10 . 2011-08-14 12:10 -------- d--h--w- c:\windows\PIF
2011-08-14 08:53 . 2011-08-14 08:53 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-14 08:20 . 2011-08-14 08:20 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Ubisoft
2011-08-14 08:18 . 2011-08-14 08:18 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\PunkBuster
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\program files\Ubisoft
2011-08-14 07:16 . 2011-08-14 07:16 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-14 07:16 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Spyware Terminator
2011-08-14 06:52 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\LogFiles
2011-08-14 06:52 . 2011-08-14 08:18 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-14 06:52 . 2011-08-14 06:52 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PunkBuster
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-19 11:05 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-21 07:41 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-09-01 08:15 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-15 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-09-01 09:55 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-08-08 16:57 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-08-08 16:57 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-08-08 16:57 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 08:34 . 2011-09-01 08:34 6224778 ----a-w- c:\windows\REGBK01.ZIP
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-14_16.05.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-01 08:14 . 2011-09-01 08:14 16384 c:\windows\temp\Perflib_Perfdata_2d8.dat
+ 2006-09-28 16:56 . 2006-09-28 16:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-28 18:13 . 2006-09-28 18:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 09:51 . 2006-11-02 09:51 39936 c:\windows\system32\wpdshextres.dll
+ 2006-10-18 18:00 . 2006-10-18 18:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 33792 c:\windows\system32\wmdmlog.dll
+ 2011-08-21 07:54 . 2006-09-15 23:05 14640 c:\windows\system32\spmsg.dll
- 2001-10-25 12:00 . 2011-08-13 19:52 75486 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2011-08-19 05:27 75486 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2011-08-19 05:27 89144 c:\windows\system32\perfc005.dat
- 2001-10-25 12:00 . 2011-08-13 19:52 89144 c:\windows\system32\perfc005.dat
+ 2004-08-17 13:49 . 2006-10-18 19:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2004-08-17 13:49 . 2008-05-19 04:33 18944 c:\windows\system32\msisip.dll
+ 2004-08-17 13:49 . 2008-05-18 23:57 95744 c:\windows\system32\msiexec.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 11264 c:\windows\system32\LAPRXY.dll
+ 2006-09-28 17:00 . 2006-09-28 17:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 16:55 . 2006-09-28 16:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2006-10-18 18:00 . 2006-10-18 18:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2004-08-17 13:49 . 2006-10-18 19:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2008-05-19 04:33 . 2008-05-19 04:33 18944 c:\windows\system32\dllcache\msisip.dll
+ 2008-05-18 23:57 . 2008-05-18 23:57 95744 c:\windows\system32\dllcache\msiexec.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 11264 c:\windows\system32\dllcache\LAPRXY.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 17920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Video\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Video.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 20992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Storage\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Storage.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 54272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Net\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Net.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 23040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Input.Touch\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Input.Touch.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 71680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.GamerServices\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.GamerServices.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 24576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Avatar\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Avatar.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 75776 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework.Xact\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Xact.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 75264 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework.Game\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Game.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmvdmod.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 19:47 . 2006-10-18 19:47 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmsdmod.dll
+ 2006-10-18 19:58 . 2006-10-18 19:58 8704 c:\windows\system32\wdfmgr.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-10-18 19:58 . 2006-10-18 19:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-17 13:48 . 2008-04-16 23:43 2560 c:\windows\system32\msimsg.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2008-04-16 23:43 . 2008-04-16 23:43 2560 c:\windows\system32\dllcache\msimsg.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\MP43DMOD.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 18:23 . 2007-11-06 18:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-10-22 02:55 . 2008-10-22 02:55 134144 c:\windows\system32\xlive\sqmapi.dll
+ 2006-09-28 16:56 . 2006-09-28 16:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-09-28 16:56 . 2006-09-28 16:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56 . 2006-09-28 16:56 146432 c:\windows\system32\WudfHost.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 154624 c:\windows\system32\wpdmtp.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 937984 c:\windows\system32\WMNetMgr.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 157184 c:\windows\system32\wmidx.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 222208 c:\windows\system32\WMASF.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 757248 c:\windows\system32\WMADMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 211456 c:\windows\system32\qasf.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2001-10-25 12:00 . 2011-08-19 05:27 455512 c:\windows\system32\perfh009.dat
- 2001-10-25 12:00 . 2011-08-13 19:52 455512 c:\windows\system32\perfh009.dat
- 2001-10-25 12:00 . 2011-08-13 19:52 451388 c:\windows\system32\perfh005.dat
+ 2001-10-25 12:00 . 2011-08-19 05:27 451388 c:\windows\system32\perfh005.dat
+ 2004-08-17 13:49 . 2006-10-18 19:47 321536 c:\windows\system32\mswmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 414208 c:\windows\system32\msscp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 175616 c:\windows\system32\mspmsp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 179712 c:\windows\system32\msnetobj.dll
+ 2004-08-17 13:49 . 2008-05-19 04:33 332800 c:\windows\system32\msihnd.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 212992 c:\windows\system32\MFPLAT.dll
+ 2011-08-15 18:22 . 2011-08-15 18:22 243360 c:\windows\system32\Macromed\Flash\FlashUtil10v_Plugin.exe
+ 2004-08-17 13:49 . 2006-10-18 18:03 100864 c:\windows\system32\logagent.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-10-18 18:00 . 2006-10-18 18:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 671232 c:\windows\system32\drivers\umdf\wpdmtpdr.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 603648 c:\windows\system32\dllcache\WMSPDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 937984 c:\windows\system32\dllcache\WMNetMgr.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 222208 c:\windows\system32\dllcache\WMASF.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 321536 c:\windows\system32\dllcache\mswmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 414208 c:\windows\system32\dllcache\msscp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 175616 c:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2008-05-19 04:33 . 2008-05-19 04:33 332800 c:\windows\system32\dllcache\msihnd.dll
+ 2004-08-17 13:49 . 2006-10-18 18:03 100864 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 991744 c:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 229376 c:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 542720 c:\windows\system32\dllcache\blackbox.dll
- 2011-08-08 17:28 . 2008-07-10 09:01 467984 c:\windows\system32\d3dx10_39.dll
+ 2011-08-08 17:28 . 2008-07-12 06:18 467984 c:\windows\system32\d3dx10_39.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 229376 c:\windows\system32\cewmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 542720 c:\windows\system32\blackbox.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 276992 c:\windows\system32\audiodev.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 672768 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 427008 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework.Graphics\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Graphics.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 751616 c:\windows\Installer\5669f5.msi
+ 2011-08-21 07:54 . 2011-08-21 07:54 850944 c:\windows\Installer\29a4cc.msi
+ 2011-08-21 07:55 . 2011-08-21 07:55 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 2450944 c:\windows\system32\wmvcore.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2007-08-27 13:41 . 2007-08-27 13:41 1089440 c:\windows\system32\msidcrl40.dll
+ 2004-08-17 13:49 . 2008-05-19 04:33 4445184 c:\windows\system32\msi.dll
+ 2011-08-08 17:10 . 2011-08-15 18:22 6277280 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 2450944 c:\windows\system32\dllcache\wmvcore.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2008-05-19 04:33 . 2008-05-19 04:33 4445184 c:\windows\system32\dllcache\msi.dll
+ 2011-08-08 17:28 . 2008-07-12 06:18 3851784 c:\windows\system32\D3DX9_39.dll
- 2011-08-08 17:28 . 2008-07-10 09:00 3851784 c:\windows\system32\D3DX9_39.dll
- 2011-08-08 17:28 . 2008-07-10 09:00 1493528 c:\windows\system32\D3DCompiler_39.dll
+ 2011-08-08 17:28 . 2008-07-12 06:18 1493528 c:\windows\system32\D3DCompiler_39.dll
+ 2011-08-21 07:56 . 2011-08-21 07:56 1130496 c:\windows\Installer\29aa5f.msi
+ 2011-08-21 07:55 . 2011-08-21 07:55 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-22 03:29 . 2008-10-22 03:29 13643936 c:\windows\system32\xlivefnt.dll
+ 2008-10-22 03:29 . 2008-10-22 03:29 14303392 c:\windows\system32\xlive.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-31 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\games\\game001\\assasins creed\\ACBSP.exe"=
"g:\\games\\game001\\assasins creed\\ACBMP.exe"=
"g:\\games\\game001\\assasins creed\\AssassinsCreedBrotherhood.exe"=
"g:\\games\\game001\\assasins creed\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"g:\\games\\game002\\gta iv\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56397:TCP"= 56397:TCP:Pando Media Booster
"56397:UDP"= 56397:UDP:Pando Media Booster
.
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2011 9:16 142592]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60327&qkw=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 12:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-362288127-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:8c,2e,09,a0,6c,ed,cd,23,3f,1a,1d,b4,26,df,5b,09,f1,89,39,30,ae,
a7,04,83,25,5d,2a,9b,a2,80,e6,44,27,40,3e,b6,eb,5f,8d,b4,0e,e3,96,18,4c,8e,\
"rkeysecu"=hex:45,39,73,f9,77,bc,e2,03,96,e8,03,ee,27,7f,a0,2f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2011-09-01 12:03:02
ComboFix-quarantined-files.txt 2011-09-01 10:03
ComboFix2.txt 2011-08-14 17:07
ComboFix3.txt 2011-08-14 16:06
ComboFix4.txt 2011-08-13 20:50
.
Před spuštěním: Volných bajtů: 10 525 405 184
Po spuštění: Volných bajtů: 10 976 387 072
.
- - End Of File - - AC7730DA92739085C7AEC5107E7BAE71

Výpis z kasperského
Status: Absent (events: 4)
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Data aplikací\295.tmp.vir.mwt High
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Data aplikací\2A.tmp.vir.mwt High
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Data aplikací\1C5.tmp.vir.mwt High
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\WINDOWS\aadrive32.exe.vir.mwt High
Status: Deleted (events: 2)
1.9.2011 19:34:11 Deleted Trojan program Trojan.Win32.Chifrax.a H:\System Volume Information\_restore{6DB0D8DB-99DE-4C0E-BB5A-A283A0E0334F}\RP21\A0005546.exe High

Výpis z combofixu po kasperském

((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\rundll16.exe
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\logo1_.exe
2011-09-01 08:32 . 2011-09-01 08:32 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Download Manager
2011-08-31 16:02 . 2011-08-31 16:02 -------- d-----w- c:\documents and settings\Dan\riotsGamesLogs
2011-08-31 15:06 . 2011-08-31 15:06 -------- d-----w- c:\documents and settings\Dan\Data aplikací\LolClient
2011-08-31 12:50 . 2011-09-01 10:02 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PMB Files
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\program files\Pando Networks
2011-08-30 08:35 . 2011-08-30 08:35 -------- d-----w- c:\program files\Microsoft XNA
2011-08-26 11:08 . 2011-08-27 18:47 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\dxhr
2011-08-26 11:03 . 2011-08-26 11:03 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\28050
2011-08-23 14:29 . 2008-04-13 22:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-08-23 14:29 . 2008-04-13 22:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-08-21 07:56 . 2011-08-21 07:56 -------- d--h--r- c:\documents and settings\Dan\Data aplikací\SecuROM
2011-08-21 07:55 . 2011-08-21 07:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\drivers\umdf
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\xlive
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-08-20 15:21 . 2011-08-20 15:23 -------- d-----w- c:\program files\Balance
2011-08-18 06:06 . 2011-08-18 06:06 -------- d-----w- c:\documents and settings\Dan\dwhelper
2011-08-14 12:10 . 2011-08-14 12:10 -------- d--h--w- c:\windows\PIF
2011-08-14 08:53 . 2011-08-14 08:53 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-14 08:20 . 2011-08-14 08:20 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Ubisoft
2011-08-14 08:18 . 2011-08-14 08:18 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\PunkBuster
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\program files\Ubisoft
2011-08-14 07:16 . 2011-08-14 07:16 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-14 07:16 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Spyware Terminator
2011-08-14 06:52 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\LogFiles
2011-08-14 06:52 . 2011-08-14 08:18 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-14 06:52 . 2011-08-14 06:52 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PunkBuster
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-19 11:05 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-21 07:41 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-09-01 08:15 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-15 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-09-01 09:55 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-08-08 16:57 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-08-08 16:57 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-08-08 16:57 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 08:34 . 2011-09-01 08:34 6224778 ----a-w- c:\windows\REGBK01.ZIP
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-31 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\games\\game001\\assasins creed\\ACBSP.exe"=
"g:\\games\\game001\\assasins creed\\ACBMP.exe"=
"g:\\games\\game001\\assasins creed\\AssassinsCreedBrotherhood.exe"=
"g:\\games\\game001\\assasins creed\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"g:\\games\\game002\\gta iv\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56397:TCP"= 56397:TCP:Pando Media Booster
"56397:UDP"= 56397:UDP:Pando Media Booster
.
R0 08183081;08183081;c:\windows\system32\drivers\08183081.sys [1.9.2011 15:45 133208]
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2011 9:16 142592]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 08183081
*NewlyCreated* - 2397377DRV
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60327&qkw=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 19:50
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-362288127-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:8c,2e,09,a0,6c,ed,cd,23,3f,1a,1d,b4,26,df,5b,09,f1,89,39,30,ae,
a7,04,83,25,5d,2a,9b,a2,80,e6,44,27,40,3e,b6,eb,5f,8d,b4,0e,e3,96,18,4c,8e,\
"rkeysecu"=hex:45,39,73,f9,77,bc,e2,03,96,e8,03,ee,27,7f,a0,2f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(4804)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-09-01 19:51:18
ComboFix-quarantined-files.txt 2011-09-01 17:51
ComboFix2.txt 2011-09-01 10:03
ComboFix3.txt 2011-08-14 17:07
ComboFix4.txt 2011-08-14 16:06
ComboFix5.txt 2011-09-01 17:46
.
Před spuštěním: Volných bajtů: 10 873 196 544
Po spuštění: Volných bajtů: 11 059 613 696
.
- - End Of File - - FB4AC94DCBB1444AA559AB31D64D22D1

#2 Příspěvek od **Rudy** » 01 zář 2011 19:53

Ještě dočistíme. Pokud nemáte, přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Firefox::
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60327&qkw=

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

msn · #3 Příspěvek od **msn** » 01 zář 2011 20:41

po restartu pc to vypadá že se nic nezměnilo ale mám pocit že intervaly kdy po najetí pc nefunguje internet se prodlužují po každém restartu

Děkuji za jakoukoliv další pomoc, zde je výpis z combofixu po CSFscriptu

((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\rundll16.exe
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\logo1_.exe
2011-09-01 08:32 . 2011-09-01 08:32 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Download Manager
2011-08-31 16:02 . 2011-08-31 16:02 -------- d-----w- c:\documents and settings\Dan\riotsGamesLogs
2011-08-31 15:06 . 2011-08-31 15:06 -------- d-----w- c:\documents and settings\Dan\Data aplikací\LolClient
2011-08-31 12:50 . 2011-09-01 10:02 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PMB Files
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\program files\Pando Networks
2011-08-30 08:35 . 2011-08-30 08:35 -------- d-----w- c:\program files\Microsoft XNA
2011-08-26 11:08 . 2011-08-27 18:47 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\dxhr
2011-08-26 11:03 . 2011-08-26 11:03 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\28050
2011-08-23 14:29 . 2008-04-13 22:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-08-23 14:29 . 2008-04-13 22:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-08-21 07:56 . 2011-08-21 07:56 -------- d--h--r- c:\documents and settings\Dan\Data aplikací\SecuROM
2011-08-21 07:55 . 2011-08-21 07:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\drivers\umdf
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\xlive
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-08-20 15:21 . 2011-08-20 15:23 -------- d-----w- c:\program files\Balance
2011-08-18 06:06 . 2011-08-18 06:06 -------- d-----w- c:\documents and settings\Dan\dwhelper
2011-08-14 12:10 . 2011-08-14 12:10 -------- d--h--w- c:\windows\PIF
2011-08-14 08:53 . 2011-08-14 08:53 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-14 08:20 . 2011-08-14 08:20 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Ubisoft
2011-08-14 08:18 . 2011-08-14 08:18 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\PunkBuster
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\program files\Ubisoft
2011-08-14 07:16 . 2011-08-14 07:16 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-14 07:16 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Spyware Terminator
2011-08-14 06:52 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\LogFiles
2011-08-14 06:52 . 2011-08-14 08:18 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-14 06:52 . 2011-08-14 06:52 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PunkBuster
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-19 11:05 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-21 07:41 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-09-01 08:15 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-15 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-09-01 09:55 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-08-08 16:57 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-08-08 16:57 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-08-08 16:57 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 08:34 . 2011-09-01 08:34 6224778 ----a-w- c:\windows\REGBK01.ZIP
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-31 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\games\\game001\\assasins creed\\ACBSP.exe"=
"g:\\games\\game001\\assasins creed\\ACBMP.exe"=
"g:\\games\\game001\\assasins creed\\AssassinsCreedBrotherhood.exe"=
"g:\\games\\game001\\assasins creed\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"g:\\games\\game002\\gta iv\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56397:TCP"= 56397:TCP:Pando Media Booster
"56397:UDP"= 56397:UDP:Pando Media Booster
.
R0 08183081;08183081;c:\windows\system32\drivers\08183081.sys [1.9.2011 15:45 133208]
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2011 9:16 142592]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 08183081
*NewlyCreated* - 2397377DRV
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 21:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-362288127-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:8c,2e,09,a0,6c,ed,cd,23,3f,1a,1d,b4,26,df,5b,09,f1,89,39,30,ae,
a7,04,83,25,5d,2a,9b,a2,80,e6,44,27,40,3e,b6,eb,5f,8d,b4,0e,e3,96,18,4c,8e,\
"rkeysecu"=hex:45,39,73,f9,77,bc,e2,03,96,e8,03,ee,27,7f,a0,2f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3376)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-09-01 21:28:46
ComboFix-quarantined-files.txt 2011-09-01 19:28
ComboFix2.txt 2011-09-01 17:51
ComboFix3.txt 2011-09-01 10:03
ComboFix4.txt 2011-08-14 17:07
ComboFix5.txt 2011-09-01 19:23
.
Před spuštěním: Volných bajtů: 11 120 824 320
Po spuštění: Volných bajtů: 11 291 967 488
.
- - End Of File - - AC7974C075DA006776215AD16265BCB1

#4 Příspěvek od **Rudy** » 01 zář 2011 20:55

Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

msn · #5 Příspěvek od **msn** » 01 zář 2011 21:07

Myslíte že se něco změnilo během těch pár hodin od posledního skenu? No nicméně to dneska už nestihnu takže ten log Vám tu hodím až zítra.

#6 Příspěvek od **Rudy** » 01 zář 2011 22:01

Rád bych měl jistotu.

msn · #7 Příspěvek od **msn** » 02 zář 2011 11:47

Při kontrole kasperským nebylo nic nalezeno.
Není například možné že nějaký z těch virů rozházel nastavení internetu? Např proxy?

#8 Příspěvek od **Rudy** » 02 zář 2011 17:56

Nastavení zkontrolujte. Můžete také provést reset modemu, příp dalších síť. prvků v datové cestě.

msn · #9 Příspěvek od **msn** » 02 zář 2011 18:14

Modem jsem resetovat zkoušel a všechno co mě jen napadlo také.......zítra beru počítač k otci a vyzkouším zda se počítač bude chovat stejně i při napojení k jinému internetu ,ale mám pocit že bude a nemám absolutně ponětí jak to budu řešit.

#10 Příspěvek od **Rudy** » 02 zář 2011 18:29

Ještě můžete zkusit reinstal protokolu TCP/IP pomocí WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Máte-li paramentry sítě zadány ručně, budete je muset po restartu PC znovu zadat.

msn · #11 Příspěvek od **msn** » 02 zář 2011 19:35

Po spuštění tohoto programu se internet opět rozjel tak jak má ,jediný problém byl že se v esetu vypl firewall a hlásel něco že pro znovunaběhnutí bude potřeba restart pc. Po restartu se firewall znovu rozjel ale internet opět začal dělat ty samé psí kusy. (při dočasném vypnutí firewallu se nestane nic, již jsem zkoušel)

#12 Příspěvek od **Rudy** » 02 zář 2011 19:59

A není problém v konfiguraci fw? Nejsnazší by možná bylo Eset reinstalovat.

msn · #13 Příspěvek od **msn** » 02 zář 2011 20:04

Takže sem zapl program znovu. Eset zase udělal to stejný ale internet už zase nenajel. Odinstaloval sem proto eset a internet vypadá že zase jede (nainstaloval sem free avast) Jenže na mě zase vyjukla hláška že v aplikaci generic host process for win32 services došlo k problému a je třeba ji zavřít.
Tento error mi vyskakoval tuším po založení minecraft serveru ještě předtím než ste mi pc pomáhal čistit když sem tu byl poprvé 3 týdny zpět.
Takže to vypadá že mám znovu rozjet combofix, kaspersky a combofix že?
Ještě zkouším MWAV scan ten mi tuším předtím s tímhle pomohl

#14 Příspěvek od **Rudy** » 02 zář 2011 20:55

........po založení minecraft serveru

Tohle možná bude ono. Něco bylo překonfigurováno a teď to dělá problém. Pokud reinstalujete Eset, měl by se nainstalovat v defaultním nastavení a net by měl fungovat.

msn · #15 Příspěvek od **msn** » 02 zář 2011 21:02

Toto jsem ale již dělával tak rok zpátky a žádný problém se nedostavil. A naposledy jsem ho hostoval 3 týdny zpátky takže si nejsem jist zda to je příčina problému ,ale vím že když jsem to dělal naposledy tak to zpouštělo nějakou chybu kterou měl na svědomí mallware.
Internet již funguje v pořádku ale pc se již znovu chová jako zavirováno. Včera sem to také projížděl MWAV a nenašlo to nic, dnes to našlo 5 různých mallwarů. Asi to zase nechám projet kasperským.....

VIRY.CZ

podivně chovající se internet

podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet

Re: podivně chovající se internet