VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

podivně chovající se internet

https://forum.viry.cz:443/viewtopic.php?t=115072

Stránka 1 z 2

podivně chovající se internet

Napsal: 01 zář 2011 19:00
od msn
Na mém počítači se vyskytl problém který se vyznačuje tím ,že při startu počítače nelze zapnout firefox, najede až tak po minutě s tím že i internet se načítá tímhle způsobem (dlouho nefunguje skoro vůbec ale pak se rozjede jako by nebyl žádný problém)
I po projetím kasperským se tento jev vyskytuje i na ostatních prohlížečích či na qipu.
Za jakoukoliv pomoc předem děkuji
Výpis z combofixu před kasperským

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Dan\Data aplikací\10.tmp
c:\documents and settings\Dan\Data aplikací\11.tmp
c:\documents and settings\Dan\Data aplikací\12.tmp
c:\documents and settings\Dan\Data aplikací\13.tmp
c:\documents and settings\Dan\Data aplikací\14.tmp
c:\documents and settings\Dan\Data aplikací\15.tmp
c:\documents and settings\Dan\Data aplikací\17.tmp
c:\documents and settings\Dan\Data aplikací\18.tmp
c:\documents and settings\Dan\Data aplikací\296.tmp
c:\documents and settings\Dan\Data aplikací\297.tmp
c:\documents and settings\Dan\Data aplikací\2B.tmp
c:\documents and settings\Dan\Data aplikací\2C.tmp
c:\documents and settings\Dan\Data aplikací\2E0C.tmp
c:\documents and settings\Dan\Data aplikací\2E0D.tmp
c:\documents and settings\Dan\Data aplikací\2E42.tmp
c:\documents and settings\Dan\Data aplikací\2E43.tmp
c:\documents and settings\Dan\Data aplikací\4.tmp
c:\documents and settings\Dan\Data aplikací\5.tmp
c:\documents and settings\Dan\Data aplikací\6.tmp
c:\documents and settings\Dan\Data aplikací\6471.tmp
c:\documents and settings\Dan\Data aplikací\6472.tmp
c:\documents and settings\Dan\Data aplikací\7.tmp
c:\documents and settings\Dan\Data aplikací\8.tmp
c:\documents and settings\Dan\Data aplikací\9.tmp
c:\documents and settings\Dan\Data aplikací\A.tmp
c:\documents and settings\Dan\Data aplikací\B9.tmp
c:\documents and settings\Dan\Data aplikací\BA.tmp
c:\documents and settings\Dan\Data aplikací\C7.tmp
c:\documents and settings\Dan\Data aplikací\C8.tmp
c:\documents and settings\Dan\Data aplikací\C9.tmp
c:\documents and settings\Dan\Data aplikací\CABC.tmp
c:\documents and settings\Dan\Data aplikací\CABD.tmp
c:\documents and settings\Dan\Data aplikací\CABE.tmp
c:\documents and settings\Dan\Data aplikací\CAC1.tmp
c:\documents and settings\Dan\Data aplikací\CAC2.tmp
c:\documents and settings\Dan\Data aplikací\CAC5.tmp
c:\documents and settings\Dan\Data aplikací\CAC6.tmp
c:\documents and settings\Dan\Data aplikací\CAF0.tmp
c:\documents and settings\Dan\Data aplikací\CAF1.tmp
c:\documents and settings\Dan\Data aplikací\CAF2.tmp
c:\documents and settings\Dan\Data aplikací\CAF7.tmp
c:\documents and settings\Dan\Data aplikací\D.tmp
c:\documents and settings\Dan\Data aplikací\E.tmp
c:\documents and settings\Dan\Data aplikací\F.tmp
c:\documents and settings\Dan\Data aplikací\FB0.tmp
c:\windows\ehome\medctrro.exe
c:\windows\regedit.com
c:\windows\system32\mfc100deu.dll
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\rundll16.exe
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\logo1_.exe
2011-09-01 08:32 . 2011-09-01 08:32 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Download Manager
2011-08-31 16:02 . 2011-08-31 16:02 -------- d-----w- c:\documents and settings\Dan\riotsGamesLogs
2011-08-31 15:06 . 2011-08-31 15:06 -------- d-----w- c:\documents and settings\Dan\Data aplikací\LolClient
2011-08-31 12:50 . 2011-09-01 10:02 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PMB Files
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\program files\Pando Networks
2011-08-30 08:35 . 2011-08-30 08:35 -------- d-----w- c:\program files\Microsoft XNA
2011-08-26 11:08 . 2011-08-27 18:47 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\dxhr
2011-08-26 11:03 . 2011-08-26 11:03 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\28050
2011-08-23 14:29 . 2008-04-13 22:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-08-23 14:29 . 2008-04-13 22:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-08-21 07:56 . 2011-08-21 07:56 -------- d--h--r- c:\documents and settings\Dan\Data aplikací\SecuROM
2011-08-21 07:55 . 2011-08-21 07:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\drivers\umdf
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\xlive
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-08-20 15:21 . 2011-08-20 15:23 -------- d-----w- c:\program files\Balance
2011-08-18 06:06 . 2011-08-18 06:06 -------- d-----w- c:\documents and settings\Dan\dwhelper
2011-08-14 12:10 . 2011-08-14 12:10 -------- d--h--w- c:\windows\PIF
2011-08-14 08:53 . 2011-08-14 08:53 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-14 08:20 . 2011-08-14 08:20 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Ubisoft
2011-08-14 08:18 . 2011-08-14 08:18 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\PunkBuster
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\program files\Ubisoft
2011-08-14 07:16 . 2011-08-14 07:16 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-14 07:16 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Spyware Terminator
2011-08-14 06:52 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\LogFiles
2011-08-14 06:52 . 2011-08-14 08:18 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-14 06:52 . 2011-08-14 06:52 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PunkBuster
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-19 11:05 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-21 07:41 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-09-01 08:15 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-15 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-09-01 09:55 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-08-08 16:57 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-08-08 16:57 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-08-08 16:57 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 08:34 . 2011-09-01 08:34 6224778 ----a-w- c:\windows\REGBK01.ZIP
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-14_16.05.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-01 08:14 . 2011-09-01 08:14 16384 c:\windows\temp\Perflib_Perfdata_2d8.dat
+ 2006-09-28 16:56 . 2006-09-28 16:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-28 18:13 . 2006-09-28 18:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 09:51 . 2006-11-02 09:51 39936 c:\windows\system32\wpdshextres.dll
+ 2006-10-18 18:00 . 2006-10-18 18:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 33792 c:\windows\system32\wmdmlog.dll
+ 2011-08-21 07:54 . 2006-09-15 23:05 14640 c:\windows\system32\spmsg.dll
- 2001-10-25 12:00 . 2011-08-13 19:52 75486 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2011-08-19 05:27 75486 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2011-08-19 05:27 89144 c:\windows\system32\perfc005.dat
- 2001-10-25 12:00 . 2011-08-13 19:52 89144 c:\windows\system32\perfc005.dat
+ 2004-08-17 13:49 . 2006-10-18 19:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2004-08-17 13:49 . 2008-05-19 04:33 18944 c:\windows\system32\msisip.dll
+ 2004-08-17 13:49 . 2008-05-18 23:57 95744 c:\windows\system32\msiexec.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 11264 c:\windows\system32\LAPRXY.dll
+ 2006-09-28 17:00 . 2006-09-28 17:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 16:55 . 2006-09-28 16:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2006-10-18 18:00 . 2006-10-18 18:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2004-08-17 13:49 . 2006-10-18 19:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2008-05-19 04:33 . 2008-05-19 04:33 18944 c:\windows\system32\dllcache\msisip.dll
+ 2008-05-18 23:57 . 2008-05-18 23:57 95744 c:\windows\system32\dllcache\msiexec.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 11264 c:\windows\system32\dllcache\LAPRXY.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 17920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Video\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Video.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 20992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Storage\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Storage.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 54272 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Net\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Net.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 23040 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Input.Touch\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Input.Touch.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 71680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.GamerServices\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.GamerServices.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 24576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Xna.Framework.Avatar\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Avatar.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 75776 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework.Xact\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Xact.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 75264 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework.Game\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Game.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmvdmod.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 19:47 . 2006-10-18 19:47 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\wmsdmod.dll
+ 2006-10-18 19:58 . 2006-10-18 19:58 8704 c:\windows\system32\wdfmgr.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-10-18 19:58 . 2006-10-18 19:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-17 13:48 . 2008-04-16 23:43 2560 c:\windows\system32\msimsg.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2008-04-16 23:43 . 2008-04-16 23:43 2560 c:\windows\system32\dllcache\msimsg.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 4096 c:\windows\system32\dllcache\MP43DMOD.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 18:23 . 2007-11-06 18:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-10-22 02:55 . 2008-10-22 02:55 134144 c:\windows\system32\xlive\sqmapi.dll
+ 2006-09-28 16:56 . 2006-09-28 16:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-09-28 16:56 . 2006-09-28 16:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56 . 2006-09-28 16:56 146432 c:\windows\system32\WudfHost.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 154624 c:\windows\system32\wpdmtp.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 937984 c:\windows\system32\WMNetMgr.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 157184 c:\windows\system32\wmidx.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 222208 c:\windows\system32\WMASF.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 757248 c:\windows\system32\WMADMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 211456 c:\windows\system32\qasf.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2001-10-25 12:00 . 2011-08-19 05:27 455512 c:\windows\system32\perfh009.dat
- 2001-10-25 12:00 . 2011-08-13 19:52 455512 c:\windows\system32\perfh009.dat
- 2001-10-25 12:00 . 2011-08-13 19:52 451388 c:\windows\system32\perfh005.dat
+ 2001-10-25 12:00 . 2011-08-19 05:27 451388 c:\windows\system32\perfh005.dat
+ 2004-08-17 13:49 . 2006-10-18 19:47 321536 c:\windows\system32\mswmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 414208 c:\windows\system32\msscp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 175616 c:\windows\system32\mspmsp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 179712 c:\windows\system32\msnetobj.dll
+ 2004-08-17 13:49 . 2008-05-19 04:33 332800 c:\windows\system32\msihnd.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 212992 c:\windows\system32\MFPLAT.dll
+ 2011-08-15 18:22 . 2011-08-15 18:22 243360 c:\windows\system32\Macromed\Flash\FlashUtil10v_Plugin.exe
+ 2004-08-17 13:49 . 2006-10-18 18:03 100864 c:\windows\system32\logagent.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-10-18 18:00 . 2006-10-18 18:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-18 19:47 . 2006-10-18 19:47 671232 c:\windows\system32\drivers\umdf\wpdmtpdr.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 603648 c:\windows\system32\dllcache\WMSPDMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 937984 c:\windows\system32\dllcache\WMNetMgr.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 222208 c:\windows\system32\dllcache\WMASF.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 321536 c:\windows\system32\dllcache\mswmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 414208 c:\windows\system32\dllcache\msscp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 175616 c:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2008-05-19 04:33 . 2008-05-19 04:33 332800 c:\windows\system32\dllcache\msihnd.dll
+ 2004-08-17 13:49 . 2006-10-18 18:03 100864 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-17 13:49 . 2006-10-18 19:47 991744 c:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 229376 c:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 542720 c:\windows\system32\dllcache\blackbox.dll
- 2011-08-08 17:28 . 2008-07-10 09:01 467984 c:\windows\system32\d3dx10_39.dll
+ 2011-08-08 17:28 . 2008-07-12 06:18 467984 c:\windows\system32\d3dx10_39.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 229376 c:\windows\system32\cewmdm.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 542720 c:\windows\system32\blackbox.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 276992 c:\windows\system32\audiodev.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 672768 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 427008 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Xna.Framework.Graphics\v4.0_4.0.0.0__842cf8be1de50553\Microsoft.Xna.Framework.Graphics.dll
+ 2011-08-30 08:35 . 2011-08-30 08:35 751616 c:\windows\Installer\5669f5.msi
+ 2011-08-21 07:54 . 2011-08-21 07:54 850944 c:\windows\Installer\29a4cc.msi
+ 2011-08-21 07:55 . 2011-08-21 07:55 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 19:47 . 2006-10-18 19:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 2450944 c:\windows\system32\wmvcore.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2007-08-27 13:41 . 2007-08-27 13:41 1089440 c:\windows\system32\msidcrl40.dll
+ 2004-08-17 13:49 . 2008-05-19 04:33 4445184 c:\windows\system32\msi.dll
+ 2011-08-08 17:10 . 2011-08-15 18:22 6277280 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 2450944 c:\windows\system32\dllcache\wmvcore.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-17 13:49 . 2006-10-18 19:47 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2008-05-19 04:33 . 2008-05-19 04:33 4445184 c:\windows\system32\dllcache\msi.dll
+ 2011-08-08 17:28 . 2008-07-12 06:18 3851784 c:\windows\system32\D3DX9_39.dll
- 2011-08-08 17:28 . 2008-07-10 09:00 3851784 c:\windows\system32\D3DX9_39.dll
- 2011-08-08 17:28 . 2008-07-10 09:00 1493528 c:\windows\system32\D3DCompiler_39.dll
+ 2011-08-08 17:28 . 2008-07-12 06:18 1493528 c:\windows\system32\D3DCompiler_39.dll
+ 2011-08-21 07:56 . 2011-08-21 07:56 1130496 c:\windows\Installer\29aa5f.msi
+ 2011-08-21 07:55 . 2011-08-21 07:55 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-08-21 07:55 . 2011-08-21 07:55 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2011-08-14 08:45 . 2011-08-14 08:45 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2008-10-22 03:29 . 2008-10-22 03:29 13643936 c:\windows\system32\xlivefnt.dll
+ 2008-10-22 03:29 . 2008-10-22 03:29 14303392 c:\windows\system32\xlive.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-31 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\games\\game001\\assasins creed\\ACBSP.exe"=
"g:\\games\\game001\\assasins creed\\ACBMP.exe"=
"g:\\games\\game001\\assasins creed\\AssassinsCreedBrotherhood.exe"=
"g:\\games\\game001\\assasins creed\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"g:\\games\\game002\\gta iv\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56397:TCP"= 56397:TCP:Pando Media Booster
"56397:UDP"= 56397:UDP:Pando Media Booster
.
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2011 9:16 142592]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60327&qkw=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 12:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-362288127-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:8c,2e,09,a0,6c,ed,cd,23,3f,1a,1d,b4,26,df,5b,09,f1,89,39,30,ae,
a7,04,83,25,5d,2a,9b,a2,80,e6,44,27,40,3e,b6,eb,5f,8d,b4,0e,e3,96,18,4c,8e,\
"rkeysecu"=hex:45,39,73,f9,77,bc,e2,03,96,e8,03,ee,27,7f,a0,2f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2011-09-01 12:03:02
ComboFix-quarantined-files.txt 2011-09-01 10:03
ComboFix2.txt 2011-08-14 17:07
ComboFix3.txt 2011-08-14 16:06
ComboFix4.txt 2011-08-13 20:50
.
Před spuštěním: Volných bajtů: 10 525 405 184
Po spuštění: Volných bajtů: 10 976 387 072
.
- - End Of File - - AC7730DA92739085C7AEC5107E7BAE71

Výpis z kasperského
Status: Absent (events: 4)
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Data aplikací\295.tmp.vir.mwt High
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Data aplikací\2A.tmp.vir.mwt High
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\Documents and Settings\Dan\Data aplikací\1C5.tmp.vir.mwt High
1.9.2011 18:35:33 Not found Trojan program Trojan.Win32.Inject.bhxj C:\Qoobox\Quarantine\C\WINDOWS\aadrive32.exe.vir.mwt High
Status: Deleted (events: 2)
1.9.2011 19:34:11 Deleted Trojan program Trojan.Win32.Chifrax.a H:\System Volume Information\_restore{6DB0D8DB-99DE-4C0E-BB5A-A283A0E0334F}\RP21\A0005546.exe High

Výpis z combofixu po kasperském

((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\rundll16.exe
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\logo1_.exe
2011-09-01 08:32 . 2011-09-01 08:32 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Download Manager
2011-08-31 16:02 . 2011-08-31 16:02 -------- d-----w- c:\documents and settings\Dan\riotsGamesLogs
2011-08-31 15:06 . 2011-08-31 15:06 -------- d-----w- c:\documents and settings\Dan\Data aplikací\LolClient
2011-08-31 12:50 . 2011-09-01 10:02 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PMB Files
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\program files\Pando Networks
2011-08-30 08:35 . 2011-08-30 08:35 -------- d-----w- c:\program files\Microsoft XNA
2011-08-26 11:08 . 2011-08-27 18:47 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\dxhr
2011-08-26 11:03 . 2011-08-26 11:03 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\28050
2011-08-23 14:29 . 2008-04-13 22:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-08-23 14:29 . 2008-04-13 22:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-08-21 07:56 . 2011-08-21 07:56 -------- d--h--r- c:\documents and settings\Dan\Data aplikací\SecuROM
2011-08-21 07:55 . 2011-08-21 07:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\drivers\umdf
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\xlive
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-08-20 15:21 . 2011-08-20 15:23 -------- d-----w- c:\program files\Balance
2011-08-18 06:06 . 2011-08-18 06:06 -------- d-----w- c:\documents and settings\Dan\dwhelper
2011-08-14 12:10 . 2011-08-14 12:10 -------- d--h--w- c:\windows\PIF
2011-08-14 08:53 . 2011-08-14 08:53 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-14 08:20 . 2011-08-14 08:20 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Ubisoft
2011-08-14 08:18 . 2011-08-14 08:18 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\PunkBuster
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\program files\Ubisoft
2011-08-14 07:16 . 2011-08-14 07:16 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-14 07:16 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Spyware Terminator
2011-08-14 06:52 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\LogFiles
2011-08-14 06:52 . 2011-08-14 08:18 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-14 06:52 . 2011-08-14 06:52 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PunkBuster
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-19 11:05 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-21 07:41 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-09-01 08:15 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-15 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-09-01 09:55 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-08-08 16:57 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-08-08 16:57 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-08-08 16:57 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 08:34 . 2011-09-01 08:34 6224778 ----a-w- c:\windows\REGBK01.ZIP
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-31 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\games\\game001\\assasins creed\\ACBSP.exe"=
"g:\\games\\game001\\assasins creed\\ACBMP.exe"=
"g:\\games\\game001\\assasins creed\\AssassinsCreedBrotherhood.exe"=
"g:\\games\\game001\\assasins creed\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"g:\\games\\game002\\gta iv\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56397:TCP"= 56397:TCP:Pando Media Booster
"56397:UDP"= 56397:UDP:Pando Media Booster
.
R0 08183081;08183081;c:\windows\system32\drivers\08183081.sys [1.9.2011 15:45 133208]
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2011 9:16 142592]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 08183081
*NewlyCreated* - 2397377DRV
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60327&qkw=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 19:50
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-362288127-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:8c,2e,09,a0,6c,ed,cd,23,3f,1a,1d,b4,26,df,5b,09,f1,89,39,30,ae,
a7,04,83,25,5d,2a,9b,a2,80,e6,44,27,40,3e,b6,eb,5f,8d,b4,0e,e3,96,18,4c,8e,\
"rkeysecu"=hex:45,39,73,f9,77,bc,e2,03,96,e8,03,ee,27,7f,a0,2f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(4804)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-09-01 19:51:18
ComboFix-quarantined-files.txt 2011-09-01 17:51
ComboFix2.txt 2011-09-01 10:03
ComboFix3.txt 2011-08-14 17:07
ComboFix4.txt 2011-08-14 16:06
ComboFix5.txt 2011-09-01 17:46
.
Před spuštěním: Volných bajtů: 10 873 196 544
Po spuštění: Volných bajtů: 11 059 613 696
.
- - End Of File - - FB4AC94DCBB1444AA559AB31D64D22D1

Re: podivně chovající se internet

Napsal: 01 zář 2011 19:53
od Rudy
Ještě dočistíme. Pokud nemáte, přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Firefox::
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60327&qkw=
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: podivně chovající se internet

Napsal: 01 zář 2011 20:41
od msn
po restartu pc to vypadá že se nic nezměnilo ale mám pocit že intervaly kdy po najetí pc nefunguje internet se prodlužují po každém restartu :)
Děkuji za jakoukoliv další pomoc, zde je výpis z combofixu po CSFscriptu

((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\rundll16.exe
2011-09-01 08:34 . 2011-09-01 08:34 -------- d---a-w- c:\windows\logo1_.exe
2011-09-01 08:32 . 2011-09-01 08:32 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Download Manager
2011-08-31 16:02 . 2011-08-31 16:02 -------- d-----w- c:\documents and settings\Dan\riotsGamesLogs
2011-08-31 15:06 . 2011-08-31 15:06 -------- d-----w- c:\documents and settings\Dan\Data aplikací\LolClient
2011-08-31 12:50 . 2011-09-01 10:02 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PMB Files
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-08-31 12:50 . 2011-08-31 12:50 -------- d-----w- c:\program files\Pando Networks
2011-08-30 08:35 . 2011-08-30 08:35 -------- d-----w- c:\program files\Microsoft XNA
2011-08-26 11:08 . 2011-08-27 18:47 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\dxhr
2011-08-26 11:03 . 2011-08-26 11:03 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\28050
2011-08-23 14:29 . 2008-04-13 22:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2011-08-23 14:29 . 2008-04-13 22:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-08-21 07:56 . 2011-08-21 07:56 -------- d--h--r- c:\documents and settings\Dan\Data aplikací\SecuROM
2011-08-21 07:55 . 2011-08-21 07:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\drivers\umdf
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\xlive
2011-08-21 07:54 . 2011-08-21 07:54 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-08-20 15:21 . 2011-08-20 15:23 -------- d-----w- c:\program files\Balance
2011-08-18 06:06 . 2011-08-18 06:06 -------- d-----w- c:\documents and settings\Dan\dwhelper
2011-08-14 12:10 . 2011-08-14 12:10 -------- d--h--w- c:\windows\PIF
2011-08-14 08:53 . 2011-08-14 08:53 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-14 08:20 . 2011-08-14 08:20 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Ubisoft
2011-08-14 08:18 . 2011-08-14 08:18 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\PunkBuster
2011-08-14 08:18 . 2011-08-14 08:18 -------- d-----w- c:\program files\Ubisoft
2011-08-14 07:16 . 2011-08-14 07:16 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-14 07:16 . 2011-08-14 08:18 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Spyware Terminator
2011-08-14 06:52 . 2011-08-21 07:54 -------- d-----w- c:\windows\system32\LogFiles
2011-08-14 06:52 . 2011-08-14 08:18 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-08-14 06:52 . 2011-08-14 06:52 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\PunkBuster
2011-08-13 18:10 . 2011-08-13 18:10 -------- d-----w- C:\spoolerlogs
2011-08-13 17:07 . 2011-06-16 04:30 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-13 17:07 . 2011-06-16 04:30 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-13 17:07 . 2011-06-16 04:30 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-13 17:07 . 2011-06-16 04:30 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
2011-08-13 17:07 . 2011-06-16 04:30 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-13 17:07 . 2011-06-16 04:30 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-13 17:07 . 2011-06-16 04:30 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-08-13 17:07 . 2011-06-16 04:30 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-13 17:07 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-13 17:07 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\program files\Common Files\Adobe
2011-08-13 17:05 . 2011-08-13 17:05 -------- d-----w- c:\documents and settings\Dan\Dokumenty
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAFB.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF9.tmp
2011-08-13 00:40 . 2011-08-13 00:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF8.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF6.tmp
2011-08-13 00:37 . 2011-08-13 00:37 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAF4.tmp
2011-08-12 23:50 . 2011-08-12 23:50 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC9.tmp
2011-08-12 23:47 . 2011-08-12 23:47 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC4.tmp
2011-08-12 23:40 . 2011-08-12 23:40 0 ----a-w- c:\documents and settings\Dan\Data aplikací\CAC0.tmp
2011-08-12 22:08 . 2011-08-12 22:08 -------- d-----w- c:\program files\LS
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\VDLL.DLL
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\system32\runouce.exe
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-08-09 14:08 . 2011-08-09 14:08 -------- d---a-w- c:\windows\logo_1.exe
2011-08-09 14:07 . 2011-08-09 14:07 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-09 14:07 . 2011-08-09 14:07 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-09 14:07 . 2011-08-09 14:07 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-08-09 14:07 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-08-09 14:07 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-08-09 14:07 . 2011-08-09 14:07 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\C.tmp
2011-08-09 13:58 . 2011-08-09 13:58 2331 ----a-w- c:\documents and settings\Dan\Data aplikací\B.tmp
2011-08-09 13:52 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-08 19:16 . 2011-08-08 19:16 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Auslogics
2011-08-08 19:00 . 2011-08-11 17:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\.minecraft
2011-08-08 18:54 . 2011-08-08 18:54 -------- d-----w- c:\windows\Sun
2011-08-08 18:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Temp
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Common Files\Java
2011-08-08 17:46 . 2011-08-08 17:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-08-08 17:46 . 2011-08-08 17:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-08 17:46 . 2011-08-08 17:46 -------- d-----w- c:\program files\Java
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\Dan\Data aplikací\ESET
2011-08-08 17:43 . 2011-08-08 17:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-08-08 17:37 . 2011-08-09 09:17 -------- d-----w- c:\documents and settings\Dan\Data aplikací\TS3Client
2011-08-08 17:27 . 2011-08-08 17:27 -------- d-----w- c:\program files\AMD APP
2011-08-08 17:26 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-08-08 17:26 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-08-08 17:25 . 2011-08-08 17:25 -------- d-----w- c:\program files\ATI
2011-08-08 17:25 . 2011-08-19 11:05 -------- d-----w- c:\program files\CCleaner
2011-08-08 17:24 . 2011-08-08 17:53 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\AskToolbar
2011-08-08 17:24 . 2011-08-10 09:58 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-08-08 17:24 . 2011-08-10 09:59 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-08-08 17:23 . 2011-08-21 07:41 -------- d-----w- c:\documents and settings\Dan\Data aplikací\DAEMON Tools Lite
2011-08-08 17:12 . 2011-09-01 08:15 -------- d-----w- c:\documents and settings\Dan\Data aplikací\skypePM
2011-08-08 17:10 . 2011-08-15 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-08 17:10 . 2011-08-08 18:10 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2011-08-08 17:08 . 2010-05-25 03:13 51232 ----a-w- c:\windows\system32\RHCoInstXP.dll
2011-08-08 17:08 . 2010-05-25 03:13 1489440 ----a-w- c:\windows\RtaUpd.exe
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-10 18:51 -------- d-----w- c:\documents and settings\Dan\Local Settings\Data aplikací\Google
2011-08-08 17:05 . 2011-08-08 17:06 -------- d-----w- c:\program files\Google
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----r- c:\program files\Skype
2011-08-08 17:05 . 2011-08-08 17:05 -------- d-----w- c:\program files\Common Files\Skype
2011-08-08 17:05 . 2011-09-01 09:55 -------- d-----w- c:\documents and settings\Dan\Data aplikací\Skype
2011-08-08 16:57 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-08-08 16:57 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-08-08 16:57 . 2008-04-14 06:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-08-08 16:57 . 2008-04-14 06:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-08-08 16:57 . 2008-04-14 05:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-08-08 16:57 . 2008-04-14 05:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-08-08 16:57 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-08-08 16:56 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-01 08:34 . 2011-09-01 08:34 6224778 ----a-w- c:\windows\REGBK01.ZIP
2011-08-09 14:09 . 2011-08-09 14:08 5433626 ----a-w- c:\windows\REGBK00.ZIP
2011-06-16 04:30 . 2011-08-13 17:07 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"DAEMON Tools Lite"="e:\instal2\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Infium"="e:\instal2\QIP Infium JadrisPack\qip.exe" [2011-03-02 6010240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-08-31 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-02 19580520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 98304]
"egui"="e:\instal2\eset\egui.exe" [2010-11-08 2219184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\games\\game001\\assasins creed\\ACBSP.exe"=
"g:\\games\\game001\\assasins creed\\ACBMP.exe"=
"g:\\games\\game001\\assasins creed\\AssassinsCreedBrotherhood.exe"=
"g:\\games\\game001\\assasins creed\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"g:\\games\\game002\\gta iv\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56397:TCP"= 56397:TCP:Pando Media Booster
"56397:UDP"= 56397:UDP:Pando Media Booster
.
R0 08183081;08183081;c:\windows\system32\drivers\08183081.sys [1.9.2011 15:45 133208]
R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [9.10.2009 22:26 184848]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2011 9:16 142592]
R2 ekrn;ESET Service;e:\instal2\eset\ekrn.exe [8.11.2010 9:50 810144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [10.10.2009 8:09 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2011 19:05 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 08183081
*NewlyCreated* - 2397377DRV
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
2011-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-08 17:05]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Dan\Data aplikací\Mozilla\Firefox\Profiles\g39hk0mw.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 21:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-790525478-362288127-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:8c,2e,09,a0,6c,ed,cd,23,3f,1a,1d,b4,26,df,5b,09,f1,89,39,30,ae,
a7,04,83,25,5d,2a,9b,a2,80,e6,44,27,40,3e,b6,eb,5f,8d,b4,0e,e3,96,18,4c,8e,\
"rkeysecu"=hex:45,39,73,f9,77,bc,e2,03,96,e8,03,ee,27,7f,a0,2f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3376)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-09-01 21:28:46
ComboFix-quarantined-files.txt 2011-09-01 19:28
ComboFix2.txt 2011-09-01 17:51
ComboFix3.txt 2011-09-01 10:03
ComboFix4.txt 2011-08-14 17:07
ComboFix5.txt 2011-09-01 19:23
.
Před spuštěním: Volných bajtů: 11 120 824 320
Po spuštění: Volných bajtů: 11 291 967 488
.
- - End Of File - - AC7974C075DA006776215AD16265BCB1

Re: podivně chovající se internet

Napsal: 01 zář 2011 20:55
od Rudy
Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Re: podivně chovající se internet

Napsal: 01 zář 2011 21:07
od msn
Myslíte že se něco změnilo během těch pár hodin od posledního skenu? No nicméně to dneska už nestihnu takže ten log Vám tu hodím až zítra.

Re: podivně chovající se internet

Napsal: 01 zář 2011 22:01
od Rudy
Rád bych měl jistotu. :)

Re: podivně chovající se internet

Napsal: 02 zář 2011 11:47
od msn
Při kontrole kasperským nebylo nic nalezeno.
Není například možné že nějaký z těch virů rozházel nastavení internetu? Např proxy?

Re: podivně chovající se internet

Napsal: 02 zář 2011 17:56
od Rudy
Nastavení zkontrolujte. Můžete také provést reset modemu, příp dalších síť. prvků v datové cestě.

Re: podivně chovající se internet

Napsal: 02 zář 2011 18:14
od msn
Modem jsem resetovat zkoušel a všechno co mě jen napadlo také.......zítra beru počítač k otci a vyzkouším zda se počítač bude chovat stejně i při napojení k jinému internetu ,ale mám pocit že bude a nemám absolutně ponětí jak to budu řešit.

Re: podivně chovající se internet

Napsal: 02 zář 2011 18:29
od Rudy
Ještě můžete zkusit reinstal protokolu TCP/IP pomocí WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Máte-li paramentry sítě zadány ručně, budete je muset po restartu PC znovu zadat.

Re: podivně chovající se internet

Napsal: 02 zář 2011 19:35
od msn
Po spuštění tohoto programu se internet opět rozjel tak jak má ,jediný problém byl že se v esetu vypl firewall a hlásel něco že pro znovunaběhnutí bude potřeba restart pc. Po restartu se firewall znovu rozjel ale internet opět začal dělat ty samé psí kusy. (při dočasném vypnutí firewallu se nestane nic, již jsem zkoušel)

Re: podivně chovající se internet

Napsal: 02 zář 2011 19:59
od Rudy
A není problém v konfiguraci fw? Nejsnazší by možná bylo Eset reinstalovat.

Re: podivně chovající se internet

Napsal: 02 zář 2011 20:04
od msn
Takže sem zapl program znovu. Eset zase udělal to stejný ale internet už zase nenajel. Odinstaloval sem proto eset a internet vypadá že zase jede (nainstaloval sem free avast) Jenže na mě zase vyjukla hláška že v aplikaci generic host process for win32 services došlo k problému a je třeba ji zavřít.
Tento error mi vyskakoval tuším po založení minecraft serveru ještě předtím než ste mi pc pomáhal čistit když sem tu byl poprvé 3 týdny zpět.
Takže to vypadá že mám znovu rozjet combofix, kaspersky a combofix že?
Ještě zkouším MWAV scan ten mi tuším předtím s tímhle pomohl

Re: podivně chovající se internet

Napsal: 02 zář 2011 20:55
od Rudy
........po založení minecraft serveru
Tohle možná bude ono. Něco bylo překonfigurováno a teď to dělá problém. Pokud reinstalujete Eset, měl by se nainstalovat v defaultním nastavení a net by měl fungovat.

Re: podivně chovající se internet

Napsal: 02 zář 2011 21:02
od msn
Toto jsem ale již dělával tak rok zpátky a žádný problém se nedostavil. A naposledy jsem ho hostoval 3 týdny zpátky takže si nejsem jist zda to je příčina problému ,ale vím že když jsem to dělal naposledy tak to zpouštělo nějakou chybu kterou měl na svědomí mallware.
Internet již funguje v pořádku ale pc se již znovu chová jako zavirováno. Včera sem to také projížděl MWAV a nenašlo to nic, dnes to našlo 5 různých mallwarů. Asi to zase nechám projet kasperským.....
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz