Prosím o pomoc a kontrolu PC

Alan-K · Příspěvekod **Alan-K** » 12 črc 2013 10:09

ComboFix 13-07-11.03 - Alan 12.07.2013 9:37.17.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2364 [GMT 2:00]
Spuštěný z: c:\documents and settings\Alan\Plocha\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-12 do 2013-07-12 )))))))))))))))))))))))))))))))
.
.
2013-07-11 23:41 . 2013-07-11 23:46 -------- d-----w- c:\windows\system32\MRT
2013-07-10 22:18 . 2013-07-10 22:18 -------- d-----w- c:\windows\ERUNT
2013-07-10 19:35 . 2013-07-10 19:35 -------- d-----w- c:\windows\system32\wbem\Repository
2013-07-09 20:33 . 2013-07-10 19:33 -------- d-----w- c:\program files\CrystalDiskInfo
2013-07-03 12:04 . 2013-07-03 12:05 -------- d-----w- c:\program files\Foto-Mosaik-Edda
2013-07-03 12:02 . 2013-07-03 12:02 -------- d-----w- c:\program files\Common Files\Bcgsoft
2013-07-03 12:02 . 2013-07-03 12:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PearlMountain
2013-07-03 12:02 . 2013-07-03 12:02 -------- d-----w- c:\documents and settings\Alan\Data aplikací\PearlMountain
2013-07-03 12:01 . 2013-07-03 12:02 -------- d-----w- c:\program files\Picture Collage Maker Pro
2013-07-03 11:21 . 2013-07-03 11:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-07-03 09:39 . 2013-07-03 09:38 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-03 09:39 . 2013-07-03 09:39 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-02 23:01 . 2013-07-02 23:01 -------- d-----w- c:\windows\Sun
2013-07-02 15:19 . 2013-07-02 15:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2013-07-02 15:04 . 2013-07-02 15:04 -------- d-----w- c:\documents and settings\Alan\Local Settings\Data aplikací\Sun
2013-07-01 21:13 . 2013-07-01 21:13 -------- d-----w- c:\documents and settings\Alan\Data aplikací\ZoomBrowser EX
2013-07-01 21:00 . 2013-07-01 21:00 -------- d-----w- c:\documents and settings\Alan\Data aplikací\CANON INC
2013-07-01 20:19 . 2013-07-01 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ZoomBrowser
2013-07-01 20:09 . 2013-07-01 20:09 -------- d-----w- c:\documents and settings\Alan\Data aplikací\Canon_Inc_IC
2013-07-01 20:02 . 2013-07-01 20:02 -------- d-----w- c:\program files\Common Files\Canon_Inc_IC
2013-07-01 20:02 . 2013-07-01 20:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canon_Inc_IC
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-03 09:38 . 2012-06-19 12:01 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-03 09:38 . 2011-01-05 00:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-17 20:07 . 2012-04-20 19:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-17 20:07 . 2011-05-28 15:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-08 01:24 . 2003-04-16 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:53 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-06-07 21:53 . 2003-04-16 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 18:25 . 2004-08-17 22:44 385024 ------w- c:\windows\system32\html.iec
2013-06-05 09:08 . 2003-04-16 12:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 2012-07-26 21:27 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-25 15:05 . 2013-05-25 15:05 17613192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-19 11:04 . 2013-05-19 11:04 124504 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2013-05-19 10:54 . 2013-05-19 10:54 97176 ----a-w- c:\windows\system32\ElbyCDIO.dll
2013-05-08 09:58 . 2006-10-18 20:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 05:38 . 2003-04-16 12:00 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:38 . 2002-09-20 17:12 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-25 15:41 . 2012-07-27 09:40 810496 ----a-w- c:\windows\system32\wmvdmod.dll
2013-04-25 01:37 . 2013-04-25 01:37 129944 ----a-w- c:\windows\system32\ElbyVCD.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 03:21 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative MediaSource Go"="c:\program files\Creative\MediaSource\Go\CTCMSGo.exe" [2003-05-29 131072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-11 1468256]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 1505144]
"UMonit"="c:\windows\system32\umonit.exe" [2006-07-26 53248]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-07-02 57344]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-01 345144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\ASUS\Bluetooth Software\BTTray.exe [2009-3-23 603488]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JWOSetup]
JWOSetup.exe -en [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-11-02 06:51 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-17 23:00 45056 ----a-w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-05-31 09:56 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 12:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2013-02-08 13:15 29387072 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMKRun]
2007-01-07 21:31 118784 ----a-w- c:\program files\JustWrite Office\ScreenMark.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [1.6.2012 20:29 102728]
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 4:04 116264]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [16.4.2003 14:00 149376]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [26.3.2013 17:48 37352]
R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\AntiVir Desktop\avmailc.exe [26.3.2013 17:48 371768]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [26.3.2013 17:48 84024]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [26.3.2013 17:48 589368]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [16.8.2012 2:17 66560]
R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [18.8.2012 21:36 5554552]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [23.4.2013 14:06 3574624]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [18.8.2012 21:38 451960]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [8.4.2011 17:37 17408]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [8.4.2011 17:37 46592]
R2 WDBackup;WD Backup;c:\program files\Western Digital\WD SmartWare\WDBackupEngine.exe [19.9.2012 21:10 1157056]
R2 WDDriveService;WD Drive Manager;c:\program files\Western Digital\WD Drive Manager\WDDriveService.exe [19.9.2012 21:02 248248]
R2 WDRulesService;WD Rules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [19.9.2012 21:10 1177536]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [5.1.2011 0:06 103040]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 21:39 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 21:39 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 21:39 566360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21.3.2012 3:47 22856]
R3 PGR1394b;HS 3d Sensor IEEE 1394 Bus host controllers;c:\windows\system32\drivers\HS3dSensor1394.sys [5.1.2011 13:07 72704]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [8.4.2011 17:37 116224]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [18.8.2012 21:37 10752]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [21.3.2012 3:47 701512]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [5.1.2011 17:07 45736]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 21:39 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [5.1.2011 0:34 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 21:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 21:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 21:39 100952]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 21:39 566360]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [5.1.2011 17:15 6016]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.1.2013 14:57 12400]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10.1.2011 14:15 27064]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [10.1.2013 14:46 155320]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [1.8.2012 22:55 13464]
S3 udsstub;USBDeviceShare USB Device Stub;c:\windows\system32\drivers\udsstub.sys [1.6.2012 20:20 16000]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [15.10.2012 1:14 11520]
S3 ZYNFX_AT;USB Storage Adapter FX_AT;c:\windows\system32\drivers\ZYNfx_at.sys [22.7.2012 19:49 33536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 13:18 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 20:07]
.
2013-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-27 12:07]
.
2013-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-27 12:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\ASUS\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\jepw67px.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-72324069.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-12 09:48
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
UMonit = c:\windows\system32\umonit.exe?USB\Vid_8644&Pid_800b8???????I_01????????B\ROOT_H8??????V????????????????????h?????6~?????????????b@?????????????????@$?|?????$?|??7~??@???:~????????????????????@???????????????t??????????????|`$?|?????$?|U$?|??????????????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'lsass.exe'(836)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Celkový čas: 2013-07-12 09:54:08
ComboFix-quarantined-files.txt 2013-07-12 07:54
.
Před spuštěním: 5 581 164 544
Po spuštění: 5 532 286 976
.
- - End Of File - - 7CE8BC174F4F3C47729F05E414015265
3B00EB857BBA060EBA3B17F7019E492F

Reklama

Příspěvekod **jaro3** » 12 črc 2013 21:46

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\documents and settings\Alan\Local Settings\Data aplikací\Sun
c:\program files\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Nedostatek místa na disku!! Máš mít alespoň 15% volného místa , pro chod windows.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\mspmsnsv.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Alan-K · Příspěvekod **Alan-K** » 12 črc 2013 23:52

ComboFix 13-07-12.01 - Alan 12.07.2013 23:20:44.18.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2341 [GMT 2:00]
Spuštěný z: c:\documents and settings\Alan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Alan\Plocha\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
ADS - WINDOWS: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.145\goopdate.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.145\psmachine.dll
c:\program files\Google\Update\1.3.21.145\psuser.dll
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-12 do 2013-07-12 )))))))))))))))))))))))))))))))
.
.
2013-07-11 23:41 . 2013-07-11 23:46 -------- d-----w- c:\windows\system32\MRT
2013-07-10 22:18 . 2013-07-10 22:18 -------- d-----w- c:\windows\ERUNT
2013-07-10 19:35 . 2013-07-10 19:35 -------- d-----w- c:\windows\system32\wbem\Repository
2013-07-09 20:33 . 2013-07-10 19:33 -------- d-----w- c:\program files\CrystalDiskInfo
2013-07-03 12:04 . 2013-07-03 12:05 -------- d-----w- c:\program files\Foto-Mosaik-Edda
2013-07-03 12:02 . 2013-07-03 12:02 -------- d-----w- c:\program files\Common Files\Bcgsoft
2013-07-03 12:02 . 2013-07-03 12:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PearlMountain
2013-07-03 12:02 . 2013-07-03 12:02 -------- d-----w- c:\documents and settings\Alan\Data aplikací\PearlMountain
2013-07-03 12:01 . 2013-07-03 12:02 -------- d-----w- c:\program files\Picture Collage Maker Pro
2013-07-03 11:21 . 2013-07-03 11:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-07-03 09:39 . 2013-07-03 09:38 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-03 09:39 . 2013-07-03 09:39 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-02 23:01 . 2013-07-02 23:01 -------- d-----w- c:\windows\Sun
2013-07-02 15:19 . 2013-07-02 15:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2013-07-02 15:04 . 2013-07-02 15:04 -------- d-----w- c:\documents and settings\Alan\Local Settings\Data aplikací\Sun
2013-07-01 21:13 . 2013-07-01 21:13 -------- d-----w- c:\documents and settings\Alan\Data aplikací\ZoomBrowser EX
2013-07-01 21:00 . 2013-07-01 21:00 -------- d-----w- c:\documents and settings\Alan\Data aplikací\CANON INC
2013-07-01 20:19 . 2013-07-01 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ZoomBrowser
2013-07-01 20:09 . 2013-07-01 20:09 -------- d-----w- c:\documents and settings\Alan\Data aplikací\Canon_Inc_IC
2013-07-01 20:02 . 2013-07-01 20:02 -------- d-----w- c:\program files\Common Files\Canon_Inc_IC
2013-07-01 20:02 . 2013-07-01 20:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Canon_Inc_IC
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
2013-06-16 22:26 . 2013-06-16 22:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-03 09:38 . 2012-06-19 12:01 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-03 09:38 . 2011-01-05 00:00 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-17 20:07 . 2012-04-20 19:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-17 20:07 . 2011-05-28 15:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-08 01:24 . 2003-04-16 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:53 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-06-07 21:53 . 2003-04-16 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 18:25 . 2004-08-17 22:44 385024 ------w- c:\windows\system32\html.iec
2013-06-05 09:08 . 2003-04-16 12:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 2012-07-26 21:27 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-25 15:05 . 2013-05-25 15:05 17613192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-05-19 11:04 . 2013-05-19 11:04 124504 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2013-05-19 10:54 . 2013-05-19 10:54 97176 ----a-w- c:\windows\system32\ElbyCDIO.dll
2013-05-08 09:58 . 2006-10-18 20:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 05:38 . 2003-04-16 12:00 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:38 . 2002-09-20 17:12 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-25 15:41 . 2012-07-27 09:40 810496 ----a-w- c:\windows\system32\wmvdmod.dll
2013-04-25 01:37 . 2013-04-25 01:37 129944 ----a-w- c:\windows\system32\ElbyVCD.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 03:21 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative MediaSource Go"="c:\program files\Creative\MediaSource\Go\CTCMSGo.exe" [2003-05-29 131072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-11 1468256]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 1505144]
"UMonit"="c:\windows\system32\umonit.exe" [2006-07-26 53248]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-07-02 57344]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-01 345144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\ASUS\Bluetooth Software\BTTray.exe [2009-3-23 603488]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JWOSetup]
JWOSetup.exe -en [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-11-02 06:51 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-17 23:00 45056 ----a-w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-05-31 09:56 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2013-04-04 12:50 532040 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2013-02-08 13:15 29387072 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMKRun]
2007-01-07 21:31 118784 ----a-w- c:\program files\JustWrite Office\ScreenMark.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [1.6.2012 20:29 102728]
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 4:04 116264]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [16.4.2003 14:00 149376]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [26.3.2013 17:48 37352]
R2 AntiVirMailService;Avira Mail Protection;c:\program files\Avira\AntiVir Desktop\avmailc.exe [26.3.2013 17:48 371768]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [26.3.2013 17:48 84024]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [26.3.2013 17:48 589368]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [16.8.2012 2:17 66560]
R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [18.8.2012 21:36 5554552]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [23.4.2013 14:06 3574624]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [18.8.2012 21:38 451960]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [8.4.2011 17:37 17408]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [8.4.2011 17:37 46592]
R2 WDBackup;WD Backup;c:\program files\Western Digital\WD SmartWare\WDBackupEngine.exe [19.9.2012 21:10 1157056]
R2 WDDriveService;WD Drive Manager;c:\program files\Western Digital\WD Drive Manager\WDDriveService.exe [19.9.2012 21:02 248248]
R2 WDRulesService;WD Rules;c:\program files\Western Digital\WD SmartWare\WDRulesEngine.exe [19.9.2012 21:10 1177536]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [5.1.2011 0:06 103040]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 21:39 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 21:39 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 21:39 566360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21.3.2012 3:47 22856]
R3 PGR1394b;HS 3d Sensor IEEE 1394 Bus host controllers;c:\windows\system32\drivers\HS3dSensor1394.sys [5.1.2011 13:07 72704]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [8.4.2011 17:37 116224]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [18.8.2012 21:37 10752]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [21.3.2012 3:47 701512]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [5.1.2011 17:07 45736]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 21:39 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [5.1.2011 0:34 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 21:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 21:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 21:39 100952]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 21:39 566360]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [5.1.2011 17:15 6016]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.1.2013 14:57 12400]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [10.1.2011 14:15 27064]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [10.1.2013 14:46 155320]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [1.8.2012 22:55 13464]
S3 udsstub;USBDeviceShare USB Device Stub;c:\windows\system32\drivers\udsstub.sys [1.6.2012 20:20 16000]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [15.10.2012 1:14 11520]
S3 ZYNFX_AT;USB Storage Adapter FX_AT;c:\windows\system32\drivers\ZYNfx_at.sys [22.7.2012 19:49 33536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 13:18 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 20:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\ASUS\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\jepw67px.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-12 23:31
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
UMonit = c:\windows\system32\umonit.exe?USB\Vid_8644&Pid_800b8???????I_01????????B\ROOT_H8??????V????????????????????h?????6~?????????????b@?????????????????@$?|?????$?|??7~??@???:~????????????????????@???????????????t??????????????|`$?|?????$?|U$?|??????????????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'lsass.exe'(840)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(2376)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\program files\Avira\AntiVir Desktop\avsda.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\program files\Tablet\Pen\Pen_TouchUser.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files\Tablet\Pen\Pen_TabletUser.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\ASUS\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2013-07-12 23:39:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-12 21:39
ComboFix2.txt 2013-07-12 07:54
.
Před spuštěním: Volných bajtů: 12 524 929 024
Po spuštění: Volných bajtů: 12 475 662 336
.
- - End Of File - - D03FC4D532BCB8AB725534A3E354E6A9
3B00EB857BBA060EBA3B17F7019E492F

Alan-K · Příspěvekod **Alan-K** » 12 črc 2013 23:55

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-12 23:43:25
-----------------------------
23:43:25.312 OS Version: Windows 5.1.2600 Service Pack 3
23:43:25.312 Number of processors: 2 586 0x304
23:43:25.312 ComputerName: COMMANDER UserName: Alan
23:43:25.781 Initialize success
23:44:05.000 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
23:44:05.000 Disk 0 Vendor: WDC_WD5000AAKB-00H8A0 05.04E05 Size: 476940MB BusType: 3
23:44:05.000 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
23:44:05.000 Disk 1 Vendor: ST3300622A 3.AAE Size: 286168MB BusType: 3
23:44:05.000 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T0L0-2b
23:44:05.000 Disk 2 Vendor: ST3300622AS 3.AAE Size: 286168MB BusType: 3
23:44:05.000 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP3T0L0-36
23:44:05.015 Disk 3 Vendor: ST3300622AS 3.AAE Size: 286168MB BusType: 3
23:44:05.109 Disk 0 MBR read successfully
23:44:05.125 Disk 0 MBR scan
23:44:05.125 Disk 0 Windows XP default MBR code
23:44:05.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 66668 MB offset 63
23:44:05.140 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 410269 MB offset 136536435
23:44:05.140 Disk 0 scanning sectors +976768065
23:44:05.203 Disk 0 scanning C:\WINDOWS\system32\drivers
23:44:11.781 Service scanning
23:44:20.640 Modules scanning
23:44:25.140 Disk 0 trace - called modules:
23:44:25.156 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
23:44:25.156 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a913ab8]
23:44:25.156 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000007e[0x8a91da90]
23:44:25.171 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8a9b9d98]
23:44:25.171 Scan finished successfully
23:45:07.250 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Alan\Plocha\MBR.dat"
23:45:07.281 The log file has been saved successfully to "C:\Documents and Settings\Alan\Plocha\aswMBR.txt"

A tady je ta kontrola na virustotal:

https://www.virustotal.com/cs/file/f776 ... 373665880/

Já jsem si všiml už včera, že tam mám nějak málo volného místa na "C", už jsem něco uvolnil....tak jejště na to kouknu!!!

Jinak se to o dost zlepšilo......

Příspěvekod **jaro3** » 13 črc 2013 09:18

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož ještě nový log z HJT.

Alan-K · Příspěvekod **Alan-K** » 13 črc 2013 21:56

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:27, on 13.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\nlssrv32.exe
C:\WINDOWS\system32\IoctlSvc.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\umonit.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
C:\Documents and Settings\Alan\Plocha\SECURITY\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\system32\umonit.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0109700281
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3773112609
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Adaptec - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: WD Backup (WDBackup) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: WD Rules (WDRulesService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe

--
End of file - 12032 bytes

Příspěvekod **jaro3** » 13 črc 2013 22:50

Log Ok , nemáš málo místa na syst. disku? Měl bys mít aspoň 15% volného místa pro chod windows.

Jsou nějaké problémy?

Alan-K · Příspěvekod **Alan-K** » 14 črc 2013 22:16

No já na to koukal a na "C" mám 14,3GB volného místa při velikosti 65,1GB...to je (cca 22%) to by asi mělo stačit???

Jinak to hlavní se bohužel nevyřešilo, jak jsem psal:
"PC po naběhnutí nezobrazí v liště, v "oznamovací oblasti" ikonu "bezpečně odebrat hardware" a "Creative volume control"."

Nedá se to ještě nějak vyřešit?

Příspěvekod **memphisto** » 14 črc 2013 22:46

Přeinstaluj ovladače zvukovky případně se podívej do ovládacích panelů pod položku zvuk jestli nemáš odškrtlé "Zobrazit ikonu v oznamovací oblasti"

Alan-K · Příspěvekod **Alan-K** » 27 črc 2013 14:25

Tak jsem z toho opravdu nešťasrný, protože někdy se mi to tam zobrazí normálně a pak pětkrát.... +/- ne. Samozdřejmě ovladače, všecny mám aktuální, teď se mi dokonce stalo, že jsem si připojil tablet a PC ho nevidí, což před čištěním normálně fungovalo, a to jsem i zkoušel i jiné USB...... a samozdřejmě se chci ještě zeptat, přece "bezpečně odpojit hardware" nemůže mít vliv na aktualitu zvukového ovladače...?? Já si myslím, jestli něco není s USB..... Aktualizaci provádím Slimdrives..... což je snad v pořádku.... vypisuje mi to, že je systém aktuální a že není potřeba nic aktualizovat....

Příspěvekod **Žbeky** » 27 črc 2013 18:09

Tak se vykašli na slimdrivers a nahoď původní ovladače přímo od výrobce z CD/internetu

Alan-K · Příspěvekod **Alan-K** » 27 črc 2013 20:20

.......dobrá, abych byl úplně přesný, tak jsem s tím nikdy předtím problém neměl, na aktualizaci SB Audigy používám updatovací program společnosti Creative, takže Slimdrivers jsem uvedl pouze jako příklad, že by mělo být vše v pořádku. ve spravci HW mám zakázanou zvukovou kartu integrovanou na MB a aktivovanou SB Audigy.... chcete po mě odinstalovat a nainstalovat ovladač zvukové karty, abych zprovoznil správnou funkci USB??? Já chci hlavně vyřešit, že se mi nezobrazuje ikonka "bezpečně odebrat hardware"..... to, že se mi nezobrazí ikona ovládání hlasitosti je nepodstatné, a také mě trápí to, že mi systém nevidí ten tablet, který předtím fungoval v pohodě.....

Prosím o pomoc a kontrolu PC Vyřešeno

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Re: Prosím o pomoc a kontrolu PC

Kdo je online