prosim o kontrolu logu napadeny pocitac + Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod Žbeky » 23 led 2013 18:41

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

SecCenter::
SP: Spybot - Search and Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}

Folder::
C:\$AVG
c:\program files (x86)\AVG
c:\programdata\AVG10
c:\programdata\MFAData
c:\programdata\Spybot - Search & Destroy
c:\program files (x86)\Spybot - Search & Destroy 2
c:\users\ala\AppData\Local\Google\Update

File::
c:\windows\system32\sdnclean64.exe
c:\users\ala\AppData\Local\Temp\cpuz135\cpuz135_x64.sys
c:\windows\system32\DRIVERS\AVGIDSEH.Sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-477507487-285499617-4106748499-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-477507487-285499617-4106748499-1001UA.job

Driver::
cpuz135
AVGIDSEH

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
Obrázek

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

Reklama
parmazan
Level 2
Level 2
Příspěvky: 170
Registrován: srpen 10
Bydliště: českolipsko
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod parmazan » 23 led 2013 19:33

Log Combofix:
ComboFix 13-01-23.01 - ala 23.01.2013 19:20:40.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2650 [GMT 1:00]
Spuštěný z: c:\users\ala\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\ala\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\ala\AppData\Local\Temp\cpuz135\cpuz135_x64.sys"
"c:\windows\system32\DRIVERS\AVGIDSEH.Sys"
"c:\windows\system32\sdnclean64.exe"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-477507487-285499617-4106748499-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-477507487-285499617-4106748499-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$AVG
c:\$avg\$VAULT\V_00000001.fil
c:\$avg\$VAULT\V_00000002.fil
c:\$avg\$VAULT\V_00000003.fil
c:\$avg\$VAULT\V_00000004.fil
c:\$avg\$VAULT\V_00000005.fil
c:\$avg\$VAULT\V_00000006.fil
c:\$avg\$VAULT\V_00000007.fil
c:\$avg\$VAULT\V_00000008.fil
c:\$avg\$VAULT\V_00000009.fil
c:\$avg\$VAULT\vvfolder.idx
c:\program files (x86)\AVG
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\ace.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\arabica.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\boost.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\bsdiff.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\bzip.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\carp.html
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\cryptopp.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\curl.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\dazukofs.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\expat.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\imagemagick.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\infozip.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\lua.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\md4_md5_license.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\milter.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\minizip.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\openssl_license.html
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\sasl.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\tinyxml.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\unrar.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\untar.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\xalan_xerces.txt
c:\program files (x86)\AVG\AVG10\3rd_party\licenses\zlib.txt
c:\program files (x86)\AVG\AVG10\3rd_party\readme.txt
c:\program files (x86)\AVG\AVG10\avg.snu
c:\program files (x86)\AVG\AVG10\avg_cz.chm
c:\program files (x86)\AVG\AVG10\avg_cz.lng
c:\program files (x86)\AVG\AVG10\avg_us.chm
c:\program files (x86)\AVG\AVG10\avg_us.lng
c:\program files (x86)\AVG\AVG10\avgar_cz.chm
c:\program files (x86)\AVG\AVG10\avgar_us.chm
c:\program files (x86)\AVG\AVG10\avgas_cz.chm
c:\program files (x86)\AVG\AVG10\avgas_us.chm
c:\program files (x86)\AVG\AVG10\avgcerta.dll
c:\program files (x86)\AVG\AVG10\avgdg_cz.chm
c:\program files (x86)\AVG\AVG10\avgdg_us.chm
c:\program files (x86)\AVG\AVG10\avgf_cz.chm
c:\program files (x86)\AVG\AVG10\avgf_us.chm
c:\program files (x86)\AVG\AVG10\avgfree_cz.mht
c:\program files (x86)\AVG\AVG10\avgfree_us.mht
c:\program files (x86)\AVG\AVG10\avgfw_cz.chm
c:\program files (x86)\AVG\AVG10\avgfw_us.chm
c:\program files (x86)\AVG\AVG10\avgidp_cz.chm
c:\program files (x86)\AVG\AVG10\avgidp_us.chm
c:\program files (x86)\AVG\AVG10\avgmwdef_cz.mht
c:\program files (x86)\AVG\AVG10\avgmwdef_us.mht
c:\program files (x86)\AVG\AVG10\avgsals_cz.mht
c:\program files (x86)\AVG\AVG10\avgsals_us.mht
c:\program files (x86)\AVG\AVG10\avgsbfree_cz.mht
c:\program files (x86)\AVG\AVG10\avgsbfree_us.mht
c:\program files (x86)\AVG\AVG10\avgst_cz.chm
c:\program files (x86)\AVG\AVG10\avgst_us.chm
c:\program files (x86)\AVG\AVG10\avgtbas.tbp
c:\program files (x86)\AVG\AVG10\avgtrial_cz.mht
c:\program files (x86)\AVG\AVG10\avgtrial_us.mht
c:\program files (x86)\AVG\AVG10\avgupd.sig
c:\program files (x86)\AVG\AVG10\cf.dat
c:\program files (x86)\AVG\AVG10\contacts_cz.html
c:\program files (x86)\AVG\AVG10\contacts_us.html
c:\program files (x86)\AVG\AVG10\dfncfg.dat
c:\program files (x86)\AVG\AVG10\Drivers\Win7\AVGIDSFilter.inf
c:\program files (x86)\AVG\AVG10\Firefox\Components\ISearchShield.xpt
c:\program files (x86)\AVG\AVG10\Firefox\Chrome\searchshield.jar
c:\program files (x86)\AVG\AVG10\Firefox\install.rdf
c:\program files (x86)\AVG\AVG10\Icons\alert_mask.png
c:\program files (x86)\AVG\AVG10\Icons\background_middle_gray.gif
c:\program files (x86)\AVG\AVG10\Icons\background_middle_green.gif
c:\program files (x86)\AVG\AVG10\Icons\background_middle_orange.gif
c:\program files (x86)\AVG\AVG10\Icons\background_middle_red.gif
c:\program files (x86)\AVG\AVG10\Icons\background_middle_yellow.gif
c:\program files (x86)\AVG\AVG10\Icons\background_top_gray.gif
c:\program files (x86)\AVG\AVG10\Icons\background_top_green.gif
c:\program files (x86)\AVG\AVG10\Icons\background_top_orange.gif
c:\program files (x86)\AVG\AVG10\Icons\background_top_red.gif
c:\program files (x86)\AVG\AVG10\Icons\background_top_yellow.gif
c:\program files (x86)\AVG\AVG10\Icons\block-doc.gif
c:\program files (x86)\AVG\AVG10\Icons\blocked.gif
c:\program files (x86)\AVG\AVG10\Icons\blocked12.png
c:\program files (x86)\AVG\AVG10\Icons\border_bottom_gray.gif
c:\program files (x86)\AVG\AVG10\Icons\border_bottom_green.gif
c:\program files (x86)\AVG\AVG10\Icons\border_bottom_orange.gif
c:\program files (x86)\AVG\AVG10\Icons\border_bottom_red.gif
c:\program files (x86)\AVG\AVG10\Icons\border_bottom_yellow.gif
c:\program files (x86)\AVG\AVG10\Icons\border_top_gray.gif
c:\program files (x86)\AVG\AVG10\Icons\border_top_green.gif
c:\program files (x86)\AVG\AVG10\Icons\border_top_orange.gif
c:\program files (x86)\AVG\AVG10\Icons\border_top_red.gif
c:\program files (x86)\AVG\AVG10\Icons\border_top_yellow.gif
c:\program files (x86)\AVG\AVG10\Icons\box_bottom_red.gif
c:\program files (x86)\AVG\AVG10\Icons\box_top_red.gif
c:\program files (x86)\AVG\AVG10\Icons\caution.gif
c:\program files (x86)\AVG\AVG10\Icons\caution12.png
c:\program files (x86)\AVG\AVG10\Icons\click_here_gray.gif
c:\program files (x86)\AVG\AVG10\Icons\click_here_green.gif
c:\program files (x86)\AVG\AVG10\Icons\click_here_orange.gif
c:\program files (x86)\AVG\AVG10\Icons\click_here_red.gif
c:\program files (x86)\AVG\AVG10\Icons\click_here_yellow.gif
c:\program files (x86)\AVG\AVG10\Icons\clock.gif
c:\program files (x86)\AVG\AVG10\Icons\clock12.png
c:\program files (x86)\AVG\AVG10\Icons\close.gif
c:\program files (x86)\AVG\AVG10\Icons\icons_blocked.gif
c:\program files (x86)\AVG\AVG10\Icons\icons_caution.gif
c:\program files (x86)\AVG\AVG10\Icons\icons_close.gif
c:\program files (x86)\AVG\AVG10\Icons\icons_safe.gif
c:\program files (x86)\AVG\AVG10\Icons\icons_unknown.gif
c:\program files (x86)\AVG\AVG10\Icons\icons_warning.gif
c:\program files (x86)\AVG\AVG10\Icons\LS_Logo_Results.gif
c:\program files (x86)\AVG\AVG10\Icons\safe.gif
c:\program files (x86)\AVG\AVG10\Icons\safe12.png
c:\program files (x86)\AVG\AVG10\Icons\unknown.gif
c:\program files (x86)\AVG\AVG10\Icons\vrsn-secured-lsfo.gif
c:\program files (x86)\AVG\AVG10\Icons\warning.gif
c:\program files (x86)\AVG\AVG10\Icons\warning12.png
c:\program files (x86)\AVG\AVG10\js.dat
c:\program files (x86)\AVG\AVG10\license_cz.htm
c:\program files (x86)\AVG\AVG10\license_us.htm
c:\program files (x86)\AVG\AVG10\mfacz.lns
c:\program files (x86)\AVG\AVG10\mfaus.lns
c:\program files (x86)\AVG\AVG10\mfavera.txt
c:\program files (x86)\AVG\AVG10\mfaverx.txt
c:\program files (x86)\AVG\AVG10\PCTuneup\PerlRegExp.bpl
c:\program files (x86)\AVG\AVG10\PCTuneup\rtl120.bpl
c:\program files (x86)\AVG\AVG10\PCTuneup\vcl120.bpl
c:\program files (x86)\AVG\AVG10\ph.dat
c:\program files (x86)\AVG\AVG10\sb.dat
c:\program files (x86)\AVG\AVG10\sb.dat.xcd
c:\program files (x86)\AVG\AVG10\sb2.dat
c:\program files (x86)\AVG\AVG10\sc.dat
c:\program files (x86)\AVG\AVG10\sc.dat.xcd
c:\program files (x86)\AVG\AVG10\updatecomps.bak
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\ace.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\arabica.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\boost.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\bsdiff.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\bzip.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\carp.html
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\cryptopp.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\curl.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\dazukofs.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\expat.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\imagemagick.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\infozip.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\lua.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\md4_md5_license.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\milter.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\minizip.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\openssl_license.html
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\sasl.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\tinyxml.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\unrar.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\untar.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\xalan_xerces.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\licenses\zlib.txt
c:\program files (x86)\AVG\AVG2013\3rd_party\readme.txt
c:\program files (x86)\AVG\AVG2013\avg.snu
c:\program files (x86)\AVG\AVG2013\avg_cz.chm
c:\program files (x86)\AVG\AVG2013\avg_cz.lng
c:\program files (x86)\AVG\AVG2013\avg_us.chm
c:\program files (x86)\AVG\AVG2013\avg_us.lng
c:\program files (x86)\AVG\AVG2013\avgadvisorx.dll
c:\program files (x86)\AVG\AVG2013\avgapia.dll
c:\program files (x86)\AVG\AVG2013\avgapix.dll
c:\program files (x86)\AVG\AVG2013\avgapps.dll
c:\program files (x86)\AVG\AVG2013\avgar_cz.chm
c:\program files (x86)\AVG\AVG2013\avgar_us.chm
c:\program files (x86)\AVG\AVG2013\avgas_cz.chm
c:\program files (x86)\AVG\AVG2013\avgas_us.chm
c:\program files (x86)\AVG\AVG2013\avgaspma.dll
c:\program files (x86)\AVG\AVG2013\avgaspmx.dll
c:\program files (x86)\AVG\AVG2013\avgatend.stp
c:\program files (x86)\AVG\AVG2013\avgatupd.stp
c:\program files (x86)\AVG\AVG2013\avgcclia.dll
c:\program files (x86)\AVG\AVG2013\avgcclix.dll
c:\program files (x86)\AVG\AVG2013\avgceix.dll
c:\program files (x86)\AVG\AVG2013\avgcerta.dll
c:\program files (x86)\AVG\AVG2013\avgcertx.dll
c:\program files (x86)\AVG\AVG2013\avgcfga.dll
c:\program files (x86)\AVG\AVG2013\avgcfgex.exe
c:\program files (x86)\AVG\AVG2013\avgcfgx.dll
c:\program files (x86)\AVG\AVG2013\avgclita.dll
c:\program files (x86)\AVG\AVG2013\avgclitx.dll
c:\program files (x86)\AVG\AVG2013\avgcmgr.exe
c:\program files (x86)\AVG\AVG2013\avgcomma.dll
c:\program files (x86)\AVG\AVG2013\avgcommx.dll
c:\program files (x86)\AVG\AVG2013\avgcorea.dll
c:\program files (x86)\AVG\AVG2013\avgcorex.dll
c:\program files (x86)\AVG\AVG2013\avgcrema.exe
c:\program files (x86)\AVG\AVG2013\avgcsla.dll
c:\program files (x86)\AVG\AVG2013\avgcslx.dll
c:\program files (x86)\AVG\AVG2013\avgcsrva.exe
c:\program files (x86)\AVG\AVG2013\avgcsrvx.exe
c:\program files (x86)\AVG\AVG2013\avgdecider.dll
c:\program files (x86)\AVG\AVG2013\avgdg_cz.chm
c:\program files (x86)\AVG\AVG2013\avgdg_us.chm
c:\program files (x86)\AVG\AVG2013\avgdiagex.exe
c:\program files (x86)\AVG\AVG2013\avgduix.dll
c:\program files (x86)\AVG\AVG2013\avgdumpa.exe
c:\program files (x86)\AVG\AVG2013\avgdumpx.exe
c:\program files (x86)\AVG\AVG2013\avgemca.exe
c:\program files (x86)\AVG\AVG2013\avgf_cz.chm
c:\program files (x86)\AVG\AVG2013\avgf_us.chm
c:\program files (x86)\AVG\AVG2013\avgfw_cz.chm
c:\program files (x86)\AVG\AVG2013\avgfw_us.chm
c:\program files (x86)\AVG\AVG2013\avgfwcfg3dllx.dll
c:\program files (x86)\AVG\AVG2013\avgfws.exe
c:\program files (x86)\AVG\AVG2013\avgfwui.dll
c:\program files (x86)\AVG\AVG2013\avgfwwlx.dll
c:\program files (x86)\AVG\AVG2013\avgchcla.dll
c:\program files (x86)\AVG\AVG2013\avgchclx.dll
c:\program files (x86)\AVG\AVG2013\avgchjwa.dll
c:\program files (x86)\AVG\AVG2013\avgidp_cz.chm
c:\program files (x86)\AVG\AVG2013\avgidp_us.chm
c:\program files (x86)\AVG\AVG2013\avgidpmx.dll
c:\program files (x86)\AVG\AVG2013\avgidpsdkx.dll
c:\program files (x86)\AVG\AVG2013\avgidsagent.exe
c:\program files (x86)\AVG\AVG2013\avgkrnlapia.dll
c:\program files (x86)\AVG\AVG2013\avgkrnlapix.dll
c:\program files (x86)\AVG\AVG2013\avglnga.dll
c:\program files (x86)\AVG\AVG2013\avglngx.dll
c:\program files (x86)\AVG\AVG2013\avgloga.dll
c:\program files (x86)\AVG\AVG2013\avglogx.dll
c:\program files (x86)\AVG\AVG2013\avgls_cz.chm
c:\program files (x86)\AVG\AVG2013\avgls_us.chm
c:\program files (x86)\AVG\AVG2013\avgmfapx.exe
c:\program files (x86)\AVG\AVG2013\avgmfarx.dll
c:\program files (x86)\AVG\AVG2013\avgmvfla.dll
c:\program files (x86)\AVG\AVG2013\avgmvflx.dll
c:\program files (x86)\AVG\AVG2013\avgndisa.exe
c:\program files (x86)\AVG\AVG2013\avgnsa.exe
c:\program files (x86)\AVG\AVG2013\avgntdumpa.exe
c:\program files (x86)\AVG\AVG2013\avgntdumpx.exe
c:\program files (x86)\AVG\AVG2013\avgntopenssla.dll
c:\program files (x86)\AVG\AVG2013\avgntopensslx.dll
c:\program files (x86)\AVG\AVG2013\avgntsqlitea.dll
c:\program files (x86)\AVG\AVG2013\avgntsqlitex.dll
c:\program files (x86)\AVG\AVG2013\avgopenssla.dll
c:\program files (x86)\AVG\AVG2013\avgopensslx.dll
c:\program files (x86)\AVG\AVG2013\avgpostinstx.dll
c:\program files (x86)\AVG\AVG2013\avgrdtesta.exe
c:\program files (x86)\AVG\AVG2013\avgrdtestx.exe
c:\program files (x86)\AVG\AVG2013\avgrkta.dll
c:\program files (x86)\AVG\AVG2013\avgrktx.dll
c:\program files (x86)\AVG\AVG2013\avgrsa.exe
c:\program files (x86)\AVG\AVG2013\avgsbga.dll
c:\program files (x86)\AVG\AVG2013\avgscana.dll
c:\program files (x86)\AVG\AVG2013\avgscana.exe
c:\program files (x86)\AVG\AVG2013\avgscanx.dll
c:\program files (x86)\AVG\AVG2013\avgscanx.exe
c:\program files (x86)\AVG\AVG2013\avgse.dll
c:\program files (x86)\AVG\AVG2013\avgsea.dll
c:\program files (x86)\AVG\AVG2013\avgsecapia.dll
c:\program files (x86)\AVG\AVG2013\avgsecapix.dll
c:\program files (x86)\AVG\AVG2013\avgsched.dll
c:\program files (x86)\AVG\AVG2013\avgsrmaa.exe
c:\program files (x86)\AVG\AVG2013\avgsrmax.exe
c:\program files (x86)\AVG\AVG2013\avgsysa.dll
c:\program files (x86)\AVG\AVG2013\avgsysx.dll
c:\program files (x86)\AVG\AVG2013\AVGTBInstall.exe
c:\program files (x86)\AVG\AVG2013\avgtranx.dll
c:\program files (x86)\AVG\AVG2013\avgui.exe
c:\program files (x86)\AVG\AVG2013\avguiadva.dll
c:\program files (x86)\AVG\AVG2013\avguiadvx.dll
c:\program files (x86)\AVG\AVG2013\avguires.dll
c:\program files (x86)\AVG\AVG2013\avguirux.exe
c:\program files (x86)\AVG\AVG2013\avgupd.sig
c:\program files (x86)\AVG\AVG2013\avgupdx.dll
c:\program files (x86)\AVG\AVG2013\avgutila.dll
c:\program files (x86)\AVG\AVG2013\avgutilx.dll
c:\program files (x86)\AVG\AVG2013\avgvva.dll
c:\program files (x86)\AVG\AVG2013\avgvvx.dll
c:\program files (x86)\AVG\AVG2013\avgwd.dll
c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe
c:\program files (x86)\AVG\AVG2013\avgwdwsc.dll
c:\program files (x86)\AVG\AVG2013\avgwsc.exe
c:\program files (x86)\AVG\AVG2013\avgxpl.dll
c:\program files (x86)\AVG\AVG2013\avgxpla.dll
c:\program files (x86)\AVG\AVG2013\awacs\dav\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\dav\component\image.bmp
c:\program files (x86)\AVG\AVG2013\awacs\dav\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\familysafety\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\familysafety\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\familysafety\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\fas\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\fas\component\image.bmp
c:\program files (x86)\AVG\AVG2013\awacs\fas\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\firewall\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\firewall\component\firewall.png
c:\program files (x86)\AVG\AVG2013\awacs\firewall\component\fwfree.html
c:\program files (x86)\AVG\AVG2013\awacs\firewall\component\style.css
c:\program files (x86)\AVG\AVG2013\awacs\firewall\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\component\firewall.gif
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\component\firewall.png
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\component\fwfree.html
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\component\fwfree_us.html
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\component\style.css
c:\program files (x86)\AVG\AVG2013\awacs\firewallicon\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\livekive\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\livekive\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\livekive\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\mobilation\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\mobilation\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\mobilation\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\mobilation_en\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\mobilation_en\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\mobilation_en\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\multimi\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\multimi\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\multimi\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\obx\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\obx\component\image.bmp
c:\program files (x86)\AVG\AVG2013\awacs\obx\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\pct.an\component\background.bmp
c:\program files (x86)\AVG\AVG2013\awacs\pct.an\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\pct.an\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\pct.an\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\pct\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\pct\component\image.bmp
c:\program files (x86)\AVG\AVG2013\awacs\pct\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\rules.cat
c:\program files (x86)\AVG\AVG2013\awacs\rules.js
c:\program files (x86)\AVG\AVG2013\awacs\speedtest\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\speedtest\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\speedtest\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\techbuddy\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\techbuddy\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\techbuddy\sign.bin
c:\program files (x86)\AVG\AVG2013\awacs\upgrade\component\content.dat
c:\program files (x86)\AVG\AVG2013\awacs\upgrade\component\icon.bmp
c:\program files (x86)\AVG\AVG2013\awacs\upgrade\sign.bin
c:\program files (x86)\AVG\AVG2013\bnfree.mht
c:\program files (x86)\AVG\AVG2013\bnpaid.mht
c:\program files (x86)\AVG\AVG2013\bnpaidexp.mht
c:\program files (x86)\AVG\AVG2013\bnpaidnotice.mht
c:\program files (x86)\AVG\AVG2013\bnsales.mht
c:\program files (x86)\AVG\AVG2013\bntrial.mht
c:\program files (x86)\AVG\AVG2013\cf.dat
c:\program files (x86)\AVG\AVG2013\compat.ini
c:\program files (x86)\AVG\AVG2013\contacts_cz.html
c:\program files (x86)\AVG\AVG2013\contacts_us.html
c:\program files (x86)\AVG\AVG2013\dfncfg.dat
c:\program files (x86)\AVG\AVG2013\Drivers\avgboot.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgboot.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgboota.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgbootx.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgfwd6a.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgfwd6x.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgfwfd6.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgfwfd6.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsdriver.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsdriver.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsdrivera.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsdriverx.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsh.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsh.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsha.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgidshx.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgidsuniversaldda.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgld.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgld.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgldx64.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgldx86.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avglog.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avglog.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgloga.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avglogx.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgmf.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgmf.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgmfx64.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgmfx86.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgrk.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgrk.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgrkx64.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgrkx86.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgtdi.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgtdi.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgtdia.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgtdix.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgwfp.cat
c:\program files (x86)\AVG\AVG2013\Drivers\avgwfp.inf
c:\program files (x86)\AVG\AVG2013\Drivers\avgwfpa.sys
c:\program files (x86)\AVG\AVG2013\Drivers\avgwfpx.sys
c:\program files (x86)\AVG\AVG2013\eus.dat
c:\program files (x86)\AVG\AVG2013\fixcfg.exe
c:\program files (x86)\AVG\AVG2013\html\reportcard\avg_logo.png
c:\program files (x86)\AVG\AVG2013\html\reportcard\awards.png
c:\program files (x86)\AVG\AVG2013\html\reportcard\index.html
c:\program files (x86)\AVG\AVG2013\html\reportcard\menu-bg.png
c:\program files (x86)\AVG\AVG2013\html\reportcard\menu-content-bg.png
c:\program files (x86)\AVG\AVG2013\html\reportcard\reportcard.css
c:\program files (x86)\AVG\AVG2013\html\reportcard\table_bg.png
c:\program files (x86)\AVG\AVG2013\HtmLayout.dll
c:\program files (x86)\AVG\AVG2013\js.dat
c:\program files (x86)\AVG\AVG2013\license_cz.htm
c:\program files (x86)\AVG\AVG2013\license_us.htm
c:\program files (x86)\AVG\AVG2013\mfacz.lns
c:\program files (x86)\AVG\AVG2013\mfaus.lns
c:\program files (x86)\AVG\AVG2013\mfavera.txt
c:\program files (x86)\AVG\AVG2013\mfaverx.txt
c:\program files (x86)\AVG\AVG2013\Notification\background.png
c:\program files (x86)\AVG\AVG2013\Notification\button.gif
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_cz.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_da.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_es.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_fr.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_ge.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_hu.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_id.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_in.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_it.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_jp.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_ko.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_ms.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_nl.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_pb.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_pl.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_pt.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_ru.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_sc.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_sk.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_sp.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_tr.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_us.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_zh.htm
c:\program files (x86)\AVG\AVG2013\Notification\BuyFull_zt.htm
c:\program files (x86)\AVG\AVG2013\Notification\style.css
c:\program files (x86)\AVG\AVG2013\Notification\title-bg.png
c:\program files (x86)\AVG\AVG2013\personalise_cz.htm
c:\program files (x86)\AVG\AVG2013\personalise_us.htm
c:\program files (x86)\AVG\AVG2013\ph.dat
c:\program files (x86)\AVG\AVG2013\privacy_policy_cz.htm
c:\program files (x86)\AVG\AVG2013\privacy_policy_us.htm
c:\program files (x86)\AVG\AVG2013\sb.dat
c:\program files (x86)\AVG\AVG2013\sb.dat.xcd
c:\program files (x86)\AVG\AVG2013\sb2.dat
c:\program files (x86)\AVG\AVG2013\sc.dat
c:\program files (x86)\AVG\AVG2013\sc.dat.xcd
c:\program files (x86)\AVG\AVG2013\sounds\scan_finish_threat_found.wav
c:\program files (x86)\AVG\AVG2013\sounds\scan_os_alert.wav
c:\program files (x86)\AVG\AVG2013\sounds\scan_rs_alert.wav
c:\program files (x86)\AVG\AVG2013\sounds\update_end_fail.wav
c:\program files (x86)\AVG\AVG2013\srb.mht
c:\program files (x86)\AVG\AVG2013\Tuneup\DriveDefrag32.dll
c:\program files (x86)\AVG\AVG2013\Tuneup\GainDiskSpace.dll
c:\program files (x86)\AVG\AVG2013\Tuneup\RegistryCleaner.dll
c:\program files (x86)\AVG\AVG2013\Tuneup\ShortcutCleaner.dll
c:\program files (x86)\AVG\AVG2013\Tuneup\TUDiskCleaner.dat
c:\program files (x86)\AVG\AVG2013\Tuneup\TUDiskCleanerLite.dat
c:\program files (x86)\AVG\AVG2013\Tuneup\TUMicroScanner.exe
c:\program files (x86)\AVG\AVG2013\Tuneup\TuneUpAPI32.dll
c:\program files (x86)\AVG\AVG2013\Tuneup\TuneUpCore.bpl
c:\program files (x86)\AVG\AVG2013\updatecomps.bak
c:\program files (x86)\AVG\AVG2013\winamapix.dll
c:\program files (x86)\AVG\AVG2013\winspamcatcher.dll
c:\program files (x86)\AVG\AVG2013\winspamcatcher64.dll
c:\program files (x86)\Spybot - Search & Destroy 2
c:\program files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDDialogs.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDECon64.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDHook32.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDHook64.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
c:\program files (x86)\Spybot - Search & Destroy 2\sdinsTasks.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDLists.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDMain.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDPhoneScan.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDResources.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDShred.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDSysRepair.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDTools.exe
c:\program files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll
c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\program files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
c:\program files (x86)\Spybot - Search & Destroy 2\Tools.dll
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\blindman.exe-2.0.9.151.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\DelZip190.dll-1.9.0.107.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDAdvancedCheckLibrary.dll-2.0.9.98.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDCleaner.exe-2.0.9.110.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDDelFile.exe-2.0.9.94.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDECon32.dll-2.0.9.113.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDEvents.dll-2.0.9.2.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDFiles.exe-2.0.9.129.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDFSSvc.exe-2.0.9.205.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDHelper.dll-2.0.9.88.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDImmunize.exe-2.0.9.130.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDLists.dll-2.0.9.4.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDLogReport.exe-2.0.9.104.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDPrepPos.exe-2.0.9.10.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDQuarantine.exe-2.0.9.103.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDResources.dll-2.0.9.7.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDRootAlyzer.exe-2.0.9.116.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDScan.exe-2.0.9.172.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDScanLibrary.dll-2.0.9.131.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDSettings.exe-2.0.9.121.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDShred.exe-2.0.9.105.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDSysRepair.exe-2.0.9.101.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDTools.exe-2.0.9.147.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDTray.exe-2.0.9.127.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDUpdate.exe-2.0.9.87.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDUpdSvc.exe-2.0.9.76.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDWelcome.exe-2.0.9.123.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDWinLogon.dll-2.0.9.0.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\SDWSCSvc.exe-2.0.8.2.lzs
c:\program files (x86)\Spybot - Search & Destroy 2\Updates\Downloads\Tools.dll-2.0.9.36.lzs
c:\programdata\AVG10
c:\programdata\AVG10\Antispam\rkd
c:\programdata\AVG10\Antispam\sc1.bin
c:\programdata\AVG10\Antispam\sc1.bin.full.2013.01.17.17.54.52
c:\programdata\AVG10\Antispam\sc1.bin.tmp
c:\programdata\AVG10\Antispam\sc10.bin.full.2013.01.19.11.22.23
c:\programdata\AVG10\Antispam\sc10.bin.tmp
c:\programdata\AVG10\Antispam\sc14.bin.full.2006.06.27.17.01.01
c:\programdata\AVG10\Antispam\sc17.bin.full.2013.01.22.13.01.05
c:\programdata\AVG10\Antispam\sc17.bin.incr.2013.01.22.14.01.07
c:\programdata\AVG10\Antispam\sc17.bin.incr.2013.01.22.15.01.09
c:\programdata\AVG10\Antispam\sc18.bin.full.2012.12.18.11.16.51
c:\programdata\AVG10\Antispam\sc18.bin.tmp1
c:\programdata\AVG10\Antispam\sc18.bin.tmp2
c:\programdata\AVG10\Antispam\sc19.bin.full.2010.02.05.01.51.49
c:\programdata\AVG10\Antispam\sc2.bin
c:\programdata\AVG10\Antispam\sc2.bin.full.2005.02.11.04.44.13
c:\programdata\AVG10\Antispam\sc21.bin.full.2012.08.14.09.02.32
c:\programdata\AVG10\Antispam\sc6.bin.full.2010.03.15.20.58.02
c:\programdata\AVG10\Antispam\sc9.bin.full.2010.07.11.02.35.32
c:\programdata\AVG10\Antispam\sc9.bin.tmp
c:\programdata\AVG10\Antispam\scoffset.bin.incr
c:\programdata\AVG10\Antispam\spamcatcher.conf
c:\programdata\AVG10\Chjw\18ec015aec013412.dat
c:\programdata\AVG10\Chjw\18ec015aec013412\avgcchff.dat
c:\programdata\AVG10\Chjw\18ec015aec013412\avgcchfi.dat
c:\programdata\AVG10\Chjw\18ec015aec013412\avgcchmf.dat
c:\programdata\AVG10\Chjw\18ec015aec013412\avgcchmi.dat
c:\programdata\AVG10\IDS\config\agentStartup.xml
c:\programdata\AVG10\IDS\config\analyzerConfig.xml
c:\programdata\AVG10\IDS\config\analyzerFilterConfig.xml
c:\programdata\AVG10\IDS\config\BehavioralEventProcessors.dat
c:\programdata\AVG10\IDS\config\BehavioralEventProcessors.xml
c:\programdata\AVG10\IDS\config\BehavioralEvents.dat
c:\programdata\AVG10\IDS\config\BehavioralEvents.xml
c:\programdata\AVG10\IDS\config\Classifiers.xml
c:\programdata\AVG10\IDS\config\Correlations.xml
c:\programdata\AVG10\IDS\config\downloadManager.xml
c:\programdata\AVG10\IDS\config\downloads.xml
c:\programdata\AVG10\IDS\config\EN_US\Characteristics.xml
c:\programdata\AVG10\IDS\config\EN_US\internalListStrings.xml
c:\programdata\AVG10\IDS\config\EN_US\reportableevents.xml
c:\programdata\AVG10\IDS\config\ExecutableEvents.xml
c:\programdata\AVG10\IDS\config\FileCoverage.xml
c:\programdata\AVG10\IDS\config\globalConfig.xml
c:\programdata\AVG10\IDS\config\Characteristics.dat
c:\programdata\AVG10\IDS\config\internalList.zip
c:\programdata\AVG10\IDS\config\md5Cache.dat
c:\programdata\AVG10\IDS\config\messages.xml
c:\programdata\AVG10\IDS\config\NetworkEvents.xml
c:\programdata\AVG10\IDS\config\ProductParameters.xml
c:\programdata\AVG10\IDS\config\quarantinedList.zip
c:\programdata\AVG10\IDS\config\registryCoverage.dat
c:\programdata\AVG10\IDS\config\RegistryCoverage.xml
c:\programdata\AVG10\IDS\config\Relationships.dat
c:\programdata\AVG10\IDS\config\Relationships.xml
c:\programdata\AVG10\IDS\config\ReportableEventMappings.xml
c:\programdata\AVG10\IDS\config\SelfProtection.xml
c:\programdata\AVG10\IDS\config\userList.zip
c:\programdata\AVG10\IDS\log\AVGIDSAgent.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_boot.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_graph.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_malware.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_node.log
c:\programdata\AVG10\IDS\log\AVGIDSAgent_removed.log
c:\programdata\AVG10\IDS\malwareprofile\backup.dat
c:\programdata\AVG10\IDS\malwareprofile\nodes.dat
c:\programdata\AVG10\IDS\profile\globalLoadable.gdb
c:\programdata\AVG10\log\avgam.log.lock
c:\programdata\AVG10\log\avgcfg.log.lock
c:\programdata\AVG10\log\avgcore.log.1
c:\programdata\AVG10\log\avgcore.log.2
c:\programdata\AVG10\log\avgcore.log.lock
c:\programdata\AVG10\log\avgcsl.log.lock
c:\programdata\AVG10\log\avgemc.log.lock
c:\programdata\AVG10\log\avgexc.log.lock
c:\programdata\AVG10\log\avgfw.log.lock
c:\programdata\AVG10\log\avgfw8db.log.lock
c:\programdata\AVG10\log\avgfw8u.log.lock
c:\programdata\AVG10\log\avgfwui.log.lock
c:\programdata\AVG10\log\avgchjw.log.lock
c:\programdata\AVG10\log\avgchjwsrv.log.1
c:\programdata\AVG10\log\avgchjwsrv.log.lock
c:\programdata\AVG10\log\avgldr.log.lock
c:\programdata\AVG10\log\avglng.log.lock
c:\programdata\AVG10\log\avgns.log.lock
c:\programdata\AVG10\log\avgpostinst.log.lock
c:\programdata\AVG10\log\avgrs.log.1
c:\programdata\AVG10\log\avgrs.log.lock
c:\programdata\AVG10\log\avgscan.log.1
c:\programdata\AVG10\log\avgscan.log.lock
c:\programdata\AVG10\log\avgsched.log.lock
c:\programdata\AVG10\log\avgsrm.log.lock
c:\programdata\AVG10\log\avgtdi.log.lock
c:\programdata\AVG10\log\avgual.log.lock
c:\programdata\AVG10\log\avgui.log.lock
c:\programdata\AVG10\log\avgupd.log.lock
c:\programdata\AVG10\log\avgwd.log.lock
c:\programdata\AVG10\log\avgwdsvc.log.lock
c:\programdata\AVG10\log\commonpriv.log.lock
c:\programdata\AVG10\log\fixcfg.log.lock
c:\programdata\AVG10\log\fwstats_2013_01_22_17_20_22.fwstats
c:\programdata\AVG10\log\fwstats_2013_01_22_17_24_49.fwstats
c:\programdata\AVG10\log\fwstats_2013_01_22_17_50_54.fwstats
c:\programdata\AVG10\log\fwstats_2013_01_22_17_59_19.fwstats
c:\programdata\AVG10\log\fwstats_2013_01_22_18_14_19.fwstats
c:\programdata\AVG10\log\IDP\log\avgam_idp_ALA-PC$.log
c:\programdata\AVG10\log\IDP\log\avgfws_idp_ALA-PC$.log
c:\programdata\AVG10\log\IDP\log\avgtray_idp_ala.log
c:\programdata\AVG10\log\IDP\log\avgui_idp_ala.log
c:\programdata\AVG10\log\IDP\log\avgwdsvc_idp_ALA-PC$.log
c:\programdata\AVG10\log\vault.log.lock
c:\programdata\AVG10\scanlogs\srm.idx
c:\programdata\AVG10\SetupBackup\AlertMga.cab
c:\programdata\AVG10\SetupBackup\AntiRka.cab
c:\programdata\AVG10\SetupBackup\AntiSpma.cab
c:\programdata\AVG10\SetupBackup\Antivira.cab
c:\programdata\AVG10\SetupBackup\aspamdba.cab
c:\programdata\AVG10\SetupBackup\AVGx64.msi
c:\programdata\AVG10\SetupBackup\AVIsa.cab
c:\programdata\AVG10\SetupBackup\basea.cab
c:\programdata\AVG10\SetupBackup\COREa.cab
c:\programdata\AVG10\SetupBackup\COREx64.msi
c:\programdata\AVG10\SetupBackup\crt_x64.msi
c:\programdata\AVG10\SetupBackup\Emailsa.cab
c:\programdata\AVG10\SetupBackup\FWa.cab
c:\programdata\AVG10\SetupBackup\GUIa.cab
c:\programdata\AVG10\SetupBackup\idata.cab
c:\programdata\AVG10\SetupBackup\IDPa.cab
c:\programdata\AVG10\SetupBackup\iFWa.cab
c:\programdata\AVG10\SetupBackup\lng_cza.cab
c:\programdata\AVG10\SetupBackup\lng_daa.cab
c:\programdata\AVG10\SetupBackup\lng_esa.cab
c:\programdata\AVG10\SetupBackup\lng_fra.cab
c:\programdata\AVG10\SetupBackup\lng_gea.cab
c:\programdata\AVG10\SetupBackup\lng_hua.cab
c:\programdata\AVG10\SetupBackup\lng_ida.cab
c:\programdata\AVG10\SetupBackup\lng_ina.cab
c:\programdata\AVG10\SetupBackup\lng_ita.cab
c:\programdata\AVG10\SetupBackup\lng_jpa.cab
c:\programdata\AVG10\SetupBackup\lng_koa.cab
c:\programdata\AVG10\SetupBackup\lng_msa.cab
c:\programdata\AVG10\SetupBackup\lng_nla.cab
c:\programdata\AVG10\SetupBackup\lng_pba.cab
c:\programdata\AVG10\SetupBackup\lng_pla.cab
c:\programdata\AVG10\SetupBackup\lng_pta.cab
c:\programdata\AVG10\SetupBackup\lng_rua.cab
c:\programdata\AVG10\SetupBackup\lng_sca.cab
c:\programdata\AVG10\SetupBackup\lng_ska.cab
c:\programdata\AVG10\SetupBackup\lng_spa.cab
c:\programdata\AVG10\SetupBackup\lng_tra.cab
c:\programdata\AVG10\SetupBackup\lng_usa.cab
c:\programdata\AVG10\SetupBackup\lng_zha.cab
c:\programdata\AVG10\SetupBackup\lng_zta.cab
c:\programdata\AVG10\SetupBackup\Officea.cab
c:\programdata\AVG10\SetupBackup\OnlnSca.cab
c:\programdata\AVG10\SetupBackup\ResShlda.cab
c:\programdata\AVG10\SetupBackup\SrchSrfa.cab
c:\programdata\AVG10\SetupBackup\SSHttpBa.cab
c:\programdata\AVG10\SetupBackup\SysToola.cab
c:\programdata\AVG10\SetupBackup\TDIDrva.cab
c:\programdata\AVG10\SetupBackup\Toolbara.cab
c:\programdata\AVG10\SetupBackup\TuneUpa.cab
c:\programdata\AVG10\SetupBackup\Update2a.cab
c:\programdata\AVG10\SetupBackup\Updatea.cab
c:\programdata\AVG10\SetupBackup\vc_red.cab
c:\programdata\AVG10\SetupBackup\vc_red.msi
c:\programdata\AVG10\SetupBackup\xpla.cab
c:\programdata\AVG10\SetupCoreBackup\2639\COREa.cab
c:\programdata\AVG10\update\download\avg10infoavi.ctf
c:\programdata\AVG10\update\download\avg10infowin.ctf
c:\programdata\MFAData
c:\programdata\MFAData\aviupd.cfg
c:\programdata\MFAData\logs\mfa-20130122-092244.log
c:\programdata\MFAData\logs\mfa-20130122-093122.log
c:\programdata\MFAData\logs\mfa-20130122-094236.log
c:\programdata\MFAData\logs\mfa-20130122-095202.log
c:\programdata\MFAData\logs\mfa-20130122-183639.log
c:\programdata\MFAData\logs\mfa-20130122-184026.log
c:\programdata\MFAData\logs\mfa-20130122-190108.log
c:\programdata\MFAData\logs\msi-20130122-092244.log
c:\programdata\MFAData\logs\msi-20130122-093122.log
c:\programdata\MFAData\logs\msi-20130122-094236.log
c:\programdata\MFAData\logs\msi-20130122-183639.log
c:\programdata\MFAData\logs\msi-20130122-184026.log
c:\programdata\MFAData\logs\msi-20130122-190108.log
c:\programdata\MFAData\mfaurlconf.ini
c:\programdata\MFAData\msistorg.dat
c:\programdata\MFAData\msistorg.dat.bkp
c:\programdata\MFAData\pack\Avgx64.msi
c:\programdata\MFAData\progupd.cfg
c:\programdata\MFAData\public_installation_log.xml
c:\programdata\MFAData\state.dat
c:\programdata\MFAData\survey\cancel.htm
c:\programdata\Spybot - Search & Destroy
c:\programdata\Spybot - Search & Destroy\Cleaning\130121-225050.xml
c:\programdata\Spybot - Search & Destroy\Cleaning\130121-231724.xml
c:\programdata\Spybot - Search & Destroy\Cleaning\130121-233623.xml
c:\programdata\Spybot - Search & Destroy\Cleaning\130121-235417.xml
c:\programdata\Spybot - Search & Destroy\Cleaning\130122-073259.xml
c:\programdata\Spybot - Search & Destroy\ClientCount.bin
c:\programdata\Spybot - Search & Destroy\Logs\Firewall.log
c:\programdata\Spybot - Search & Destroy\Logs\Checks.130921-2309.txt
c:\programdata\Spybot - Search & Destroy\Logs\Checks.130922-0009.txt
c:\programdata\Spybot - Search & Destroy\Logs\Checks.133421-2334.txt
c:\programdata\Spybot - Search & Destroy\Logs\Checks.135022-0750.txt
c:\programdata\Spybot - Search & Destroy\Logs\Checks.135221-2352.txt
c:\programdata\Spybot - Search & Destroy\Logs\Scanner.log
c:\programdata\Spybot - Search & Destroy\Logs\Updates.log
c:\programdata\Spybot - Search & Destroy\ProcessCount.dat
c:\users\ala\AppData\Local\Google\Update
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\ala\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\ala\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\ala\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1386.0\26.0.1386.0_26.0.1384.2_chrome_updater.exe
c:\users\ala\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\system32\DRIVERS\AVGIDSEH.Sys
c:\windows\system32\sdnclean64.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-477507487-285499617-4106748499-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-477507487-285499617-4106748499-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVGIDSEH
-------\Legacy_CPUZ135
-------\Service_AVGIDSEH
-------\Service_cpuz135
-------\Service_avgfws
-------\Service_AVGIDSAgent
-------\Service_avgwd
-------\Service_avgfws
-------\Service_AVGIDSAgent
-------\Service_avgwd
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-23 do 2013-01-23 )))))))))))))))))))))))))))))))
.
.
2013-01-23 18:25 . 2013-01-23 18:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-23 18:25 . 2013-01-23 18:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-22 19:23 . 2013-01-22 19:23 -------- d-----w- c:\users\ala\AppData\Roaming\AVG2013
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\users\ala\AppData\Local\AVG Secure Search
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\users\ala\AppData\Roaming\TuneUp Software
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\programdata\AVG Secure Search
2013-01-22 19:22 . 2013-01-22 19:22 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\program files (x86)\AVG Secure Search
2013-01-22 19:21 . 2013-01-22 19:23 -------- d-----w- c:\programdata\AVG2013
2013-01-22 19:17 . 2013-01-22 19:30 -------- d-----w- c:\users\ala\AppData\Local\Avg2013
2013-01-22 19:17 . 2013-01-22 19:17 -------- d-----w- c:\users\ala\AppData\Local\MFAData
2013-01-22 18:58 . 2013-01-22 18:59 -------- d-----r- c:\program files (x86)\Skype
2013-01-22 18:58 . 2013-01-22 18:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-22 18:58 . 2013-01-22 18:59 -------- d-----w- c:\programdata\Skype
2013-01-22 09:27 . 2013-01-22 09:27 -------- d--h--w- c:\programdata\Common Files
2013-01-22 07:25 . 2013-01-22 07:25 388096 ----a-r- c:\users\ala\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-22 07:25 . 2013-01-22 18:15 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-21 18:54 . 2013-01-21 18:54 -------- d-----w- c:\users\ala\AppData\Local\Programs
2013-01-21 18:24 . 2013-01-21 18:24 -------- d-----w- c:\programdata\Local Settings
2013-01-21 18:23 . 2013-01-21 18:58 0 ---ha-w- c:\users\ala\AppData\Roaming\winsvcns.sys
2013-01-09 18:19 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-23 11:44 . 2012-10-15 18:22 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-23 11:44 . 2012-03-18 10:03 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-23 11:24 . 2012-10-15 18:22 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-09 21:07 . 2012-03-15 14:44 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-21 06:58 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 06:58 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 06:58 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 06:58 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 18:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-15 22:33 . 2012-11-15 22:33 111968 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-11-14 07:06 . 2012-12-12 13:08 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 13:08 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 13:08 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 13:08 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 13:08 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 13:08 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 13:08 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 13:08 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 13:08 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 13:08 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 13:08 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 13:08 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 13:08 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 13:08 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 13:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 13:08 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 13:08 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 13:08 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 13:08 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 13:08 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 13:08 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 13:08 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 06:46 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 06:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 06:46 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 06:46 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-01-22 1046984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"13330"="c:\progra~3\LOCALS~1\Temp\msvavyxn.com" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 PAC207;Eye 110;c:\windows\system32\DRIVERS\PFC027.SYS [2007-10-25 684544]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-15 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-01-22 30568]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S2 vToolbarUpdater13.3.2;vToolbarUpdater13.3.2;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.3.2\ToolbarUpdater.exe [2013-01-22 894920]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
S3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\DRIVERS\RLVrtAuCbl.sys [2007-03-19 49664]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-10-30 8151040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.3.2\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-AVG_UI - c:\program files (x86)\AVG\AVG2013\avgui.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2013-01-23 19:30:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-23 18:30
ComboFix2.txt 2013-01-22 18:53
.
Před spuštěním: Volných bajtů: 424 997 105 664
Po spuštění: Volných bajtů: 424 576 811 008
.
- - End Of File - - A405AC153A2CFC3C2C519062090EEE49
intel core i5-2400cpu@3.2Ghz,8gb ram ddr 3,NVIDIA GeForce GTX 560 Ti,PH67-UD3-B3,Windows 7 home premium.

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod Žbeky » 23 led 2013 22:37

Panenko skákavá... Tys mezi skriptem nainstaloval AVG 2013?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

parmazan
Level 2
Level 2
Příspěvky: 170
Registrován: srpen 10
Bydliště: českolipsko
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod parmazan » 24 led 2013 07:14

Moc se omlouvám jsem lojza.Ale před použitím comba jsem všechno vypnul a proběhlo vše v pořádku.Počítač se chová zatím normálně.Předpokládám,že to budem muset udělat všechno znovu teda jestli budete mít ješte náladu..... :oops: :oops: :oops:
intel core i5-2400cpu@3.2Ghz,8gb ram ddr 3,NVIDIA GeForce GTX 560 Ti,PH67-UD3-B3,Windows 7 home premium.

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod memphisto » 24 led 2013 07:22

Nebudeme to dělat znovu. Combofix se povedl a dodáme skript.

Odesláno z mého GT-I9100 pomocí Tapatalk 2
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod memphisto » 28 led 2013 13:13

Odinstaluj to AVG 2013. Použij AVG Remover ze stránek AVG

32 bit OS: http://download.avg.com/filedir/util/av ... 3_2706.exe
64 bit OS: http://download.avg.com/filedir/util/av ... 3_2706.exe

Pak znovu Combofix bez skriptu. Je v tom strašný zmatek...
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

parmazan
Level 2
Level 2
Příspěvky: 170
Registrován: srpen 10
Bydliště: českolipsko
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod parmazan » 28 led 2013 16:15

Log z Comba:
ComboFix 13-01-28.02 - ala 28.01.2013 16:01:36.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.3163 [GMT 1:00]
Spuštěný z: c:\users\ala\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-28 )))))))))))))))))))))))))))))))
.
.
2013-01-28 15:05 . 2013-01-28 15:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-28 15:05 . 2013-01-28 15:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-26 12:15 . 2013-01-26 12:27 -------- d-----w- c:\users\ala\AppData\Roaming\TZAC2
2013-01-26 12:13 . 2013-01-26 12:13 -------- d-----w- c:\program files (x86)\TZAC2
2013-01-25 06:16 . 2013-01-25 06:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-25 06:16 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\users\ala\AppData\Roaming\TuneUp Software
2013-01-22 18:58 . 2013-01-22 18:59 -------- d-----r- c:\program files (x86)\Skype
2013-01-22 18:58 . 2013-01-22 18:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-22 18:58 . 2013-01-22 18:59 -------- d-----w- c:\programdata\Skype
2013-01-22 09:27 . 2013-01-22 09:27 -------- d--h--w- c:\programdata\Common Files
2013-01-22 07:25 . 2013-01-22 07:25 388096 ----a-r- c:\users\ala\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-22 07:25 . 2013-01-22 18:15 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-21 18:54 . 2013-01-21 18:54 -------- d-----w- c:\users\ala\AppData\Local\Programs
2013-01-21 18:24 . 2013-01-21 18:24 -------- d-----w- c:\programdata\Local Settings
2013-01-21 18:23 . 2013-01-21 18:58 0 ---ha-w- c:\users\ala\AppData\Roaming\winsvcns.sys
2013-01-09 18:19 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-28 11:19 . 2012-10-15 18:22 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-28 11:19 . 2012-03-18 10:03 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-28 07:14 . 2012-10-15 18:22 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-09 21:07 . 2012-03-15 14:44 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-21 06:58 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 06:58 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 06:58 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 06:58 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 18:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 13:08 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 13:08 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 13:08 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 13:08 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 13:08 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 13:08 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 13:08 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 13:08 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 13:08 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 13:08 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 13:08 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 13:08 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 13:08 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 13:08 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 13:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 13:08 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 13:08 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 13:08 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 13:08 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 13:08 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 13:08 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 13:08 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 06:46 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 06:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 06:46 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 06:46 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"13330"="c:\progra~3\LOCALS~1\Temp\msvavyxn.com" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 PAC207;Eye 110;c:\windows\system32\DRIVERS\PFC027.SYS [2007-10-25 684544]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 tizeqdrv;tizeqdrv;c:\users\ala\AppData\Roaming\TZAC2\tizeq64.sys [2013-01-26 171704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-15 1255736]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
S3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\DRIVERS\RLVrtAuCbl.sys [2007-03-19 49664]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-10-30 8151040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
Celkový čas: 2013-01-28 16:07:03
ComboFix-quarantined-files.txt 2013-01-28 15:07
ComboFix2.txt 2013-01-23 18:30
ComboFix3.txt 2013-01-22 18:53
.
Před spuštěním: Volných bajtů: 425 879 568 384
Po spuštění: Volných bajtů: 425 991 221 248
.
- - End Of File - - 820EA592FC08D11A38B231CCEC459A9A
intel core i5-2400cpu@3.2Ghz,8gb ram ddr 3,NVIDIA GeForce GTX 560 Ti,PH67-UD3-B3,Windows 7 home premium.

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod Žbeky » 28 led 2013 17:43

Toto otestuj na Virustotal
c:\progra~3\LOCALS~1\Temp\msvavyxn.com

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


Stáhni si aswMBR na svojí plochu.
Poklepej na aswMBR.exe. Klikni na Scan.
Po skenu klikni na aswASW.log a ulož si ho na plochu, vlož sem celý obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

parmazan
Level 2
Level 2
Příspěvky: 170
Registrován: srpen 10
Bydliště: českolipsko
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod parmazan » 28 led 2013 21:21

Ten soubor c:\progra~3\LOCALS~1\Temp\msvavyxn.com nemůžu najit.Tady zatim Log aswMBR:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-28 20:59:21
-----------------------------
20:59:21.372 OS Version: Windows x64 6.1.7601 Service Pack 1
20:59:21.373 Number of processors: 2 586 0xF0D
20:59:21.373 ComputerName: ALA-PC UserName: ala
20:59:23.441 Initialize success
21:02:17.693 AVAST engine defs: 13012800
21:05:24.367 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4
21:05:24.369 Disk 0 Vendor: WDC_WD5000AAKS-00A7B0 01.03B01 Size: 476940MB BusType: 3
21:05:24.376 Disk 0 MBR read successfully
21:05:24.378 Disk 0 MBR scan
21:05:24.402 Disk 0 Windows 7 default MBR code
21:05:24.404 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
21:05:24.424 Disk 0 scanning C:\Windows\system32\drivers
21:05:30.812 Service scanning
21:05:44.337 Modules scanning
21:05:44.342 Disk 0 trace - called modules:
21:05:44.358 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:05:44.362 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800490e060]
21:05:44.366 3 CLASSPNP.SYS[fffff880019c343f] -> nt!IofCallDriver -> [0xfffffa80047c8e40]
21:05:44.371 5 ACPI.sys[fffff88000f7b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP4T0L0-4[0xfffffa80047d3060]
21:05:46.889 AVAST engine scan C:\Windows
21:05:50.240 AVAST engine scan C:\Windows\system32
21:08:58.406 AVAST engine scan C:\Windows\system32\drivers
21:09:17.889 AVAST engine scan C:\Users\ala
21:13:07.464 AVAST engine scan C:\ProgramData
21:13:28.532 Scan finished successfully
21:15:28.525 Disk 0 MBR has been saved successfully to "C:\Users\ala\Downloads\MBR.dat"
21:15:28.530 The log file has been saved successfully to "C:\Users\ala\Downloads\aswMBR.txt"
intel core i5-2400cpu@3.2Ghz,8gb ram ddr 3,NVIDIA GeForce GTX 560 Ti,PH67-UD3-B3,Windows 7 home premium.

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod memphisto » 28 led 2013 22:31

Nech si zobrazit skyré soubory a pak to zkus. Případně jen zkopíruj cestu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod jaro3 » 28 led 2013 22:34

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
Collect::
c:\progra~3\LOCALS~1\Temp\msvavyxn.com

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"13330"=-



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

parmazan
Level 2
Level 2
Příspěvky: 170
Registrován: srpen 10
Bydliště: českolipsko
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu napadeny pocitac

Příspěvekod parmazan » 29 led 2013 15:10

To jsem udělal cesta neznámá soubor neexistuje.
Tady je log z comba:
ComboFix 13-01-29.01 - ala 29.01.2013 14:57:12.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2812 [GMT 1:00]
Spuštěný z: c:\users\ala\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ala\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
C:\qifvvb.pif
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 14:01 . 2013-01-29 14:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-29 14:01 . 2013-01-29 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-26 12:15 . 2013-01-26 12:27 -------- d-----w- c:\users\ala\AppData\Roaming\TZAC2
2013-01-26 12:13 . 2013-01-26 12:13 -------- d-----w- c:\program files (x86)\TZAC2
2013-01-25 06:16 . 2013-01-25 06:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-25 06:16 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-22 19:22 . 2013-01-22 19:22 -------- d-----w- c:\users\ala\AppData\Roaming\TuneUp Software
2013-01-22 18:58 . 2013-01-29 14:01 -------- d-----r- c:\program files (x86)\Skype
2013-01-22 18:58 . 2013-01-22 18:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-22 18:58 . 2013-01-22 18:59 -------- d-----w- c:\programdata\Skype
2013-01-22 09:27 . 2013-01-22 09:27 -------- d--h--w- c:\programdata\Common Files
2013-01-22 07:25 . 2013-01-22 07:25 388096 ----a-r- c:\users\ala\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-22 07:25 . 2013-01-22 18:15 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-21 18:54 . 2013-01-21 18:54 -------- d-----w- c:\users\ala\AppData\Local\Programs
2013-01-21 18:24 . 2013-01-21 18:24 -------- d-----w- c:\programdata\Local Settings
2013-01-21 18:23 . 2013-01-21 18:58 0 ---ha-w- c:\users\ala\AppData\Roaming\winsvcns.sys
2013-01-09 18:19 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-29 12:12 . 2012-10-15 18:22 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-29 12:12 . 2012-03-18 10:03 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-29 12:08 . 2012-10-15 18:22 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-09 21:07 . 2012-03-15 14:44 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-21 06:58 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 06:58 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 06:58 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 06:58 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 18:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 13:08 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 13:08 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 13:08 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 13:08 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 13:08 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 13:08 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 13:08 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 13:08 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 13:08 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 13:08 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 13:08 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 13:08 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 13:08 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 13:08 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 13:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 13:08 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 13:08 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 13:08 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 13:08 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 13:08 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 13:08 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 13:08 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 06:46 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 06:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 06:46 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 06:46 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"13330"="c:\progra~3\LOCALS~1\Temp\msvavyxn.com" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 PAC207;Eye 110;c:\windows\system32\DRIVERS\PFC027.SYS [2007-10-25 684544]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 tizeqdrv;tizeqdrv;c:\users\ala\AppData\Roaming\TZAC2\tizeq64.sys [2013-01-26 171704]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-15 1255736]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x64.sys [2009-10-13 61440]
S3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\DRIVERS\RLVrtAuCbl.sys [2007-03-19 49664]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-10-30 8151040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2013-01-29 15:06:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-29 14:06
ComboFix2.txt 2013-01-28 15:07
ComboFix3.txt 2013-01-23 18:30
ComboFix4.txt 2013-01-22 18:53
.
Před spuštěním: Volných bajtů: 424 501 370 880
Po spuštění: Volných bajtů: 424 631 181 312
.
- - End Of File - - 5D84654238A9026DF4A1358B80A43550
intel core i5-2400cpu@3.2Ghz,8gb ram ddr 3,NVIDIA GeForce GTX 560 Ti,PH67-UD3-B3,Windows 7 home premium.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 84 hostů