Zdravím
Před chvilku jsem já blbec přijmul soubor od uživatele na skype:Anonymous nevím jestli si ze mě někdo dělá prdel nebo jeslti jde opravdu o někoho od nich ale to je jedno přijmul jsem soubor vizz cren nestačilo se to přijmout antivir mi to okamžitě dal do karantény (eset smart security 5)
Ale tedka mám docela strach jestli mi to nemůže něco udělat dotyčnej mi píše anglicky že mi to využije na 2 dny PC nerad bych se stal nějakou obětí proto vás prosím o radu :/
Jinak dneska jsem ještě k tomu dělal Reinstal systému a tedka todle to už by bylo moct :/
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Obrázek dole v příloze<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:01:04, on 2.2.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
D:\Programy\CoreTemp32\Core Temp.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
C:\Program Files (x86)\Razer\Abyssus\razertra.exe
C:\Program Files (x86)\Razer\Abyssus\razerofa.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\vsnp2std.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michal\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14597
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Abyssus] C:\Program Files (x86)\Razer\Abyssus\razerhid.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Core Temp – zástupce.lnk = D:\Programy\CoreTemp32\Core Temp.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8252 bytes
Přijmul sem VIRUS od anonymous prosím o kontrolu
-
smola26
- Level 3
- Příspěvky: 433
- Registrován: srpen 10
- Bydliště: Dvůr Králové nad Labem
- Pohlaví:
- Stav:
Offline
- Kontakt:
Přijmul sem VIRUS od anonymous prosím o kontrolu
- Přílohy
-
- Výstřižek.PNG (7.75 KiB) Zobrazeno 434 x
Nikdo nikdy nevíme jak tu ještě dlouho budem proto by jsme si měli život užívat
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43072
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Přijmul sem VIRUS od anonymous prosím o kontrolu
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Malwarebytes' Anti-Malware našel něco?
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Návod
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14597
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')Malwarebytes' Anti-Malware našel něco?
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
smola26
- Level 3
- Příspěvky: 433
- Registrován: srpen 10
- Bydliště: Dvůr Králové nad Labem
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Přijmul sem VIRUS od anonymous prosím o kontrolu
Malware nic nenašel.
ComboFix 12-02-02.02 - Michal 03.02.2012 9:56.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2664 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-03 do 2012-02-03 )))))))))))))))))))))))))))))))
.
.
2012-02-03 09:00 . 2012-02-03 09:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-03 08:50 . 2012-02-03 08:50 -------- d-----w- c:\program files (x86)\Trend Micro
2012-02-02 21:47 . 2012-02-02 21:47 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-02-02 21:22 . 2012-02-02 21:23 -------- d-----w- C:\Fraps
2012-02-02 21:20 . 2012-02-02 21:20 -------- d-----w- c:\program files (x86)\MKVToolNix
2012-02-02 21:19 . 2012-02-02 21:19 -------- d-----w- c:\program files (x86)\ObviousIdea
2012-02-02 21:09 . 2011-11-13 22:28 31344 ----a-w- c:\windows\system32\drivers\VMparport.sys
2012-02-02 21:09 . 2011-11-13 22:28 63088 ----a-w- c:\windows\system32\drivers\vmx86.sys
2012-02-02 21:09 . 2011-11-13 22:27 354416 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2012-02-02 21:09 . 2011-11-13 22:27 433264 ----a-w- c:\windows\SysWow64\vmnat.exe
2012-02-02 21:09 . 2011-11-13 22:26 30320 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-02-02 21:09 . 2011-11-13 22:28 942192 ----a-w- c:\windows\system32\vnetlib64.dll
2012-02-02 21:08 . 2011-08-29 21:11 39024 ----a-w- c:\windows\system32\drivers\hcmon.sys
2012-02-02 21:08 . 2012-02-03 08:45 -------- d-----w- c:\programdata\VMware
2012-02-02 21:08 . 2012-02-02 21:08 -------- d-----w- c:\program files (x86)\VMware
2012-02-02 21:08 . 2012-02-02 21:08 -------- d-----w- c:\program files (x86)\Common Files\VMware
2012-02-02 21:07 . 2012-02-02 21:07 -------- d-----w- c:\program files\Common Files\VMware
2012-02-02 20:54 . 2012-02-02 20:54 -------- d-----w- c:\windows\system32\Macromed
2012-02-02 20:53 . 2012-02-02 20:53 -------- d-----w- c:\programdata\YoWindow
2012-02-02 20:53 . 2012-02-02 20:53 -------- d-----w- c:\program files (x86)\YoWindow
2012-02-02 20:51 . 2012-02-02 20:54 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-02 20:49 . 2012-02-02 20:49 -------- d-----w- c:\program files (x86)\StreamTransport
2012-02-02 20:49 . 2009-10-27 18:31 3982240 ----a-w- c:\windows\SysWow64\Flash10d.ocx
2012-02-02 20:44 . 2012-02-02 20:44 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-02-02 20:18 . 2012-02-02 20:18 -------- d-----w- c:\windows\SysWow64\Wat
2012-02-02 20:18 . 2012-02-02 20:18 -------- d-----w- c:\windows\system32\Wat
2012-02-02 20:13 . 2012-02-02 20:13 -------- d-----w- c:\program files (x86)\Opera
2012-02-02 20:08 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2012-02-02 20:08 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2012-02-02 19:55 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-02-02 19:55 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-02-02 19:49 . 2012-02-02 19:49 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 19:49 . 2012-02-02 19:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 19:49 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-02 19:47 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2012-02-02 19:46 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-02-02 19:34 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2012-02-02 19:32 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-02 19:31 . 2010-12-21 06:15 264192 ----a-w- c:\windows\system32\upnp.dll
2012-02-02 19:30 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-02-02 19:29 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-02-02 19:28 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-02-02 19:26 . 2012-02-02 19:26 -------- d-----w- c:\windows\Album
2012-02-02 19:21 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2012-02-02 19:19 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-02-02 19:19 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-02-02 19:07 . 2009-11-25 19:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-02-02 19:07 . 2009-11-25 19:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-02-02 19:07 . 2009-11-25 19:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-02-02 19:07 . 2009-11-25 19:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-02-02 19:07 . 2009-11-25 19:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-02-02 19:07 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-02-02 19:07 . 2009-11-25 19:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-02-02 19:07 . 2009-11-25 19:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-02-02 19:07 . 2009-11-25 19:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-02-02 19:07 . 2009-11-25 19:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-02-02 18:41 . 2012-02-02 18:41 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-02-02 18:41 . 2012-02-02 20:38 -------- d-----w- c:\program files (x86)\Steam
2012-02-02 18:38 . 2012-02-02 18:38 -------- d-----w- c:\programdata\Protexis
2012-02-02 18:37 . 2012-02-02 18:37 -------- d-----w- c:\programdata\eSellerate
2012-02-02 18:37 . 2012-02-02 18:37 -------- d-----w- c:\program files (x86)\SmartSound Software
2012-02-02 18:37 . 2012-02-02 18:37 -------- d-----w- c:\programdata\SmartSound Software Inc
2012-02-02 18:36 . 2012-02-02 18:36 -------- d--h--w- c:\windows\msdownld.tmp
2012-02-02 18:36 . 2012-02-02 18:36 -------- d-----w- c:\programdata\InterVideo
2012-02-02 18:36 . 2012-02-02 18:36 -------- d-----w- c:\programdata\Corel
2012-02-02 18:35 . 2012-02-02 18:35 -------- d-----w- c:\programdata\Ulead Systems
2012-02-02 18:34 . 2012-02-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2012-02-02 18:34 . 2012-02-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Corel
2012-02-02 18:34 . 2012-02-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Ulead Systems
2012-02-02 18:33 . 2012-02-02 18:33 -------- d-----w- c:\program files (x86)\Windows Media Components
2012-02-02 18:33 . 2012-02-02 18:33 -------- d-----w- c:\program files (x86)\Corel
2012-02-02 18:26 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2012-02-02 17:39 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2012-02-02 17:39 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2012-02-02 17:30 . 2012-02-02 17:30 -------- d-----w- c:\windows\system32\appmgmt
2012-02-02 17:00 . 2012-02-02 17:00 -------- d-----w- c:\program files (x86)\Google
2012-02-02 16:59 . 2012-02-02 16:59 -------- d-----w- c:\program files (x86)\FreeTime
2012-02-02 16:49 . 2012-02-02 16:49 -------- d-----w- c:\program files\ESET
2012-02-02 16:43 . 2012-02-02 16:43 -------- d-----w- c:\program files\CCleaner
2012-02-02 16:36 . 2012-02-02 16:36 -------- d-----w- c:\program files (x86)\AIMP3
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\programdata\Mirillis
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\program files (x86)\Mirillis
2012-02-02 16:25 . 2012-02-02 21:03 -------- d-----r- c:\program files (x86)\Skype
2012-02-02 16:25 . 2012-02-02 21:03 -------- d-----w- c:\programdata\Skype
2012-02-02 16:19 . 2012-02-02 18:35 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-02-02 16:18 . 2012-02-02 16:18 -------- d-----w- c:\programdata\ashampoo
2012-02-02 16:17 . 2012-02-02 16:17 -------- d-----w- c:\program files (x86)\Ashampoo
2012-02-02 16:16 . 2012-02-02 16:16 -------- d-----w- c:\program files (x86)\CENZURA HD
2012-02-02 16:14 . 2012-02-02 16:14 -------- d-----w- c:\program files (x86)\DsNET Corp
2012-02-02 16:12 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F3DB89E2-47B9-422E-991A-322757640392}\mpengine.dll
2012-02-02 16:12 . 2011-12-07 09:39 279096 ------w- c:\windows\system32\MpSigStub.exe
2012-02-02 16:12 . 2012-02-02 16:12 -------- d-----w- c:\programdata\Zoner
2012-02-02 16:11 . 2012-02-02 16:11 -------- d-----w- c:\program files\Zoner
2012-02-02 16:09 . 2012-02-02 16:10 -------- d-----w- c:\program files\Common Files\Adobe
2012-02-02 16:08 . 2012-02-02 16:08 -------- d-----w- c:\program files (x86)\Adobe Media Player
2012-02-02 16:07 . 2012-02-02 16:07 -------- d-----w- c:\windows\SysWow64\Macromed
2012-02-02 16:07 . 2012-02-02 16:07 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-02-02 16:05 . 2012-02-02 16:09 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-02-02 16:04 . 2012-02-02 16:04 -------- d-----w- c:\program files (x86)\VirtualDJ
2012-02-02 16:03 . 2009-08-27 13:49 92672 ----a-w- c:\windows\system32\Abyssus.cpl
2012-02-02 16:03 . 2010-09-30 23:16 13312 ----a-w- c:\windows\system32\drivers\VKbms.sys
2012-02-02 16:03 . 2010-09-29 19:45 6656 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2012-02-02 16:03 . 2009-10-30 09:53 10880 ----a-w- c:\windows\system32\drivers\Abyssus.sys
2012-02-02 16:03 . 2012-02-02 16:03 -------- d-----w- c:\program files (x86)\Razer
2012-02-02 15:57 . 2012-02-02 15:57 -------- d-----w- c:\program files\Yamicsoft
2012-02-02 15:53 . 2012-02-02 15:53 564792 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-02-02 15:53 . 2012-02-02 15:53 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-02-02 15:52 . 2012-02-02 15:52 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-02-02 15:43 . 2009-07-14 01:16 327680 ----a-w- c:\windows\SysWow64\zipfldr.dll.bak
2012-02-02 15:43 . 2009-07-14 01:06 705536 ----a-w- c:\windows\SysWow64\imagesp1.dll.bak
2012-02-02 15:43 . 2009-07-14 01:41 366080 ----a-w- c:\windows\system32\zipfldr.dll.bak
2012-02-02 15:43 . 2009-07-14 01:28 705536 ----a-w- c:\windows\system32\imagesp1.dll.bak
2012-02-02 15:43 . 2009-07-14 01:28 20268032 ----a-w- c:\windows\system32\imageres.dll.bak
2012-02-02 15:43 . 2009-07-14 01:06 20268032 ----a-w- c:\windows\SysWow64\imageres.dll.bak
2012-02-02 15:41 . 2012-02-02 15:41 -------- d-----w- c:\programdata\ATI
2012-02-02 15:41 . 2012-02-03 08:45 25640 ----a-w- c:\windows\gdrv.sys
2012-02-02 15:40 . 2012-02-02 15:40 0 ----a-w- c:\windows\ativpsrm.bin
2012-02-02 15:40 . 2012-02-02 15:40 -------- d-----w- c:\program files (x86)\AMD APP
2012-02-02 15:40 . 2012-02-02 15:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-02 20:04 . 2012-02-02 20:04 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2012-02-02 20:04 . 2012-02-02 20:04 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-12-06 03:45 . 2011-12-06 03:45 10720256 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-06 03:18 . 2011-12-06 03:18 25371136 ----a-w- c:\windows\system32\atio6axx.dll
2011-12-06 03:17 . 2011-12-06 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 03:17 . 2011-12-06 03:17 778752 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-12-06 03:16 . 2011-12-06 03:16 933888 ----a-w- c:\windows\system32\aticfx64.dll
2011-12-06 03:12 . 2011-12-06 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 03:12 . 2011-12-06 03:12 494080 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-06 03:11 . 2011-12-06 03:11 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-06 03:10 . 2011-12-06 03:10 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-12-06 03:10 . 2011-12-06 03:10 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-12-06 03:10 . 2011-12-06 03:10 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-12-06 03:10 . 2011-12-06 03:10 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-12-06 03:09 . 2011-12-06 03:09 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-12-06 03:09 . 2011-12-06 03:09 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-12-06 03:09 . 2011-12-06 03:09 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-12-06 03:06 . 2011-12-06 03:06 6159872 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-12-06 02:56 . 2011-12-06 02:56 19125760 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-12-06 02:51 . 2011-12-06 02:51 7520768 ----a-w- c:\windows\system32\atidxx64.dll
2011-12-06 02:39 . 2011-12-06 02:39 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-12-06 02:39 . 2011-12-06 02:39 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-12-06 02:39 . 2011-12-06 02:39 4072960 ----a-w- c:\windows\system32\atiumd6a.dll
2011-12-06 02:34 . 2011-12-06 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-12-06 02:34 . 2011-12-06 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-12-06 02:34 . 2011-12-06 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-12-06 02:34 . 2011-12-06 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-12-06 02:34 . 2011-12-06 02:34 13738496 ----a-w- c:\windows\system32\aticaldd64.dll
2011-12-06 02:33 . 2011-12-06 02:33 5919232 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-12-06 02:29 . 2011-12-06 02:29 11484672 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-12-06 02:28 . 2011-12-06 02:28 4206592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-12-06 02:24 . 2011-12-06 02:24 7511040 ----a-w- c:\windows\system32\atiumd64.dll
2011-12-06 02:18 . 2011-12-06 02:18 58880 ----a-w- c:\windows\system32\coinst.dll
2011-12-06 02:13 . 2011-12-06 02:13 509952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-12-06 02:12 . 2011-12-06 02:12 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-12-06 02:12 . 2011-12-06 02:12 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 327168 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-06 02:11 . 2011-12-06 02:11 42496 ----a-w- c:\windows\system32\atiuxp64.dll
2011-12-06 02:11 . 2011-12-06 02:11 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-12-06 02:11 . 2011-12-06 02:11 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2011-12-06 02:11 . 2011-12-06 02:11 29696 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-12-06 02:10 . 2011-12-06 02:10 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-12-06 02:10 . 2011-12-06 02:10 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-05 21:04 . 2011-12-05 21:04 69632 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 17580544 ----a-w- c:\windows\system32\amdocl64.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-12-05 21:02 . 2011-12-05 21:02 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-12-05 21:02 . 2011-12-05 21:02 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-11-17 07:10 . 2012-02-02 19:31 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:39 . 2012-02-02 19:31 224768 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-15 16:58 . 2011-11-15 16:58 146432 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-11-15 16:58 . 2011-11-15 16:58 3507712 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-11-15 16:57 . 2011-11-15 16:57 2463744 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-11-15 16:57 . 2011-11-15 16:57 122880 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-11-13 20:59 . 2011-11-13 20:59 252016 ----a-w- c:\windows\SysWow64\vmnc.dll
2011-11-13 20:33 . 2011-11-13 20:33 62064 ----a-w- c:\windows\system32\vmnetbridge.dll
2011-11-13 20:33 . 2011-11-13 20:33 48752 ----a-w- c:\windows\system32\vnetinst.dll
2011-11-13 20:33 . 2011-11-13 20:33 45680 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2011-11-13 20:33 . 2011-11-13 20:33 24176 ----a-w- c:\windows\system32\drivers\vmnet.sys
2011-11-13 20:33 . 2011-11-13 20:33 20080 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
"Abyssus"="c:\program files (x86)\Razer\Abyssus\razerhid.exe" [2011-03-10 231936]
.
c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Core Temp – zástupce.lnk - d:\programy\CoreTemp32\Core Temp.exe [2011-9-24 439824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-11-13 11839488]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
S2 GEST Service;GEST Service for program management.;c:\program files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-07-30 68136]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Michal\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ALSYSIO
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682219912-2063438252-136290404-1001Core.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 15:46]
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682219912-2063438252-136290404-1001UA.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 15:46]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=14597
IE: Add to Google Photos Screensa&ver
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 80.250.9.201 80.250.1.161
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-02-03 10:02:37
ComboFix-quarantined-files.txt 2012-02-03 09:02
.
Před spuštěním: Volných bajtů: 53 939 355 648
Po spuštění: Volných bajtů: 54 025 191 424
.
- - End Of File - - A385C51E0BDD53A14B00C8BDEDE0D872
ComboFix 12-02-02.02 - Michal 03.02.2012 9:56.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2664 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-03 do 2012-02-03 )))))))))))))))))))))))))))))))
.
.
2012-02-03 09:00 . 2012-02-03 09:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-03 08:50 . 2012-02-03 08:50 -------- d-----w- c:\program files (x86)\Trend Micro
2012-02-02 21:47 . 2012-02-02 21:47 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-02-02 21:22 . 2012-02-02 21:23 -------- d-----w- C:\Fraps
2012-02-02 21:20 . 2012-02-02 21:20 -------- d-----w- c:\program files (x86)\MKVToolNix
2012-02-02 21:19 . 2012-02-02 21:19 -------- d-----w- c:\program files (x86)\ObviousIdea
2012-02-02 21:09 . 2011-11-13 22:28 31344 ----a-w- c:\windows\system32\drivers\VMparport.sys
2012-02-02 21:09 . 2011-11-13 22:28 63088 ----a-w- c:\windows\system32\drivers\vmx86.sys
2012-02-02 21:09 . 2011-11-13 22:27 354416 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2012-02-02 21:09 . 2011-11-13 22:27 433264 ----a-w- c:\windows\SysWow64\vmnat.exe
2012-02-02 21:09 . 2011-11-13 22:26 30320 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-02-02 21:09 . 2011-11-13 22:28 942192 ----a-w- c:\windows\system32\vnetlib64.dll
2012-02-02 21:08 . 2011-08-29 21:11 39024 ----a-w- c:\windows\system32\drivers\hcmon.sys
2012-02-02 21:08 . 2012-02-03 08:45 -------- d-----w- c:\programdata\VMware
2012-02-02 21:08 . 2012-02-02 21:08 -------- d-----w- c:\program files (x86)\VMware
2012-02-02 21:08 . 2012-02-02 21:08 -------- d-----w- c:\program files (x86)\Common Files\VMware
2012-02-02 21:07 . 2012-02-02 21:07 -------- d-----w- c:\program files\Common Files\VMware
2012-02-02 20:54 . 2012-02-02 20:54 -------- d-----w- c:\windows\system32\Macromed
2012-02-02 20:53 . 2012-02-02 20:53 -------- d-----w- c:\programdata\YoWindow
2012-02-02 20:53 . 2012-02-02 20:53 -------- d-----w- c:\program files (x86)\YoWindow
2012-02-02 20:51 . 2012-02-02 20:54 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-02 20:49 . 2012-02-02 20:49 -------- d-----w- c:\program files (x86)\StreamTransport
2012-02-02 20:49 . 2009-10-27 18:31 3982240 ----a-w- c:\windows\SysWow64\Flash10d.ocx
2012-02-02 20:44 . 2012-02-02 20:44 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-02-02 20:18 . 2012-02-02 20:18 -------- d-----w- c:\windows\SysWow64\Wat
2012-02-02 20:18 . 2012-02-02 20:18 -------- d-----w- c:\windows\system32\Wat
2012-02-02 20:13 . 2012-02-02 20:13 -------- d-----w- c:\program files (x86)\Opera
2012-02-02 20:08 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2012-02-02 20:08 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2012-02-02 19:55 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-02-02 19:55 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-02-02 19:49 . 2012-02-02 19:49 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 19:49 . 2012-02-02 19:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 19:49 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-02 19:47 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2012-02-02 19:46 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-02-02 19:34 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2012-02-02 19:32 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-02 19:31 . 2010-12-21 06:15 264192 ----a-w- c:\windows\system32\upnp.dll
2012-02-02 19:30 . 2011-02-19 06:36 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-02-02 19:29 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-02-02 19:28 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-02-02 19:26 . 2012-02-02 19:26 -------- d-----w- c:\windows\Album
2012-02-02 19:21 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2012-02-02 19:19 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-02-02 19:19 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-02-02 19:07 . 2009-11-25 19:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-02-02 19:07 . 2009-11-25 19:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-02-02 19:07 . 2009-11-25 19:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-02-02 19:07 . 2009-11-25 19:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-02-02 19:07 . 2009-11-25 19:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-02-02 19:07 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-02-02 19:07 . 2009-11-25 19:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-02-02 19:07 . 2009-11-25 19:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-02-02 19:07 . 2009-11-25 19:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-02-02 19:07 . 2009-11-25 19:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-02-02 18:41 . 2012-02-02 18:41 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-02-02 18:41 . 2012-02-02 20:38 -------- d-----w- c:\program files (x86)\Steam
2012-02-02 18:38 . 2012-02-02 18:38 -------- d-----w- c:\programdata\Protexis
2012-02-02 18:37 . 2012-02-02 18:37 -------- d-----w- c:\programdata\eSellerate
2012-02-02 18:37 . 2012-02-02 18:37 -------- d-----w- c:\program files (x86)\SmartSound Software
2012-02-02 18:37 . 2012-02-02 18:37 -------- d-----w- c:\programdata\SmartSound Software Inc
2012-02-02 18:36 . 2012-02-02 18:36 -------- d--h--w- c:\windows\msdownld.tmp
2012-02-02 18:36 . 2012-02-02 18:36 -------- d-----w- c:\programdata\InterVideo
2012-02-02 18:36 . 2012-02-02 18:36 -------- d-----w- c:\programdata\Corel
2012-02-02 18:35 . 2012-02-02 18:35 -------- d-----w- c:\programdata\Ulead Systems
2012-02-02 18:34 . 2012-02-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2012-02-02 18:34 . 2012-02-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Corel
2012-02-02 18:34 . 2012-02-02 18:34 -------- d-----w- c:\program files (x86)\Common Files\Ulead Systems
2012-02-02 18:33 . 2012-02-02 18:33 -------- d-----w- c:\program files (x86)\Windows Media Components
2012-02-02 18:33 . 2012-02-02 18:33 -------- d-----w- c:\program files (x86)\Corel
2012-02-02 18:26 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-02-02 18:26 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2012-02-02 17:39 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2012-02-02 17:39 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2012-02-02 17:30 . 2012-02-02 17:30 -------- d-----w- c:\windows\system32\appmgmt
2012-02-02 17:00 . 2012-02-02 17:00 -------- d-----w- c:\program files (x86)\Google
2012-02-02 16:59 . 2012-02-02 16:59 -------- d-----w- c:\program files (x86)\FreeTime
2012-02-02 16:49 . 2012-02-02 16:49 -------- d-----w- c:\program files\ESET
2012-02-02 16:43 . 2012-02-02 16:43 -------- d-----w- c:\program files\CCleaner
2012-02-02 16:36 . 2012-02-02 16:36 -------- d-----w- c:\program files (x86)\AIMP3
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\programdata\Mirillis
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\program files (x86)\Mirillis
2012-02-02 16:25 . 2012-02-02 21:03 -------- d-----r- c:\program files (x86)\Skype
2012-02-02 16:25 . 2012-02-02 21:03 -------- d-----w- c:\programdata\Skype
2012-02-02 16:19 . 2012-02-02 18:35 -------- d-----w- c:\program files (x86)\The KMPlayer
2012-02-02 16:18 . 2012-02-02 16:18 -------- d-----w- c:\programdata\ashampoo
2012-02-02 16:17 . 2012-02-02 16:17 -------- d-----w- c:\program files (x86)\Ashampoo
2012-02-02 16:16 . 2012-02-02 16:16 -------- d-----w- c:\program files (x86)\CENZURA HD
2012-02-02 16:14 . 2012-02-02 16:14 -------- d-----w- c:\program files (x86)\DsNET Corp
2012-02-02 16:12 . 2012-01-17 03:39 8602168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F3DB89E2-47B9-422E-991A-322757640392}\mpengine.dll
2012-02-02 16:12 . 2011-12-07 09:39 279096 ------w- c:\windows\system32\MpSigStub.exe
2012-02-02 16:12 . 2012-02-02 16:12 -------- d-----w- c:\programdata\Zoner
2012-02-02 16:11 . 2012-02-02 16:11 -------- d-----w- c:\program files\Zoner
2012-02-02 16:09 . 2012-02-02 16:10 -------- d-----w- c:\program files\Common Files\Adobe
2012-02-02 16:08 . 2012-02-02 16:08 -------- d-----w- c:\program files (x86)\Adobe Media Player
2012-02-02 16:07 . 2012-02-02 16:07 -------- d-----w- c:\windows\SysWow64\Macromed
2012-02-02 16:07 . 2012-02-02 16:07 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-02-02 16:05 . 2012-02-02 16:09 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-02-02 16:04 . 2012-02-02 16:04 -------- d-----w- c:\program files (x86)\VirtualDJ
2012-02-02 16:03 . 2009-08-27 13:49 92672 ----a-w- c:\windows\system32\Abyssus.cpl
2012-02-02 16:03 . 2010-09-30 23:16 13312 ----a-w- c:\windows\system32\drivers\VKbms.sys
2012-02-02 16:03 . 2010-09-29 19:45 6656 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2012-02-02 16:03 . 2009-10-30 09:53 10880 ----a-w- c:\windows\system32\drivers\Abyssus.sys
2012-02-02 16:03 . 2012-02-02 16:03 -------- d-----w- c:\program files (x86)\Razer
2012-02-02 15:57 . 2012-02-02 15:57 -------- d-----w- c:\program files\Yamicsoft
2012-02-02 15:53 . 2012-02-02 15:53 564792 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-02-02 15:53 . 2012-02-02 15:53 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-02-02 15:52 . 2012-02-02 15:52 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-02-02 15:43 . 2009-07-14 01:16 327680 ----a-w- c:\windows\SysWow64\zipfldr.dll.bak
2012-02-02 15:43 . 2009-07-14 01:06 705536 ----a-w- c:\windows\SysWow64\imagesp1.dll.bak
2012-02-02 15:43 . 2009-07-14 01:41 366080 ----a-w- c:\windows\system32\zipfldr.dll.bak
2012-02-02 15:43 . 2009-07-14 01:28 705536 ----a-w- c:\windows\system32\imagesp1.dll.bak
2012-02-02 15:43 . 2009-07-14 01:28 20268032 ----a-w- c:\windows\system32\imageres.dll.bak
2012-02-02 15:43 . 2009-07-14 01:06 20268032 ----a-w- c:\windows\SysWow64\imageres.dll.bak
2012-02-02 15:41 . 2012-02-02 15:41 -------- d-----w- c:\programdata\ATI
2012-02-02 15:41 . 2012-02-03 08:45 25640 ----a-w- c:\windows\gdrv.sys
2012-02-02 15:40 . 2012-02-02 15:40 0 ----a-w- c:\windows\ativpsrm.bin
2012-02-02 15:40 . 2012-02-02 15:40 -------- d-----w- c:\program files (x86)\AMD APP
2012-02-02 15:40 . 2012-02-02 15:40 -------- d-----w- c:\program files\Common Files\ATI Technologies
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-02 20:04 . 2012-02-02 20:04 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2012-02-02 20:04 . 2012-02-02 20:04 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-12-06 03:45 . 2011-12-06 03:45 10720256 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-06 03:18 . 2011-12-06 03:18 25371136 ----a-w- c:\windows\system32\atio6axx.dll
2011-12-06 03:17 . 2011-12-06 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 03:17 . 2011-12-06 03:17 778752 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-12-06 03:16 . 2011-12-06 03:16 933888 ----a-w- c:\windows\system32\aticfx64.dll
2011-12-06 03:12 . 2011-12-06 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 03:12 . 2011-12-06 03:12 494080 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-06 03:11 . 2011-12-06 03:11 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-06 03:10 . 2011-12-06 03:10 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-12-06 03:10 . 2011-12-06 03:10 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-12-06 03:10 . 2011-12-06 03:10 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-12-06 03:10 . 2011-12-06 03:10 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-12-06 03:09 . 2011-12-06 03:09 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-12-06 03:09 . 2011-12-06 03:09 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-12-06 03:09 . 2011-12-06 03:09 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-12-06 03:06 . 2011-12-06 03:06 6159872 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-12-06 02:56 . 2011-12-06 02:56 19125760 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-12-06 02:51 . 2011-12-06 02:51 7520768 ----a-w- c:\windows\system32\atidxx64.dll
2011-12-06 02:39 . 2011-12-06 02:39 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-12-06 02:39 . 2011-12-06 02:39 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-12-06 02:39 . 2011-12-06 02:39 4072960 ----a-w- c:\windows\system32\atiumd6a.dll
2011-12-06 02:34 . 2011-12-06 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-12-06 02:34 . 2011-12-06 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-12-06 02:34 . 2011-12-06 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-12-06 02:34 . 2011-12-06 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-12-06 02:34 . 2011-12-06 02:34 13738496 ----a-w- c:\windows\system32\aticaldd64.dll
2011-12-06 02:33 . 2011-12-06 02:33 5919232 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-12-06 02:29 . 2011-12-06 02:29 11484672 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-12-06 02:28 . 2011-12-06 02:28 4206592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-12-06 02:24 . 2011-12-06 02:24 7511040 ----a-w- c:\windows\system32\atiumd64.dll
2011-12-06 02:18 . 2011-12-06 02:18 58880 ----a-w- c:\windows\system32\coinst.dll
2011-12-06 02:13 . 2011-12-06 02:13 509952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-12-06 02:12 . 2011-12-06 02:12 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-12-06 02:12 . 2011-12-06 02:12 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 327168 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-06 02:11 . 2011-12-06 02:11 42496 ----a-w- c:\windows\system32\atiuxp64.dll
2011-12-06 02:11 . 2011-12-06 02:11 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-12-06 02:11 . 2011-12-06 02:11 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2011-12-06 02:11 . 2011-12-06 02:11 29696 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-12-06 02:10 . 2011-12-06 02:10 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-12-06 02:10 . 2011-12-06 02:10 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-05 21:04 . 2011-12-05 21:04 69632 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 17580544 ----a-w- c:\windows\system32\amdocl64.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-12-05 21:02 . 2011-12-05 21:02 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-12-05 21:02 . 2011-12-05 21:02 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-11-17 07:10 . 2012-02-02 19:31 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:39 . 2012-02-02 19:31 224768 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-15 16:58 . 2011-11-15 16:58 146432 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-11-15 16:58 . 2011-11-15 16:58 3507712 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-11-15 16:57 . 2011-11-15 16:57 2463744 ----a-w- c:\windows\SysWow64\SlotMaximizerBe.dll
2011-11-15 16:57 . 2011-11-15 16:57 122880 ----a-w- c:\windows\SysWow64\SlotMaximizerAg.dll
2011-11-13 20:59 . 2011-11-13 20:59 252016 ----a-w- c:\windows\SysWow64\vmnc.dll
2011-11-13 20:33 . 2011-11-13 20:33 62064 ----a-w- c:\windows\system32\vmnetbridge.dll
2011-11-13 20:33 . 2011-11-13 20:33 48752 ----a-w- c:\windows\system32\vnetinst.dll
2011-11-13 20:33 . 2011-11-13 20:33 45680 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2011-11-13 20:33 . 2011-11-13 20:33 24176 ----a-w- c:\windows\system32\drivers\vmnet.sys
2011-11-13 20:33 . 2011-11-13 20:33 20080 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
"Abyssus"="c:\program files (x86)\Razer\Abyssus\razerhid.exe" [2011-03-10 231936]
.
c:\users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Core Temp – zástupce.lnk - d:\programy\CoreTemp32\Core Temp.exe [2011-9-24 439824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-11-13 11839488]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
S2 GEST Service;GEST Service for program management.;c:\program files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-07-30 68136]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 Abyssus;Razer Abyssus;c:\windows\system32\drivers\Abyssus.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Michal\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ALSYSIO
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682219912-2063438252-136290404-1001Core.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 15:46]
.
2012-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3682219912-2063438252-136290404-1001UA.job
- c:\users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-02 15:46]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=14597
IE: Add to Google Photos Screensa&ver
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 80.250.9.201 80.250.1.161
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-02-03 10:02:37
ComboFix-quarantined-files.txt 2012-02-03 09:02
.
Před spuštěním: Volných bajtů: 53 939 355 648
Po spuštění: Volných bajtů: 54 025 191 424
.
- - End Of File - - A385C51E0BDD53A14B00C8BDEDE0D872
Nikdo nikdy nevíme jak tu ještě dlouho budem proto by jsme si měli život užívat
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43072
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Přijmul sem VIRUS od anonymous prosím o kontrolu
Bez nákazy.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
File::
c:\windows\ativpsrm.bin
Folder::
c:\windows\msdownld.tmp
DDS::
uStart Page = hxxp://eu.ask.com/?l=dis&o=14597
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti