Prosím o kontrolu logu - program IE přestal pracovat

Irbis · Příspěvekod **Irbis** » 29 srp 2012 20:56

Ahoj. Mam problem s otevřením pdf. Zakázání doplňků nefunguje. A IE přestane pracovat i při načítání některých stránek (jsou to různý stránky, když něco hledám, takže si je nepamatuju) dokonce i u některýho videa na youtube, ale po zakázání všech doplňků už to video šlo
Prosím, pomozte mi někdo. Posílám log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:01, on 29.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
D:\Programy\HotkeyP\HotkeyP.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\explorer.exe
C:\Users\Paulus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\J River\Media Center 17\Media Center 17.exe
C:\Users\Paulus\Desktop\hack\wwwhack.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\explorer.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\JDownloader\jre\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Paulus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JJMQ0QN1\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Paulus\Desktop\Dočasná\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: wxDfast - {2682A9C3-5D22-E25D-9311-C63852D7E94B} - C:\ProgramData\wxDfast\bhoclass.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SoftGate.DownloadManager.IE.DownloadManagerPlugin - {a1acb83b-3713-4784-b2b3-64c6d06565e9} - mscoree.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HotkeyP] D:\Programy\HotkeyP\HotkeyP.exe 0
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Paulus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
O4 - HKCU\..\Run: [indeo] c:\users\paulus\design.exe "c:\users\paulus\stay_wait.exe"
O4 - HKCU\..\Run: [intel_ii] c:\users\paulus\systema.exe "c:\users\paulus\groupy_file.exe"
O4 - HKCU\..\Run: [intel_i] c:\users\paulus\runners.exe "c:\programdata\groupy_file.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {bb7f932c-881f-4b88-837d-cf84adff062b} - mscoree.dll (file missing)
O9 - Extra 'Tools' menuitem: SoftGate Download Manager - {bb7f932c-881f-4b88-837d-cf84adff062b} - mscoree.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com.tw/common/asusTek_sys_ctrl.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.80.2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Media Center 17 Service - JRiver, Inc. - C:\Program Files\J River\Media Center 17\JRService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

--
End of file - 11184 bytes

Reklama

Příspěvekod **jaro3** » 30 srp 2012 00:56

redbulik: jsi v sekci HJT!!!!
viewtopic.php?f=70&t=29204

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\ProgramData\wxDfast\bhoclass.dll
c:\programdata\groupy_file.exe"
C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Irbis · Příspěvekod **Irbis** » 30 srp 2012 16:50

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.30.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Paulus :: PAVLVS-PC [administrátor]

30.8.2012 16:32:05
mbam-log-2012-08-30 (16-39-48).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 200459
Uplynulý čas: 7 minut, 14 sekund

Nalezené procesy v paměti: 4
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 868 -> Žádná instrukce nebyla provedena.
C:\ProgramData\OptimizerPro1\OptimizerPro1.exe (Trojan.Dropper) -> 2984 -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\WxDFast.exe (Trojan.Dropper) -> 2992 -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\WxDFast.exe (PUP.wxDfast) -> 2992 -> Žádná instrukce nebyla provedena.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro1 (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WxDFast (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
HKCR\CLSID\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432} (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WxDFast (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|indeo (Malware.Packer.Gen) -> Data: c:\users\paulus\design.exe "c:\users\paulus\stay_wait.exe" -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|intel_ii (Malware.Packer.Gen) -> Data: c:\users\paulus\systema.exe "c:\users\paulus\groupy_file.exe" -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|intel_i (Malware.Packer.Gen) -> Data: c:\users\paulus\runners.exe "c:\programdata\groupy_file.exe" -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\ProgramData\WxDFast (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\data (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\downloads (PUP.wxDfast) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 18
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
C:\ProgramData\OptimizerPro1\OptimizerPro1.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\WxDFast.exe (Trojan.Dropper) -> Žádná instrukce nebyla provedena.
C:\Users\Paulus\stay_wait.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
C:\Users\Paulus\groupy_file.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
C:\ProgramData\groupy_file.exe (Malware.Packer.Gen) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\background.html (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\bhoclass.dll (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\content.js (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\haaneemjeelenmffjkbbionhbffdfdio.crx (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\profile.ini (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\runtime.dll (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\settings.ini (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\uninstall.exe (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\WxDFast.exe (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\data\content.js (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\ProgramData\WxDFast\data\jsondb.js (PUP.wxDfast) -> Žádná instrukce nebyla provedena.
C:\Users\Paulus\AppData\Roaming\local (Stolen.Data) -> Žádná instrukce nebyla provedena.

(konec)

https://www.virustotal.com/file/2b4d643 ... 346337722/
https://www.virustotal.com/file/6d3a1eb ... 346337933/
https://www.virustotal.com/file/f30468f ... 346338107/

Příspěvekod **memphisto** » 31 srp 2012 01:26

- Takže spus znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

Irbis · Příspěvekod **Irbis** » 31 srp 2012 10:54

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.08.30.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Paulus :: PAVLVS-PC [administrátor]

31.8.2012 9:59:53
mbam-log-2012-08-31 (09-59-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201577
Uplynulý čas: 8 minut, 4 sekund

Nalezené procesy v paměti: 4
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 868 -> Bude smazán při restartu.
C:\ProgramData\OptimizerPro1\OptimizerPro1.exe (Trojan.Dropper) -> 2984 -> Bude smazán při restartu.
C:\ProgramData\WxDFast\WxDFast.exe (Trojan.Dropper) -> 2992 -> Bude smazán při restartu.
C:\ProgramData\WxDFast\WxDFast.exe (PUP.wxDfast) -> 2992 -> Bude smazán při restartu.

Nalezené moduly v paměti: 1
C:\ProgramData\WxDFast\bhoclass.dll (PUP.wxDfast) -> Bude smazán při restartu.

Nalezené klíče v registru: 11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro1 (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WxDFast (Trojan.Dropper) -> Umístnění do karantény a smazání se zdařilo.
HKCR\CLSID\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2682A9C3-5D22-E25D-9311-C63852D7E94B} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432} (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WxDFast (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|indeo (Malware.Packer.Gen) -> Data: c:\users\paulus\design.exe "c:\users\paulus\stay_wait.exe" -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|intel_ii (Malware.Packer.Gen) -> Data: c:\users\paulus\systema.exe "c:\users\paulus\groupy_file.exe" -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|intel_i (Malware.Packer.Gen) -> Data: c:\users\paulus\runners.exe "c:\programdata\groupy_file.exe" -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\ProgramData\WxDFast (PUP.wxDfast) -> Bude smazán při restartu.
C:\ProgramData\WxDFast\data (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\downloads (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.

Nalezené soubory: 18
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Bude smazán při restartu.
C:\ProgramData\OptimizerPro1\OptimizerPro1.exe (Trojan.Dropper) -> Bude smazán při restartu.
C:\ProgramData\WxDFast\WxDFast.exe (Trojan.Dropper) -> Bude smazán při restartu.
C:\Users\Paulus\stay_wait.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Paulus\groupy_file.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\groupy_file.exe (Malware.Packer.Gen) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\background.html (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\bhoclass.dll (PUP.wxDfast) -> Bude smazán při restartu.
C:\ProgramData\WxDFast\content.js (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\haaneemjeelenmffjkbbionhbffdfdio.crx (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\profile.ini (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\runtime.dll (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\settings.ini (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\uninstall.exe (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\WxDFast.exe (PUP.wxDfast) -> Bude smazán při restartu.
C:\ProgramData\WxDFast\data\content.js (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\WxDFast\data\jsondb.js (PUP.wxDfast) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Paulus\AppData\Roaming\local (Stolen.Data) -> Umístnění do karantény a smazání se zdařilo.

(konec)

ComboFix 12-08-30.05 - Paulus 31.08.2012 10:34:03.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1215 [GMT 2:00]
Spuštěný z: c:\users\Paulus\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Web Assistant\ExTEnsion32.dll
c:\users\Paulus\AppData\Local\assembly\tmp
c:\users\Paulus\design.exe
c:\users\Paulus\runners.exe
c:\users\Paulus\systema.exe
c:\windows\PFRO.log
c:\windows\system32\dtirc.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-28 do 2012-08-31 )))))))))))))))))))))))))))))))
.
.
2012-08-30 14:41 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1095DE2B-DD70-492E-8ECA-66AC1BBF90BC}\mpengine.dll
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\users\Paulus\AppData\Roaming\Malwarebytes
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\programdata\Malwarebytes
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-30 14:30 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-29 15:26 . 2012-08-29 15:26 -------- d-----w- c:\users\Paulus\AppData\Local\Comodo
2012-08-29 15:26 . 2012-08-29 15:30 45320 ----a-w- c:\windows\system32\certsentry.dll
2012-08-29 15:25 . 2012-08-29 15:25 -------- d-----w- c:\program files\Comodo
2012-08-29 15:22 . 2012-08-29 15:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-08-29 15:22 . 2012-08-29 15:22 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-08-29 11:00 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-27 15:07 . 2012-08-27 15:07 653120 ----a-w- c:\windows\system32\msvcr90.dll
2012-08-27 14:46 . 2012-08-27 15:07 -------- d-----w- c:\program files\WiseFixer
2012-08-26 19:56 . 2012-08-26 19:56 -------- d-----w- C:\SkyDriveTemp
2012-08-26 19:48 . 2012-08-26 19:48 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-08-26 19:48 . 2012-08-31 08:30 -------- d-----r- c:\users\Paulus\SkyDrive
2012-08-26 19:47 . 2012-08-26 19:47 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-08-25 08:52 . 2012-06-10 19:58 381096 ------w- c:\windows\system32\MC17.exe
2012-08-25 08:15 . 2012-08-25 08:15 -------- d-----w- c:\users\Paulus\AppData\Roaming\MPEG Streamclip
2012-08-24 21:05 . 2012-08-24 21:05 -------- d-----w- c:\users\Paulus\AppData\Roaming\mkvtoolnix
2012-08-24 21:04 . 2012-08-24 21:04 -------- d-----w- c:\program files\MKVToolNix
2012-08-24 20:35 . 2012-07-14 12:38 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-08-24 20:35 . 2012-07-14 12:37 47616 ----a-w- c:\windows\system32\ff_acm.acm
2012-08-24 20:35 . 2012-08-24 20:35 -------- d-----w- c:\program files\ffdshow
2012-08-24 20:07 . 2012-01-20 12:14 17280 ----a-w- c:\windows\system32\roboot.exe
2012-08-24 20:07 . 2012-08-24 20:07 -------- d-----w- c:\users\Paulus\AppData\Roaming\systweak
2012-08-24 20:06 . 2012-08-24 20:21 -------- d-----w- c:\program files\mkvtoavis
2012-08-24 19:54 . 2012-08-24 20:00 -------- d-----w- c:\program files\Free MKV Video2Dvd
2012-08-24 19:51 . 2012-08-24 19:54 -------- d-----w- c:\program files\MKV Player
2012-08-24 19:42 . 2012-08-24 19:47 -------- d-----w- c:\users\Paulus\AppData\Roaming\avidemux
2012-08-23 19:47 . 2012-08-23 19:47 -------- d-----w- c:\programdata\Premium
2012-08-23 19:46 . 2012-08-31 08:44 -------- d-----w- c:\program files\Web Assistant
2012-08-23 19:45 . 2012-08-31 08:13 -------- d-----w- c:\programdata\OptimizerPro1
2012-08-23 19:44 . 2012-08-23 19:47 -------- d-----w- c:\programdata\InstallMate
2012-08-23 19:42 . 2012-08-23 19:42 -------- d-----w- c:\program files\Yontoo
2012-08-23 19:42 . 2012-08-23 19:42 -------- d-----w- c:\programdata\Tarma Installer
2012-08-23 12:12 . 2012-08-30 18:41 -------- d-----w- c:\users\Paulus\AppData\Roaming\vlc
2012-08-21 11:19 . 2012-06-27 13:18 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-08-21 11:19 . 2012-08-21 11:19 -------- d-----w- c:\program files\PC Connectivity Solution
2012-08-19 10:06 . 2012-08-19 10:06 -------- d-----w- c:\program files\KB350e
2012-08-17 20:53 . 2012-08-19 10:17 -------- d-----w- c:\users\Paulus\AppData\Roaming\Skype
2012-08-17 20:52 . 2012-08-17 20:52 -------- d-----w- c:\program files\Common Files\Skype
2012-08-17 20:52 . 2012-08-17 20:52 -------- d-----r- c:\program files\Skype
2012-08-17 20:52 . 2012-08-17 20:53 -------- d-----w- c:\programdata\Skype
2012-08-16 12:32 . 2012-05-29 14:33 171256 ----a-w- c:\windows\system32\MMPlugHostCtrl.dll
2012-08-16 12:32 . 2012-05-29 14:33 2265848 ----a-w- c:\program files\Internet Explorer\Plugins\NPMyrMus.dll
2012-08-15 09:17 . 2012-08-15 09:17 -------- d-----w- c:\program files\Sibelius Software
2012-08-15 09:14 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 09:10 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 09:10 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 09:10 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 09:09 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 09:09 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 09:09 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-14 20:33 . 2012-08-14 20:33 -------- d-----w- c:\users\Paulus\AppData\Roaming\AnvSoft
2012-08-14 20:33 . 2012-08-14 20:33 -------- d-----w- c:\program files\AnvSoft
2012-08-11 19:28 . 2012-08-11 19:28 -------- d-----w- c:\users\Paulus\AppData\Roaming\Nokia Suite
2012-08-11 18:47 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-08-11 18:47 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-08-11 18:47 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-08-11 18:47 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-08-11 18:47 . 2012-08-11 18:47 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-08-11 18:47 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-08-11 18:47 . 2012-08-11 18:47 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-08-11 17:47 . 2005-08-03 14:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2012-08-11 17:47 . 2005-08-03 14:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2012-08-10 21:15 . 2012-08-10 21:15 -------- d-----w- c:\users\Paulus\.Nokia
2012-08-10 21:15 . 2012-08-10 21:15 -------- d-----w- C:\Nokia
2012-08-10 21:14 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-08-10 21:14 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-08-10 21:14 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-08-10 21:14 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-08-10 21:14 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-08-10 21:14 . 2012-08-10 21:14 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-08-10 21:14 . 2012-08-10 21:14 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-30 15:39 . 2012-06-14 09:29 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-30 15:39 . 2012-06-14 09:29 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSTITL.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSTEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSTMP.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSPEC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSCRP.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSREH_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSMET_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSCHOR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRS____.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSTEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSSE__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSS___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSROMC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSPC__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSP___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSO___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSNN__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSM___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFS__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFBE_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFB__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSCSC_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSCS__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSC___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUS____.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INKPEN2_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2TEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2SPEC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2SCRI.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2METR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2CHOR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELST___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSS___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSM___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSINKI.FOT
2012-07-22 13:58 . 2012-06-24 10:38 139848 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-22 13:58 . 2012-06-24 10:48 282696 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-22 13:58 . 2012-06-24 10:37 282696 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-19 11:09 . 2012-06-24 10:37 111928 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-16 11:09 . 2012-07-16 11:09 274432 ----a-w- c:\windows\system32\crysoundsystem.dll
2012-07-14 10:35 . 2012-07-14 10:35 226304 ----a-w- c:\windows\system32\binkw32.dll
2012-06-24 10:38 . 2012-06-24 10:38 138904 ----a-w- c:\users\Paulus\AppData\Roaming\PnkBstrK.sys
2012-06-24 10:37 . 2012-06-24 10:37 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-21 08:37 . 2012-06-21 08:37 3166792 ------w- c:\windows\system32\pbsvc.exe
2012-06-15 18:57 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-14 13:51 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-06-14 12:45 . 2012-06-14 12:45 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-14 10:36 . 2012-06-14 10:36 695675 ----a-w- c:\windows\unins000.exe
2012-06-14 08:40 . 2012-06-14 08:40 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-06-14 08:40 . 2012-06-14 08:40 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-06-14 08:40 . 2012-06-14 08:40 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-06-14 08:40 . 2012-06-14 08:40 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-06-14 08:40 . 2012-06-14 08:40 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-06-14 08:40 . 2012-06-14 08:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-06-14 08:40 . 2012-06-14 08:40 367104 ----a-w- c:\windows\system32\html.iec
2012-06-14 08:40 . 2012-06-14 08:40 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-06-14 08:40 . 2012-06-14 08:40 161792 ----a-w- c:\windows\system32\msls31.dll
2012-06-14 08:40 . 2012-06-14 08:40 152064 ----a-w- c:\windows\system32\wextract.exe
2012-06-14 08:40 . 2012-06-14 08:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-06-14 08:40 . 2012-06-14 08:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-06-14 08:40 . 2012-06-14 08:40 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-06-14 08:40 . 2012-06-14 08:40 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-06-14 08:40 . 2012-06-14 08:40 11776 ----a-w- c:\windows\system32\mshta.exe
2012-06-14 08:40 . 2012-06-14 08:40 101888 ----a-w- c:\windows\system32\admparse.dll
2012-06-11 18:17 . 2012-06-11 18:17 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05 . 2012-07-11 08:45 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05 . 2012-07-11 08:45 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03 . 2012-07-11 08:45 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:19 . 2012-06-21 08:20 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 08:20 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 08:20 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 08:20 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-21 08:20 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-21 08:20 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-21 08:20 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 08:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-21 08:19 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1acb83b-3713-4784-b2b3-64c6d06565e9}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="d:\programy\HotkeyP\HotkeyP.exe" [2012-03-28 147456]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"SkyDrive"="c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-08-26 238528]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888]
.
c:\users\Paulus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lunascape6.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lunascape6.lnk
backup=c:\windows\pss\Lunascape6.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Paulus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Paulus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-30 18:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameShadow]
2010-08-04 22:18 667928 ----a-w- c:\program files\GameShadow\GameShadow.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-06-21 19:41 127040 ----a-w- c:\program files\ICQ7M\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KB350e]
2007-12-12 14:31 184320 ----a-w- c:\program files\KB350e\MagicKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2011-10-21 11:19 2193000 ----a-w- c:\program files\Nokia\Nokia Music Player\NokiaMusicPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-08-03 14:06 1086376 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-06-26 09:34 421888 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe
.
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 Media Center 17 Service;Media Center 17 Service;c:\program files\J River\Media Center 17\JRService.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x]
S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-14 15:39]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{bb7f932c-881f-4b88-837d-cf84adff062b} - {707f6b7e-a2f2-490e-b857-38fcd1a2326b} - mscoree.dll
TCP: DhcpNameServer = 212.158.128.2 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-PlayNC Launcher - (no file)
MSConfigStartUp-ALLUpdate - c:\program files\ALLPlayer\ALLUpdate.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\atieclxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2012-08-31 10:50:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-31 08:50
.
Před spuštěním: Volných bajtů: 38 305 902 592
Po spuštění: Volných bajtů: 37 907 533 824
.
- - End Of File - - 7CE941E8A99DDAD2D9BEE49A3FA2A676

Příspěvekod **jaro3** » 01 zář 2012 11:25

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files\Skype\Updater\Updater.exe

DirLook::
c:\program files\KB350e

Driver::
SkypeUpdate

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\srvany.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Co soubory .pdf ?

Irbis · Příspěvekod **Irbis** » 01 zář 2012 12:38

ComboFix 12-08-31.08 - Paulus 01.09.2012 12:14:11.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1094 [GMT 2:00]
Spuštěný z: c:\users\Paulus\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-01 do 2012-09-01 )))))))))))))))))))))))))))))))
.
.
2012-09-01 10:24 . 2012-09-01 10:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-01 10:10 . 2012-09-01 10:10 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47EE6536-5508-4099-BAF8-7D4377CE09A1}\MpKsl8f0c9bfd.sys
2012-09-01 09:10 . 2012-09-01 09:10 -------- d-----w- c:\programdata\Remedy
2012-09-01 08:52 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47EE6536-5508-4099-BAF8-7D4377CE09A1}\mpengine.dll
2012-08-31 20:07 . 2012-08-31 20:07 -------- d-----w- c:\users\Paulus\AppData\Local\Focus Home Interactive
2012-08-31 18:13 . 2012-08-31 18:13 -------- d-----w- c:\programdata\Age of Empires 3
2012-08-31 17:37 . 2012-08-31 17:37 -------- d-----w- c:\users\Paulus\AppData\Local\Application Data
2012-08-31 17:37 . 2006-07-13 12:31 200704 --s-a-w- c:\windows\system32\libssl32.dll
2012-08-31 17:37 . 2006-05-10 09:43 1069056 --s-a-w- c:\windows\system32\libeay32.dll
2012-08-31 17:37 . 2012-08-31 17:37 -------- d-----w- c:\program files\Winwap Technologies
2012-08-31 09:12 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-31 08:45 . 2012-09-01 10:24 -------- d-----w- c:\users\Paulus\AppData\Local\temp
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\users\Paulus\AppData\Roaming\Malwarebytes
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\programdata\Malwarebytes
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-30 14:30 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-29 15:26 . 2012-08-29 15:26 -------- d-----w- c:\users\Paulus\AppData\Local\Comodo
2012-08-29 15:26 . 2012-08-29 15:30 45320 ----a-w- c:\windows\system32\certsentry.dll
2012-08-29 15:25 . 2012-08-29 15:25 -------- d-----w- c:\program files\Comodo
2012-08-29 15:22 . 2012-08-29 15:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-08-29 15:22 . 2012-08-29 15:22 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-08-27 15:07 . 2012-08-27 15:07 653120 ----a-w- c:\windows\system32\msvcr90.dll
2012-08-27 14:46 . 2012-08-27 15:07 -------- d-----w- c:\program files\WiseFixer
2012-08-26 19:56 . 2012-08-26 19:56 -------- d-----w- C:\SkyDriveTemp
2012-08-26 19:48 . 2012-08-26 19:48 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-08-26 19:48 . 2012-09-01 10:10 -------- d-----r- c:\users\Paulus\SkyDrive
2012-08-26 19:47 . 2012-08-26 19:47 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-08-25 08:52 . 2012-06-10 19:58 381096 ------w- c:\windows\system32\MC17.exe
2012-08-25 08:15 . 2012-08-25 08:15 -------- d-----w- c:\users\Paulus\AppData\Roaming\MPEG Streamclip
2012-08-24 21:05 . 2012-08-24 21:05 -------- d-----w- c:\users\Paulus\AppData\Roaming\mkvtoolnix
2012-08-24 21:04 . 2012-08-24 21:04 -------- d-----w- c:\program files\MKVToolNix
2012-08-24 20:35 . 2012-07-14 12:38 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-08-24 20:35 . 2012-07-14 12:37 47616 ----a-w- c:\windows\system32\ff_acm.acm
2012-08-24 20:35 . 2012-08-24 20:35 -------- d-----w- c:\program files\ffdshow
2012-08-24 20:07 . 2012-01-20 12:14 17280 ----a-w- c:\windows\system32\roboot.exe
2012-08-24 20:07 . 2012-08-24 20:07 -------- d-----w- c:\users\Paulus\AppData\Roaming\systweak
2012-08-24 20:06 . 2012-08-24 20:21 -------- d-----w- c:\program files\mkvtoavis
2012-08-24 19:54 . 2012-08-24 20:00 -------- d-----w- c:\program files\Free MKV Video2Dvd
2012-08-24 19:51 . 2012-08-24 19:54 -------- d-----w- c:\program files\MKV Player
2012-08-24 19:42 . 2012-08-24 19:47 -------- d-----w- c:\users\Paulus\AppData\Roaming\avidemux
2012-08-23 19:47 . 2012-08-23 19:47 -------- d-----w- c:\programdata\Premium
2012-08-23 19:46 . 2012-08-31 08:44 -------- d-----w- c:\program files\Web Assistant
2012-08-23 19:45 . 2012-08-31 08:13 -------- d-----w- c:\programdata\OptimizerPro1
2012-08-23 19:44 . 2012-08-23 19:47 -------- d-----w- c:\programdata\InstallMate
2012-08-23 19:42 . 2012-08-23 19:42 -------- d-----w- c:\program files\Yontoo
2012-08-23 19:42 . 2012-08-23 19:42 -------- d-----w- c:\programdata\Tarma Installer
2012-08-23 12:12 . 2012-08-30 18:41 -------- d-----w- c:\users\Paulus\AppData\Roaming\vlc
2012-08-21 11:19 . 2012-06-27 13:18 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-08-21 11:19 . 2012-08-21 11:19 -------- d-----w- c:\program files\PC Connectivity Solution
2012-08-19 10:06 . 2012-08-19 10:06 -------- d-----w- c:\program files\KB350e
2012-08-17 20:53 . 2012-08-19 10:17 -------- d-----w- c:\users\Paulus\AppData\Roaming\Skype
2012-08-17 20:52 . 2012-08-17 20:52 -------- d-----w- c:\program files\Common Files\Skype
2012-08-17 20:52 . 2012-08-17 20:52 -------- d-----r- c:\program files\Skype
2012-08-17 20:52 . 2012-08-17 20:53 -------- d-----w- c:\programdata\Skype
2012-08-16 12:32 . 2012-05-29 14:33 171256 ----a-w- c:\windows\system32\MMPlugHostCtrl.dll
2012-08-16 12:32 . 2012-05-29 14:33 2265848 ----a-w- c:\program files\Internet Explorer\Plugins\NPMyrMus.dll
2012-08-15 09:17 . 2012-08-15 09:17 -------- d-----w- c:\program files\Sibelius Software
2012-08-15 09:14 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 09:10 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 09:10 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 09:10 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 09:09 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 09:09 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 09:09 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-14 20:33 . 2012-08-14 20:33 -------- d-----w- c:\users\Paulus\AppData\Roaming\AnvSoft
2012-08-14 20:33 . 2012-08-14 20:33 -------- d-----w- c:\program files\AnvSoft
2012-08-11 19:28 . 2012-08-11 19:28 -------- d-----w- c:\users\Paulus\AppData\Roaming\Nokia Suite
2012-08-11 18:47 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-08-11 18:47 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-08-11 18:47 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-08-11 18:47 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-08-11 18:47 . 2012-08-11 18:47 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-08-11 18:47 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-08-11 18:47 . 2012-08-11 18:47 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-08-11 17:47 . 2005-08-03 14:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2012-08-11 17:47 . 2005-08-03 14:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2012-08-10 21:15 . 2012-08-10 21:15 -------- d-----w- c:\users\Paulus\.Nokia
2012-08-10 21:15 . 2012-08-10 21:15 -------- d-----w- C:\Nokia
2012-08-10 21:14 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-08-10 21:14 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-08-10 21:14 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-08-10 21:14 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-08-10 21:14 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-08-10 21:14 . 2012-08-10 21:14 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-08-10 21:14 . 2012-08-10 21:14 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-31 19:15 . 2012-06-14 09:29 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-31 19:15 . 2012-06-14 09:29 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSTITL.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSTEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSTMP.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSPEC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSCRP.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSREH_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSMET_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSCHOR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRS____.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSTEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSSE__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSS___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSROMC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSPC__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSP___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSO___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSNN__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSM___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFS__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFBE_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFB__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSCSC_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSCS__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSC___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUS____.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INKPEN2_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2TEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2SPEC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2SCRI.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2METR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2CHOR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELST___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSS___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSM___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSINKI.FOT
2012-07-22 13:58 . 2012-06-24 10:38 139848 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-22 13:58 . 2012-06-24 10:48 282696 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-22 13:58 . 2012-06-24 10:37 282696 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-19 11:09 . 2012-06-24 10:37 111928 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-16 11:09 . 2012-07-16 11:09 274432 ----a-w- c:\windows\system32\crysoundsystem.dll
2012-07-14 10:35 . 2012-07-14 10:35 226304 ----a-w- c:\windows\system32\binkw32.dll
2012-06-24 10:38 . 2012-06-24 10:38 138904 ----a-w- c:\users\Paulus\AppData\Roaming\PnkBstrK.sys
2012-06-24 10:37 . 2012-06-24 10:37 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-21 08:37 . 2012-06-21 08:37 3166792 ------w- c:\windows\system32\pbsvc.exe
2012-06-15 18:57 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-14 13:51 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-06-14 12:45 . 2012-06-14 12:45 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-14 10:36 . 2012-06-14 10:36 695675 ----a-w- c:\windows\unins000.exe
2012-06-14 08:40 . 2012-06-14 08:40 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-06-14 08:40 . 2012-06-14 08:40 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-06-14 08:40 . 2012-06-14 08:40 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-06-14 08:40 . 2012-06-14 08:40 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-06-14 08:40 . 2012-06-14 08:40 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-06-14 08:40 . 2012-06-14 08:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-06-14 08:40 . 2012-06-14 08:40 367104 ----a-w- c:\windows\system32\html.iec
2012-06-14 08:40 . 2012-06-14 08:40 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-06-14 08:40 . 2012-06-14 08:40 161792 ----a-w- c:\windows\system32\msls31.dll
2012-06-14 08:40 . 2012-06-14 08:40 152064 ----a-w- c:\windows\system32\wextract.exe
2012-06-14 08:40 . 2012-06-14 08:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-06-14 08:40 . 2012-06-14 08:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-06-14 08:40 . 2012-06-14 08:40 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-06-14 08:40 . 2012-06-14 08:40 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-06-14 08:40 . 2012-06-14 08:40 11776 ----a-w- c:\windows\system32\mshta.exe
2012-06-14 08:40 . 2012-06-14 08:40 101888 ----a-w- c:\windows\system32\admparse.dll
2012-06-11 18:17 . 2012-06-11 18:17 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05 . 2012-07-11 08:45 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05 . 2012-07-11 08:45 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03 . 2012-07-11 08:45 805376 ----a-w- c:\windows\system32\cdosys.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1acb83b-3713-4784-b2b3-64c6d06565e9}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="d:\programy\HotkeyP\HotkeyP.exe" [2012-03-28 147456]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"SkyDrive"="c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-08-26 238528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888]
.
c:\users\Paulus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lunascape6.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lunascape6.lnk
backup=c:\windows\pss\Lunascape6.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Paulus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Paulus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-30 18:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameShadow]
2010-08-04 22:18 667928 ----a-w- c:\program files\GameShadow\GameShadow.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-06-21 19:41 127040 ----a-w- c:\program files\ICQ7M\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KB350e]
2007-12-12 14:31 184320 ----a-w- c:\program files\KB350e\MagicKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2011-10-21 11:19 2193000 ----a-w- c:\program files\Nokia\Nokia Music Player\NokiaMusicPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-08-03 14:06 1086376 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-06-26 09:34 421888 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe
.
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 Media Center 17 Service;Media Center 17 Service;c:\program files\J River\Media Center 17\JRService.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 MpKsl8f0c9bfd;MpKsl8f0c9bfd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47EE6536-5508-4099-BAF8-7D4377CE09A1}\MpKsl8f0c9bfd.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL8F0C9BFD
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{bb7f932c-881f-4b88-837d-cf84adff062b} - {707f6b7e-a2f2-490e-b857-38fcd1a2326b} - mscoree.dll
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-09-01 12:26:34
ComboFix-quarantined-files.txt 2012-09-01 10:26
ComboFix2.txt 2012-08-31 08:50
.
Před spuštěním: Volných bajtů: 36 345 794 560
Po spuštění: Volných bajtů: 36 069 236 736
.
- - End Of File - - C9D4827CEB15FCFB99AC1BB26B4FA2C4

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:32:19, on 1.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
D:\Programy\HotkeyP\HotkeyP.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\JDownloader\jre\bin\javaw.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Paulus\Desktop\Dočasná\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SoftGate.DownloadManager.IE.DownloadManagerPlugin - {a1acb83b-3713-4784-b2b3-64c6d06565e9} - mscoree.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [HotkeyP] D:\Programy\HotkeyP\HotkeyP.exe 0
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Paulus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {bb7f932c-881f-4b88-837d-cf84adff062b} - mscoree.dll
O9 - Extra 'Tools' menuitem: SoftGate Download Manager - {bb7f932c-881f-4b88-837d-cf84adff062b} - mscoree.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mxl: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mya: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myt: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com.tw/common/asusTek_sys_ctrl.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.80.2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Media Center 17 Service - JRiver, Inc. - C:\Program Files\J River\Media Center 17\JRService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

--
End of file - 8225 bytes

https://www.virustotal.com/file/abd4afd ... 346495339/

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-01 12:33:40
-----------------------------
12:33:40.123 OS Version: Windows 6.1.7601 Service Pack 1
12:33:40.139 Number of processors: 2 586 0x6B02
12:33:40.139 ComputerName: PAVLVS-PC UserName: Paulus
12:33:41.745 Initialize success
12:33:47.619 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:33:47.619 Disk 0 Vendor: WDC_WD2500YS-01SHB1 20.06C06 Size: 239372MB BusType: 3
12:33:47.634 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
12:33:47.634 Disk 1 Vendor: SAMSUNG_HD103SI 1AG01118 Size: 953869MB BusType: 3
12:33:47.665 Disk 1 MBR read successfully
12:33:47.665 Disk 1 MBR scan
12:33:47.681 Disk 1 Windows 7 default MBR code
12:33:47.681 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 97357 MB offset 2048
12:33:47.712 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 856509 MB offset 199389184
12:33:47.728 Disk 1 scanning sectors +1953519616
12:33:47.790 Disk 1 scanning C:\Windows\system32\drivers
12:33:53.531 Service scanning
12:34:00.192 Service MpKsl8f0c9bfd c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{47EE6536-5508-4099-BAF8-7D4377CE09A1}\MpKsl8f0c9bfd.sys **LOCKED** 32
12:34:07.587 Modules scanning
12:34:22.235 Disk 1 trace - called modules:
12:34:22.266 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
12:34:22.282 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x85c27aa8]
12:34:22.297 3 CLASSPNP.SYS[891c859e] -> nt!IofCallDriver -> [0x85bf7f08]
12:34:22.313 5 ACPI.sys[833b93d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85c13030]
12:34:22.329 Scan finished successfully
12:34:30.534 Disk 1 MBR has been saved successfully to "C:\Users\Paulus\Desktop\MBR.dat"
12:34:30.550 The log file has been saved successfully to "C:\Users\Paulus\Desktop\aswMBR.txt"

PDF soubory už jdou normálně otevřít :thumbsup:

Příspěvekod **Žbeky** » 01 zář 2012 18:44

CF musíš spustit se skriptem, ty jsi ho spustil bez něj

Irbis · Příspěvekod **Irbis** » 01 zář 2012 19:49

ComboFix 12-08-31.08 - Paulus 01.09.2012 19:32:15.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1253 [GMT 2:00]
Spuštěný z: c:\users\Paulus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Paulus\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Skype\Updater\Updater.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-01 do 2012-09-01 )))))))))))))))))))))))))))))))
.
.
2012-09-01 17:43 . 2012-09-01 17:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-01 10:36 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{443F780A-3001-4ECC-BB7C-33F31152B3A4}\mpengine.dll
2012-09-01 09:10 . 2012-09-01 09:10 -------- d-----w- c:\programdata\Remedy
2012-08-31 20:07 . 2012-08-31 20:07 -------- d-----w- c:\users\Paulus\AppData\Local\Focus Home Interactive
2012-08-31 18:13 . 2012-08-31 18:13 -------- d-----w- c:\programdata\Age of Empires 3
2012-08-31 17:37 . 2012-08-31 17:37 -------- d-----w- c:\users\Paulus\AppData\Local\Application Data
2012-08-31 17:37 . 2006-07-13 12:31 200704 --s-a-w- c:\windows\system32\libssl32.dll
2012-08-31 17:37 . 2006-05-10 09:43 1069056 --s-a-w- c:\windows\system32\libeay32.dll
2012-08-31 17:37 . 2012-08-31 17:37 -------- d-----w- c:\program files\Winwap Technologies
2012-08-31 09:12 . 2012-08-23 07:15 7022536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-31 08:45 . 2012-09-01 17:44 -------- d-----w- c:\users\Paulus\AppData\Local\temp
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\users\Paulus\AppData\Roaming\Malwarebytes
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\programdata\Malwarebytes
2012-08-30 14:30 . 2012-08-30 14:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-30 14:30 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-29 15:26 . 2012-08-29 15:26 -------- d-----w- c:\users\Paulus\AppData\Local\Comodo
2012-08-29 15:26 . 2012-08-29 15:30 45320 ----a-w- c:\windows\system32\certsentry.dll
2012-08-29 15:25 . 2012-08-29 15:25 -------- d-----w- c:\program files\Comodo
2012-08-29 15:22 . 2012-08-29 15:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-08-29 15:22 . 2012-08-29 15:22 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-08-27 15:07 . 2012-08-27 15:07 653120 ----a-w- c:\windows\system32\msvcr90.dll
2012-08-27 14:46 . 2012-08-27 15:07 -------- d-----w- c:\program files\WiseFixer
2012-08-26 19:56 . 2012-08-26 19:56 -------- d-----w- C:\SkyDriveTemp
2012-08-26 19:48 . 2012-08-26 19:48 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-08-26 19:48 . 2012-09-01 10:10 -------- d-----r- c:\users\Paulus\SkyDrive
2012-08-26 19:47 . 2012-08-26 19:47 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-08-25 08:52 . 2012-06-10 19:58 381096 ------w- c:\windows\system32\MC17.exe
2012-08-25 08:15 . 2012-08-25 08:15 -------- d-----w- c:\users\Paulus\AppData\Roaming\MPEG Streamclip
2012-08-24 21:05 . 2012-08-24 21:05 -------- d-----w- c:\users\Paulus\AppData\Roaming\mkvtoolnix
2012-08-24 21:04 . 2012-08-24 21:04 -------- d-----w- c:\program files\MKVToolNix
2012-08-24 20:35 . 2012-07-14 12:38 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-08-24 20:35 . 2012-07-14 12:37 47616 ----a-w- c:\windows\system32\ff_acm.acm
2012-08-24 20:35 . 2012-08-24 20:35 -------- d-----w- c:\program files\ffdshow
2012-08-24 20:07 . 2012-01-20 12:14 17280 ----a-w- c:\windows\system32\roboot.exe
2012-08-24 20:07 . 2012-08-24 20:07 -------- d-----w- c:\users\Paulus\AppData\Roaming\systweak
2012-08-24 20:06 . 2012-08-24 20:21 -------- d-----w- c:\program files\mkvtoavis
2012-08-24 19:54 . 2012-08-24 20:00 -------- d-----w- c:\program files\Free MKV Video2Dvd
2012-08-24 19:51 . 2012-08-24 19:54 -------- d-----w- c:\program files\MKV Player
2012-08-24 19:42 . 2012-08-24 19:47 -------- d-----w- c:\users\Paulus\AppData\Roaming\avidemux
2012-08-23 19:47 . 2012-08-23 19:47 -------- d-----w- c:\programdata\Premium
2012-08-23 19:46 . 2012-08-31 08:44 -------- d-----w- c:\program files\Web Assistant
2012-08-23 19:45 . 2012-08-31 08:13 -------- d-----w- c:\programdata\OptimizerPro1
2012-08-23 19:44 . 2012-08-23 19:47 -------- d-----w- c:\programdata\InstallMate
2012-08-23 19:42 . 2012-08-23 19:42 -------- d-----w- c:\program files\Yontoo
2012-08-23 19:42 . 2012-08-23 19:42 -------- d-----w- c:\programdata\Tarma Installer
2012-08-23 12:12 . 2012-08-30 18:41 -------- d-----w- c:\users\Paulus\AppData\Roaming\vlc
2012-08-21 11:19 . 2012-06-27 13:18 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-08-21 11:19 . 2012-08-21 11:19 -------- d-----w- c:\program files\PC Connectivity Solution
2012-08-19 10:06 . 2012-08-19 10:06 -------- d-----w- c:\program files\KB350e
2012-08-17 20:53 . 2012-08-19 10:17 -------- d-----w- c:\users\Paulus\AppData\Roaming\Skype
2012-08-17 20:52 . 2012-08-17 20:52 -------- d-----w- c:\program files\Common Files\Skype
2012-08-17 20:52 . 2012-08-17 20:52 -------- d-----r- c:\program files\Skype
2012-08-17 20:52 . 2012-08-17 20:53 -------- d-----w- c:\programdata\Skype
2012-08-16 12:32 . 2012-05-29 14:33 171256 ----a-w- c:\windows\system32\MMPlugHostCtrl.dll
2012-08-16 12:32 . 2012-05-29 14:33 2265848 ----a-w- c:\program files\Internet Explorer\Plugins\NPMyrMus.dll
2012-08-15 09:17 . 2012-08-15 09:17 -------- d-----w- c:\program files\Sibelius Software
2012-08-15 09:14 . 2012-05-14 04:33 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 09:10 . 2012-07-18 17:47 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 09:10 . 2012-02-11 05:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 09:10 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 09:09 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 09:09 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 09:09 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-14 20:33 . 2012-08-14 20:33 -------- d-----w- c:\users\Paulus\AppData\Roaming\AnvSoft
2012-08-14 20:33 . 2012-08-14 20:33 -------- d-----w- c:\program files\AnvSoft
2012-08-11 19:28 . 2012-08-11 19:28 -------- d-----w- c:\users\Paulus\AppData\Roaming\Nokia Suite
2012-08-11 18:47 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-08-11 18:47 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-08-11 18:47 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-08-11 18:47 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-08-11 18:47 . 2012-08-11 18:47 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-08-11 18:47 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-08-11 18:47 . 2012-08-11 18:47 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-08-11 17:47 . 2005-08-03 14:04 26719 ----a-w- c:\windows\system32\SERSPL.VXD
2012-08-11 17:47 . 2005-08-03 14:05 35892 ----a-w- c:\windows\system32\SER9PL.sys
2012-08-10 21:15 . 2012-08-10 21:15 -------- d-----w- c:\users\Paulus\.Nokia
2012-08-10 21:15 . 2012-08-10 21:15 -------- d-----w- C:\Nokia
2012-08-10 21:14 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-08-10 21:14 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-08-10 21:14 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-08-10 21:14 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-08-10 21:14 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-08-10 21:14 . 2012-08-10 21:14 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-08-10 21:14 . 2012-08-10 21:14 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-31 19:15 . 2012-06-14 09:29 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-31 19:15 . 2012-06-14 09:29 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSTITL.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSTEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSTMP.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSPEC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSSCRP.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSREH_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSMET_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRSCHOR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\RPRS____.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSTEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSSE__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSS___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSROMC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSPC__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSP___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSO___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSNN__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSM___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFS__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFBE_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSFB__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSCSC_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSCS__.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUSC___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\OPUS____.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INKPEN2_.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2TEXT.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2SPEC.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2SCRI.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2METR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\INK2CHOR.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELST___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSS___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSM___.FOT
2012-08-15 09:18 . 2012-08-15 09:18 1409 ----a-w- c:\windows\Fonts\HELSINKI.FOT
2012-07-22 13:58 . 2012-06-24 10:38 139848 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-22 13:58 . 2012-06-24 10:48 282696 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-22 13:58 . 2012-06-24 10:37 282696 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-19 11:09 . 2012-06-24 10:37 111928 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-16 11:09 . 2012-07-16 11:09 274432 ----a-w- c:\windows\system32\crysoundsystem.dll
2012-07-14 10:35 . 2012-07-14 10:35 226304 ----a-w- c:\windows\system32\binkw32.dll
2012-06-24 10:38 . 2012-06-24 10:38 138904 ----a-w- c:\users\Paulus\AppData\Roaming\PnkBstrK.sys
2012-06-24 10:37 . 2012-06-24 10:37 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-21 08:37 . 2012-06-21 08:37 3166792 ------w- c:\windows\system32\pbsvc.exe
2012-06-15 18:57 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-14 13:51 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-06-14 12:45 . 2012-06-14 12:45 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-14 10:36 . 2012-06-14 10:36 695675 ----a-w- c:\windows\unins000.exe
2012-06-14 08:40 . 2012-06-14 08:40 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-06-14 08:40 . 2012-06-14 08:40 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-06-14 08:40 . 2012-06-14 08:40 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-06-14 08:40 . 2012-06-14 08:40 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-06-14 08:40 . 2012-06-14 08:40 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-06-14 08:40 . 2012-06-14 08:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-06-14 08:40 . 2012-06-14 08:40 367104 ----a-w- c:\windows\system32\html.iec
2012-06-14 08:40 . 2012-06-14 08:40 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-06-14 08:40 . 2012-06-14 08:40 161792 ----a-w- c:\windows\system32\msls31.dll
2012-06-14 08:40 . 2012-06-14 08:40 152064 ----a-w- c:\windows\system32\wextract.exe
2012-06-14 08:40 . 2012-06-14 08:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-06-14 08:40 . 2012-06-14 08:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-06-14 08:40 . 2012-06-14 08:40 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-06-14 08:40 . 2012-06-14 08:40 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-06-14 08:40 . 2012-06-14 08:40 11776 ----a-w- c:\windows\system32\mshta.exe
2012-06-14 08:40 . 2012-06-14 08:40 101888 ----a-w- c:\windows\system32\admparse.dll
2012-06-11 18:17 . 2012-06-11 18:17 65536 ----a-w- c:\windows\system32\frapsvid.dll
2012-06-06 06:49 . 2012-06-06 06:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05 . 2012-07-11 08:45 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05 . 2012-07-11 08:45 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03 . 2012-07-11 08:45 805376 ----a-w- c:\windows\system32\cdosys.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\KB350e ----
.
2012-08-19 10:06 . 2007-11-27 09:02 40976 ----a-r- c:\program files\KB350e\STRINGS.reg
2012-08-19 10:06 . 2005-11-18 05:46 521128 ----a-r- c:\program files\KB350e\Driver32\DPInst.exe
2012-08-19 10:06 . 2008-01-15 07:46 10691 ----a-w- c:\program files\KB350e\Driver32\230fltr.cat
2012-08-19 10:06 . 2007-11-30 11:34 32768 ----a-w- c:\program files\KB350e\Driver32\diunins.exe
2012-08-19 10:06 . 2007-12-25 16:05 1856 ----a-w- c:\program files\KB350e\Driver32\UsbFltr.inf
2012-08-19 10:06 . 2007-11-26 08:44 8192 ----a-r- c:\program files\KB350e\Driver32\230Fltr.sys
2012-08-19 10:06 . 2008-01-15 07:46 10559 ----a-w- c:\program files\KB350e\Driver32\kbfiltr.cat
2012-08-19 10:06 . 2007-05-21 17:01 20587 ----a-r- c:\program files\KB350e\BMP\Genius.jpg
2012-08-19 10:06 . 2007-11-29 07:16 12800 ----a-w- c:\program files\KB350e\Driver32\kbfilter.sys
2012-08-19 10:06 . 2007-12-25 16:08 2099 ----a-w- c:\program files\KB350e\Driver32\KBFILTR.INF
2012-08-19 10:06 . 2007-06-25 07:22 16827 ----a-r- c:\program files\KB350e\BMP\7.jpg
2012-08-19 10:06 . 2007-08-28 13:40 17019 ----a-r- c:\program files\KB350e\BMP\8.jpg
2012-08-19 10:06 . 2007-06-25 07:22 15807 ----a-r- c:\program files\KB350e\BMP\9.jpg
2012-08-19 10:06 . 2007-08-28 13:43 17579 ----a-r- c:\program files\KB350e\BMP\4.jpg
2012-08-19 10:06 . 2007-08-28 13:36 17186 ----a-r- c:\program files\KB350e\BMP\5.jpg
2012-08-19 10:06 . 2007-08-28 13:34 16697 ----a-r- c:\program files\KB350e\BMP\6.jpg
2012-08-19 10:06 . 2007-06-25 07:19 16350 ----a-r- c:\program files\KB350e\BMP\22.jpg
2012-08-19 10:06 . 2007-06-25 07:20 15594 ----a-r- c:\program files\KB350e\BMP\23.jpg
2012-08-19 10:06 . 2007-08-28 13:37 17193 ----a-r- c:\program files\KB350e\BMP\3.jpg
2012-08-19 10:06 . 2007-08-28 13:31 16314 ----a-r- c:\program files\KB350e\BMP\19.jpg
2012-08-19 10:06 . 2007-06-25 07:18 17346 ----a-r- c:\program files\KB350e\BMP\2.jpg
2012-08-19 10:06 . 2007-08-28 13:32 16322 ----a-r- c:\program files\KB350e\BMP\20.jpg
2012-08-19 10:06 . 2007-08-28 13:33 16187 ----a-r- c:\program files\KB350e\BMP\21.jpg
2012-08-19 10:06 . 2007-08-28 13:29 16630 ----a-r- c:\program files\KB350e\BMP\17.jpg
2012-08-19 10:06 . 2007-08-28 13:31 16184 ----a-r- c:\program files\KB350e\BMP\18.jpg
2012-08-19 10:06 . 2007-06-25 07:12 17233 ----a-r- c:\program files\KB350e\BMP\16.jpg
2012-08-19 10:06 . 2007-06-25 07:14 17505 ----a-r- c:\program files\KB350e\BMP\13.jpg
2012-08-19 10:06 . 2007-06-25 07:17 17013 ----a-r- c:\program files\KB350e\BMP\14.jpg
2012-08-19 10:06 . 2007-06-25 07:13 17694 ----a-r- c:\program files\KB350e\BMP\15.jpg
2012-08-19 10:06 . 2007-08-28 13:39 16561 ----a-r- c:\program files\KB350e\BMP\10.jpg
2012-08-19 10:06 . 2007-08-28 13:39 16253 ----a-r- c:\program files\KB350e\BMP\11.jpg
2012-08-19 10:06 . 2007-08-28 13:38 16263 ----a-r- c:\program files\KB350e\BMP\12.jpg
2012-08-19 10:06 . 2007-06-25 07:19 16675 ----a-r- c:\program files\KB350e\BMP\1.jpg
2012-08-19 10:06 . 2005-11-18 05:46 845736 ----a-r- c:\program files\KB350e\Driver64\DPInst.exe
2012-08-19 10:06 . 2008-01-15 07:46 10691 ----a-w- c:\program files\KB350e\Driver64\usbcat.cat
2012-08-19 10:06 . 2007-11-30 11:41 48640 ----a-w- c:\program files\KB350e\Driver64\xpinstall64.exe
2012-08-19 10:06 . 2007-12-25 16:04 2583 ----a-w- c:\program files\KB350e\Driver64\UsbFltr.inf
2012-08-19 10:06 . 2007-11-27 10:21 11520 ----a-r- c:\program files\KB350e\Driver64\230Fltr.sys
2012-08-19 10:06 . 2008-01-15 07:46 10559 ----a-w- c:\program files\KB350e\Driver64\kbfiltr.cat
2012-08-19 10:06 . 2007-11-29 11:10 13312 ----a-w- c:\program files\KB350e\Driver64\kbfilter.sys
2012-08-19 10:06 . 2007-12-25 16:08 2155 ----a-w- c:\program files\KB350e\Driver64\KBFILTR.INF
2012-08-19 10:06 . 1986-05-21 21:00 5253 ----a-r- c:\program files\KB350e\Wtvk.dll
2012-08-19 10:06 . 2007-10-31 14:20 192591 ----a-r- c:\program files\KB350e\WTSystem.dll
2012-08-19 10:06 . 2007-09-07 12:24 114688 ----a-r- c:\program files\KB350e\WTMenu.dll
2012-08-19 10:06 . 2007-12-12 14:56 49152 ----a-w- c:\program files\KB350e\WTInter.dll
2012-08-19 10:06 . 2007-09-03 11:46 180224 ----a-r- c:\program files\KB350e\WTBTNRES.dll
2012-08-19 10:06 . 2007-11-26 15:56 40960 ----a-r- c:\program files\KB350e\WDAccess.dll
2012-08-19 10:06 . 2007-09-03 14:39 1078 ----a-r- c:\program files\KB350e\UnInstall.ico
2012-08-19 10:06 . 2004-01-06 14:47 57344 ----a-r- c:\program files\KB350e\UnInst.dll
2012-08-19 10:06 . 1999-12-07 10:00 28944 ----a-r- c:\program files\KB350e\PSAPI.DLL
2012-08-19 10:06 . 2007-10-25 08:42 909312 ----a-r- c:\program files\KB350e\Option.exe
2012-08-19 10:06 . 2007-08-31 15:28 176195 ----a-r- c:\program files\KB350e\OSD.exe
2012-08-19 10:06 . 2007-09-03 12:02 2187264 ----a-r- c:\program files\KB350e\MediaCtl.dll
2012-08-19 10:06 . 2002-07-19 15:13 237568 ----a-r- c:\program files\KB350e\MeStdDll.dll
2012-08-19 10:06 . 2007-12-12 14:31 184320 ----a-w- c:\program files\KB350e\MagicKey.exe
2012-08-19 10:06 . 2006-04-03 14:31 49152 ----a-r- c:\program files\KB350e\Getkey.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1acb83b-3713-4784-b2b3-64c6d06565e9}]
2010-11-05 01:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-26 19:48 220608 ----a-w- c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="d:\programy\HotkeyP\HotkeyP.exe" [2012-03-28 147456]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"SkyDrive"="c:\users\Paulus\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-08-26 238528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-07-28 9398888]
.
c:\users\Paulus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2011-9-2 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lunascape6.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lunascape6.lnk
backup=c:\windows\pss\Lunascape6.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Paulus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Paulus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-30 18:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameShadow]
2010-08-04 22:18 667928 ----a-w- c:\program files\GameShadow\GameShadow.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2012-06-21 19:41 127040 ----a-w- c:\program files\ICQ7M\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 17:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KB350e]
2007-12-12 14:31 184320 ----a-w- c:\program files\KB350e\MagicKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2011-10-21 11:19 2193000 ----a-w- c:\program files\Nokia\Nokia Music Player\NokiaMusicPlayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-08-03 14:06 1086376 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-06-26 09:34 421888 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe
.
R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 Media Center 17 Service;Media Center 17 Service;c:\program files\J River\Media Center 17\JRService.exe [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x]
S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Paulus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{bb7f932c-881f-4b88-837d-cf84adff062b} - {707f6b7e-a2f2-490e-b857-38fcd1a2326b} - mscoree.dll
TCP: DhcpNameServer = 192.168.2.1
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2012-09-01 19:48:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-01 17:48
ComboFix2.txt 2012-09-01 10:26
ComboFix3.txt 2012-08-31 08:50
.
Před spuštěním: Volných bajtů: 36 082 458 624
Po spuštění: Volných bajtů: 36 150 112 256
.
- - End Of File - - 3CC773012816AA8A6EA1722D19173E7A

Příspěvekod **jaro3** » 02 zář 2012 10:42

Toto otestuj na Virustotal
c:\windows\system32\srvany.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Neudělal si.

Irbis · Příspěvekod **Irbis** » 02 zář 2012 10:55

udělal ale nevložil

https://www.virustotal.com/file/abd4afd ... 346495339/

Příspěvekod **jaro3** » 02 zář 2012 11:04

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Jak to vypadá nyní?

Prosím o kontrolu logu - program IE přestal pracovat Vyřešeno

Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Re: Prosím o kontrolu logu - program IE přestal pracovat

Kdo je online