Prosím o kontrolu logu

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
    "netsvcs"=-
    "netsvcs"=hex(7):36,00,74,00,6f,00,34,00,00,00,41,00,70,00,70,00,4d,00,67,00,\
    6d,00,74,00,00,00,41,00,75,00,64,00,69,00,6f,00,53,00,72,00,76,00,00,00,42,\
    00,72,00,6f,00,77,00,73,00,65,00,72,00,00,00,43,00,72,00,79,00,70,00,74,00,\
    53,00,76,00,63,00,00,00,44,00,4d,00,53,00,65,00,72,00,76,00,65,00,72,00,00,\
    00,44,00,48,00,43,00,50,00,00,00,45,00,52,00,53,00,76,00,63,00,00,00,45,00,\
    76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,46,00,61,\
    00,73,00,74,00,55,00,73,00,65,00,72,00,53,00,77,00,69,00,74,00,63,00,68,00,\
    69,00,6e,00,67,00,43,00,6f,00,6d,00,70,00,61,00,74,00,69,00,62,00,69,00,6c,\
    00,69,00,74,00,79,00,00,00,48,00,69,00,64,00,53,00,65,00,72,00,76,00,00,00,\
    49,00,61,00,73,00,00,00,49,00,70,00,72,00,69,00,70,00,00,00,49,00,72,00,6d,\
    00,6f,00,6e,00,00,00,4c,00,61,00,6e,00,6d,00,61,00,6e,00,53,00,65,00,72,00,\
    76,00,65,00,72,00,00,00,4c,00,61,00,6e,00,6d,00,61,00,6e,00,57,00,6f,00,72,\
    00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,4d,00,65,00,73,00,\
    73,00,65,00,6e,00,67,00,65,00,72,00,00,00,4e,00,65,00,74,00,6d,00,61,00,6e,\
    00,00,00,4e,00,6c,00,61,00,00,00,4e,00,74,00,6d,00,73,00,73,00,76,00,63,00,\
    00,00,4e,00,57,00,43,00,57,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,\
    00,6f,00,6e,00,00,00,4e,00,77,00,73,00,61,00,70,00,61,00,67,00,65,00,6e,00,\
    74,00,00,00,52,00,61,00,73,00,61,00,75,00,74,00,6f,00,00,00,52,00,61,00,73,\
    00,6d,00,61,00,6e,00,00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,61,00,63,00,\
    63,00,65,00,73,00,73,00,00,00,53,00,63,00,68,00,65,00,64,00,75,00,6c,00,65,\
    00,00,00,53,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,53,00,45,00,\
    4e,00,53,00,00,00,53,00,68,00,61,00,72,00,65,00,64,00,61,00,63,00,63,00,65,\
    00,73,00,73,00,00,00,53,00,52,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,\
    00,00,54,00,61,00,70,00,69,00,73,00,72,00,76,00,00,00,54,00,68,00,65,00,6d,\
    00,65,00,73,00,00,00,54,00,72,00,6b,00,57,00,6b,00,73,00,00,00,57,00,33,00,\
    32,00,54,00,69,00,6d,00,65,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,00,00,\
    00,57,00,6d,00,69,00,00,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,70,00,\
    00,00,77,00,69,00,6e,00,6d,00,67,00,6d,00,74,00,00,00,54,00,65,00,72,00,6d,\
    00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00,77,00,75,00,61,00,75,00,\
    73,00,65,00,72,00,76,00,00,00,42,00,49,00,54,00,53,00,00,00,53,00,68,00,65,\
    00,6c,00,6c,00,48,00,57,00,44,00,65,00,74,00,65,00,63,00,74,00,69,00,6f,00,\
    6e,00,00,00,68,00,65,00,6c,00,70,00,73,00,76,00,63,00,00,00,78,00,6d,00,6c,\
    00,70,00,72,00,6f,00,76,00,00,00,77,00,73,00,63,00,73,00,76,00,63,00,00,00,\
    57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,00,00


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: FIX.REG
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklikej na soubor fix.reg na ploše.

[Reklama]

[CrasherKill]

Klíč jsem přidal do registrů. Odjíždím teď na hory a vrátím se až v neděli. Takže zatím díky

[memphisto]

Tak sem prdni ještě jednou Combofix a dočistíme zbytky

[CrasherKill]

ComboFix 10-12-26.01 - CrasherKill 29.12.2010 11:13:27.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2876 [GMT 1:00]
Spuštěný z: c:\users\CrasherKill\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-29 )))))))))))))))))))))))))))))))
.

2010-12-29 10:16 . 2010-12-29 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-28 17:24 . 2010-12-28 17:24 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\Malwarebytes
2010-12-28 17:24 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-28 17:24 . 2010-12-28 17:24 -------- d-----w- c:\programdata\Malwarebytes
2010-12-28 17:18 . 2010-12-28 17:18 -------- d-----w- c:\users\CrasherKill\DoctorWeb
2010-12-28 16:21 . 2010-12-28 16:21 -------- d-----w- c:\programdata\Electronic Arts
2010-12-28 08:43 . 2010-11-10 05:35 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{04CE72AE-DE7B-4873-AB50-1276B043B341}\mpengine.dll
2010-12-26 14:10 . 2010-12-26 14:10 -------- d-----w- c:\users\CrasherKill\Můj film
2010-12-25 19:38 . 2010-12-25 19:38 -------- d-----w- c:\users\CrasherKill\AppData\Local\4A Games
2010-12-25 10:53 . 2010-12-25 11:02 -------- d-----w- c:\program files (x86)\Vietcong
2010-12-24 20:44 . 2010-12-24 20:45 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\TrueCrypt
2010-12-21 15:09 . 2010-12-21 15:09 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-12-21 15:09 . 2010-12-21 15:09 -------- d-----w- c:\users\CrasherKill\AppData\Roaming\Adobe Mini Bridge CS5
2010-12-16 17:26 . 2003-04-16 00:10 110592 ----a-w- c:\windows\SysWow64\tsccvid.dll
2010-12-16 17:26 . 2010-12-16 17:26 -------- d-----w- c:\program files (x86)\CDVPlayer
2010-12-16 17:26 . 2010-12-22 17:50 466944 ------w- c:\windows\Setup1.exe
2010-12-16 17:26 . 2010-12-22 17:50 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-12-11 18:09 . 2010-12-11 18:09 -------- d--h--r- c:\users\CrasherKill\AppData\Roaming\SecuROM
2010-12-11 16:07 . 2010-12-11 16:07 -------- d-----w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP
2010-12-07 15:34 . 2010-12-07 15:34 15823872 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2010-12-07 15:34 . 2010-12-07 15:34 786492 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2010-12-07 15:34 . 2010-12-07 15:34 107008 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2010-12-04 16:09 . 2010-12-04 16:09 -------- d-----w- c:\program files (x86)\Ubisoft
2010-11-30 20:22 . 2010-11-30 20:22 -------- d-----w- c:\users\CrasherKill\AppData\Local\Xenocode
2010-11-30 20:22 . 2010-11-30 20:22 -------- d-----w- c:\program files (x86)\Xenocode
2010-11-30 19:39 . 2010-11-30 19:39 75776 ----a-w- c:\windows\cadkasdeinst01e.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-29 05:55 . 2010-09-16 17:47 25640 ----a-w- c:\windows\gdrv.sys
2010-12-13 17:42 . 2009-08-18 11:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2010-12-13 17:42 . 2009-08-18 10:24 17816 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-11-23 19:27 . 2010-10-21 19:46 234984 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2010-11-23 19:27 . 2010-10-21 18:56 234984 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2010-11-23 19:27 . 2010-10-21 18:56 234984 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-11-23 18:41 . 2010-10-21 18:56 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-11-17 06:53 . 2010-11-17 06:53 411368 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-10-31 20:49 . 2010-11-05 19:58 6291456 ----a-w- c:\users\CrasherKill\AppData\Roaming\Microsoft\Internet Explorer\Call of Duty Black Ops.exe
2010-10-20 21:59 . 2010-10-20 11:15 112116 ----a-w- c:\users\CrasherKill\AppData\Roaming\mdbu.bin
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\SysWow64\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2010-10-01 18:05 . 2010-09-18 14:35 5018 --sha-w- c:\programdata\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-12-28_18.28.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2010-12-28 08:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2010-12-29 05:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2010-12-29 05:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-28 08:39 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2010-12-28 08:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2010-12-29 05:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 22:04 . 2010-12-29 05:57 39610 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2010-12-29 05:57 32194 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-16 22:04 . 2010-12-29 05:57 12206 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3199945752-1232938285-4007699256-1000_UserData.bin
- 2010-09-16 19:54 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 19:54 . 2010-12-29 05:56 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 19:54 . 2010-12-28 08:39 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-16 19:54 . 2010-12-29 05:56 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-09-16 19:54 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 19:54 . 2010-12-29 05:56 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-16 18:18 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 18:18 . 2010-12-29 05:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 18:18 . 2010-12-29 05:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-09-16 18:18 . 2010-12-28 08:39 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-01 06:19 . 2010-12-28 23:33 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-11-01 06:19 . 2010-11-01 06:19 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-12-28 08:39 . 2010-12-28 08:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-12-29 05:55 . 2010-12-29 05:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-12-29 05:55 . 2010-12-29 05:55 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-12-28 08:39 . 2010-12-28 08:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2010-12-27 19:42 618714 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2010-12-29 10:00 618714 c:\windows\system32\perfh009.dat
+ 2009-07-14 15:18 . 2010-12-29 10:00 634308 c:\windows\system32\perfh005.dat
- 2009-07-14 15:18 . 2010-12-27 19:42 634308 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2010-12-27 19:42 107034 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2010-12-29 10:00 107034 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2010-12-27 19:42 122898 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2010-12-29 10:00 122898 c:\windows\system32\perfc005.dat
- 2009-07-14 02:34 . 2010-12-28 12:30 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2010-12-29 08:47 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-12-28 23:33 . 2010-12-28 23:33 20304384 c:\windows\Installer\40f239.msp
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="e:\program files (x86)\RocketDock\RocketDock.exe" [2007-03-18 630784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="e:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
"Adobe Reader Speed Launcher"="e:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 136176]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys [2009-05-05 508672]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-18 1436424]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-16 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-16 834544]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 203264]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 673792]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-06 2002728]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-04-19 1401672]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 7767040]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 279040]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-25 11856]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 07:40]

2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-19 07:40]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
"Corel Photo Downloader"="c:\program files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
6to4
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
HidServ
Iprip
LanmanWorkstation
Messenger
Netman
TrkWks
W32Time
WZCSVC
xmlprov
wscsvc
WmdmPmSN
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\CrasherKill\AppData\Roaming\Mozilla\Firefox\Profiles\8mumv3li.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3199945752-1232938285-4007699256-1000\Software\SecuROM\License information*]
"datasecu"=hex:ef,82,56,5d,0c,2a,49,c5,d8,02,72,f1,41,48,23,44,f4,d1,5a,00,ca,
45,f2,df,f9,2e,dd,8c,25,07,1f,14,34,ca,a0,27,09,0f,64,34,93,44,4c,57,8a,3a,\
"rkeysecu"=hex:27,49,52,9a,85,ae,e3,e5,f1,c8,c0,10,6c,a0,9a,95
.
Celkový čas: 2010-12-29 11:21:52
ComboFix-quarantined-files.txt 2010-12-29 10:21
ComboFix2.txt 2010-12-28 22:25
ComboFix3.txt 2010-12-28 22:07
ComboFix4.txt 2010-12-28 18:31

Před spuštěním: Volných bajtů: 83 295 662 080
Po spuštění: Volných bajtů: 83 002 896 384

- - End Of File - - 796F654B8CFF974577C3D15A4608349B

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials


+HJT

Jak se chová PC?