Nekorektní chování Win7/64 Vyřešeno

[rados-75]

ComboFix 11-03-07.02 - Radoš 07.03.2011 22:09:14.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3072.1977 [GMT 1:00]
Spuštěný z: c:\users\Radoš\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radoš\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\75043DBE9A.sys"
"c:\programdata\KGyGaAvL.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\75043DBE9A.sys
c:\programdata\KGyGaAvL.sys
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.idl
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.xpt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.xpt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\alertSettingsComponent.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\appContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\engineContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\engineSettings.json
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\fbAlert.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\getAppsContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\postAppsContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\toolbarContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\unsharedAppsContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome.manifest
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\install.rdf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib\xpcom.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\manifest.mf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.rsa
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.sf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.gif
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.ico
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.PNG
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.src
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\setup.ini
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\version.txt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\chrome.manifest
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\install.rdf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\lib\xpcom.js
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\setup.ini
c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\extensions\engine@conduit.com\version.txt
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
Nakažená kopie c:\windows\SysWow64\mshtml.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_8c10c048afd881c1\mshtml.dll
.
Nakažená kopie c:\windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
.
Nakažená kopie c:\windows\System32\calc.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-calc_31bf3856ad364e35_6.1.7600.16385_none_05b2f2e2346cfea4\calc.exe
Nakažená kopie c:\windows\System32\iscsicli.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.1.7600.16385_none_36689ce52ec8f6ec\iscsicli.exe
Nakažená kopie c:\windows\System32\mstsc.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7600.16385_none_a9d13f3c3ac896a5\mstsc.exe
Nakažená kopie c:\windows\System32\NAPSTAT.EXE byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-n..protection-statusui_31bf3856ad364e35_6.1.7600.16385_none_998ff5c741ae3fb1\NAPSTAT.EXE
Nakažená kopie c:\windows\System32\wextract.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\amd64_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.7600.16385_none_db2b15bfcf64f104\wextract.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-07 do 2011-03-07 )))))))))))))))))))))))))))))))
.
.
2011-03-07 21:13 . 2011-03-07 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-07 19:24 . 2011-03-07 19:24 -------- d-----w- c:\users\Radoš\AppData\Roaming\Malwarebytes
2011-03-07 19:24 . 2011-03-07 19:24 -------- d-----w- c:\programdata\Malwarebytes
2011-03-07 19:24 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-03-07 19:24 . 2011-03-07 19:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-03-07 19:24 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-28 13:43 . 2011-02-28 13:43 -------- d-----w- C:\$WINDOWS.~LS
2011-02-28 13:42 . 2011-02-28 13:42 -------- d-----w- C:\$UPGRADE.~OS
2011-02-28 09:52 . 2011-02-28 09:53 -------- d-----w- c:\program files (x86)\DriveKey
2011-02-28 09:52 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-02-28 09:52 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2011-02-28 09:52 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2011-02-28 09:52 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2011-02-28 09:52 . 2001-09-05 02:24 610436 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2011-02-23 22:44 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 22:44 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-23 09:55 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 09:55 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 09:55 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-23 09:55 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 20:20 . 2011-02-22 20:21 -------- d-----w- c:\users\Radoš\AppData\Roaming\Corel
2011-02-22 20:18 . 2011-02-22 20:18 -------- d-----w- c:\programdata\Corel
2011-02-22 20:18 . 2011-02-22 20:18 -------- d-----w- c:\program files (x86)\Common Files\Protexis
2011-02-22 20:17 . 2011-02-22 20:17 -------- d-----w- c:\program files (x86)\Common Files\Corel
2011-02-22 20:17 . 2011-02-22 20:17 -------- d-----w- c:\program files (x86)\Corel
2011-02-18 09:11 . 2011-02-18 09:11 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-02-12 10:14 . 2011-02-02 16:10 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF23977D-D9D1-43AF-81FF-4F853CF9B8CA}\mpengine.dll
2011-02-12 10:14 . 2011-02-02 16:11 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-02-09 15:59 . 2011-03-07 15:21 -------- d-----w- c:\users\Radoš\AppData\Roaming\skypePM
2011-02-09 15:54 . 2011-02-09 15:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-02-09 15:54 . 2011-03-07 21:15 -------- d-----w- c:\users\Radoš\AppData\Roaming\Skype
2011-02-09 15:54 . 2011-03-07 20:20 -------- d-----r- c:\program files (x86)\Skype
2011-02-09 15:54 . 2011-02-09 15:54 -------- d-----w- c:\programdata\Skype
2011-02-09 12:07 . 2010-10-27 05:23 5477248 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-02-09 12:07 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 12:07 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 12:07 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-02-09 12:07 . 2010-10-27 04:40 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-02-09 12:07 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-09 12:07 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-09 12:07 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 12:07 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-08 14:10 . 2009-08-11 20:22 580096 ----a-w- c:\windows\system32\ac3filter64.acm
2011-02-08 14:10 . 2011-02-08 14:10 -------- d-----w- c:\program files (x86)\AC3Filter
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 17:54 . 2011-01-31 15:03 2727912 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2011-01-25 12:58 . 2011-01-31 15:03 2838632 ----a-w- c:\windows\system32\RtkAPO64.dll
2011-01-25 12:58 . 2011-01-31 15:03 2358888 ----a-w- c:\windows\system32\RtPgEx64.dll
2011-01-24 13:20 . 2011-01-31 15:03 638056 ----a-w- c:\windows\system32\RtkApi64.dll
2011-01-24 12:29 . 2010-07-09 13:57 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-01-20 13:47 . 2011-01-31 15:03 1943616 ----a-w- c:\windows\system32\FMAPO64.dll
2011-01-12 10:09 . 2011-01-31 15:03 783360 ----a-w- c:\windows\system32\RCoRes64.dat
2011-01-04 18:25 . 2011-01-31 15:03 83560 ----a-w- c:\windows\system32\RCoInst64.dll
2010-12-29 22:22 . 2010-12-29 22:22 69632 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\NewShortcut4_838BDC75346D4F49BD1D5328F986CD86.exe
2010-12-29 22:22 . 2010-12-29 22:22 69632 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\NewShortcut4_838BDC75346D4F49BD1D5328F986CD86.exe
2010-12-29 22:22 . 2010-12-29 22:22 413696 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\NewShortcut2_5B2EDCAA303A43629DACC3FFFABD0901.exe
2010-12-29 22:22 . 2010-12-29 22:22 413696 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\NewShortcut2_5B2EDCAA303A43629DACC3FFFABD0901.exe
2010-12-29 22:22 . 2010-12-29 22:22 413696 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\NewShortcut1_9F9ABBA94B874F449DBFBD7EB1332F16.exe
2010-12-29 22:22 . 2010-12-29 22:22 413696 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\NewShortcut1_9F9ABBA94B874F449DBFBD7EB1332F16.exe
2010-12-29 22:22 . 2010-12-29 22:22 413696 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\ARPPRODUCTICON.exe
2010-12-29 22:22 . 2010-12-29 22:22 413696 ----a-r- c:\users\Radoš\AppData\Roaming\Microsoft\Installer\{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}\ARPPRODUCTICON.exe
.
.
------- Sigcheck -------
.
[-] 2011-01-07 . AE25DAC32F20D6A9F25D230A42E800EA . 8995328 . . [8.00.7600.16385] . . c:\windows\SysWOW64\mshtml.dll
[7] 2011-01-07 . 688872E9CAFCC2758E7FE92A0622B4F9 . 8995328 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_8c10c048afd881c1\mshtml.dll
[7] 2011-01-07 . D0AFD5813136F0EAC80A048740553840 . 8995328 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_8c995cc9c8f70834\mshtml.dll
[7] 2011-01-07 . 1C6045D48179D15A843486D12BEC0EAF . 5980672 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_96656a9ae43943bc\mshtml.dll
[7] 2011-01-07 . 1011333570E1CECAE8FAC34C8D9461BC . 5980672 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_96ee071bfd57ca2f\mshtml.dll
[7] 2010-12-18 . B26512F06AC6E6841F9092DA5CD07B15 . 9302528 . . [8.00.7600.16385] . . c:\windows\ERDNT\cache64\mshtml.dll
[7] 2010-12-18 . B26512F06AC6E6841F9092DA5CD07B15 . 9302528 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_8a3031bcb2ae7b31\mshtml.dll
[7] 2010-12-18 . B9C8DB637F63838B977AD44190677F43 . 9306624 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_8a8d8e8dcbed7168\mshtml.dll
[7] 2010-12-18 . 6E9E2D2DC298FE9A3A3C164FB8A2C9EA . 5980672 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_9484dc0ee70f3d2c\mshtml.dll
[7] 2010-12-18 . A8B89A12E7A379AC443FB002F4AAB51F . 5980672 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_94e238e0004e3363\mshtml.dll
[7] 2010-11-04 . 1F5BE643D0C7949CA8A387598B225754 . 9303040 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20831_none_8aadfe51cbd51d95\mshtml.dll
[7] 2010-11-04 . 30C4D25A902F264E52F7F3A1EEF8576A . 9306624 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16700_none_8a43d100b2a010a1\mshtml.dll
[7] 2010-11-04 . 61854D1111E33A09603452B32A84B5F0 . 5979136 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20831_none_9502a8a40035df90\mshtml.dll
[7] 2010-11-04 . 9145EF1A437A3FCA06069FC649E16E32 . 5978112 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16700_none_94987b52e700d29c\mshtml.dll
[7] 2010-09-08 . BA91EF2891B44E03FA71A8F608E6FB0D . 9296384 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16671_none_89f91ff0b2d7f068\mshtml.dll
[7] 2010-09-08 . 87F2577E0240B62D6934D1076358A96A . 9298944 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20795_none_8a711e0bcc022d70\mshtml.dll
[7] 2010-09-08 . 4F3DEEE94B0F650862F7AB7ABBE40CA1 . 5977088 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20795_none_94c5c85e0062ef6b\mshtml.dll
[7] 2010-09-08 . BAF92C3C3D5A0958817B661439A81FD9 . 5977600 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16671_none_944dca42e738b263\mshtml.dll
[7] 2010-06-30 . E16D240876BAD97B05DCAD346AC734F6 . 9295360 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_8aa72da7cbd9a1bb\mshtml.dll
[7] 2010-06-30 . 74DA18BB61FE98FC002866F032329265 . 9298432 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_8a3330b4b2abca0f\mshtml.dll
[7] 2010-06-30 . BDFD710842C8A25DD27254D91DE60AC6 . 5971456 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_9487db06e70c8c0a\mshtml.dll
[7] 2010-06-30 . 25C1646ADC24C371B594544C3D530967 . 5972992 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_94fbd7fa003a63b6\mshtml.dll
[7] 2010-05-06 . A9A3272AF5BB3B73E93A268FEB8A9367 . 9290240 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16588_none_89f55024b2d9c093\mshtml.dll
[7] 2010-05-06 . 1186C9E0759E0AC7CC6C9A0F66D003ED . 5972992 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20708_none_952a188800173ff7\mshtml.dll
[7] 2010-05-06 . C5A57D9A8C055643BBB2E65D5E181D52 . 5970944 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16588_none_9449fa76e73a828e\mshtml.dll
[7] 2010-05-06 . 77942703FC36E71B86C3585CC32CBFEB . 9295872 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20708_none_8ad56e35cbb67dfc\mshtml.dll
[7] 2009-07-14 . 12C3F25EA578DAA752024E1918D59313 . 9271296 . . [8.00.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_89f24b7ab2dc7a40\mshtml.dll
[7] 2009-07-14 . 43592D31AFF84DD957199248898D9430 . 5957632 . . [8.00.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_9446f5cce73d3c3b\mshtml.dll
[7] 2010-12-18 . B26512F06AC6E6841F9092DA5CD07B15 . 9302528 . . [8.00.7600.16385] . . c:\windows\system32\mshtml.dll
.
[7] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] . . c:\windows\ERDNT\cache64\shsvcs.dll
[7] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_29254ed1369e9d89\shsvcs.dll
[-] 2009-07-14 . 93FDDBA796BF2DB45C3B48A5BEE926DF . 328192 . . [6.1.7600.16385] . . c:\windows\SysWOW64\shsvcs.dll
[-] 2009-07-14 . 93FDDBA796BF2DB45C3B48A5BEE926DF . 328192 . . [6.1.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7600.16385_none_3379f9236aff5f84\shsvcs.dll
[7] 2009-07-14 . 0298AC45D0EFFFB2DB4BAA7DD186E7BF . 369664 . . [6.1.7600.16385] . . c:\windows\system32\shsvcs.dll
.
[7] 2010-10-27 . A6DCF9F73F2FCA7A96D9585817A08B43 . 3957120 . . [6.1.7600.16695] . . c:\windows\ERDNT\cache86\ntkrnlpa.exe
[-] 2010-10-27 . E6D8FCE476979AEB610E3CA032072079 . 3957120 . . [6.1.7600.16695] . . c:\windows\SysWOW64\ntkrnlpa.exe
[-] 2010-10-27 . E6D8FCE476979AEB610E3CA032072079 . 3957120 . . [6.1.7600.16695] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntkrnlpa.exe
[7] 2010-10-27 . 8E641A407A795DFB7B3A34053EF8DB39 . 3966848 . . [6.1.7600.20826] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntkrnlpa.exe
[7] 2010-06-19 . 2A37766F5121E98271ECD811A60D9420 . 3964800 . . [6.1.7600.20738] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20738_none_6cc96abb2e68ff68\ntkrnlpa.exe
[7] 2010-06-19 . 05288B088C0DFAC60D6BCF878FC32B60 . 3955080 . . [6.1.7600.16617] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16617_none_6c546d7e153c0e65\ntkrnlpa.exe
[7] 2010-02-27 . 20926A3F64BFFCD92BAA5ECE9D65CC4A . 3954568 . . [6.1.7600.16539] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_6c40cc54154a7bce\ntkrnlpa.exe
[7] 2010-02-27 . FC781D4359B553D62CBAD9F658E68784 . 3954568 . . [6.1.7600.20655] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_6cb0c81f2e7bee1e\ntkrnlpa.exe
[7] 2009-07-14 . E2A8596576873BC5D509031DECD8C95D . 3954768 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntkrnlpa.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-03-07_20.29.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-07-06 20:17 . 2011-03-07 20:30 54114 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-03-07 20:30 47926 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-03-07 20:19 47926 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-07-06 20:13 . 2011-03-07 20:30 16792 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3643984440-313903296-263318415-1000_UserData.bin
- 2010-07-06 20:12 . 2011-03-07 20:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-06 20:12 . 2011-03-07 21:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-06 20:12 . 2011-03-07 20:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-06 20:12 . 2011-03-07 21:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-07 21:14 . 2011-03-07 21:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-03-07 20:29 . 2011-03-07 20:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-13 23:42 . 2009-07-14 01:39 161792 c:\windows\SysWOW64\wextract.exe
+ 2009-07-13 23:52 . 2009-07-14 01:39 329728 c:\windows\SysWOW64\NAPSTAT.EXE
+ 2009-07-13 23:46 . 2009-07-14 01:39 152064 c:\windows\SysWOW64\iscsicli.exe
+ 2009-07-13 23:41 . 2009-07-14 01:38 918528 c:\windows\SysWOW64\calc.exe
+ 2009-07-14 02:36 . 2011-03-07 20:33 624136 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-03-07 20:22 624136 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2011-03-07 20:22 639380 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2011-03-07 20:33 639380 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-03-07 20:22 109580 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-03-07 20:33 109580 c:\windows\system32\perfc009.dat
- 2009-07-14 15:18 . 2011-03-07 20:22 125098 c:\windows\system32\perfc005.dat
+ 2009-07-14 15:18 . 2011-03-07 20:33 125098 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:01 . 2011-03-07 21:13 397180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-03-07 20:27 397180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-13 20:37 . 2009-06-10 21:22 227656 c:\windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe
+ 2009-07-14 00:01 . 2009-07-14 01:39 1096192 c:\windows\SysWOW64\mstsc.exe
- 2009-07-14 02:34 . 2011-03-07 20:12 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-03-07 20:42 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"GreyMSIAds"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1255736]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 136176]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-08-12 55856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: &Download by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
FF - ProfilePath - c:\users\Radoš\AppData\Roaming\Mozilla\Firefox\Profiles\53fpgq0v.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: Ovi maps browser plugin: maps@ovi.com - %profile%\extensions\maps@ovi.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
.
**************************************************************************
.
Celkový čas: 2011-03-07 22:18:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-07 21:18
ComboFix2.txt 2011-03-07 20:33
.
Před spuštěním: Volných bajtů: 69 308 518 400
Po spuštění: Volných bajtů: 68 858 654 720
.
- - End Of File - - BA04D0B0D45AA1880D36FF16F46B4676

[Reklama]

[Žbeky]

Toto otestuj na Virustotal

c:\windows\SysWow64\mshtml.dll
c:\windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe
c:\windows\System32\calc.exe
c:\windows\System32\iscsicli.exe
c:\windows\System32\mstsc.exe
c:\windows\System32\NAPSTAT.EXE
c:\windows\System32\wextract.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[rados-75]

http://www.virustotal.com/file-scan/rep ... 1299533517

[rados-75]

http://www.virustotal.com/file-scan/rep ... 1299534001

[rados-75]

http://www.virustotal.com/file-scan/rep ... 1299534240
http://www.virustotal.com/file-scan/rep ... 1299534138
http://www.virustotal.com/file-scan/rep ... 1299534328
http://www.virustotal.com/file-scan/rep ... 1299534403
http://www.virustotal.com/file-scan/rep ... 1299534474

Vypadá to všechno čistě :-)

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[rados-75]

Jak se chová PC?

Nevím čím to je, ale vpravo dole na ploše se mi objevila hláška, že tato kopie systému Windows není pravá. Což je blbost.

[Žbeky]

Potom asi opravdu nebude pravá. Během čištění se nemazaly žádné systémové soubory. Odkud máš licenci?

[rados-75]

mám koupenou original krabici win 7 Home Premium. Tady problém být nemůže. Do systému jsem investoval.

[Žbeky]

Tak si zavolej na technickou podporu microsoftu, že jsi měl vir a po odvirování ti to háže hlášku o nepravosti. Oni si ověří, že máš legál a poradí ti co dál.

[rados-75]

Teď ta hláška zmizla, nechápu to?!?!?!?

[rados-75]

Podíval jsem se na kartu systému, tam bylo psáno, že je systém aktivován.