Prosím o kontrolu logu, mailbomber je zpet Vyřešeno

[Marwvek]

Dobry den, problem s mailbomberem se vratil,, vsechno je vystvetleno zde : http://www.pc-help.cz/viewtopic.php?f=70&t=68650
Jen se chci zeptat jestli by nemohlo jit o utoky phisheru, jsem na skolni siti a je tu pres 600 lidi



___________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:12, on 23.6.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
D:\Programy\Macro\WMPHotkeys.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
D:\Programy\Razer\Naga\RazerNagaSysTray.exe
D:\Programy\Razer\Lycosa\razerhid.exe
D:\Programy\Kaspersky\avp.exe
D:\Programy\Razer\Lycosa\razertra.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
D:\Programy\Mozilla Firefox\firefox.exe
D:\Programy\Mozilla Firefox\plugin-container.exe
D:\Programy\HJT\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Programy\Kaspersky\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Programy\Kaspersky\klwtbbho.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Razer Naga Driver] D:\Programy\Razer\Naga\RazerNagaSysTray.exe
O4 - HKLM\..\Run: [Lycosa] "D:\Programy\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVP] "D:\Programy\Kaspersky\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: Workspace Macro Pro Hotkeys.lnk = D:\Programy\Macro\WMPHotkeys.exe
O8 - Extra context menu item: Add to Anti-Banner - D:\Programy\Kaspersky\ie_banner_deny.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\Programy\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Programy\Kaspersky\ievkbd.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Programy\Kaspersky\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - D:\Programy\Kaspersky\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Programy\multisim\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\SysWOW64\nisvcloc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VisualSVN Server (VisualSVNServer) - Apache Software Foundation - D:\Programy\visualSVN\bin\VisualSVNServer.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11966 bytes

[Reklama]

[jaro3]

Pokud je nezapezpečená ta síť , tak jo..


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Marwvek]

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Verze databáze: 6936

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

24.6.2011 9:34:15
mbam-log-2011-06-24 (09-34-10).txt

Typ: Rychlá kontrola
Kontrolované objekty: 162829
Uplynulý čas: 2 minut, 46 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

[Marwvek]

ComboFix 11-06-23.03 - Macik 24.06.2011 12:21:54.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3767.1775 [GMT 2:00]
Spuštěný z: c:\users\Macik\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Macik\AppData\Roaming\chrtmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-24 do 2011-06-24 )))))))))))))))))))))))))))))))
.
.
2011-06-24 10:26 . 2011-06-24 10:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-24 09:49 . 2011-06-24 09:49 -------- d-----w- c:\users\Macik\AppData\Local\Adobe
2011-06-24 07:46 . 2011-06-24 07:46 -------- d-----w- c:\users\Macik\AppData\Local\Apps
2011-06-24 07:34 . 2011-06-24 07:34 -------- d-----w- c:\users\Macik\AppData\Local\ATI
2011-06-24 07:30 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-22 16:24 . 2011-06-22 16:24 -------- d-----w- c:\program files\Diskeeper Corporation
2011-06-22 11:09 . 2011-06-22 11:09 -------- d-----w- c:\program files (x86)\Microsoft WSE
2011-06-21 16:43 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{54ED63D5-9C15-47A6-B94F-63BA2C1316DE}\mpengine.dll
2011-06-21 09:52 . 2011-06-21 09:52 827392 ----a-w- c:\windows\SysWow64\FLASH.OCX
2011-06-21 09:52 . 2011-06-21 09:52 -------- d-sh--w- c:\windows\ftpcache
2011-06-21 09:41 . 2011-06-21 09:41 -------- d-----w- c:\users\Macik\AppData\Local\Macromedia
2011-06-21 09:27 . 2011-06-21 09:27 -------- d-----w- c:\windows\SysWow64\QuickTime
2011-06-21 09:27 . 2011-06-21 09:38 -------- d-----w- c:\program files (x86)\Common Files\Macromedia
2011-06-21 09:27 . 2011-06-21 09:37 -------- d-----w- c:\program files (x86)\Macromedia
2011-06-21 09:27 . 2011-06-21 09:36 180224 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\iGdiCnv.dll
2011-06-21 09:27 . 2011-06-21 09:36 409600 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\ISRT.dll
2011-06-21 09:27 . 2011-06-21 09:36 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\objpscnv.dll
2011-06-21 09:27 . 2011-06-21 09:36 266240 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IScrCnv.dll
2011-06-21 09:27 . 2011-06-21 09:36 172032 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IUserCnv.dll
2011-06-21 09:27 . 2011-06-21 09:36 540772 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\_ISRES1033.dll
2011-06-21 09:27 . 2011-06-21 09:36 761856 ------w- c:\program files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe
2011-06-21 09:26 . 2011-06-21 09:26 -------- d-----w- c:\windows\Downloaded Installations
2011-06-20 14:09 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2011-06-20 14:09 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2011-06-20 14:09 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-06-20 14:09 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-06-20 14:09 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2011-06-20 14:09 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-06-20 07:18 . 2011-06-20 07:18 -------- d-----w- c:\users\Macik\AppData\Roaming\Rovio
2011-06-20 06:50 . 2011-06-20 06:51 -------- d-----w- c:\users\Macik\AppData\Roaming\Ashampoo
2011-06-20 06:48 . 2011-06-20 06:48 -------- d-----w- c:\programdata\ashampoo
2011-06-16 08:57 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-16 08:57 . 2011-04-25 05:32 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-16 08:57 . 2011-04-25 02:44 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-16 08:57 . 2011-05-28 03:07 3133952 ----a-w- c:\windows\system32\win32k.sys
2011-06-16 08:57 . 2011-05-04 02:51 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 08:57 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-16 08:57 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 08:56 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 08:56 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-16 08:56 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 08:56 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-16 08:56 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-16 08:56 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 08:56 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-15 17:44 . 2011-06-15 17:45 -------- d-----w- c:\program files (x86)\Google
2011-06-15 17:44 . 2011-06-15 17:44 -------- d-----w- c:\users\Macik\AppData\Local\Google
2011-06-15 10:57 . 2011-06-24 10:12 -------- d-----w- c:\programdata\Kaspersky Lab
2011-06-15 10:15 . 2011-06-15 10:15 -------- d-----w- c:\windows\SysWow64\Shared Memory
2011-06-15 09:47 . 2011-06-15 09:47 -------- d-----w- c:\windows\SysWow64\9454~1
2011-06-15 08:29 . 2011-06-15 08:29 -------- d-----w- c:\windows\SysWow64\50D8~1
2011-06-15 08:21 . 2011-06-15 08:21 -------- d-----w- c:\programdata\Kaspersky Lab ZAO
2011-06-15 07:38 . 2011-06-15 07:38 -------- d-----w- c:\users\Macik\AppData\Local\Xenocode
2011-06-14 20:58 . 2011-06-14 20:58 -------- d-----w- c:\users\Macik\AppData\Roaming\Nokia
2011-06-14 19:12 . 2011-06-14 19:12 40392 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-06-14 19:11 . 2011-06-14 19:11 84936 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-06-14 19:11 . 2011-06-14 19:11 48584 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2011-06-14 19:11 . 2011-06-14 19:55 -------- d-----w- c:\programdata\G DATA
2011-06-14 19:11 . 2011-06-14 19:54 -------- d-----w- c:\program files (x86)\Common Files\G Data
2011-06-14 19:08 . 2011-06-14 19:08 -------- d-----w- c:\users\Macik\AppData\Local\Downloaded Installations
2011-06-14 17:48 . 2011-06-14 17:53 -------- d-----w- c:\users\Macik\AppData\Roaming\TeamViewer
2011-06-14 17:28 . 2011-06-14 17:28 -------- d-----w- c:\program files (x86)\TeamViewer
2011-06-14 17:09 . 2011-06-14 17:09 -------- d-----w- c:\users\Macik\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-06-10 10:24 . 2011-06-10 10:24 -------- d-----w- c:\users\Macik\AppData\Roaming\.minecraft Bukkit 1.6.6
2011-06-10 10:24 . 2011-06-13 16:20 -------- d-----w- c:\users\Macik\AppData\Roaming\.minecraft
2011-06-09 21:02 . 2011-06-09 21:02 -------- d-----w- c:\programdata\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
2011-06-09 19:18 . 2011-06-09 19:18 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2011-06-09 19:03 . 2011-06-09 19:03 -------- d-----w- c:\programdata\Nokia
2011-06-09 18:51 . 2011-06-09 18:51 -------- d-----w- c:\users\Macik\AppData\Roaming\Malwarebytes
2011-06-09 18:50 . 2011-06-09 18:50 -------- d-----w- c:\programdata\Malwarebytes
2011-06-09 18:50 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-09 16:30 . 2011-06-09 16:30 388096 ----a-r- c:\users\Macik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-06-09 08:21 . 2011-06-09 08:21 -------- d-----w- c:\users\Macik\AppData\Local\The Witcher 2
2011-06-07 18:41 . 2011-06-07 18:41 -------- d-----w- c:\users\Macik\AppData\Roaming\Ice-pick Lodge
2011-06-06 21:04 . 2011-06-07 12:17 -------- d-----w- c:\program files (x86)\Workspace Macro 4.6
2011-06-06 08:14 . 2011-06-06 08:14 -------- d-----w- c:\users\Macik\AppData\Local\splash damage
2011-06-06 07:02 . 2011-06-06 07:02 -------- d-----w- c:\users\Macik\AppData\Roaming\Stardock
2011-06-06 07:02 . 2011-06-06 07:02 -------- d-----w- c:\users\Macik\AppData\Local\PackageAware
2011-06-02 09:59 . 2011-06-02 09:59 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-02 09:58 . 2011-06-02 09:58 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-06-02 09:58 . 2011-06-02 09:58 -------- d-----w- c:\program files (x86)\Java
2011-06-01 15:05 . 2011-06-02 06:56 -------- d-----w- c:\users\Macik\AppData\Local\LogMeIn Hamachi
2011-06-01 12:56 . 2011-06-01 15:03 -------- d-----w- c:\users\Macik\AppData\Roaming\Hamachi
2011-05-31 22:43 . 2011-06-16 10:46 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-05-31 22:40 . 2011-05-31 22:40 -------- d-----w- c:\users\Macik\AppData\Local\Windows Live
2011-05-31 22:40 . 2011-05-31 22:40 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-05-31 22:19 . 2011-05-31 22:19 -------- d-----w- c:\users\Macik\AppData\Roaming\Xilisoft
2011-05-31 22:16 . 2011-05-31 22:16 -------- d-----w- c:\programdata\Xilisoft
2011-05-31 20:26 . 2011-05-31 20:26 -------- d-----w- c:\programdata\ATI
2011-05-31 20:26 . 2011-05-31 20:26 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-31 20:26 . 2011-05-31 20:26 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-31 20:25 . 2011-05-31 20:25 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-05-31 20:14 . 2011-05-31 20:14 -------- d-----w- C:\AMD
2011-05-31 19:23 . 2011-05-31 19:23 -------- d-sh--w- c:\programdata\DSS
2011-05-31 19:23 . 2011-06-20 14:12 -------- d-----w- c:\programdata\Codemasters
2011-05-31 19:20 . 2011-05-31 19:20 -------- d-----w- c:\users\Macik\AppData\Local\ESET
2011-05-31 19:13 . 2011-05-31 19:13 -------- d-----w- c:\windows\SysWow64\xlive
2011-05-31 19:13 . 2011-05-31 19:13 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-05-31 19:09 . 2011-05-31 19:09 -------- d-----w- c:\program files (x86)\BRS
2011-05-31 19:09 . 2011-03-19 13:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2011-05-31 19:09 . 2010-09-22 11:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-05-31 19:09 . 2011-05-31 19:09 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-05-31 19:09 . 2011-05-31 19:09 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-05-31 19:09 . 2011-05-31 19:09 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-31 19:09 . 2011-05-31 19:09 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-05-31 19:09 . 2011-05-31 19:09 -------- d-----w- c:\program files (x86)\OpenAL
2011-05-30 21:07 . 2010-10-29 13:22 198144 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2011-05-30 21:07 . 2010-09-03 15:35 30208 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2011-05-30 21:07 . 2010-08-24 20:53 91648 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-05-30 21:07 . 2010-07-27 13:26 86016 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2011-05-30 21:07 . 2010-07-27 13:26 54784 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-05-30 21:07 . 2010-05-04 14:50 22528 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2011-05-30 21:07 . 2009-07-14 12:21 1721576 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2011-05-30 21:07 . 2010-05-10 12:22 999936 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-05-30 21:07 . 2010-03-20 10:06 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-05-30 21:07 . 2010-07-27 07:52 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-05-30 21:07 . 2011-05-30 21:07 -------- d-----w- C:\HUAWEI
2011-05-30 08:10 . 2011-05-30 08:10 -------- d-----w- c:\program files (x86)\Microsoft XNA
2011-05-29 17:32 . 2011-06-22 13:47 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-19 18:04 . 2011-04-28 20:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-14 16:23 . 2011-05-01 10:50 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-14 16:22 . 2011-05-05 16:30 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-06-05 20:49 . 2011-04-28 20:54 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-25 06:26 . 2011-05-25 06:26 9319936 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 04:45 . 2011-05-25 04:45 23385088 ----a-w- c:\windows\system32\atio6axx.dll
2011-05-25 04:20 . 2011-05-25 04:20 17940992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-05-25 04:12 . 2011-05-25 04:12 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 04:12 . 2011-05-25 04:12 676864 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-05-25 04:11 . 2011-05-25 04:11 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-05-25 04:08 . 2011-05-25 04:08 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 04:08 . 2011-05-25 04:08 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 04:07 . 2011-05-25 04:07 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 04:06 . 2011-05-25 04:06 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-05-25 04:05 . 2011-05-25 04:05 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-05-25 04:05 . 2011-05-25 04:05 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-05-25 04:05 . 2011-05-25 04:05 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-05-25 04:05 . 2011-05-25 04:05 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 04:05 . 2011-05-25 04:05 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-05-25 04:05 . 2011-05-25 04:05 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-05-25 04:03 . 2011-05-25 04:03 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-05-25 04:03 . 2011-05-25 04:03 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-05-25 04:03 . 2011-05-25 04:03 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-05-25 04:03 . 2011-05-25 04:03 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-05-25 04:03 . 2011-05-25 04:03 7768064 ----a-w- c:\windows\system32\aticaldd64.dll
2011-05-25 04:01 . 2010-10-21 03:21 4161536 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-05-25 03:59 . 2011-05-25 03:59 6389760 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-05-25 03:52 . 2010-10-21 03:13 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-05-25 03:40 . 2010-10-21 03:04 4286464 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-05-25 03:33 . 2011-05-25 03:33 5441024 ----a-w- c:\windows\system32\atiumd64.dll
2011-05-25 03:26 . 2010-10-21 03:02 58880 ----a-w- c:\windows\system32\coinst.dll
2011-05-25 03:25 . 2010-10-21 02:52 366080 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 03:25 . 2011-05-25 03:25 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-05-25 03:25 . 2011-05-25 03:25 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-05-25 03:25 . 2011-05-25 03:25 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-05-25 03:25 . 2011-05-25 03:25 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 03:25 . 2011-05-25 03:25 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-05-25 03:25 . 2011-05-25 03:25 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-05-25 03:25 . 2011-05-25 03:25 306176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 03:24 . 2010-10-21 02:51 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-05-25 03:24 . 2010-10-21 02:51 31232 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-05-25 03:24 . 2011-05-25 03:24 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-05-25 03:24 . 2010-10-21 02:51 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-05-25 03:23 . 2011-05-25 03:23 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 03:18 . 2011-05-25 03:18 1222656 ----a-w- c:\windows\system32\atiumd6v.dll
2011-05-25 03:18 . 2011-05-25 03:18 1923584 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-05-25 03:18 . 2011-05-25 03:18 3868672 ----a-w- c:\windows\system32\atiumd6a.dll
2011-05-25 03:10 . 2010-10-21 02:46 4056576 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-05-25 02:58 . 2011-05-25 02:58 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-05-25 02:58 . 2011-05-25 02:58 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-05-25 02:58 . 2011-05-25 02:58 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-05-25 02:58 . 2011-05-25 02:58 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-05-24 22:04 . 2011-05-24 22:04 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-05-24 22:04 . 2011-05-24 22:04 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-24 22:04 . 2011-05-24 22:04 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 22:04 . 2011-05-24 22:04 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-24 22:04 . 2011-05-24 22:04 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-05-24 22:04 . 2011-05-24 22:04 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-05-24 17:14 . 2011-04-27 18:46 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-06 07:42 . 2011-05-05 18:47 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-05-06 07:42 . 2011-05-03 18:52 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-05-03 18:52 . 2011-05-03 18:52 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-05-03 18:52 . 2011-05-03 18:52 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2011-04-27 20:21 . 2011-04-27 20:21 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-27 20:21 . 2011-04-27 20:21 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-27 20:21 . 2011-04-27 20:21 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-27 20:21 . 2011-04-27 20:21 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-27 20:21 . 2011-04-27 20:21 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-27 20:21 . 2011-04-27 20:21 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-27 20:21 . 2011-04-27 20:21 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-27 20:21 . 2011-04-27 20:21 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-27 20:21 . 2011-04-27 20:21 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-27 20:21 . 2011-04-27 20:21 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-27 20:21 . 2011-04-27 20:21 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-27 20:21 . 2011-04-27 20:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-27 20:21 . 2011-04-27 20:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-27 20:21 . 2011-04-27 20:21 448512 ----a-w- c:\windows\system32\html.iec
2011-04-27 20:21 . 2011-04-27 20:21 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-27 20:21 . 2011-04-27 20:21 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-27 20:21 . 2011-04-27 20:21 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-27 20:21 . 2011-04-27 20:21 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-27 20:21 . 2011-04-27 20:21 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-27 20:21 . 2011-04-27 20:21 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-27 20:21 . 2011-04-27 20:21 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-27 20:21 . 2011-04-27 20:21 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-27 20:21 . 2011-04-27 20:21 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-27 20:21 . 2011-04-27 20:21 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-27 20:21 . 2011-04-27 20:21 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-27 20:21 . 2011-04-27 20:21 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-27 20:21 . 2011-04-27 20:21 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-27 20:21 . 2011-04-27 20:21 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-27 20:21 . 2011-04-27 20:21 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-27 20:21 . 2011-04-27 20:21 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-27 20:21 . 2011-04-27 20:21 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-27 20:21 . 2011-04-27 20:21 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-27 20:21 . 2011-04-27 20:21 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-27 20:21 . 2011-04-27 20:21 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-27 20:21 . 2011-04-27 20:21 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-27 20:21 . 2011-04-27 20:21 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-27 20:21 . 2011-04-27 20:21 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-04-27 1289296]
"Razer Naga Driver"="d:\programy\Razer\Naga\RazerNagaSysTray.exe" [2011-04-12 953232]
"Lycosa"="d:\programy\Razer\Lycosa\razerhid.exe" [2011-03-01 233984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"AVP"="d:\programy\Kaspersky\avp.exe" [2011-04-24 202296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 4236288]
Workspace Macro Pro Hotkeys.lnk - d:\programy\Macro\WMPHotkeys.exe [2007-3-4 65536]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-15 136176]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-15 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\programy\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-07-13 42912]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-07-06 114080]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-07-06 38944]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-04-27 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-05 865824]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 VisualSVNServer;VisualSVN Server;d:\programy\visualSVN\bin\VisualSVNServer.exe [2011-03-22 24424]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-15 17:44]
.
2011-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-15 17:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-03-21 06:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-04-27 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-04-27 877600]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-04-27 320000]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-05 860192]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-27 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-27 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-27 414744]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\programy\Stardock\Fences\FencesMenu64.dll" [2009-10-02 134656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_Dlls"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to Anti-Banner - d:\programy\Kaspersky\ie_banner_deny.htm
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 172.16.1.1
FF - ProfilePath - c:\users\Macik\AppData\Roaming\Mozilla\Firefox\Profiles\1jzdy95g.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: network.proxy.http - proxy.spse.pilsedu.cz
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-Xilisoft Video Converter Ultimate - d:\programy\Video Converter Ultimate\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3825520850-1127211931-1910604662-1000\Software\SecuROM\License information*]
"datasecu"=hex:f0,cd,d3,ea,b1,38,48,3d,98,f9,93,13,f8,44,e7,3a,37,63,e7,eb,f7,
9b,05,f4,f1,70,42,0d,4a,83,b5,7e,14,e4,ff,8f,1d,df,f7,c4,5d,19,36,6d,3f,02,\
"rkeysecu"=hex:a6,f0,4e,b5,69,3e,dd,d7,d6,c5,24,ae,8b,38,59,a9
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-06-24 12:28:54
ComboFix-quarantined-files.txt 2011-06-24 10:28
.
Před spuštěním: Volných bajtů: 49 632 137 216
Po spuštění: Volných bajtů: 51 071 795 200
.
- - End Of File - - 4E6C8814C168B50B31330E9FC525B5D6

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\users\Macik\AppData\Local\ESET

DirLook::
c:\users\Macik\AppData\Local\Apps
c:\windows\SysWow64\9454~1
c:\windows\SysWow64\50D8~1
c:\programdata\DSS
c:\program files (x86)\BRS

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm

RegNul::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT


Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[Marwvek]

dekuji za rady, spadl system a nesel nastartovat tak jsem zvolil reinstal systemu, tzn, zadne viry