Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Podezřele na prishing breberku Vyřešeno
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezřele na prishing breberku
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
- Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Podezřele na prishing breberku
ComboFix 13-06-18.02 - User 19.06.2013 18:48:13.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8150.6408 [GMT 2:00]
Spuštěný z: c:\users\User\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\User\AppData\Roaming\pdfCodec.dll
c:\windows\IsUn0405.exe
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-19 do 2013-06-19 )))))))))))))))))))))))))))))))
.
.
2013-06-19 16:51 . 2013-06-19 16:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-19 16:51 . 2013-06-19 16:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-19 03:34 . 2013-06-19 03:34 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D578607-21F3-413C-BF3C-04905EA31557}\offreg.dll
2013-06-18 11:50 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D578607-21F3-413C-BF3C-04905EA31557}\mpengine.dll
2013-06-16 08:07 . 2013-06-16 08:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-16 08:07 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-14 16:06 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-06-14 16:06 . 2013-06-16 08:06 -------- d-----w- c:\users\User\AppData\Roaming\systweak
2013-06-14 16:05 . 2013-06-14 16:05 -------- d-----w- c:\program files (x86)\pazera-software
2013-06-13 07:13 . 2013-06-13 07:15 -------- d-----w- c:\program files (x86)\AllMedia Grabber
2013-06-13 07:13 . 2013-06-13 07:13 -------- d-----w- c:\windows\AllMedia Grabber
2013-06-12 19:38 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-11 17:25 . 2013-06-11 17:25 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-06-11 17:25 . 2013-06-11 17:25 -------- d-----w- c:\users\User\AppData\Local\SlimWare Utilities Inc
2013-06-11 17:25 . 2013-06-11 17:25 -------- d-----w- c:\program files (x86)\SlimDrivers
2013-06-11 16:40 . 2004-03-29 15:23 90112 ----a-w- c:\windows\unvise32.exe
2013-06-11 16:40 . 2013-06-11 16:40 -------- d-----w- c:\program files (x86)\LooksBuilderSE
2013-06-11 16:38 . 2013-06-11 16:38 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-06-11 16:37 . 2013-06-11 16:45 -------- d-----w- c:\users\User\AppData\Local\Pinnacle
2013-06-11 16:37 . 2013-06-11 16:37 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\programdata\Studio 14
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-06-11 16:34 . 2013-06-11 16:39 -------- d-----w- c:\program files (x86)\Pinnacle
2013-06-11 16:34 . 2013-06-11 16:37 -------- d-----w- c:\programdata\Pinnacle
2013-06-11 10:56 . 2013-06-18 21:04 -------- d-----w- C:\Fraps
2013-06-10 09:27 . 2013-06-10 09:27 -------- d-----w- c:\program files (x86)\IFXSupreme-1.0
2013-06-06 22:28 . 2013-06-06 22:29 -------- d-----w- c:\users\User\AppData\Roaming\Win7codecs
2013-06-06 22:28 . 2013-06-06 22:28 -------- d-----w- c:\program files (x86)\Win7codecs
2013-06-06 22:28 . 2013-06-06 22:29 -------- d-----w- c:\programdata\Win7codecs
2013-06-06 17:22 . 2013-06-06 17:22 -------- d-----w- c:\users\User\AppData\Roaming\Wargaming.net
2013-06-06 09:12 . 2013-06-06 09:12 -------- d-----w- c:\program files (x86)\NTFS to FAT32 Wizard 2.3.1
2013-06-05 17:14 . 2013-06-05 17:14 -------- d-----w- c:\programdata\id Software
2013-06-05 10:27 . 2013-06-05 10:27 -------- d-----w- c:\programdata\Isolated Storage
2013-06-05 10:27 . 2013-06-05 10:27 -------- d-----w- c:\program files (x86)\SliceMaker, Inc
2013-06-04 20:45 . 2013-06-04 20:45 -------- d-----w- c:\users\User\AppData\Roaming\MCS Electronics
2013-06-04 20:18 . 2005-03-30 09:12 14544 ----a-w- c:\windows\SysWow64\drivers\TVicPort.sys
2013-06-04 09:11 . 2013-06-04 09:11 -------- d-----w- c:\programdata\Codemasters
2013-06-04 09:11 . 2013-06-04 09:11 -------- d-----w- c:\programdata\Steam
2013-06-03 08:07 . 2013-06-03 08:07 -------- d-----w- c:\users\User\AppData\Roaming\iRecordMax Sound Recorder
2013-06-03 08:07 . 2005-05-18 09:52 1212416 ----a-w- c:\windows\SysWow64\NCTAudioInformation2.dll
2013-06-03 08:07 . 2005-05-17 10:37 1986560 ----a-w- c:\windows\SysWow64\NCTAudioFile2.dll
2013-06-03 08:07 . 2005-04-25 11:01 458752 ----a-w- c:\windows\SysWow64\NCTAudioRecord2.dll
2013-06-03 08:07 . 2005-04-25 11:01 458752 ----a-w- c:\windows\SysWow64\NCTAudioPlayer2.dll
2013-06-03 08:07 . 2005-04-04 15:21 602112 ----a-w- c:\windows\SysWow64\NCTAudioTransform2.dll
2013-06-03 08:07 . 2005-03-28 13:54 479232 ----a-w- c:\windows\SysWow64\NCTAudioVisualization2.dll
2013-06-03 08:07 . 2005-03-28 13:52 417792 ----a-w- c:\windows\SysWow64\NCTTextToAudio2.dll
2013-06-03 08:07 . 2005-02-24 09:51 348160 ----a-w- c:\windows\SysWow64\NCTWMAFile2.dll
2013-06-03 08:07 . 2005-04-15 10:08 880640 ----a-w- c:\windows\SysWow64\NCTAudioEditor2.dll
2013-06-03 08:07 . 2004-11-04 11:31 835584 ----a-w- c:\windows\SysWow64\NCTAudioCDGrabber2.dll
2013-06-03 08:07 . 2013-06-03 08:07 -------- d-----w- c:\program files (x86)\iRecordMax Sound Recorder
2013-06-02 08:43 . 2013-06-02 08:53 -------- d-----w- c:\users\User\AppData\Local\Arma 3 Alpha Lite
2013-06-02 08:43 . 2013-06-02 08:43 -------- d-----w- c:\programdata\Bohemia Interactive
2013-05-30 20:46 . 2013-05-30 20:46 -------- d-----w- c:\program files\OpenTTD
2013-05-30 08:46 . 2013-05-30 08:46 -------- d-----w- c:\programdata\A-PDF
2013-05-30 08:46 . 2013-05-30 09:01 -------- d-----w- c:\programdata\flipBook
2013-05-30 08:46 . 2013-05-30 08:46 -------- d-----w- c:\program files (x86)\eFlip Lite
2013-05-29 19:28 . 2013-05-29 19:28 -------- d-----w- c:\program files (x86)\Solid Edge ST
2013-05-29 08:17 . 2013-05-29 08:17 -------- d-----w- c:\users\User\AppData\Roaming\EMCO
2013-05-29 08:17 . 2013-05-29 08:17 -------- d-----w- c:\program files (x86)\EMCO
2013-05-29 07:46 . 2006-09-26 03:44 62464 ----a-w- c:\windows\SysWow64\sevLock.dll
2013-05-29 07:41 . 2008-05-07 13:03 290816 ----a-w- c:\windows\SysWow64\cyviewer.ocx
2013-05-29 07:38 . 2009-08-24 19:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe
2013-05-29 07:08 . 2013-05-29 07:08 -------- d-----w- c:\program files (x86)\JAM Software
2013-05-29 05:18 . 2013-05-29 05:18 -------- d-----w- c:\program files (x86)\MunSoft
2013-05-28 21:29 . 2013-05-28 21:29 -------- d-----w- c:\programdata\ShinyTales
2013-05-28 21:16 . 2013-05-28 21:16 -------- d-----w- c:\users\User\AppData\Roaming\Atari
2013-05-28 19:42 . 2013-05-28 19:43 -------- d-----w- c:\program files\Bacula
2013-05-28 19:39 . 2013-05-28 20:01 -------- d-----w- c:\program files (x86)\Cobian Backup 11
2013-05-28 19:35 . 2013-05-28 19:42 -------- d-----w- c:\program files (x86)\FullDataBackup
2013-05-28 17:00 . 2013-05-28 17:00 -------- d-----w- c:\programdata\AllMyBooks
2013-05-28 17:00 . 2013-05-28 17:00 -------- d-----w- c:\users\User\AppData\Roaming\Obsidium
2013-05-28 16:59 . 2013-05-28 16:59 -------- d-----w- c:\program files (x86)\directx
2013-05-27 17:20 . 2013-05-27 17:20 5632 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{A44721BB-80BE-45A0-8679-F71E94400CAC}\IconA44721BB1.exe
2013-05-27 17:20 . 2013-05-27 17:20 6656 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{A44721BB-80BE-45A0-8679-F71E94400CAC}\IconA44721BB.exe
2013-05-27 17:20 . 2013-05-27 17:20 -------- d-----w- c:\program files (x86)\UTCacheCleaner3
2013-05-27 16:57 . 2013-05-27 16:57 -------- d-----w- c:\users\User\AppData\Local\ESET
2013-05-27 16:56 . 2013-05-27 16:56 -------- d-----w- c:\program files\ESET
2013-05-27 12:47 . 2013-05-29 06:03 -------- d-----w- c:\programdata\PT Portrait
2013-05-27 12:47 . 2013-05-27 12:47 -------- d-----w- c:\program files\PT Portrait
2013-05-25 14:43 . 2009-07-07 06:31 290904 ----a-w- c:\windows\SysWow64\vc6-re200l.dll
2013-05-25 14:43 . 2009-07-07 06:31 73728 ----a-w- c:\windows\SysWow64\RWUXThemeS.dll
2013-05-25 14:43 . 2009-05-20 10:46 5752320 ----a-w- c:\windows\SysWow64\BCGCBPRO103090.dll
2013-05-25 14:43 . 2009-01-29 15:25 4419584 ----a-w- c:\windows\SysWow64\BCGCBPRO10180.dll
2013-05-25 14:21 . 2013-05-25 14:22 -------- d-----w- c:\program files (x86)\Hyperterminal
2013-05-24 20:45 . 2013-05-24 20:45 -------- d-----w- c:\program files (x86)\GamePark
2013-05-22 07:50 . 2013-05-22 07:51 -------- d-----w- c:\users\User\AppData\Roaming\Software Informer
2013-05-22 07:50 . 2013-05-22 07:50 -------- d-----w- c:\program files\Software Informer
2013-05-22 07:50 . 2013-05-22 07:50 -------- d-----w- c:\program files (x86)\IconLover
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 01:00 . 2013-02-12 14:01 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 12:56 . 2013-02-12 14:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 12:56 . 2013-02-12 14:39 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 23:44 . 2013-05-11 22:52 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-05-12 21:42 . 2013-03-27 16:27 27775776 ----a-w- c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-02-12 13:25 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-02-12 13:25 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2013-02-12 13:25 2935696 ----a-w- c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-02-12 13:25 2597344 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-05-12 21:42 . 2013-02-12 13:25 15910736 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-02-12 13:25 12426216 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-02-12 13:25 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-05-12 20:34 . 2013-02-12 13:25 6491936 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-02-12 13:25 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-02-12 13:25 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-02-12 13:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-02-12 13:25 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-02-12 13:25 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-12 13:43 . 2013-05-12 13:43 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-05-09 16:27 . 2013-04-29 17:35 90976 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-05-09 16:27 . 2013-05-07 15:24 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
2013-05-08 14:13 . 2013-02-12 13:25 3165737 ----a-w- c:\windows\system32\nvcoproc.bin
2013-05-02 00:06 . 2013-02-12 13:13 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-29 09:00 . 2013-04-29 09:00 1566720 ----a-w- c:\windows\SysWow64\VSFilter.dll
2013-04-20 04:12 . 2013-05-01 21:44 263912 ----a-w- c:\windows\system32\drivers\diskpt.sys
2013-04-13 05:49 . 2013-05-14 19:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 19:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 19:05 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 19:05 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 19:05 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 19:05 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 15:36 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-14 19:05 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-14 19:05 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-14 19:05 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-05 19:26 . 2013-04-05 19:26 1679360 ----a-w- c:\windows\SysWow64\ac3filter.acm
2013-04-04 03:35 . 2013-03-05 12:38 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-22 02:00 . 2013-03-22 02:00 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-22 02:00 . 2013-03-22 02:00 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-22 02:00 . 2013-03-22 02:00 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-22 02:00 . 2013-03-22 02:00 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-22 02:00 . 2013-03-22 02:00 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-22 02:00 . 2013-03-22 02:00 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-22 02:00 . 2013-03-22 02:00 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-22 02:00 . 2013-03-22 02:00 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-22 02:00 . 2013-03-22 02:00 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-22 02:00 . 2013-03-22 02:00 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-22 02:00 . 2013-03-22 02:00 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-22 02:00 . 2013-03-22 02:00 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-22 02:00 . 2013-03-22 02:00 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-22 02:00 . 2013-03-22 02:00 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-22 02:00 . 2013-03-22 02:00 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-22 02:00 . 2013-03-22 02:00 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-22 02:00 . 2013-03-22 02:00 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-22 02:00 . 2013-03-22 02:00 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-22 02:00 . 2013-03-22 02:00 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-22 02:00 . 2013-03-22 02:00 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-22 02:00 . 2013-03-22 02:00 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-22 02:00 . 2013-03-22 02:00 441856 ----a-w- c:\windows\system32\html.iec
2013-03-22 02:00 . 2013-03-22 02:00 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-22 02:00 . 2013-03-22 02:00 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-22 02:00 . 2013-03-22 02:00 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-22 02:00 . 2013-03-22 02:00 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-22 02:00 . 2013-03-22 02:00 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-22 02:00 . 2013-03-22 02:00 235008 ----a-w- c:\windows\system32\url.dll
2013-03-22 02:00 . 2013-03-22 02:00 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-22 02:00 . 2013-03-22 02:00 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-22 02:00 . 2013-03-22 02:00 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-22 02:00 . 2013-03-22 02:00 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-22 02:00 . 2013-03-22 02:00 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-22 02:00 . 2013-03-22 02:00 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-22 02:00 . 2013-03-22 02:00 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-22 02:00 . 2013-03-22 02:00 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-22 02:00 . 2013-03-22 02:00 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-22 02:00 . 2013-03-22 02:00 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-22 02:00 . 2013-03-22 02:00 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-22 02:00 . 2013-03-22 02:00 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-22 02:00 . 2013-03-22 02:00 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-22 02:00 . 2013-03-22 02:00 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-22 02:00 . 2013-03-22 02:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-22 02:00 . 2013-03-22 02:00 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-22 02:00 . 2013-03-22 02:00 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-22 02:00 . 2013-03-22 02:00 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-22 02:00 . 2013-03-22 02:00 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-22 02:00 . 2013-03-22 02:00 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-22 02:00 . 2013-03-22 02:00 12800 ----a-w- c:\windows\system32\msfeedssync.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2013-02-15 127040]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-06-06 1641896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2013-02-19 6342976]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"Backup"="c:\program files (x86)\1-abc\Backup\BKPStarter.exe" [2012-10-05 43184]
"AshSnap"="c:\program files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe" [2013-05-17 3758928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Cobian Backup 11"="c:\program files (x86)\Cobian Backup 11\Cobian.exe" [2013-03-07 720896]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 Bacula-fd;Bacula File Backup Service;c:\program files\Bacula\bacula-fd.exe;c:\program files\Bacula\bacula-fd.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 DfSdkS;Defragmentation-Service;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 CH341SER_A64;CH341SER_A64;c:\windows\system32\Drivers\CH341S64.SYS;c:\windows\SYSNATIVE\Drivers\CH341S64.SYS [x]
R3 lowcdc;Low-Speed CDC Transfer Interface;c:\windows\system32\DRIVERS\lowcdc.sys;c:\windows\SYSNATIVE\DRIVERS\lowcdc.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys;c:\windows\SYSNATIVE\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 diskpt;diskpt;c:\windows\SYSTEM32\drivers\diskpt.sys;c:\windows\SYSNATIVE\drivers\diskpt.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [x]
S2 ACT2_Service;Ashampoo Core Tuner 2 Service;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe [x]
S2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [x]
S2 AHDDC2;Ashampoo HDD Control 2 Service;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 17:30 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 12:56]
.
2013-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-06-14 c:\windows\Tasks\One-Click Optimizer.job
- e:\program files 2\Ashampoo WinOptimizer 9\WO9.exe [2013-05-29 09:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Shadow Defender Daemon"="c:\program files\Shadow Defender\DefenderDaemon.exe" [2013-04-20 325216]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"Ashampoo HDD-Control 2 Guard"="e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2012-07-30 3783592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to CaptureSaver - c:\program files (x86)\CaptureSaver\\AddFromIE.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-06-19 18:52:37
ComboFix-quarantined-files.txt 2013-06-19 16:52
.
Před spuštěním: Volných bajtů: 28 966 129 664
Po spuštění: Volných bajtů: 28 677 967 872
.
- - End Of File - - D082D9B4E2F8EA6212D6B34F5841906B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8150.6408 [GMT 2:00]
Spuštěný z: c:\users\User\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\User\AppData\Roaming\pdfCodec.dll
c:\windows\IsUn0405.exe
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-19 do 2013-06-19 )))))))))))))))))))))))))))))))
.
.
2013-06-19 16:51 . 2013-06-19 16:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-19 16:51 . 2013-06-19 16:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-19 03:34 . 2013-06-19 03:34 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D578607-21F3-413C-BF3C-04905EA31557}\offreg.dll
2013-06-18 11:50 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D578607-21F3-413C-BF3C-04905EA31557}\mpengine.dll
2013-06-16 08:07 . 2013-06-16 08:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-16 08:07 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-14 16:06 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-06-14 16:06 . 2013-06-16 08:06 -------- d-----w- c:\users\User\AppData\Roaming\systweak
2013-06-14 16:05 . 2013-06-14 16:05 -------- d-----w- c:\program files (x86)\pazera-software
2013-06-13 07:13 . 2013-06-13 07:15 -------- d-----w- c:\program files (x86)\AllMedia Grabber
2013-06-13 07:13 . 2013-06-13 07:13 -------- d-----w- c:\windows\AllMedia Grabber
2013-06-12 19:38 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-11 17:25 . 2013-06-11 17:25 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-06-11 17:25 . 2013-06-11 17:25 -------- d-----w- c:\users\User\AppData\Local\SlimWare Utilities Inc
2013-06-11 17:25 . 2013-06-11 17:25 -------- d-----w- c:\program files (x86)\SlimDrivers
2013-06-11 16:40 . 2004-03-29 15:23 90112 ----a-w- c:\windows\unvise32.exe
2013-06-11 16:40 . 2013-06-11 16:40 -------- d-----w- c:\program files (x86)\LooksBuilderSE
2013-06-11 16:38 . 2013-06-11 16:38 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-06-11 16:37 . 2013-06-11 16:45 -------- d-----w- c:\users\User\AppData\Local\Pinnacle
2013-06-11 16:37 . 2013-06-11 16:37 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\programdata\Studio 14
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-06-11 16:36 . 2013-06-11 16:36 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-06-11 16:34 . 2013-06-11 16:39 -------- d-----w- c:\program files (x86)\Pinnacle
2013-06-11 16:34 . 2013-06-11 16:37 -------- d-----w- c:\programdata\Pinnacle
2013-06-11 10:56 . 2013-06-18 21:04 -------- d-----w- C:\Fraps
2013-06-10 09:27 . 2013-06-10 09:27 -------- d-----w- c:\program files (x86)\IFXSupreme-1.0
2013-06-06 22:28 . 2013-06-06 22:29 -------- d-----w- c:\users\User\AppData\Roaming\Win7codecs
2013-06-06 22:28 . 2013-06-06 22:28 -------- d-----w- c:\program files (x86)\Win7codecs
2013-06-06 22:28 . 2013-06-06 22:29 -------- d-----w- c:\programdata\Win7codecs
2013-06-06 17:22 . 2013-06-06 17:22 -------- d-----w- c:\users\User\AppData\Roaming\Wargaming.net
2013-06-06 09:12 . 2013-06-06 09:12 -------- d-----w- c:\program files (x86)\NTFS to FAT32 Wizard 2.3.1
2013-06-05 17:14 . 2013-06-05 17:14 -------- d-----w- c:\programdata\id Software
2013-06-05 10:27 . 2013-06-05 10:27 -------- d-----w- c:\programdata\Isolated Storage
2013-06-05 10:27 . 2013-06-05 10:27 -------- d-----w- c:\program files (x86)\SliceMaker, Inc
2013-06-04 20:45 . 2013-06-04 20:45 -------- d-----w- c:\users\User\AppData\Roaming\MCS Electronics
2013-06-04 20:18 . 2005-03-30 09:12 14544 ----a-w- c:\windows\SysWow64\drivers\TVicPort.sys
2013-06-04 09:11 . 2013-06-04 09:11 -------- d-----w- c:\programdata\Codemasters
2013-06-04 09:11 . 2013-06-04 09:11 -------- d-----w- c:\programdata\Steam
2013-06-03 08:07 . 2013-06-03 08:07 -------- d-----w- c:\users\User\AppData\Roaming\iRecordMax Sound Recorder
2013-06-03 08:07 . 2005-05-18 09:52 1212416 ----a-w- c:\windows\SysWow64\NCTAudioInformation2.dll
2013-06-03 08:07 . 2005-05-17 10:37 1986560 ----a-w- c:\windows\SysWow64\NCTAudioFile2.dll
2013-06-03 08:07 . 2005-04-25 11:01 458752 ----a-w- c:\windows\SysWow64\NCTAudioRecord2.dll
2013-06-03 08:07 . 2005-04-25 11:01 458752 ----a-w- c:\windows\SysWow64\NCTAudioPlayer2.dll
2013-06-03 08:07 . 2005-04-04 15:21 602112 ----a-w- c:\windows\SysWow64\NCTAudioTransform2.dll
2013-06-03 08:07 . 2005-03-28 13:54 479232 ----a-w- c:\windows\SysWow64\NCTAudioVisualization2.dll
2013-06-03 08:07 . 2005-03-28 13:52 417792 ----a-w- c:\windows\SysWow64\NCTTextToAudio2.dll
2013-06-03 08:07 . 2005-02-24 09:51 348160 ----a-w- c:\windows\SysWow64\NCTWMAFile2.dll
2013-06-03 08:07 . 2005-04-15 10:08 880640 ----a-w- c:\windows\SysWow64\NCTAudioEditor2.dll
2013-06-03 08:07 . 2004-11-04 11:31 835584 ----a-w- c:\windows\SysWow64\NCTAudioCDGrabber2.dll
2013-06-03 08:07 . 2013-06-03 08:07 -------- d-----w- c:\program files (x86)\iRecordMax Sound Recorder
2013-06-02 08:43 . 2013-06-02 08:53 -------- d-----w- c:\users\User\AppData\Local\Arma 3 Alpha Lite
2013-06-02 08:43 . 2013-06-02 08:43 -------- d-----w- c:\programdata\Bohemia Interactive
2013-05-30 20:46 . 2013-05-30 20:46 -------- d-----w- c:\program files\OpenTTD
2013-05-30 08:46 . 2013-05-30 08:46 -------- d-----w- c:\programdata\A-PDF
2013-05-30 08:46 . 2013-05-30 09:01 -------- d-----w- c:\programdata\flipBook
2013-05-30 08:46 . 2013-05-30 08:46 -------- d-----w- c:\program files (x86)\eFlip Lite
2013-05-29 19:28 . 2013-05-29 19:28 -------- d-----w- c:\program files (x86)\Solid Edge ST
2013-05-29 08:17 . 2013-05-29 08:17 -------- d-----w- c:\users\User\AppData\Roaming\EMCO
2013-05-29 08:17 . 2013-05-29 08:17 -------- d-----w- c:\program files (x86)\EMCO
2013-05-29 07:46 . 2006-09-26 03:44 62464 ----a-w- c:\windows\SysWow64\sevLock.dll
2013-05-29 07:41 . 2008-05-07 13:03 290816 ----a-w- c:\windows\SysWow64\cyviewer.ocx
2013-05-29 07:38 . 2009-08-24 19:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe
2013-05-29 07:08 . 2013-05-29 07:08 -------- d-----w- c:\program files (x86)\JAM Software
2013-05-29 05:18 . 2013-05-29 05:18 -------- d-----w- c:\program files (x86)\MunSoft
2013-05-28 21:29 . 2013-05-28 21:29 -------- d-----w- c:\programdata\ShinyTales
2013-05-28 21:16 . 2013-05-28 21:16 -------- d-----w- c:\users\User\AppData\Roaming\Atari
2013-05-28 19:42 . 2013-05-28 19:43 -------- d-----w- c:\program files\Bacula
2013-05-28 19:39 . 2013-05-28 20:01 -------- d-----w- c:\program files (x86)\Cobian Backup 11
2013-05-28 19:35 . 2013-05-28 19:42 -------- d-----w- c:\program files (x86)\FullDataBackup
2013-05-28 17:00 . 2013-05-28 17:00 -------- d-----w- c:\programdata\AllMyBooks
2013-05-28 17:00 . 2013-05-28 17:00 -------- d-----w- c:\users\User\AppData\Roaming\Obsidium
2013-05-28 16:59 . 2013-05-28 16:59 -------- d-----w- c:\program files (x86)\directx
2013-05-27 17:20 . 2013-05-27 17:20 5632 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{A44721BB-80BE-45A0-8679-F71E94400CAC}\IconA44721BB1.exe
2013-05-27 17:20 . 2013-05-27 17:20 6656 ----a-r- c:\users\User\AppData\Roaming\Microsoft\Installer\{A44721BB-80BE-45A0-8679-F71E94400CAC}\IconA44721BB.exe
2013-05-27 17:20 . 2013-05-27 17:20 -------- d-----w- c:\program files (x86)\UTCacheCleaner3
2013-05-27 16:57 . 2013-05-27 16:57 -------- d-----w- c:\users\User\AppData\Local\ESET
2013-05-27 16:56 . 2013-05-27 16:56 -------- d-----w- c:\program files\ESET
2013-05-27 12:47 . 2013-05-29 06:03 -------- d-----w- c:\programdata\PT Portrait
2013-05-27 12:47 . 2013-05-27 12:47 -------- d-----w- c:\program files\PT Portrait
2013-05-25 14:43 . 2009-07-07 06:31 290904 ----a-w- c:\windows\SysWow64\vc6-re200l.dll
2013-05-25 14:43 . 2009-07-07 06:31 73728 ----a-w- c:\windows\SysWow64\RWUXThemeS.dll
2013-05-25 14:43 . 2009-05-20 10:46 5752320 ----a-w- c:\windows\SysWow64\BCGCBPRO103090.dll
2013-05-25 14:43 . 2009-01-29 15:25 4419584 ----a-w- c:\windows\SysWow64\BCGCBPRO10180.dll
2013-05-25 14:21 . 2013-05-25 14:22 -------- d-----w- c:\program files (x86)\Hyperterminal
2013-05-24 20:45 . 2013-05-24 20:45 -------- d-----w- c:\program files (x86)\GamePark
2013-05-22 07:50 . 2013-05-22 07:51 -------- d-----w- c:\users\User\AppData\Roaming\Software Informer
2013-05-22 07:50 . 2013-05-22 07:50 -------- d-----w- c:\program files\Software Informer
2013-05-22 07:50 . 2013-05-22 07:50 -------- d-----w- c:\program files (x86)\IconLover
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 01:00 . 2013-02-12 14:01 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 12:56 . 2013-02-12 14:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 12:56 . 2013-02-12 14:39 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-13 23:44 . 2013-05-11 22:52 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-05-12 21:42 . 2013-03-27 16:27 27775776 ----a-w- c:\windows\system32\nvoglv64.dll
2013-05-12 21:42 . 2013-02-12 13:25 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-05-12 21:42 . 2013-02-12 13:25 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-05-12 21:42 . 2013-02-12 13:25 2935696 ----a-w- c:\windows\system32\nvapi64.dll
2013-05-12 21:42 . 2013-02-12 13:25 2597344 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-05-12 21:42 . 2013-02-12 13:25 15910736 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-05-12 21:42 . 2013-02-12 13:25 12426216 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-05-12 21:42 . 2013-02-12 13:25 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-05-12 20:34 . 2013-02-12 13:25 6491936 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-02-12 13:25 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-02-12 13:25 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-02-12 13:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-02-12 13:25 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-02-12 13:25 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-12 13:43 . 2013-05-12 13:43 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-05-09 16:27 . 2013-04-29 17:35 90976 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2013-05-09 16:27 . 2013-05-07 15:24 205984 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1033\ResourceCache.dll
2013-05-08 14:13 . 2013-02-12 13:25 3165737 ----a-w- c:\windows\system32\nvcoproc.bin
2013-05-02 00:06 . 2013-02-12 13:13 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-29 09:00 . 2013-04-29 09:00 1566720 ----a-w- c:\windows\SysWow64\VSFilter.dll
2013-04-20 04:12 . 2013-05-01 21:44 263912 ----a-w- c:\windows\system32\drivers\diskpt.sys
2013-04-13 05:49 . 2013-05-14 19:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 19:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 19:05 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 19:05 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 19:05 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 19:05 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 15:36 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-14 19:05 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-14 19:05 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-14 19:05 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-05 19:26 . 2013-04-05 19:26 1679360 ----a-w- c:\windows\SysWow64\ac3filter.acm
2013-04-04 03:35 . 2013-03-05 12:38 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-22 02:00 . 2013-03-22 02:00 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-22 02:00 . 2013-03-22 02:00 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-22 02:00 . 2013-03-22 02:00 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-22 02:00 . 2013-03-22 02:00 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-22 02:00 . 2013-03-22 02:00 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-22 02:00 . 2013-03-22 02:00 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-22 02:00 . 2013-03-22 02:00 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-22 02:00 . 2013-03-22 02:00 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-22 02:00 . 2013-03-22 02:00 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-22 02:00 . 2013-03-22 02:00 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-22 02:00 . 2013-03-22 02:00 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-22 02:00 . 2013-03-22 02:00 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-22 02:00 . 2013-03-22 02:00 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-22 02:00 . 2013-03-22 02:00 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-22 02:00 . 2013-03-22 02:00 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-22 02:00 . 2013-03-22 02:00 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-22 02:00 . 2013-03-22 02:00 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-22 02:00 . 2013-03-22 02:00 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-22 02:00 . 2013-03-22 02:00 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-22 02:00 . 2013-03-22 02:00 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-22 02:00 . 2013-03-22 02:00 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-22 02:00 . 2013-03-22 02:00 441856 ----a-w- c:\windows\system32\html.iec
2013-03-22 02:00 . 2013-03-22 02:00 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-22 02:00 . 2013-03-22 02:00 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-22 02:00 . 2013-03-22 02:00 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-22 02:00 . 2013-03-22 02:00 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-22 02:00 . 2013-03-22 02:00 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-22 02:00 . 2013-03-22 02:00 235008 ----a-w- c:\windows\system32\url.dll
2013-03-22 02:00 . 2013-03-22 02:00 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-22 02:00 . 2013-03-22 02:00 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-22 02:00 . 2013-03-22 02:00 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-22 02:00 . 2013-03-22 02:00 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-22 02:00 . 2013-03-22 02:00 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-22 02:00 . 2013-03-22 02:00 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-22 02:00 . 2013-03-22 02:00 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-22 02:00 . 2013-03-22 02:00 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-22 02:00 . 2013-03-22 02:00 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-22 02:00 . 2013-03-22 02:00 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-22 02:00 . 2013-03-22 02:00 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-22 02:00 . 2013-03-22 02:00 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-22 02:00 . 2013-03-22 02:00 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-22 02:00 . 2013-03-22 02:00 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-22 02:00 . 2013-03-22 02:00 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-22 02:00 . 2013-03-22 02:00 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-22 02:00 . 2013-03-22 02:00 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-22 02:00 . 2013-03-22 02:00 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-22 02:00 . 2013-03-22 02:00 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-22 02:00 . 2013-03-22 02:00 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-22 02:00 . 2013-03-22 02:00 12800 ----a-w- c:\windows\system32\msfeedssync.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2013-02-15 127040]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-06-06 1641896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2013-02-19 6342976]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"Backup"="c:\program files (x86)\1-abc\Backup\BKPStarter.exe" [2012-10-05 43184]
"AshSnap"="c:\program files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe" [2013-05-17 3758928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Cobian Backup 11"="c:\program files (x86)\Cobian Backup 11\Cobian.exe" [2013-03-07 720896]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 Bacula-fd;Bacula File Backup Service;c:\program files\Bacula\bacula-fd.exe;c:\program files\Bacula\bacula-fd.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 DfSdkS;Defragmentation-Service;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 CH341SER_A64;CH341SER_A64;c:\windows\system32\Drivers\CH341S64.SYS;c:\windows\SYSNATIVE\Drivers\CH341S64.SYS [x]
R3 lowcdc;Low-Speed CDC Transfer Interface;c:\windows\system32\DRIVERS\lowcdc.sys;c:\windows\SYSNATIVE\DRIVERS\lowcdc.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys;c:\windows\SYSNATIVE\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 diskpt;diskpt;c:\windows\SYSTEM32\drivers\diskpt.sys;c:\windows\SYSNATIVE\drivers\diskpt.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [x]
S2 ACT2_Service;Ashampoo Core Tuner 2 Service;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe [x]
S2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [x]
S2 AHDDC2;Ashampoo HDD Control 2 Service;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 17:30 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 12:56]
.
2013-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-06-14 c:\windows\Tasks\One-Click Optimizer.job
- e:\program files 2\Ashampoo WinOptimizer 9\WO9.exe [2013-05-29 09:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Shadow Defender Daemon"="c:\program files\Shadow Defender\DefenderDaemon.exe" [2013-04-20 325216]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"Ashampoo HDD-Control 2 Guard"="e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2012-07-30 3783592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to CaptureSaver - c:\program files (x86)\CaptureSaver\\AddFromIE.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-06-19 18:52:37
ComboFix-quarantined-files.txt 2013-06-19 16:52
.
Před spuštěním: Volných bajtů: 28 966 129 664
Po spuštění: Volných bajtů: 28 677 967 872
.
- - End Of File - - D082D9B4E2F8EA6212D6B34F5841906B
A36C5E4F47E84449FF07ED3517B43A31
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezřele na prishing breberku
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
- Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Podezřele na prishing breberku
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-19 23:01:14
-----------------------------
23:01:14.387 OS Version: Windows x64 6.1.7601 Service Pack 1
23:01:14.387 Number of processors: 4 586 0x3A09
23:01:14.387 ComputerName: SPEEDEAD UserName: User
23:01:14.614 Initialize success
23:01:24.865 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:01:24.868 Disk 0 Vendor: KINGSTON_SV300S37A120G 505ABBF0 Size: 114473MB BusType: 3
23:01:24.870 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
23:01:24.872 Disk 1 Vendor: WDC_WD30EZRX-00MMMB0 80.00A80 Size: 2861588MB BusType: 3
23:01:24.879 Disk 0 MBR read successfully
23:01:24.881 Disk 0 MBR scan
23:01:24.883 Disk 0 Windows 7 default MBR code
23:01:24.886 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:01:24.889 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
23:01:24.895 Disk 0 scanning C:\Windows\system32\drivers
23:01:27.522 Service scanning
23:01:29.800 Modules scanning
23:01:29.808 Disk 0 trace - called modules:
23:01:29.815 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
23:01:29.820 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f15060]
23:01:29.824 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8006abe520]
23:01:29.828 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006992060]
23:01:29.831 Scan finished successfully
23:02:46.482 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
23:02:46.499 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"
Run date: 2013-06-19 23:01:14
-----------------------------
23:01:14.387 OS Version: Windows x64 6.1.7601 Service Pack 1
23:01:14.387 Number of processors: 4 586 0x3A09
23:01:14.387 ComputerName: SPEEDEAD UserName: User
23:01:14.614 Initialize success
23:01:24.865 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:01:24.868 Disk 0 Vendor: KINGSTON_SV300S37A120G 505ABBF0 Size: 114473MB BusType: 3
23:01:24.870 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
23:01:24.872 Disk 1 Vendor: WDC_WD30EZRX-00MMMB0 80.00A80 Size: 2861588MB BusType: 3
23:01:24.879 Disk 0 MBR read successfully
23:01:24.881 Disk 0 MBR scan
23:01:24.883 Disk 0 Windows 7 default MBR code
23:01:24.886 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
23:01:24.889 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
23:01:24.895 Disk 0 scanning C:\Windows\system32\drivers
23:01:27.522 Service scanning
23:01:29.800 Modules scanning
23:01:29.808 Disk 0 trace - called modules:
23:01:29.815 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
23:01:29.820 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f15060]
23:01:29.824 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8006abe520]
23:01:29.828 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006992060]
23:01:29.831 Scan finished successfully
23:02:46.482 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
23:02:46.499 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezřele na prishing breberku
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
- Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Podezřele na prishing breberku
Vypadá to, že breberka byla odstraněna. Dělávalo mě to 2x 3x denně. Nechám to tu pár dní ještě otevřený a někdy po víkendu to zavřu, když se už neobjeví. Díky za váš čas.
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Podezřele na prishing breberku
Nemáš zač!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
- Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Podezřele na prishing breberku Vyřešeno
Breberka se už neprojevila, takže zavírám.
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 32 hostů