Ahoj, jsem další, kdo kliknul na aktualizaci Flashplayeru z FB a nejde mi.
Děkuji za pomoc.
Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by zus at 2011-10-30 21:36:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 338 GB (73%) free of 462 GB
Total RAM: 4063 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:58, on 30.10.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\zus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.7:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (file missing)
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-12-0\svchost.exe
O4 - HKLM\..\Run: [2339256.exe] "C:\Windows\Temp\2339256.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [7726231.exe] "C:\Users\zus\AppData\Local\Temp\7726231.exe"
O4 - HKLM\..\Run: [1120380.exe] "C:\Windows\TEMP\1120380.exe"
O4 - HKLM\..\Run: [3857082.exe] "C:\Windows\Temp\3857082.exe"
O4 - HKLM\..\Run: [3730222.exe] "C:\Users\zus\AppData\Local\Temp\3730222.exe"
O4 - HKLM\..\Run: [1771692.exe] "C:\Windows\Temp\1771692.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\zus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {4ADC518E-B607-11D4-B395-0001020F4519} (SigVer Class) - https://portal.ozp.cz/obj/Signer.cab
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} (Java Plug-in 1.6.0_14) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}: NameServer = 10.0.0.138,192.168.0.1
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing)
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17650 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2576
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe" -RunBySCM
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-09a9d22e-af42-44eb-8e8a-0c70593f5843 -SystemEventPortName:HostProcess-6282e9b4-18f0-4790-8791-8b7d0accc6ed -IoCancelEventPortName:HostProcess-29d588a2-3428-4134-9679-a10cdfbf7b0d -NonStateChangingEventPortName:HostProcess-c775e0d7-1efb-4c81-ae5b-62eecb47135f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:be339d97-3d51-4fb7-8645-e2925579b14e
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\ufa\ufa.exe -o http://127.0.0.1:34506 -g no
\??\C:\Windows\system32\conhost.exe "412365077385289019-13852974481072502842344286441-1251957149-1412889028-108156276
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
/Device:00000061
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
taskeng.exe {E2443532-1E0B-4600-BE41-E2C9E991BC41}
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-17762990371079369939393345558-1258990531987744888-182499953661480442-82047171
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
/Device:00000061
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Apntex.exe"
taskeng.exe {229C0570-EEC8-4CF5-A9A1-CD3C527B322D}
\??\C:\Windows\system32\conhost.exe "-1559362978-1799084197-485139059-2009547986-17225011332016266354-1179992898718064231
"C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
C:\Windows\splwow64.exe 12288
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\zus\Desktop\jana_v\programky\RogueKiller.exe"
\??\C:\Windows\system32\conhost.exe "1195066958-178162024686360043-1259144471-1814473910-1461325348-464798530-1092137850
C:\Windows\system32\cmd.exe /c notepad "c:\users\zus\desktop\RKreport[1].txt"
notepad "c:\users\zus\desktop\RKreport[1].txt"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\zus\Desktop\jana_v\programky\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, xmlfiller@software602.cz:3.16.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.5, {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.1.2, {9458ca25-39fd-4ba8-9520-acc5c0d877b6}:1.6, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.7.0.6, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.6, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8"
prefs.js - "keyword.URL" - "http://www.webhledani.cz/results.aspx?i=39&tp=ab&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660]
"Description"=12.0.1.660
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
npwachk.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIFillerPlugin.xpt
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
npfiller.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
{c50ca3c4-5656-43c2-a061-13e717f73fc8}
C:\Users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-19 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-08-09 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVGTOOLBAR
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} -
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll []
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2009-08-03 208384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-24 7938080]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-24 1833504]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-19 171520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe -startup []
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk [2011-10-08 2417]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2011-05-13 4283256]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-05-26 317288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-10 98304]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2009-09-06 26624]
"SHTtray.exe"=C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2009-07-28 99624]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2009-12-21 39424]
"zzzHPSETUP"=E:\Setup.exe []
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe -start []
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe []
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-08-09 273544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"wxpdrv"=C:\Windows\services32.exe [2011-10-30 1109504]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-12-0\svchost.exe [2011-10-30 1109504]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"2339256.exe"=C:\Windows\Temp\2339256.exe []
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-10-30 258048]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-10-30 258048]
"7726231.exe"=C:\Users\zus\AppData\Local\Temp\7726231.exe [2011-10-30 258048]
"1120380.exe"=C:\Windows\TEMP\1120380.exe []
"3857082.exe"=C:\Windows\Temp\3857082.exe [2011-10-30 258048]
"3730222.exe"=C:\Users\zus\AppData\Local\Temp\3730222.exe [2011-10-30 258048]
"1771692.exe"=C:\Windows\Temp\1771692.exe [2011-10-30 258048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\zus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-10-30 13:26:50 ----SHD---- C:\Config.Msi
2011-10-30 12:54:40 ----D---- C:\Program Files\PHP Manager 1.2 for IIS 7
2011-10-30 12:03:10 ----D---- C:\Windows\ufa
2011-10-30 12:03:10 ----D---- C:\Windows\rpcminer
2011-10-30 12:03:10 ----D---- C:\Windows\phoenix
2011-10-30 12:02:29 ----A---- C:\Windows\btc_client_iplist.txt
2011-10-30 12:02:02 ----HD---- C:\Windows\update.5.0
2011-10-30 12:01:55 ----A---- C:\Windows\unrar.exe
2011-10-30 12:01:53 ----A---- C:\Windows\iecheck_iplist.txt
2011-10-30 11:35:17 ----HD---- C:\Windows\update.2
2011-10-30 11:31:22 ----A---- C:\Windows\sysdriver32_.exe
2011-10-30 11:31:22 ----A---- C:\Windows\iplist.txt
2011-10-30 11:30:36 ----A---- C:\Windows\sysdriver32.exe
2011-10-30 11:29:53 ----A---- C:\Windows\front_ip_list.txt
2011-10-30 11:29:37 ----D---- C:\Windows\av_ico
2011-10-30 11:28:00 ----HD---- C:\Windows\update.1
2011-10-30 11:27:41 ----HD---- C:\Windows\update.tray-12-0-lnk
2011-10-30 11:27:41 ----HD---- C:\Windows\update.tray-12-0
2011-10-30 11:16:17 ----A---- C:\Windows\winlog-ids.txt
2011-10-30 11:16:17 ----A---- C:\Windows\winlog-dirs.txt
2011-10-30 11:16:04 ----A---- C:\Windows\services32.exe
2011-10-25 18:51:39 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-25 18:51:39 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-25 18:51:39 ----A---- C:\Windows\SYSWOW64\java.exe
2011-10-25 13:28:26 ----D---- C:\Users\zus\AppData\Roaming\DVDVideoSoft
2011-10-25 13:28:13 ----D---- C:\Program Files (x86)\Conduit
2011-10-25 13:28:09 ----D---- C:\Program Files (x86)\DVDVideoSoftTB
2011-10-25 13:27:54 ----D---- C:\Users\zus\AppData\Roaming\DVDVideoSoftIEHelpers
2011-10-25 13:27:43 ----D---- C:\Program Files (x86)\DVDVideoSoft
2011-10-23 19:57:58 ----D---- C:\Program Files (x86)\YouTube Downloader
2011-10-12 19:02:25 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 19:02:19 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 19:02:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 19:02:14 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 19:02:13 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 19:02:11 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 19:02:10 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 19:02:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 19:02:10 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-10-12 19:02:10 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 19:02:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 19:02:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 19:02:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 19:02:09 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 19:02:09 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-12 19:02:09 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 19:02:09 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 19:02:08 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 19:02:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 19:02:08 ----A---- C:\Windows\system32\url.dll
2011-10-12 19:02:08 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 19:00:17 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 19:00:17 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 18:57:30 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-12 18:57:30 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 18:57:29 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 18:57:29 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-09 11:21:43 ----SHD---- C:\Windows\SYSWOW64\%APPDATA%
2011-10-08 20:55:31 ----D---- C:\Windows\en
2011-10-08 20:51:59 ----D---- C:\Windows\cs
2011-10-08 20:48:44 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-10-08 20:43:50 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2011-10-08 20:43:17 ----D---- C:\Program Files\Windows Live
2011-10-08 20:41:25 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-10-08 20:41:25 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-10-08 20:41:24 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2011-10-08 20:41:24 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-10-08 15:31:07 ----D---- C:\Users\zus\AppData\Roaming\OxelonMC
2011-10-08 15:31:04 ----D---- C:\Program Files (x86)\OxelonMedia
2011-10-08 15:25:22 ----D---- C:\Program Files (x86)\FoxTabAVIConverter
2011-10-08 08:13:21 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2011-10-08 08:12:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-08 07:49:40 ----D---- C:\Users\zus\AppData\Roaming\AnvSoft
2011-10-08 07:48:49 ----D---- C:\Users\zus\AppData\Roaming\OpenCandy
2011-10-07 23:17:01 ----D---- C:\Program Files (x86)\Movie Maker 2.6
2011-10-07 22:23:32 ----D---- C:\Users\zus\AppData\Roaming\Sony
2011-10-07 21:28:50 ----D---- C:\ProgramData\Pinnacle
2011-10-01 08:04:47 ----D---- C:\Program Files\IrfanView
2011-10-01 08:04:11 ----D---- C:\Users\zus\AppData\Roaming\IrfanView
======List of files/folders modified in the last 1 month======
2011-10-30 21:36:58 ----D---- C:\Program Files\trend micro
2011-10-30 21:29:50 ----D---- C:\Windows\system32\Tasks
2011-10-30 21:19:35 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2011-10-30 21:19:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-10-30 21:16:09 ----D---- C:\Windows\system32\config
2011-10-30 20:45:38 ----D---- C:\Windows\Microsoft.NET
2011-10-30 20:43:45 ----D---- C:\Windows\Temp
2011-10-30 20:16:18 ----D---- C:\Users\zus\AppData\Roaming\XnView
2011-10-30 18:41:27 ----A---- C:\Windows\system32\NTS5CSET.INI
2011-10-30 18:21:21 ----D---- C:\Windows\Prefetch
2011-10-30 17:07:53 ----D---- C:\Windows\System32
2011-10-30 17:07:53 ----D---- C:\Windows\inf
2011-10-30 17:07:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-30 16:57:16 ----D---- C:\Windows\winsxs
2011-10-30 16:55:21 ----D---- C:\Windows\SYSWOW64\inetsrv
2011-10-30 16:55:21 ----D---- C:\Windows\SysWOW64
2011-10-30 16:55:21 ----D---- C:\Windows\system32\inetsrv
2011-10-30 16:55:21 ----D---- C:\Windows\system32\cs-CZ
2011-10-30 16:55:21 ----D---- C:\inetpub
2011-10-30 16:54:24 ----SHD---- C:\System Volume Information
2011-10-30 14:42:56 ----RSD---- C:\Windows\assembly
2011-10-30 13:26:55 ----SHD---- C:\Windows\Installer
2011-10-30 12:54:40 ----RD---- C:\Program Files
2011-10-30 12:03:10 ----D---- C:\Windows
2011-10-30 12:01:46 ----D---- C:\Windows\system32\drivers\etc
2011-10-30 11:38:16 ----D---- C:\Windows\Minidump
2011-10-30 11:38:16 ----D---- C:\Windows\debug
2011-10-30 11:32:59 ----D---- C:\Program Files (x86)\Common Files
2011-10-30 11:28:00 ----HD---- C:\ProgramData
2011-10-30 11:27:48 ----RD---- C:\Program Files (x86)
2011-10-30 11:26:13 ----D---- C:\Windows\system32\catroot
2011-10-30 08:11:46 ----D---- C:\Windows\system32\drivers\AVG
2011-10-29 12:28:57 ----D---- C:\Users\zus\AppData\Roaming\Audacity
2011-10-29 02:07:50 ----D---- C:\Program Files\Internet Explorer
2011-10-29 02:07:50 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-27 13:31:25 ----D---- C:\Windows\system32\NDF
2011-10-26 08:29:00 ----D---- C:\Windows\system32\catroot2
2011-10-25 19:08:52 ----RD---- C:\Users
2011-10-25 18:51:37 ----D---- C:\Program Files (x86)\Java
2011-10-25 18:42:39 ----D---- C:\Program Files (x86)\Intel
2011-10-25 14:43:30 ----D---- C:\Windows\system32\DriverStore
2011-10-25 13:21:05 ----D---- C:\Users\zus\AppData\Roaming\vlc
2011-10-24 12:09:17 ----SHD---- C:\Users\zus\AppData\Roaming\.#
2011-10-23 15:14:33 ----D---- C:\Users\zus\AppData\Roaming\skypePM
2011-10-22 16:36:40 ----D---- C:\Users\zus\AppData\Roaming\Skype
2011-10-20 13:06:06 ----AD---- C:\ProgramData\TEMP
2011-10-18 09:23:45 ----D---- C:\Users\zus\AppData\Roaming\dvdcss
2011-10-13 02:31:43 ----D---- C:\Windows\SYSWOW64\migration
2011-10-13 02:31:43 ----D---- C:\Windows\system32\migration
2011-10-13 02:31:43 ----D---- C:\Windows\ehome
2011-10-13 02:12:16 ----A---- C:\Windows\system32\MRT.exe
2011-10-10 02:22:43 ----D---- C:\ProgramData\Microsoft Help
2011-10-10 02:21:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-10 02:14:25 ----D---- C:\Program Files (x86)\Microsoft Works
2011-10-09 12:06:27 ----RSD---- C:\Windows\Fonts
2011-10-08 20:56:09 ----D---- C:\Program Files (x86)\Microsoft
2011-10-08 20:53:47 ----D---- C:\Program Files (x86)\Windows Live
2011-10-08 20:44:12 ----SD---- C:\ProgramData\Microsoft
2011-10-08 20:44:04 ----D---- C:\Windows\system32\drivers
2011-10-08 20:43:50 ----DC---- C:\Windows\system32\DRVSTORE
2011-10-08 20:36:01 ----SD---- C:\Users\zus\AppData\Roaming\Microsoft
2011-10-08 04:13:01 ----D---- C:\Program Files (x86)\Registry Mechanic
2011-10-08 04:12:54 ----D---- C:\Windows\Tasks
2011-10-08 02:54:28 ----D---- C:\Users\zus\AppData\Roaming\Adobe
2011-10-07 23:14:21 ----D---- C:\Program Files (x86)\Sony
2011-10-07 21:34:14 ----D---- C:\Users\zus\AppData\Roaming\DivX
2011-10-03 04:06:03 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-10-01 08:04:11 ----D---- C:\Program Files (x86)\IrfanView
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-04 377936]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimssn64.sys [2009-07-31 86528]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [2009-07-31 76288]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-08-03 250928]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-27 6037504]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-08-03 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-08-03 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-08-03 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-03 21160]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-24 1822112]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-05 5435904]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-24 201472]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-27 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
R2 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-28 120104]
R2 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-28 70952]
R2 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-28 427304]
R2 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-28 75048]
R2 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-28 91432]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2009-07-01 204648]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2009-08-13 522240]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-07-23 206336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2009-07-23 313264]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe []
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 133104]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe []
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 544768]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-06 651720]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-06 133104]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-07-23 69632]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-18 110888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
další FB vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: další FB vir
Dobrý večer 
Stáhněte program RogueKiller
Stáhněte program RogueKiller
- Spuste program
- Stiskněte klávesu 2 a enter
- Objeví se vám log a ten sem vložte
- Stějně tak opakujte s volbou 3 a 4 a vložte logy
- Stáhneme si Combofix
- Program uložíme nejlépe na Plochu
- Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
- Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
- Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,) - Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
- Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
- Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
- Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
- Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
- (Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: další FB vir
RogueKiller V6.1.5 [10/29/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: zus [Admin rights]
Mode: Remove -- Date : 10/30/2011 21:30:16
Bad processes: 4
[SERVICE] srvbtcclient -- C:\Windows\update.5.0\svchost.exe srv -> STOPPED
[SERVICE] srviecheck -- C:\Windows\update.2\svchost.exe srv -> STOPPED
[SERVICE] srvsysdriver32 -- C:\Windows\sysdriver32.exe srv -> STOPPED
[SERVICE] wxpdrivers -- C:\Windows\update.1\svchost.exe srv -> STOPPED
Registry Entries: 16
[SUSP PATH] HKCU\[...]\Run : MediaGet2 (C:\Users\zus\AppData\Local\MediaGet2\mediaget.exe --minimized) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.2.7:3128) -> NOT REMOVED, USE PROXYFIX
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E} : NameServer (10.0.0.138,192.168.0.1) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E} : NameServer (10.0.0.138,192.168.0.1) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()
Particular Files / Folders:
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
127.0.0.1 fr-fr.facebook.com
[...]
Finished : << RKreport[1].txt >>
RKreport[1].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: zus [Admin rights]
Mode: Remove -- Date : 10/30/2011 21:30:16
Bad processes: 4
[SERVICE] srvbtcclient -- C:\Windows\update.5.0\svchost.exe srv -> STOPPED
[SERVICE] srviecheck -- C:\Windows\update.2\svchost.exe srv -> STOPPED
[SERVICE] srvsysdriver32 -- C:\Windows\sysdriver32.exe srv -> STOPPED
[SERVICE] wxpdrivers -- C:\Windows\update.1\svchost.exe srv -> STOPPED
Registry Entries: 16
[SUSP PATH] HKCU\[...]\Run : MediaGet2 (C:\Users\zus\AppData\Local\MediaGet2\mediaget.exe --minimized) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (C:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (C:\Windows\update.1\svchost.exe srv) -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.2.7:3128) -> NOT REMOVED, USE PROXYFIX
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E} : NameServer (10.0.0.138,192.168.0.1) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E} : NameServer (10.0.0.138,192.168.0.1) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED ()
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()
Particular Files / Folders:
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
127.0.0.1 fr-fr.facebook.com
[...]
Finished : << RKreport[1].txt >>
RKreport[1].txt
Re: další FB vir
RogueKiller V6.1.5 [10/29/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: zus [Admin rights]
Mode: HOSTSFix -- Date : 10/30/2011 21:57:51
Bad processes: 0
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
127.0.0.1 fr-fr.facebook.com
[...]
Resetted HOSTS:
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: zus [Admin rights]
Mode: HOSTSFix -- Date : 10/30/2011 21:57:51
Bad processes: 0
Driver: [NOT LOADED]
HOSTS File:
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
127.0.0.1 fr-fr.facebook.com
[...]
Resetted HOSTS:
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Re: další FB vir
RogueKiller V6.1.5 [10/29/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: zus [Admin rights]
Mode: ProxyFix -- Date : 10/30/2011 21:58:32
Bad processes: 0
Driver: [NOT LOADED]
Registry Entries: 1
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.2.7:3128) -> DELETED
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: zus [Admin rights]
Mode: ProxyFix -- Date : 10/30/2011 21:58:32
Bad processes: 0
Driver: [NOT LOADED]
Registry Entries: 1
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.2.7:3128) -> DELETED
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: další FB vir
Pokračujte Combofixem.. Zítra na to mrknu.. předpokládám po 16h.. 
děkuji za pochopení
děkuji za pochopení Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: další FB vir
ComboFix 11-10-30.03 - zus 30.10.2011 22:06:21.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2031 [GMT 1:00]
Spuštěný z: c:\users\zus\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\zus\AppData\Roaming\.#
c:\users\zus\AppData\Roaming\.#\MBX@F14@292770.###
c:\users\zus\AppData\Roaming\.#\MBX@F14@2927A0.###
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\proc_list1.log
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\services32.exe
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\SysWow64\system
c:\windows\Temp\1771692.exe
c:\windows\Temp\3857082.exe
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 21:19 . 2011-10-30 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 21:19 . 2011-10-30 21:19 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-10-30 11:54 . 2011-10-30 12:26 -------- d-----w- c:\program files\PHP Manager 1.2 for IIS 7
2011-10-30 11:03 . 2011-10-30 11:03 -------- d-----w- c:\windows\ufa
2011-10-30 11:01 . 2011-10-30 11:03 246272 ----a-w- c:\windows\unrar.exe
2011-10-30 10:29 . 2011-10-30 10:29 -------- d-----w- c:\windows\av_ico
2011-10-30 10:27 . 2011-10-30 10:27 -------- d--h--w- c:\windows\update.tray-12-0
2011-10-30 10:27 . 2011-10-30 10:27 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-10-26 07:31 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 07:31 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 18:08 . 2011-10-30 21:04 -------- d-----w- c:\users\DefaultAppPool
2011-10-25 17:52 . 2011-10-25 17:52 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-25 15:49 . 2011-10-25 18:11 -------- d-----w- c:\users\zus\AppData\Local\MediaGet2
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\users\zus\AppData\Roaming\DVDVideoSoft
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\program files (x86)\Conduit
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\users\zus\AppData\Local\Conduit
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2011-10-23 18:57 . 2011-10-23 19:27 -------- d-----w- c:\program files (x86)\YouTube Downloader
2011-10-12 18:00 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 18:00 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 17:57 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 17:57 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 17:57 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 17:57 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-10 01:10 . 2011-10-10 01:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-09 10:21 . 2011-10-09 10:21 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-10-08 19:55 . 2011-10-08 19:55 -------- d-----w- c:\windows\en
2011-10-08 19:51 . 2011-10-08 19:51 -------- d-----w- c:\windows\cs
2011-10-08 19:48 . 2011-10-08 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-10-08 19:43 . 2011-05-13 13:37 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-10-08 19:43 . 2011-10-08 19:43 -------- d-----w- c:\program files\Windows Live
2011-10-08 19:41 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-10-08 19:41 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-10-08 19:41 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-10-08 19:41 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-10-08 19:41 . 2011-10-08 19:41 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\353284901cc85f20a\bingbarsetup.exe
2011-10-08 19:40 . 2011-10-08 19:40 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2048d16c1cc85f209\MeshBetaRemover.exe
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\dsetup32.dll
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\dsetup32.dll
2011-10-08 19:39 . 2011-10-30 11:57 -------- d-----w- c:\users\zus\AppData\Local\Windows Live
2011-10-08 19:36 . 2011-10-30 17:21 -------- d-----w- c:\users\zus\Tracing
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\users\zus\AppData\Roaming\OxelonMC
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\program files (x86)\OxelonMedia
2011-10-08 14:25 . 2011-10-08 14:25 -------- d-----w- c:\program files (x86)\FoxTabAVIConverter
2011-10-08 07:13 . 2011-10-08 12:37 -------- d-----w- c:\program files (x86)\Zrychleni Pocitace
2011-10-08 07:12 . 2011-10-13 01:33 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-10-08 06:49 . 2011-10-08 06:49 -------- d-----w- c:\users\zus\AppData\Roaming\AnvSoft
2011-10-08 06:49 . 2011-10-08 12:33 -------- d-----w- c:\users\zus\AppData\Local\OpenCandy
2011-10-08 06:48 . 2011-10-08 06:48 -------- d-----w- c:\users\zus\AppData\Roaming\OpenCandy
2011-10-08 02:45 . 2011-10-08 07:00 -------- d-----w- c:\users\zus\AppData\Local\WMTools Downloaded Files
2011-10-07 22:17 . 2011-10-07 22:17 -------- d-----w- c:\program files (x86)\Movie Maker 2.6
2011-10-07 21:23 . 2011-10-07 21:59 -------- d-----w- c:\users\zus\AppData\Local\Sony
2011-10-07 21:23 . 2011-10-07 21:23 -------- d-----w- c:\users\zus\AppData\Roaming\Sony
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\programdata\Pinnacle
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\users\zus\AppData\Local\Downloaded Installations
2011-10-01 07:04 . 2011-10-01 07:06 -------- d-----w- c:\program files\IrfanView
2011-10-01 07:04 . 2011-10-01 07:04 -------- d-----w- c:\users\zus\AppData\Roaming\IrfanView
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-08 19:43 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 03:06 . 2010-04-19 22:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-13 07:35 . 2011-09-13 07:35 0 ---ha-w- c:\users\zus\AppData\Local\BIT5264.tmp
2011-09-12 21:47 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-12 21:47 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-09 18:00 . 2003-03-19 03:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-08-09 18:00 . 2003-02-21 11:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-06 08:04 . 2011-08-06 08:04 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"="c:\program files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk" [2011-10-08 2417]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-10 98304]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-09-06 26624]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2009-07-27 99624]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2009-12-21 39424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-08-09 273544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"tray_ico0"="c:\windows\update.tray-12-0\svchost.exe" [2011-10-30 1109504]
.
c:\users\zus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisableThumbnailCache"=dword:00000001
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 133104]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 544768]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 133104]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 23:39]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 23:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-19 171520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\zus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\1417571627965737022556374716572716E647: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\24F4C4C4544514: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46573716E6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46C696E6B6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\47F627561646F62723: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A55535F5345627E6F637963656: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A616D636166656: NameServer = 10.0.0.138,192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
FF - ProfilePath - c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
FF - Ext: OPML Support: {9458ca25-39fd-4ba8-9520-acc5c0d877b6} - %profile%\extensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\program files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe
Wow6432Node-HKLM-Run-zzzHPSETUP - E:\Setup.exe
Wow6432Node-HKLM-Run-ISUSScheduler - c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG10\avgtray.exe
Wow6432Node-HKLM-Run-wxpdrv - c:\windows\services32.exe
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico1 - (no file)
Wow6432Node-HKLM-Run-tray_ico2 - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-10-30 22:57:31
ComboFix-quarantined-files.txt 2011-10-30 21:57
.
Před spuštěním: Volných bajtů: 377 928 187 904
Po spuštění: Volných bajtů: 379 836 354 560
.
- - End Of File - - CC663C2107AF669FE7EDE91E806EA894
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2031 [GMT 1:00]
Spuštěný z: c:\users\zus\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\zus\AppData\Roaming\.#
c:\users\zus\AppData\Roaming\.#\MBX@F14@292770.###
c:\users\zus\AppData\Roaming\.#\MBX@F14@2927A0.###
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\proc_list1.log
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\services32.exe
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\SysWow64\system
c:\windows\Temp\1771692.exe
c:\windows\Temp\3857082.exe
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-30 )))))))))))))))))))))))))))))))
.
.
2011-10-30 21:19 . 2011-10-30 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-30 21:19 . 2011-10-30 21:19 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-10-30 11:54 . 2011-10-30 12:26 -------- d-----w- c:\program files\PHP Manager 1.2 for IIS 7
2011-10-30 11:03 . 2011-10-30 11:03 -------- d-----w- c:\windows\ufa
2011-10-30 11:01 . 2011-10-30 11:03 246272 ----a-w- c:\windows\unrar.exe
2011-10-30 10:29 . 2011-10-30 10:29 -------- d-----w- c:\windows\av_ico
2011-10-30 10:27 . 2011-10-30 10:27 -------- d--h--w- c:\windows\update.tray-12-0
2011-10-30 10:27 . 2011-10-30 10:27 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-10-26 07:31 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 07:31 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 18:08 . 2011-10-30 21:04 -------- d-----w- c:\users\DefaultAppPool
2011-10-25 17:52 . 2011-10-25 17:52 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-25 15:49 . 2011-10-25 18:11 -------- d-----w- c:\users\zus\AppData\Local\MediaGet2
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\users\zus\AppData\Roaming\DVDVideoSoft
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\program files (x86)\Conduit
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\users\zus\AppData\Local\Conduit
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2011-10-23 18:57 . 2011-10-23 19:27 -------- d-----w- c:\program files (x86)\YouTube Downloader
2011-10-12 18:00 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 18:00 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 17:57 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 17:57 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 17:57 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 17:57 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-10 01:10 . 2011-10-10 01:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-09 10:21 . 2011-10-09 10:21 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-10-08 19:55 . 2011-10-08 19:55 -------- d-----w- c:\windows\en
2011-10-08 19:51 . 2011-10-08 19:51 -------- d-----w- c:\windows\cs
2011-10-08 19:48 . 2011-10-08 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-10-08 19:43 . 2011-05-13 13:37 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-10-08 19:43 . 2011-10-08 19:43 -------- d-----w- c:\program files\Windows Live
2011-10-08 19:41 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-10-08 19:41 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-10-08 19:41 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-10-08 19:41 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-10-08 19:41 . 2011-10-08 19:41 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\353284901cc85f20a\bingbarsetup.exe
2011-10-08 19:40 . 2011-10-08 19:40 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2048d16c1cc85f209\MeshBetaRemover.exe
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\dsetup32.dll
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\dsetup32.dll
2011-10-08 19:39 . 2011-10-30 11:57 -------- d-----w- c:\users\zus\AppData\Local\Windows Live
2011-10-08 19:36 . 2011-10-30 17:21 -------- d-----w- c:\users\zus\Tracing
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\users\zus\AppData\Roaming\OxelonMC
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\program files (x86)\OxelonMedia
2011-10-08 14:25 . 2011-10-08 14:25 -------- d-----w- c:\program files (x86)\FoxTabAVIConverter
2011-10-08 07:13 . 2011-10-08 12:37 -------- d-----w- c:\program files (x86)\Zrychleni Pocitace
2011-10-08 07:12 . 2011-10-13 01:33 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-10-08 06:49 . 2011-10-08 06:49 -------- d-----w- c:\users\zus\AppData\Roaming\AnvSoft
2011-10-08 06:49 . 2011-10-08 12:33 -------- d-----w- c:\users\zus\AppData\Local\OpenCandy
2011-10-08 06:48 . 2011-10-08 06:48 -------- d-----w- c:\users\zus\AppData\Roaming\OpenCandy
2011-10-08 02:45 . 2011-10-08 07:00 -------- d-----w- c:\users\zus\AppData\Local\WMTools Downloaded Files
2011-10-07 22:17 . 2011-10-07 22:17 -------- d-----w- c:\program files (x86)\Movie Maker 2.6
2011-10-07 21:23 . 2011-10-07 21:59 -------- d-----w- c:\users\zus\AppData\Local\Sony
2011-10-07 21:23 . 2011-10-07 21:23 -------- d-----w- c:\users\zus\AppData\Roaming\Sony
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\programdata\Pinnacle
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\users\zus\AppData\Local\Downloaded Installations
2011-10-01 07:04 . 2011-10-01 07:06 -------- d-----w- c:\program files\IrfanView
2011-10-01 07:04 . 2011-10-01 07:04 -------- d-----w- c:\users\zus\AppData\Roaming\IrfanView
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-08 19:43 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 03:06 . 2010-04-19 22:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-13 07:35 . 2011-09-13 07:35 0 ---ha-w- c:\users\zus\AppData\Local\BIT5264.tmp
2011-09-12 21:47 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-12 21:47 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-09 18:00 . 2003-03-19 03:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-08-09 18:00 . 2003-02-21 11:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-06 08:04 . 2011-08-06 08:04 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"="c:\program files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk" [2011-10-08 2417]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-10 98304]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-09-06 26624]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2009-07-27 99624]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2009-12-21 39424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-08-09 273544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"tray_ico0"="c:\windows\update.tray-12-0\svchost.exe" [2011-10-30 1109504]
.
c:\users\zus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisableThumbnailCache"=dword:00000001
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 133104]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 544768]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 133104]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 23:39]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 23:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-19 171520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\zus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\1417571627965737022556374716572716E647: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\24F4C4C4544514: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46573716E6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46C696E6B6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\47F627561646F62723: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A55535F5345627E6F637963656: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A616D636166656: NameServer = 10.0.0.138,192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
FF - ProfilePath - c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
FF - Ext: OPML Support: {9458ca25-39fd-4ba8-9520-acc5c0d877b6} - %profile%\extensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Wow6432Node-HKCU-Run-ISUSPM Startup - c:\program files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe
Wow6432Node-HKLM-Run-zzzHPSETUP - E:\Setup.exe
Wow6432Node-HKLM-Run-ISUSScheduler - c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG10\avgtray.exe
Wow6432Node-HKLM-Run-wxpdrv - c:\windows\services32.exe
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico1 - (no file)
Wow6432Node-HKLM-Run-tray_ico2 - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-10-30 22:57:31
ComboFix-quarantined-files.txt 2011-10-30 21:57
.
Před spuštěním: Volných bajtů: 377 928 187 904
Po spuštění: Volných bajtů: 379 836 354 560
.
- - End Of File - - CC663C2107AF669FE7EDE91E806EA894
Re: další FB vir
trvalo to strašně dlouho.
díky
díky
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: další FB vir
Odinstalujte Conduit,Zrychleni Pocitace a všechny nepotřebné toolbary Odinstalujte AVG přes utilitu: http://download.avg.com/filedir/util/av ... 2_1796.exePoté pokračujeme...
Otevřeme si Poznámkový blok 
- (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
- Vložíme do něj následující script:
Kód: Vybrat vše
KillAll:: Folder:: c:\users\Default\AppData\Local\temp c:\users\Guest\AppData\Local\temp c:\windows\ufa c:\windows\av_ico c:\windows\update.tray-12-0 c:\windows\update.tray-12-0-lnk c:\program files (x86)\Conduit c:\users\zus\AppData\Local\Conduit File:: c:\windows\unrar.exe c:\windows\Tasks\GoogleUpdateTaskMachineUA.job c:\windows\Tasks\GoogleUpdateTaskMachineCore.job Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"=- [-HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{872b5b88-9db5-4310-bdd0-ac189557e5f5}"=- [-HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCSpeedUp"=- "msnmsgr"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=- "WinampAgent"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "DivXUpdate"=- "TkBellExe"=- "SunJavaUpdateSched"=- "tray_ico0"=- [HKEY_LOCAL_MACHINE\software\microsoft\security center] "DisableThumbnailCache"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skytel"=- "SunJavaUpdateSched"=- Driver:: gupdate BBSvc gupdatem DDS:: uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2269050 Firefox:: FF - ProfilePath - c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms} FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] Reboot:: - Soubor uložíme na Plochu jako CFScript.txt
- Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
- Poté Combofix provede všechny operace a udělá nový log,který sem vložte
Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfiguraceNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: další FB vir
děkuju. ten conduit vůbec nemohu najít a také nevím, jak mám odinstalovat toolbary. děkuju za pomoc
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: další FB vir
Start\Ovládací panely\Programy a tam Odinstalovat program..co nenajdete přeskočte
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: další FB vir
jasně. nějak jsem to udělala. každopádně mi tam ten flashplayer-ten vir zůstal. asi pošlu log z combofixu..ale až v noci. díky. nebo z čeho mám poslat log?
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: další FB vir
Na požádání kolegy za něj na chvilku zaskočím.
Pokud jsi odinstalovala to AVG, proveď postup - script pro ComboFix, jak Ti psal kolega výše a hoď mu sem výsledný log. On nebo já na to mrkneme.
Zbytky toolbarů se odstraní potom jinak, neboj.
Pokud jsi odinstalovala to AVG, proveď postup - script pro ComboFix, jak Ti psal kolega výše a hoď mu sem výsledný log. On nebo já na to mrkneme. Zbytky toolbarů se odstraní potom jinak, neboj.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: další FB vir
tím combofixem jsem to projela, odinstalovala avg a vše. akorát ten log z combofixu jsem neuložila, ukládá se někde?
Re: další FB vir
Našla
ComboFix 11-10-30.03 - zus 31.10.2011 9:47.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2507 [GMT 1:00]
Spuštěný z: c:\users\zus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\zus\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\users\Default\AppData\Local\temp
c:\users\Guest\AppData\Local\temp
c:\users\zus\AppData\Local\Conduit
c:\users\zus\AppData\Local\Conduit\CT2269050\DVDVideoSoftTBAutoUpdateHelper.exe
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.js
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.xpt
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.xpt
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko19.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko6.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko7.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\alertSettingsComponent.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\appContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\fbAlert.js
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\getAppsContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\postAppsContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\toolbarContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\unsharedAppsContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome.manifest
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome\dvdvideosofttb.jar
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\INSTALL.LOG
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\install.rdf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\manifest.mf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.rsa
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.sf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\DataStructures.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\EBEncryption.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\HTTP.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Chat.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\IO.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Log.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\MainSingleton.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\MD5.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Notifications.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ObserversAndEvents.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Prefs.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\SearchProtector.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\SearchSuggestIO.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\String.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\TEAEncryption.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Timer.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Twitter.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\URL.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Windows.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\XML.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\setup.ini
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\version.txt
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome.manifest
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome\dvsmenuext.jar
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\install.rdf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\license.txt
c:\windows\av_ico
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-12-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-31 08:57 . 2011-10-31 08:57 -------- d-----w- c:\users\host\AppData\Local\temp
2011-10-30 11:54 . 2011-10-30 12:26 -------- d-----w- c:\program files\PHP Manager 1.2 for IIS 7
2011-10-26 07:31 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 07:31 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 18:08 . 2011-10-30 21:04 -------- d-----w- c:\users\DefaultAppPool
2011-10-25 17:52 . 2011-10-25 17:52 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-25 15:49 . 2011-10-25 18:11 -------- d-----w- c:\users\zus\AppData\Local\MediaGet2
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\users\zus\AppData\Roaming\DVDVideoSoft
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2011-10-23 18:57 . 2011-10-23 19:27 -------- d-----w- c:\program files (x86)\YouTube Downloader
2011-10-12 18:00 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 18:00 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 17:57 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 17:57 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 17:57 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 17:57 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-10 01:10 . 2011-10-10 01:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-09 10:21 . 2011-10-09 10:21 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-10-08 19:55 . 2011-10-08 19:55 -------- d-----w- c:\windows\en
2011-10-08 19:51 . 2011-10-08 19:51 -------- d-----w- c:\windows\cs
2011-10-08 19:48 . 2011-10-08 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-10-08 19:43 . 2011-05-13 13:37 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-10-08 19:43 . 2011-10-08 19:43 -------- d-----w- c:\program files\Windows Live
2011-10-08 19:41 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-10-08 19:41 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-10-08 19:41 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-10-08 19:41 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-10-08 19:41 . 2011-10-08 19:41 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\353284901cc85f20a\bingbarsetup.exe
2011-10-08 19:40 . 2011-10-08 19:40 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2048d16c1cc85f209\MeshBetaRemover.exe
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\dsetup32.dll
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\dsetup32.dll
2011-10-08 19:39 . 2011-10-31 07:36 -------- d-----w- c:\users\zus\AppData\Local\Windows Live
2011-10-08 19:36 . 2011-10-31 07:35 -------- d-----w- c:\users\zus\Tracing
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\users\zus\AppData\Roaming\OxelonMC
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\program files (x86)\OxelonMedia
2011-10-08 14:25 . 2011-10-08 14:25 -------- d-----w- c:\program files (x86)\FoxTabAVIConverter
2011-10-08 07:13 . 2011-10-08 12:37 -------- d-----w- c:\program files (x86)\Zrychleni Pocitace
2011-10-08 07:12 . 2011-10-13 01:33 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-10-08 06:49 . 2011-10-08 06:49 -------- d-----w- c:\users\zus\AppData\Roaming\AnvSoft
2011-10-08 06:49 . 2011-10-08 12:33 -------- d-----w- c:\users\zus\AppData\Local\OpenCandy
2011-10-08 06:48 . 2011-10-08 06:48 -------- d-----w- c:\users\zus\AppData\Roaming\OpenCandy
2011-10-08 02:45 . 2011-10-08 07:00 -------- d-----w- c:\users\zus\AppData\Local\WMTools Downloaded Files
2011-10-07 22:17 . 2011-10-07 22:17 -------- d-----w- c:\program files (x86)\Movie Maker 2.6
2011-10-07 21:23 . 2011-10-07 21:59 -------- d-----w- c:\users\zus\AppData\Local\Sony
2011-10-07 21:23 . 2011-10-07 21:23 -------- d-----w- c:\users\zus\AppData\Roaming\Sony
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\programdata\Pinnacle
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\users\zus\AppData\Local\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-08 19:43 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 03:06 . 2010-04-19 22:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-13 07:35 . 2011-09-13 07:35 0 ---ha-w- c:\users\zus\AppData\Local\BIT5264.tmp
2011-09-12 21:47 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-12 21:47 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-09 18:00 . 2003-03-19 03:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-08-09 18:00 . 2003-02-21 11:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-06 08:04 . 2011-08-06 08:04 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_21.20.47 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-10-30 17:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-31 08:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-31 08:59 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-30 17:12 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-31 08:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-30 17:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-18 23:31 . 2011-10-31 07:37 88420 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2010-01-04 15:49 . 2011-10-31 07:33 10726 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2011-10-31 07:37 51324 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-11-19 09:55 . 2011-10-31 07:37 30150 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-479643940-902982458-2825285055-1000_UserData.bin
+ 2009-11-19 14:09 . 2011-10-31 09:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-19 14:09 . 2011-10-30 17:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-10-31 07:38 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-11-19 14:09 . 2011-10-31 09:01 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-19 14:09 . 2011-10-30 17:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-19 14:09 . 2011-10-30 17:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-19 14:09 . 2011-10-31 09:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-20 05:51 . 2011-10-30 21:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-20 05:51 . 2011-10-31 09:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-20 05:51 . 2011-10-31 09:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-20 05:51 . 2011-10-30 21:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-04 15:40 . 2011-10-31 01:21 2650 c:\windows\system32\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2009-08-19 00:39 . 2011-10-31 08:58 3279 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2009-08-19 00:39 . 2011-10-30 15:55 3279 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-10-30 15:56 . 2011-10-30 17:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-31 08:59 . 2011-10-31 08:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-30 15:56 . 2011-10-30 17:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-31 08:59 . 2011-10-31 08:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-11-20 05:49 . 2011-10-31 07:23 393998 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-11-20 09:05 . 2011-10-31 03:50 476348 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-11-20 09:05 . 2011-10-30 20:03 476348 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2011-10-31 08:58 614288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-30 15:55 614288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-10 22:42 . 2011-10-31 07:33 614288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1005-8192.dat
- 2009-11-19 13:52 . 2011-10-30 10:26 770484 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-8192.dat
+ 2009-11-19 13:52 . 2011-10-31 08:58 770484 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-8192.dat
- 2010-08-13 17:31 . 2011-10-30 15:55 666296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-12288.dat
+ 2010-08-13 17:31 . 2011-10-31 07:33 666296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-09-06 26624]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2009-07-27 99624]
.
c:\users\zus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 544768]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-18 110888]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-08-13 522240]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-19 171520]
"combofix"="c:\combofix\CF1624.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\zus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\1417571627965737022556374716572716E647: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\24F4C4C4544514: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46573716E6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46C696E6B6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\47F627561646F62723: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A55535F5345627E6F637963656: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A616D636166656: NameServer = 10.0.0.138,192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
FF - ProfilePath - c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
FF - Ext: OPML Support: {9458ca25-39fd-4ba8-9520-acc5c0d877b6} - %profile%\extensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2011-10-31 10:28:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-31 09:27
ComboFix2.txt 2011-10-30 21:57
.
Před spuštěním: Volných bajtů: 378 105 434 112
Po spuštění: Volných bajtů: 377 632 141 312
.
- - End Of File - - FB68AFC42E137EC97C23A23BA8BC9513
ComboFix 11-10-30.03 - zus 31.10.2011 9:47.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2507 [GMT 1:00]
Spuštěný z: c:\users\zus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\zus\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\users\Default\AppData\Local\temp
c:\users\Guest\AppData\Local\temp
c:\users\zus\AppData\Local\Conduit
c:\users\zus\AppData\Local\Conduit\CT2269050\DVDVideoSoftTBAutoUpdateHelper.exe
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.js
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\ConduitAutoCompleteSearch.xpt
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.xpt
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko19.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko6.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko7.dll
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\alertSettingsComponent.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\appContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\fbAlert.js
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\getAppsContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\postAppsContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\toolbarContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults\unsharedAppsContextMenu.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome.manifest
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome\dvdvideosofttb.jar
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\INSTALL.LOG
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\install.rdf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\manifest.mf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.rsa
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF\zigbert.sf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\DataStructures.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\EBEncryption.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\HTTP.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Chat.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\IO.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Log.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\MainSingleton.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\MD5.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Notifications.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ObserversAndEvents.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Prefs.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\SearchProtector.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\SearchSuggestIO.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\String.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\TEAEncryption.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Timer.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Twitter.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\URL.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\Windows.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\XML.jsm
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin\conduit.xml
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\setup.ini
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\version.txt
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome.manifest
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome\dvsmenuext.jar
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\install.rdf
c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\license.txt
c:\windows\av_ico
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-12-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-31 08:57 . 2011-10-31 08:57 -------- d-----w- c:\users\host\AppData\Local\temp
2011-10-30 11:54 . 2011-10-30 12:26 -------- d-----w- c:\program files\PHP Manager 1.2 for IIS 7
2011-10-26 07:31 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 07:31 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-25 18:08 . 2011-10-30 21:04 -------- d-----w- c:\users\DefaultAppPool
2011-10-25 17:52 . 2011-10-25 17:52 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-25 15:49 . 2011-10-25 18:11 -------- d-----w- c:\users\zus\AppData\Local\MediaGet2
2011-10-25 12:28 . 2011-10-25 12:28 -------- d-----w- c:\users\zus\AppData\Roaming\DVDVideoSoft
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2011-10-25 12:27 . 2011-10-25 12:27 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2011-10-23 18:57 . 2011-10-23 19:27 -------- d-----w- c:\program files (x86)\YouTube Downloader
2011-10-12 18:00 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 18:00 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-12 18:00 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-12 17:57 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 17:57 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 17:57 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 17:57 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-10 01:10 . 2011-10-10 01:10 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-09 10:21 . 2011-10-09 10:21 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-10-08 19:55 . 2011-10-08 19:55 -------- d-----w- c:\windows\en
2011-10-08 19:51 . 2011-10-08 19:51 -------- d-----w- c:\windows\cs
2011-10-08 19:48 . 2011-10-08 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-10-08 19:43 . 2011-05-13 13:37 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-10-08 19:43 . 2011-10-08 19:43 -------- d-----w- c:\program files\Windows Live
2011-10-08 19:41 . 2009-09-04 15:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-10-08 19:41 . 2009-09-04 15:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-10-08 19:41 . 2009-09-04 15:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2011-10-08 19:41 . 2009-09-04 15:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-10-08 19:41 . 2011-10-08 19:41 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\353284901cc85f20a\bingbarsetup.exe
2011-10-08 19:40 . 2011-10-08 19:40 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2048d16c1cc85f209\MeshBetaRemover.exe
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1c3ab4091cc85f208\dsetup32.dll
2011-10-08 19:40 . 2011-10-08 19:40 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DSETUP.dll
2011-10-08 19:40 . 2011-10-08 19:40 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\DXSETUP.exe
2011-10-08 19:40 . 2011-10-08 19:40 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\170529521cc85f207\dsetup32.dll
2011-10-08 19:39 . 2011-10-31 07:36 -------- d-----w- c:\users\zus\AppData\Local\Windows Live
2011-10-08 19:36 . 2011-10-31 07:35 -------- d-----w- c:\users\zus\Tracing
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\users\zus\AppData\Roaming\OxelonMC
2011-10-08 14:31 . 2011-10-08 14:31 -------- d-----w- c:\program files (x86)\OxelonMedia
2011-10-08 14:25 . 2011-10-08 14:25 -------- d-----w- c:\program files (x86)\FoxTabAVIConverter
2011-10-08 07:13 . 2011-10-08 12:37 -------- d-----w- c:\program files (x86)\Zrychleni Pocitace
2011-10-08 07:12 . 2011-10-13 01:33 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-10-08 06:49 . 2011-10-08 06:49 -------- d-----w- c:\users\zus\AppData\Roaming\AnvSoft
2011-10-08 06:49 . 2011-10-08 12:33 -------- d-----w- c:\users\zus\AppData\Local\OpenCandy
2011-10-08 06:48 . 2011-10-08 06:48 -------- d-----w- c:\users\zus\AppData\Roaming\OpenCandy
2011-10-08 02:45 . 2011-10-08 07:00 -------- d-----w- c:\users\zus\AppData\Local\WMTools Downloaded Files
2011-10-07 22:17 . 2011-10-07 22:17 -------- d-----w- c:\program files (x86)\Movie Maker 2.6
2011-10-07 21:23 . 2011-10-07 21:59 -------- d-----w- c:\users\zus\AppData\Local\Sony
2011-10-07 21:23 . 2011-10-07 21:23 -------- d-----w- c:\users\zus\AppData\Roaming\Sony
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\programdata\Pinnacle
2011-10-07 20:28 . 2011-10-07 20:28 -------- d-----w- c:\users\zus\AppData\Local\Downloaded Installations
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-08 19:43 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 03:06 . 2010-04-19 22:51 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-13 07:35 . 2011-09-13 07:35 0 ---ha-w- c:\users\zus\AppData\Local\BIT5264.tmp
2011-09-12 21:47 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-12 21:47 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-08-09 18:00 . 2003-03-19 03:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-08-09 18:00 . 2003-02-21 11:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-08-06 08:04 . 2011-08-06 08:04 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-30_21.20.47 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-10-30 17:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-31 08:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-10-31 08:59 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-30 17:12 98304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-31 08:59 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-30 17:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-18 23:31 . 2011-10-31 07:37 88420 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2010-01-04 15:49 . 2011-10-31 07:33 10726 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2011-10-31 07:37 51324 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-11-19 09:55 . 2011-10-31 07:37 30150 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-479643940-902982458-2825285055-1000_UserData.bin
+ 2009-11-19 14:09 . 2011-10-31 09:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-19 14:09 . 2011-10-30 17:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-10-31 07:38 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-11-19 14:09 . 2011-10-31 09:01 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-19 14:09 . 2011-10-30 17:04 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-19 14:09 . 2011-10-30 17:04 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-19 14:09 . 2011-10-31 09:01 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-20 05:51 . 2011-10-30 21:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-20 05:51 . 2011-10-31 09:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-20 05:51 . 2011-10-31 09:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-20 05:51 . 2011-10-30 21:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-04 15:40 . 2011-10-31 01:21 2650 c:\windows\system32\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2009-08-19 00:39 . 2011-10-31 08:58 3279 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2009-08-19 00:39 . 2011-10-30 15:55 3279 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-10-30 15:56 . 2011-10-30 17:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-10-31 08:59 . 2011-10-31 08:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-30 15:56 . 2011-10-30 17:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-31 08:59 . 2011-10-31 08:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-11-20 05:49 . 2011-10-31 07:23 393998 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-11-20 09:05 . 2011-10-31 03:50 476348 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-11-20 09:05 . 2011-10-30 20:03 476348 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 05:01 . 2011-10-31 08:58 614288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-30 15:55 614288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-10 22:42 . 2011-10-31 07:33 614288 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1005-8192.dat
- 2009-11-19 13:52 . 2011-10-30 10:26 770484 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-8192.dat
+ 2009-11-19 13:52 . 2011-10-31 08:58 770484 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-8192.dat
- 2010-08-13 17:31 . 2011-10-30 15:55 666296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-12288.dat
+ 2010-08-13 17:31 . 2011-10-31 07:33 666296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-479643940-902982458-2825285055-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2009-09-06 26624]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2009-07-27 99624]
.
c:\users\zus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [2009-08-24 544768]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-18 110888]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-08-13 522240]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-19 171520]
"combofix"="c:\combofix\CF1624.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\zus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\1417571627965737022556374716572716E647: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\24F4C4C4544514: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46573716E6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\46C696E6B6: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\47F627561646F62723: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A55535F5345627E6F637963656: NameServer = 10.0.0.138,192.168.0.1
TCP: Interfaces\{5B560386-2E43-47A3-B67A-2B4E8A67D42E}\A616D636166656: NameServer = 10.0.0.138,192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
FF - ProfilePath - c:\users\zus\AppData\Roaming\Mozilla\Firefox\Profiles\f9fql7d1.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: 602XML Filler: xmlfiller@software602.cz - c:\program files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Fast Video Download (with SearchMenu): {c50ca3c4-5656-43c2-a061-13e717f73fc8} - %profile%\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
FF - Ext: OPML Support: {9458ca25-39fd-4ba8-9520-acc5c0d877b6} - %profile%\extensions\{9458ca25-39fd-4ba8-9520-acc5c0d877b6}
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2011-10-31 10:28:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-31 09:27
ComboFix2.txt 2011-10-30 21:57
.
Před spuštěním: Volných bajtů: 378 105 434 112
Po spuštění: Volných bajtů: 377 632 141 312
.
- - End Of File - - FB68AFC42E137EC97C23A23BA8BC9513
Přispějete na provoz fóra?