
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Win64/Patched.A.Gen - Frantiseksustek
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 16
- Registrován: 09 lis 2012 00:27
Re: Win64/Patched.A.Gen - Frantiseksustek
ComboFix 12-11-12.03 - František 12.11.2012 18:41:00.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3932.2559 [GMT 1:00]
Spuštěný z: c:\users\FrantiÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\FrantiÜek\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-12 do 2012-11-12 )))))))))))))))))))))))))))))))
.
.
2012-11-12 17:48 . 2012-11-12 17:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-12 17:44 . 2012-11-12 17:44 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C1AAAA8E-1C93-4147-8C77-4DA83BC17031}\offreg.dll
2012-11-08 23:14 . 2012-11-08 23:15 -------- d-----w- c:\program files\trend micro
2012-11-08 23:14 . 2012-11-08 23:15 -------- d-----w- C:\rsit
2012-11-03 07:58 . 2012-11-03 07:58 -------- d-----w- c:\users\František\AppData\Local\ElevatedDiagnostics
2012-10-29 22:20 . 2012-10-29 22:21 -------- d-----w- c:\users\František\AppData\Roaming\Audacity
2012-10-29 22:20 . 2012-10-29 22:20 -------- d-----w- c:\program files (x86)\Audacity
2012-10-25 22:23 . 2012-10-25 22:23 -------- d-----w- c:\program files (x86)\MSECache
2012-10-18 11:12 . 2012-10-18 11:12 -------- d-----w- c:\users\František\AppData\Local\Crazy_Boomerang_Software
2012-10-18 11:06 . 2012-10-18 11:06 -------- d-----w- c:\program files (x86)\MP3 Speed Changer
2012-10-15 06:51 . 2012-10-15 06:51 -------- d-----w- c:\users\František\AppData\Roaming\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-12 17:32 . 2012-06-28 18:29 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-10 16:13 . 2012-09-11 15:35 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-10-11 05:09 . 2012-06-28 18:29 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2012-10-11 05:08 . 2012-06-28 18:29 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2012-09-14 19:19 . 2012-10-10 11:33 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 11:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-11 17:49 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-09-11 15:35 . 2012-09-11 15:35 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
2012-09-11 15:35 . 2012-09-11 15:35 58288 ------w- c:\windows\SysWow64\rpcnet.exe
2012-09-04 18:30 . 2012-10-01 21:10 38912 ----a-w- c:\windows\SysWow64\identprv.dll
2012-08-31 18:19 . 2012-10-10 11:33 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 11:33 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 11:33 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 11:33 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-10 11:33 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 11:33 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 13:34 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 13:34 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 13:34 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 13:34 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 13:34 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 13:34 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 13:34 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 13:34 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 13:34 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 13:34 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 13:34 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 13:34 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 13:34 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 13:34 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 13:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 13:34 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 13:34 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 13:34 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 13:34 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 13:34 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 13:34 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 13:34 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:27 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:27 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:27 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:27 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 15:24 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 11:33 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 11:33 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 11:33 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 11:33 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 11:33 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 11:33 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 11:33 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 11:33 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 11:33 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 11:33 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 11:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 11:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 11:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 11:33 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 11:33 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2012-09-11 127040]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-23 1105488]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2012-4-20 723560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Atheros\Ath_WlanAgent.exe [2012-01-18 72864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-08 871296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2012-05-04 81928]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-04-16 251696]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2012-02-10 440360]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 08:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-23 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-23 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-23 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-22 12452456]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-08 1829768]
"TNOD UP"="c:\program files\ESET\TNod User & Password Finder\TNODUP.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.64.16.1 10.1.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-1ClickDownload - c:\program files (x86)\OnlineHD.TV\uninst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-12 18:58:29
ComboFix-quarantined-files.txt 2012-11-12 17:58
ComboFix2.txt 2012-11-09 14:29
.
Před spuštěním: Volných bajtů: 209 650 827 264
Po spuštění: Volných bajtů: 209 451 704 320
.
- - End Of File - - ACEA62F08A3E8ADBBBBFB011DA625E7F
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3932.2559 [GMT 1:00]
Spuštěný z: c:\users\FrantiÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\FrantiÜek\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-12 do 2012-11-12 )))))))))))))))))))))))))))))))
.
.
2012-11-12 17:48 . 2012-11-12 17:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-12 17:44 . 2012-11-12 17:44 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C1AAAA8E-1C93-4147-8C77-4DA83BC17031}\offreg.dll
2012-11-08 23:14 . 2012-11-08 23:15 -------- d-----w- c:\program files\trend micro
2012-11-08 23:14 . 2012-11-08 23:15 -------- d-----w- C:\rsit
2012-11-03 07:58 . 2012-11-03 07:58 -------- d-----w- c:\users\František\AppData\Local\ElevatedDiagnostics
2012-10-29 22:20 . 2012-10-29 22:21 -------- d-----w- c:\users\František\AppData\Roaming\Audacity
2012-10-29 22:20 . 2012-10-29 22:20 -------- d-----w- c:\program files (x86)\Audacity
2012-10-25 22:23 . 2012-10-25 22:23 -------- d-----w- c:\program files (x86)\MSECache
2012-10-18 11:12 . 2012-10-18 11:12 -------- d-----w- c:\users\František\AppData\Local\Crazy_Boomerang_Software
2012-10-18 11:06 . 2012-10-18 11:06 -------- d-----w- c:\program files (x86)\MP3 Speed Changer
2012-10-15 06:51 . 2012-10-15 06:51 -------- d-----w- c:\users\František\AppData\Roaming\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-12 17:32 . 2012-06-28 18:29 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2012-11-10 16:13 . 2012-09-11 15:35 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll
2012-10-11 05:09 . 2012-06-28 18:29 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2012-10-11 05:08 . 2012-06-28 18:29 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2012-09-14 19:19 . 2012-10-10 11:33 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 11:33 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-11 17:49 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-09-11 15:35 . 2012-09-11 15:35 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe
2012-09-11 15:35 . 2012-09-11 15:35 58288 ------w- c:\windows\SysWow64\rpcnet.exe
2012-09-04 18:30 . 2012-10-01 21:10 38912 ----a-w- c:\windows\SysWow64\identprv.dll
2012-08-31 18:19 . 2012-10-10 11:33 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 11:33 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 11:33 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 11:33 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-10 11:33 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 11:33 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-23 13:34 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 13:34 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 13:34 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 13:34 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 13:34 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 13:34 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 13:34 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 13:34 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 13:34 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 13:34 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 13:34 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 13:34 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 13:34 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 13:34 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 13:34 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 13:34 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 13:34 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 13:34 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 13:34 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 13:34 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 13:34 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 13:34 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:27 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:27 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:27 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:27 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 15:24 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 11:33 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 11:33 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 11:33 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 11:33 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 11:33 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 11:33 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 11:33 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 11:33 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 11:33 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 11:33 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 11:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 11:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 11:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 11:33 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 11:33 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 11:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2012-09-11 127040]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-23 1105488]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2012-4-20 723560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Atheros\Ath_WlanAgent.exe [2012-01-18 72864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-14 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-08 871296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2012-05-04 81928]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-04-16 251696]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2012-02-10 440360]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 08:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-23 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-23 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-23 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-22 12452456]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-08 1829768]
"TNOD UP"="c:\program files\ESET\TNod User & Password Finder\TNODUP.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://acer.msn.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.64.16.1 10.1.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-1ClickDownload - c:\program files (x86)\OnlineHD.TV\uninst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-12 18:58:29
ComboFix-quarantined-files.txt 2012-11-12 17:58
ComboFix2.txt 2012-11-09 14:29
.
Před spuštěním: Volných bajtů: 209 650 827 264
Po spuštění: Volných bajtů: 209 451 704 320
.
- - End Of File - - ACEA62F08A3E8ADBBBBFB011DA625E7F
Re: Win64/Patched.A.Gen - Frantiseksustek

- Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
- Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize
Kód: Vybrat vše
:reg [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ICQ"=- "ISUSPM Startup"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=- "ISUSScheduler"=- "Adobe ARM"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"=- :files c:\windows\Tasks\Adobe Flash Player Updater.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]
- Kliknete na cervene tlacitko MoveIt!
- Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
-
- Návštěvník
- Příspěvky: 16
- Registrován: 09 lis 2012 00:27
Re: Win64/Patched.A.Gen - Frantiseksustek
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot deleted successfully.
========== FILES ==========
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: František
->Temp folder emptied: 4524 bytes
->Temporary Internet Files folder emptied: 2243631 bytes
->Google Chrome cache emptied: 481261187 bytes
->Opera cache emptied: 70850290 bytes
->Flash cache emptied: 58429 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 634489 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 529,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: František
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: František
User: Public
Total Java Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11122012_211543
Files moved on Reboot...
C:\Users\František\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\František\AppData\Local\Temp\MMDUtl.log moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\ISUSScheduler deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot deleted successfully.
========== FILES ==========
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: František
->Temp folder emptied: 4524 bytes
->Temporary Internet Files folder emptied: 2243631 bytes
->Google Chrome cache emptied: 481261187 bytes
->Opera cache emptied: 70850290 bytes
->Flash cache emptied: 58429 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 634489 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 529,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: František
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: František
User: Public
Total Java Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11122012_211543
Files moved on Reboot...
C:\Users\František\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\František\AppData\Local\Temp\MMDUtl.log moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Win64/Patched.A.Gen - Frantiseksustek
Sjuper, jak se chova nas pacient 

-
- Návštěvník
- Příspěvky: 16
- Registrován: 09 lis 2012 00:27
Re: Win64/Patched.A.Gen - Frantiseksustek
No,
nevím nakolik to pacient může posoudit. Zdá se, že všechno klape.
dokonce i touchpad bere dva prsty doprava a doleva jako zpět a vpřed
Asi je to OK.
Ta chyba přestala vyskakovat přibližně po tom mojem prvním nedoporučeném použití CF, a teď už eseta nemám, takže mi tu nic nehlásí. Myslim, že mám ještě vypnutý ten firewall či co, už ho můžu zapnout?



Ta chyba přestala vyskakovat přibližně po tom mojem prvním nedoporučeném použití CF, a teď už eseta nemám, takže mi tu nic nehlásí. Myslim, že mám ještě vypnutý ten firewall či co, už ho můžu zapnout?
Re: Win64/Patched.A.Gen - Frantiseksustek
Tak jeste uklidime
Odinstalujte Combofix
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
FW zapnete
A pokud nejsou problemy ci dotazy, je to z me strany vse 


- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky

- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC

- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte

Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy



-
- Návštěvník
- Příspěvky: 16
- Registrován: 09 lis 2012 00:27
Re: Win64/Patched.A.Gen - Frantiseksustek
vše bez problému až k TFC. po kliknutí na Start nechtěl nic OK potvrdit, (tak sem po skončení dal exit) a nerestartoval se sám, tak sem ho restartoval klasicky.
Re: Win64/Patched.A.Gen - Frantiseksustek
OK, je mozne ze dokazal smazat vse bez nutnosti restartu
Je tedy nyni nejaky problem s PC ci dotaz?

Je tedy nyni nejaky problem s PC ci dotaz?
-
- Návštěvník
- Příspěvky: 16
- Registrován: 09 lis 2012 00:27
Re: Win64/Patched.A.Gen - Frantiseksustek
Dotazů by bylo hodně, ale to tu asi nebudu rozebírat, musel bych na to být asi študovaný.
Snad jeden, ten Ccleaner - používat 1x týdně - to promaže cookies a podobné věci? A používá se to pořád takhle? - analyzovat, pak vyhledat a opravit? a ty výpisy nebo co to vytvořilo si mám ukládat, to kdyby se něco smazalo, aby to bylo nějak dohledatelné? Nebo to můžu po promazání vymazat?
možná ještě jeden, na C:\ mi přijde, že mám nějak moc složek (přežiju to) ale příde mi, že sem jich tam měl jen pár - nějaký files, windows, users, intel, a teď tam mám ještě nějaký OEM, config.msi, book, 2007 Office System Developer Resources, recovery, pfiles, MSOCache... byly předtím nějak skryté, nebo je můžu smazat? nebo je tam mám nechat. nešly by nějak schovat?
Ale ve srovnání s tím co se asi událo v mojem počítači je to asi pěkná blbost. I když jenom tuším, možná ani to ne, co se s tím dělo.
Děkuji mnohokrát.
Jelikož jsem spokojen, podpořím fórum. Jenom to asi nebude hned, jsem študý chudent, tak možná něco naježí Ježíšek. Možná někdy nashledanou, snad už to nebude na tomto fóru s nějakým mým problémem.
Snad jeden, ten Ccleaner - používat 1x týdně - to promaže cookies a podobné věci? A používá se to pořád takhle? - analyzovat, pak vyhledat a opravit? a ty výpisy nebo co to vytvořilo si mám ukládat, to kdyby se něco smazalo, aby to bylo nějak dohledatelné? Nebo to můžu po promazání vymazat?
možná ještě jeden, na C:\ mi přijde, že mám nějak moc složek (přežiju to) ale příde mi, že sem jich tam měl jen pár - nějaký files, windows, users, intel, a teď tam mám ještě nějaký OEM, config.msi, book, 2007 Office System Developer Resources, recovery, pfiles, MSOCache... byly předtím nějak skryté, nebo je můžu smazat? nebo je tam mám nechat. nešly by nějak schovat?

Ale ve srovnání s tím co se asi událo v mojem počítači je to asi pěkná blbost. I když jenom tuším, možná ani to ne, co se s tím dělo.

Děkuji mnohokrát.

Re: Win64/Patched.A.Gen - Frantiseksustek






-
- Návštěvník
- Příspěvky: 16
- Registrován: 09 lis 2012 00:27
Re: Win64/Patched.A.Gen - Frantiseksustek
To co jsem myslel bylo: pravým na složku -> vlastnosti, fajfka u skrytý, OK. skryté jinak mám skryté (nezobrazují se).
Proč když chci některé z nich otevřít, to po mě chce nějaké povolení od správce, a pak se to ještě ptá jestli chci povolit nějaké změny v PC?
Proč když chci některé z nich otevřít, to po mě chce nějaké povolení od správce, a pak se to ještě ptá jestli chci povolit nějaké změny v PC?
Re: Win64/Patched.A.Gen - Frantiseksustek
Jelikoz jsou to systemove soubory\slozky a windows si je chrani...