vir z Facebooku

[Hojislavek]

Dobrý den,

cca před týdnem se mi samovolně ( aspoň si nejsem vědom, že bych na něco klikl ) přepnul můj facebook a verzi tmavého Faecbooku . . všude možně se dočítám, že to způsobuje vir, který může získávat mé osobní informace. Tímto bych vás chtěl poprosit, zda by jste mohli prověřit můj log, předem moc děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2013-03-21 23:37:05
Microsoft Windows 7 Starter
System drive C: has 47 GB (46%) free of 102 GB
Total RAM: 1015 MB (22% free)


======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1295742738-2053005209-2098419635-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1295742738-2053005209-2098419635-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-01 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-01 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1545512]
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"HotKeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-07-20 83240]
"EeeStorageBackup"=C:\Program Files\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2009-08-14 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2009-08-14 173592]
"Persistence"=C:\windows\system32\igfxpers.exe [2009-08-14 150552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-08-08 348664]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2006-11-08 222208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 116648]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2009-08-06 217600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-21 23:33:42 ----D---- C:\Program Files\trend micro
2013-03-21 23:33:39 ----D---- C:\rsit
2013-02-26 00:32:27 ----A---- C:\windows\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2013-03-21 23:37:10 ----D---- C:\windows\Temp
2013-03-21 23:33:42 ----RD---- C:\Program Files
2013-03-21 22:37:17 ----D---- C:\windows\System32
2013-03-21 22:37:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-21 22:37:16 ----D---- C:\windows\inf
2013-03-19 22:32:20 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2013-03-19 21:53:48 ----D---- C:\windows\Prefetch
2013-03-19 17:19:30 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2013-03-06 09:54:27 ----D---- C:\windows\system32\config
2013-03-06 09:41:26 ----SHD---- C:\System Volume Information
2013-02-26 00:33:02 ----D---- C:\ProgramData\Adobe
2013-02-23 15:08:12 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\windows\system32\speedfan.sys [2011-03-18 25240]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2012-05-10 137928]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2011-12-09 36000]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2012-05-10 83392]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-07-17 1176064]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-08-06 4786688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-20 213552]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28.sys [2009-06-19 604672]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2009-07-14 27648]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-10 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-10 86224]
R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

[vyosek]

Zdravim

Ono to asi nebylo samovolne Mate na mysli, ze Vam FB udelal toto http://www.eset.cz/cz/o-nas/blog/articl ... ce-ruzove/

Jaky pouzivate prohlizec

[Hojislavek]

Dobrý den,

opravdu si nejsem vědom, že bych cíleně na něco klikl ( o to víc mě tento problém trápí ) . . . a ano, můj problém je obrázek číslo 3

a můj prohlížeč je Google Chrome

[vyosek]

Spustte tedy nastaveni Chromu, rozsireni a v nem odinstalujte ten plugin

[Hojislavek]

byl tam jen jeden a to cosi od DivX . . . smazal jsem ho, ale rozdíl bohužel žádný

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[Hojislavek]

# AdwCleaner v2.115 - Log vytvooen 22/03/2013 v 20:37:45
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Starter (32 bits)
# Uživatel : Petr - HONZA-NOTEBOOK
# Spuštin systém : Normální
# Spuštino z : C:\Users\Petr\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Users\Petr\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\Softonic

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry jsou eisté.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [769 octets] - [22/03/2013 20:37:45]

########## EOF - C:\AdwCleaner[R1].txt - [828 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
• Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

[Hojislavek]

AdwCleaner

# AdwCleaner v2.115 - Log vytvooen 22/03/2013 v 21:12:37
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Starter (32 bits)
# Uživatel : Petr - HONZA-NOTEBOOK
# Spuštin systém : Normální
# Spuštino z : C:\Users\Petr\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Users\Petr\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\Softonic

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry jsou eisté.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [896 octets] - [22/03/2013 20:37:45]
AdwCleaner[S1].txt - [826 octets] - [22/03/2013 21:12:37]

########## EOF - C:\AdwCleaner[S1].txt - [885 octets] ##########

[Hojislavek]

RougeKiller

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7600 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Petr [Práva správce]
Mód : Kontrola -- Datum : 03/22/2013 21:26:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8223BCE3 -> HOOKED (Unknown @ 0x8ABF0496)
SSDT[299] : NtRequestWaitReplyPort @ 0x82281ACB -> HOOKED (Unknown @ 0x8ABF04A0)
SSDT[316] : NtSetContextThread @ 0x822E6D13 -> HOOKED (Unknown @ 0x8ABF049B)
SSDT[347] : NtSetSecurityObject @ 0x82221025 -> HOOKED (Unknown @ 0x8ABF04A5)
SSDT[368] : NtSystemDebugControl @ 0x822142FC -> HOOKED (Unknown @ 0x8ABF04AA)
SSDT[370] : NtTerminateProcess @ 0x8226CB3D -> HOOKED (Unknown @ 0x8ABF0437)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8ABF04BE)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8ABF04C3)

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9250315AS +++++
--- User ---
[MBR] 94778c4f94338f538c83163482f8c40f
[BSP] 9b6e96dba0c57420e4fbfb42906bbee2 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 209717248 | Size: 125817 Mo
2 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 467390464 | Size: 10240 Mo
3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 488361984 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03222013_02d2126.txt >>
RKreport[1]_S_03222013_02d2126.txt

[vyosek]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix