VIRY.CZ

podařilo se,ale nejde se mi připojit v nouzovém režimu k internetu, Když ukončím nouzový režim zůstane mi ta zpráva uložená?

Pokud je opravdu ulozena, tak tam zustane

konečně se podařilo
RogueKiller V8.4.2 [Jan 6 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Nouzový režim s prací v síti
Uživatel : Lucinka [Práva správce]
Mód : Kontrola -- Datum : 01/06/2013 13:21:35

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-843148624-1034863367-1293339380-1000[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD12 00BEVS-07LAT SCSI Disk Device +++++
--- User ---
[MBR] 3eeff4bf79c9c36f41547fd57f635371
[BSP] 84d248d2531642f1ebf8a067c2133966 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24578048 | Size: 80648 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 193841152 | Size: 19823 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_01062013_02d1321.txt >>
RKreport[1]_S_01062013_02d1321.txt

změnilo se mi samo nastavení zobrazení je to vpořádku.Nejde se mi přihlásit k wifi internet mi jde pouze přes kabel?

Zatim program nic nemazal, ani nemenil. Takze by to nemelo mit souvislost. Delal jen sken!
Bude tam asi vic problemu

Znovu spustte v nouzovem rezimu RogueKiller jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. Oba mi sem vlozte.

RogueKiller V8.4.2 [Jan 6 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Nouzový režim s prací v síti
Uživatel : Lucinka [Práva správce]
Mód : Kontrola -- Datum : 01/06/2013 14:22:34

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-843148624-1034863367-1293339380-1000[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD12 00BEVS-07LAT SCSI Disk Device +++++
--- User ---
[MBR] 3eeff4bf79c9c36f41547fd57f635371
[BSP] 84d248d2531642f1ebf8a067c2133966 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24578048 | Size: 80648 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 193841152 | Size: 19823 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_01062013_02d1422.txt >>
RKreport[1]_S_01062013_02d1422.txt

RogueKiller V8.4.2 [Jan 6 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Nouzový režim s prací v síti
Uživatel : Lucinka [Práva správce]
Mód : Odebrat -- Datum : 01/06/2013 14:23:45

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD12 00BEVS-07LAT SCSI Disk Device +++++
--- User ---
[MBR] 3eeff4bf79c9c36f41547fd57f635371
[BSP] 84d248d2531642f1ebf8a067c2133966 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24578048 | Size: 80648 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 193841152 | Size: 19823 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[2]_D_01062013_02d1423.txt >>
RKreport[1]_S_01062013_02d1422.txt ; RKreport[2]_D_01062013_02d1423.txt

RogueKiller V8.4.2 [Jan 6 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Nouzový režim s prací v síti
Uživatel : Lucinka [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/06/2013 14:24:06

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[3]_H_01062013_02d1424.txt >>
RKreport[1]_S_01062013_02d1422.txt ; RKreport[2]_D_01062013_02d1423.txt ; RKreport[3]_H_01062013_02d1424.txt

Vyjely mi tři logy tak jsem je sem dal.

Pokud nemate, zazalohujte si dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Musím zálohovat i oblíbené (odkazy na web stránky) poppřípadně jak to mám udělat?
oblíbéné je jediné co potřebuji aby mi zůstalo.

Mám dotaz jak dlouho může trvat práce combofixu, už je spuštěn přes hodinu a nic krom modré tabulky tam není, mám dále čekat?

Ohledne te zalohy uz je asi pozde, kdyz uz jste to spustil

Muze trvat klidne nekolik hodin, kdyz je pc hodne zanesene. Ale muze se i kousnout. Pokud si myslite ze je zasekly, vypnete ho a zkuste ho spustit v nouzovem rezimu.

Ted se mi nechce spustit ani pc

Hard se nespustil
co teď

spustil jsem to přes f12, musel jsem vybrat odkud to chce spustit.

zde je log
ComboFix 13-01-05.01 - Lucinka 06.01.2013 17:17:46.3.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1022.588 [GMT 1:00]
Spuštěný z: c:\users\Lucinka\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\IsUn0407.exe
c:\windows\iun6002.exe
c:\windows\system32\WinIo.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WINIO
-------\Service_WINIO
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-06 do 2013-01-06 )))))))))))))))))))))))))))))))
.
.
2013-01-06 16:36 . 2013-01-06 16:42 -------- d-----w- c:\users\Lucinka\AppData\Local\temp
2013-01-06 16:36 . 2013-01-06 16:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-06 14:09 . 2013-01-06 14:09 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B90EF6A8-2EF7-40A3-B28C-B236F9D460D2}\MpKsle225ebac.sys
2013-01-06 12:01 . 2013-01-06 12:01 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B90EF6A8-2EF7-40A3-B28C-B236F9D460D2}\MpKsl097045d0.sys
2013-01-05 22:41 . 2013-01-05 22:41 -------- d-----w- c:\users\Lucinka\AppData\Roaming\Apple Computer
2013-01-05 22:34 . 2013-01-05 22:34 -------- d-----w- c:\users\Lucinka\AppData\Roaming\Malwarebytes
2013-01-05 22:33 . 2013-01-05 22:33 -------- d-----w- c:\programdata\Malwarebytes
2013-01-05 21:35 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B90EF6A8-2EF7-40A3-B28C-B236F9D460D2}\mpengine.dll
2013-01-05 21:05 . 2013-01-05 21:05 -------- d-----w- c:\windows\cs
2013-01-05 21:04 . 2013-01-05 21:04 -------- dc----w- c:\windows\system32\DRVSTORE
2013-01-05 21:04 . 2012-03-08 17:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-01-05 21:02 . 2013-01-05 21:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-01-05 20:59 . 2013-01-05 21:06 -------- d-----w- c:\program files\Windows Live
2013-01-05 20:57 . 2013-01-05 20:57 -------- d-----w- c:\program files\Microsoft
2013-01-05 20:57 . 2013-01-05 20:57 7450888 ----a-w- c:\program files\Common Files\Windows Live\.cache\36aa09b01cdeb872a\bingbarsetup.exe
2013-01-05 20:57 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-01-05 20:57 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-01-05 20:57 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-01-05 20:56 . 2013-01-05 20:56 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\3065aaf01cdeb8729\MeshBetaRemover.exe
2013-01-05 20:56 . 2013-01-05 20:56 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d6991901cdeb8728\DXSETUP.exe
2013-01-05 20:56 . 2013-01-05 20:56 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d6991901cdeb8728\dsetup32.dll
2013-01-05 20:56 . 2013-01-05 20:56 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d6991901cdeb8728\DSETUP.dll
2013-01-05 20:56 . 2013-01-05 20:56 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a025a501cdeb8727\DXSETUP.exe
2013-01-05 20:56 . 2013-01-05 20:56 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a025a501cdeb8727\dsetup32.dll
2013-01-05 20:56 . 2013-01-05 20:56 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a025a501cdeb8727\DSETUP.dll
2013-01-05 20:50 . 2013-01-05 20:50 -------- d-----w- c:\users\Lucinka\AppData\Local\Windows Live
2013-01-05 20:49 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2013-01-05 20:48 . 2013-01-05 20:48 -------- d-----w- c:\program files\Microsoft Silverlight
2013-01-05 20:47 . 2007-11-17 22:22 3636 ----a-w- c:\windows\system32\drivers\nvphy.bin
2013-01-04 21:18 . 2012-10-12 18:09 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-01-04 19:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-22 21:09 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 21:09 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 20:17 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-13 20:17 . 2012-11-14 02:56 149552 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-13 20:17 . 2012-11-14 01:48 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-12-13 20:17 . 2012-11-14 01:51 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-13 20:17 . 2012-11-14 01:49 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-12-13 20:17 . 2012-11-14 01:57 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-12-13 20:17 . 2012-11-14 01:52 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-12-13 20:16 . 2012-11-14 02:56 757296 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-12-13 20:16 . 2012-11-14 02:09 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-12-13 20:16 . 2012-11-14 02:00 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-12-13 20:16 . 2012-11-14 02:01 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-12-13 20:16 . 2012-11-14 01:58 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-13 20:01 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 20:00 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 20:00 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 20:00 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 20:00 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 20:00 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 20:00 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 20:00 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 20:00 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 20:00 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 19:59 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 19:37 . 2012-12-13 19:40 -------- d-----w- C:\8cf8da9cf59c2ae84d91bbe17c
2012-12-12 11:38 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 11:38 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 11:38 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:38 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 11:38 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-05 20:59 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-12 00:05 . 2012-04-08 10:55 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 00:05 . 2011-07-01 19:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-28 14:17 . 2012-11-28 14:20 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3D5197D-9110-4C39-B672-91FD0D869442}\gapaengine.dll
2012-09-06 01:26 . 2012-10-05 13:52 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\users\Lucinka\AppData\Roaming\Seznam.cz\bin\toolbar\toolbar.dll" [2012-09-19 182840]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}"= "c:\users\Lucinka\AppData\Roaming\Seznam.cz\bin\listicka.dll" [2012-09-19 1453624]
.
[HKEY_CLASSES_ROOT\clsid\{34ab3c4c-da1a-4067-96f4-31452c7cfe65}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"fscp"="c:\program files\AVC Finger-sensing Pad Driver\fscp.exe" [2006-11-11 1006592]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-02-17 2190688]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-08 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-05-08 92704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-05-08 16:28 13605408 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-05-08 16:28 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2009-05-08 16:28 735776 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerManager]
2006-11-06 19:19 26112 ----a-w- c:\program files\Power Manager\PM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-18 21:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 00:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://start.alawarhry.cz/?pid=6
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\users\Lucinka\AppData\Roaming\Seznam.cz\bin\listicka.dll
TCP: DhcpNameServer = 192.168.2.1
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
DPF: {AAD68411-5B98-11D3-9B52-00001C0007B3} - hxxp://download.eonreality.com/eonx/4_0_1/eonx.cab
FF - ProfilePath - c:\users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\xz6mo8fh.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.alawarhry.cz/?pid=6
FF - ExtSQL: !HIDDEN! 2011-04-11 22:16; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_status_change - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-EPSON SX100 Series - c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Moorhuhn Winter-Edition - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-06 17:42
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\AVC Finger-sensing Pad Driver\FspadSvr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2013-01-06 17:47:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-06 16:47
ComboFix2.txt 2011-03-31 09:46
.
Před spuštěním: Volných bajtů: 44 709 310 464
Po spuštění: Volných bajtů: 43 445 514 240
.
- - End Of File - - 7E894620DE3E340018C9C99FD3E0FA00

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
C:\Windows\system32\DRIVERS\avgrkx86.sys
C:\Windows\system32\DRIVERS\avgldx86.sys
C:\Windows\system32\DRIVERS\avgmfx86.sys
C:\Windows\system32\DRIVERS\avgtdix.sys
C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

Folder::
C:\Program Files\AVG

Firefox::
FF - ProfilePath - c:\users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\xz6mo8fh.default\
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_status_change - true

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=-
"Adobe ARM"=-
"NvMediaCenter"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=-
"Advanced SystemCare 6"=-
"WMPNSCFG"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Driver::
CLTNetCnService
AVGIDSEH
Avgrkx86
Avgldx86
Avgmfx86
Avgtdix
AVGIDSDriver
AVGIDSFilter
AVGIDSShim
AdobeARMservice
AdvancedSystemCareService6
AVGIDSAgent
SeaPort
avgwd
AdobeFlashPlayerUpdateSvc
BBSvc

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku

zde je log z comfixu.
Problém se zasínáním displeje stále přetrvává.
Temto jev se ukazuje jen při práci na netu.

ComboFix 13-01-05.01 - Lucinka 06.01.2013 21:04:23.4.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1022.570 [GMT 1:00]
Spuštěný z: c:\users\Lucinka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lucinka\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\DRIVERS\AVGIDSDriver.Sys"
"c:\windows\system32\DRIVERS\AVGIDSEH.Sys"
"c:\windows\system32\DRIVERS\AVGIDSFilter.Sys"
"c:\windows\system32\DRIVERS\AVGIDSShim.Sys"
"c:\windows\system32\DRIVERS\avgldx86.sys"
"c:\windows\system32\DRIVERS\avgmfx86.sys"
"c:\windows\system32\DRIVERS\avgrkx86.sys"
"c:\windows\system32\DRIVERS\avgtdix.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\AVG
c:\program files\AVG\AVG10\3rd_party\licenses\ace.txt
c:\program files\AVG\AVG10\3rd_party\licenses\arabica.txt
c:\program files\AVG\AVG10\3rd_party\licenses\boost.txt
c:\program files\AVG\AVG10\3rd_party\licenses\bsdiff.txt
c:\program files\AVG\AVG10\3rd_party\licenses\bzip.txt
c:\program files\AVG\AVG10\3rd_party\licenses\carp.html
c:\program files\AVG\AVG10\3rd_party\licenses\cryptopp.txt
c:\program files\AVG\AVG10\3rd_party\licenses\curl.txt
c:\program files\AVG\AVG10\3rd_party\licenses\dazukofs.txt
c:\program files\AVG\AVG10\3rd_party\licenses\expat.txt
c:\program files\AVG\AVG10\3rd_party\licenses\imagemagick.txt
c:\program files\AVG\AVG10\3rd_party\licenses\infozip.txt
c:\program files\AVG\AVG10\3rd_party\licenses\lua.txt
c:\program files\AVG\AVG10\3rd_party\licenses\md4_md5_license.txt
c:\program files\AVG\AVG10\3rd_party\licenses\milter.txt
c:\program files\AVG\AVG10\3rd_party\licenses\minizip.txt
c:\program files\AVG\AVG10\3rd_party\licenses\openssl_license.html
c:\program files\AVG\AVG10\3rd_party\licenses\sasl.txt
c:\program files\AVG\AVG10\3rd_party\licenses\tinyxml.txt
c:\program files\AVG\AVG10\3rd_party\licenses\unrar.txt
c:\program files\AVG\AVG10\3rd_party\licenses\untar.txt
c:\program files\AVG\AVG10\3rd_party\licenses\xalan_xerces.txt
c:\program files\AVG\AVG10\3rd_party\licenses\zlib.txt
c:\program files\AVG\AVG10\3rd_party\readme.txt
c:\program files\AVG\AVG10\avg.snu
c:\program files\AVG\AVG10\avg_cz.chm
c:\program files\AVG\AVG10\avg_cz.lng
c:\program files\AVG\AVG10\avg_us.chm
c:\program files\AVG\AVG10\avg_us.lng
c:\program files\AVG\AVG10\avgabout.dll
c:\program files\AVG\AVG10\avgamnot.dll
c:\program files\AVG\AVG10\avgapix.dll
c:\program files\AVG\AVG10\avgar_cz.chm
c:\program files\AVG\AVG10\avgar_us.chm
c:\program files\AVG\AVG10\avgatend.stp
c:\program files\AVG\AVG10\avgatupd.stp
c:\program files\AVG\AVG10\avgcclix.dll
c:\program files\AVG\AVG10\avgcertx.dll
c:\program files\AVG\AVG10\avgcertx.dll.old
c:\program files\AVG\AVG10\avgcfgex.exe
c:\program files\AVG\AVG10\avgcfgx.dll
c:\program files\AVG\AVG10\avgclitx.dll
c:\program files\AVG\AVG10\avgclitx.dll.old
c:\program files\AVG\AVG10\avgcmgr.exe
c:\program files\AVG\AVG10\avgcorex.dll
c:\program files\AVG\AVG10\avgcorex.dll.old
c:\program files\AVG\AVG10\avgcremx.exe
c:\program files\AVG\AVG10\avgcslx.dll
c:\program files\AVG\AVG10\avgcsrvx.exe
c:\program files\AVG\AVG10\avgdg_cz.chm
c:\program files\AVG\AVG10\avgdg_us.chm
c:\program files\AVG\AVG10\avgdiagex.exe
c:\program files\AVG\AVG10\avgdumpx.exe
c:\program files\AVG\AVG10\avgemcx.exe
c:\program files\AVG\AVG10\avgf_cz.chm
c:\program files\AVG\AVG10\avgf_us.chm
c:\program files\AVG\AVG10\avgfree_cz.mht
c:\program files\AVG\AVG10\avgfree_us.mht
c:\program files\AVG\AVG10\avgchclx.dll
c:\program files\AVG\AVG10\avgchclx.dll.old
c:\program files\AVG\AVG10\avgchjwx.dll
c:\program files\AVG\AVG10\avgchjwx.dll.old
c:\program files\AVG\AVG10\avgchsvx.exe
c:\program files\AVG\AVG10\avgchsvx.exe.old
c:\program files\AVG\AVG10\avgidp_cz.chm
c:\program files\AVG\AVG10\avgidp_us.chm
c:\program files\AVG\AVG10\avgidpsdkx.dll
c:\program files\AVG\AVG10\avglngx.dll
c:\program files\AVG\AVG10\avglogx.dll
c:\program files\AVG\AVG10\avglogx.dll.old
c:\program files\AVG\AVG10\avgls_cz.chm
c:\program files\AVG\AVG10\avgls_us.chm
c:\program files\AVG\AVG10\avglscanx.exe
c:\program files\AVG\AVG10\avgmfapx.exe
c:\program files\AVG\AVG10\avgmfapx.exe.old.old
c:\program files\AVG\AVG10\avgmfarx.dll
c:\program files\AVG\AVG10\avgmtrapx.dll
c:\program files\AVG\AVG10\avgmvflx.dll
c:\program files\AVG\AVG10\avgmwdef_cz.mht
c:\program files\AVG\AVG10\avgmwdef_us.mht
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\AVG\AVG10\avgntdumpx.exe
c:\program files\AVG\AVG10\avgoutlookx.dll
c:\program files\AVG\AVG10\avgpostinstx.dll
c:\program files\AVG\AVG10\avgpp.dll
c:\program files\AVG\AVG10\avgresf.dll
c:\program files\AVG\AVG10\avgrktx.dll
c:\program files\AVG\AVG10\avgrsx.exe
c:\program files\AVG\AVG10\avgrsx.exe.old
c:\program files\AVG\AVG10\avgsals_cz.mht
c:\program files\AVG\AVG10\avgsals_us.mht
c:\program files\AVG\AVG10\avgsbfree_cz.mht
c:\program files\AVG\AVG10\avgsbfree_us.mht
c:\program files\AVG\AVG10\avgsbgx.dll
c:\program files\AVG\AVG10\avgscanx.dll
c:\program files\AVG\AVG10\avgscanx.exe
c:\program files\AVG\AVG10\avgse.dll
c:\program files\AVG\AVG10\avgsched.dll
c:\program files\AVG\AVG10\avgsrmax.exe
c:\program files\AVG\AVG10\avgsrmx.dll
c:\program files\AVG\AVG10\avgssie.dll
c:\program files\AVG\AVG10\avgtray.exe
c:\program files\AVG\AVG10\avgtrial_cz.mht
c:\program files\AVG\AVG10\avgtrial_us.mht
c:\program files\AVG\AVG10\avgui.exe
c:\program files\AVG\AVG10\avguiadv.dll
c:\program files\AVG\AVG10\avguires.dll
c:\program files\AVG\AVG10\avgupd.sig
c:\program files\AVG\AVG10\avgupdx.dll
c:\program files\AVG\AVG10\avgupdx.dll.old.old
c:\program files\AVG\AVG10\avgvvx.dll
c:\program files\AVG\AVG10\avgwd.dll
c:\program files\AVG\AVG10\avgwdsvc.exe
c:\program files\AVG\AVG10\avgwdwsc.dll
c:\program files\AVG\AVG10\avgwebui.dll
c:\program files\AVG\AVG10\avgwsc.exe
c:\program files\AVG\AVG10\avgxpl.dll
c:\program files\AVG\AVG10\axioo.dll
c:\program files\AVG\AVG10\cf.dat
c:\program files\AVG\AVG10\compat.ini
c:\program files\AVG\AVG10\contacts_cz.html
c:\program files\AVG\AVG10\contacts_us.html
c:\program files\AVG\AVG10\dfncfg.dat
c:\program files\AVG\AVG10\Drivers\avgld.cat
c:\program files\AVG\AVG10\Drivers\avgld.inf
c:\program files\AVG\AVG10\Drivers\avgldx64.sys
c:\program files\AVG\AVG10\Drivers\avgldx86.sys
c:\program files\AVG\AVG10\Drivers\avgmf.cat
c:\program files\AVG\AVG10\Drivers\avgmf.inf
c:\program files\AVG\AVG10\Drivers\avgmfx64.sys
c:\program files\AVG\AVG10\Drivers\avgmfx86.sys
c:\program files\AVG\AVG10\Drivers\avgrk.cat
c:\program files\AVG\AVG10\Drivers\avgrk.inf
c:\program files\AVG\AVG10\Drivers\avgrkx64.sys
c:\program files\AVG\AVG10\Drivers\avgrkx86.sys
c:\program files\AVG\AVG10\Drivers\avgtdi.cat
c:\program files\AVG\AVG10\Drivers\avgtdi.inf
c:\program files\AVG\AVG10\Drivers\avgtdia.sys
c:\program files\AVG\AVG10\Drivers\avgtdix.sys
c:\program files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.cat
c:\program files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.inf
c:\program files\AVG\AVG10\Drivers\ErHrVx86\AVGIDSEH.sys
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.cat
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.inf
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSFilter.cat
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSFilter.inf
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSFilter.sys
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSShim.cat
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSShim.inf
c:\program files\AVG\AVG10\Drivers\Vista\AVGIDSShim.sys
c:\program files\AVG\AVG10\Firefox\Chrome\searchshield.jar
c:\program files\AVG\AVG10\Firefox4\Components\avgssff4.dll
c:\program files\AVG\AVG10\Firefox4\Components\ISearchShield4.xpt
c:\program files\AVG\AVG10\Firefox4\chrome.manifest
c:\program files\AVG\AVG10\Firefox4\Chrome\searchshield.jar
c:\program files\AVG\AVG10\Firefox4\install.rdf
c:\program files\AVG\AVG10\fixcfg.exe
c:\program files\AVG\AVG10\HtmLayout.dll
c:\program files\AVG\AVG10\Chrome\safesearch.crx
c:\program files\AVG\AVG10\Icons\alert_mask.png
c:\program files\AVG\AVG10\Icons\background_middle_gray.gif
c:\program files\AVG\AVG10\Icons\background_middle_green.gif
c:\program files\AVG\AVG10\Icons\background_middle_orange.gif
c:\program files\AVG\AVG10\Icons\background_middle_red.gif
c:\program files\AVG\AVG10\Icons\background_middle_yellow.gif
c:\program files\AVG\AVG10\Icons\background_top_gray.gif
c:\program files\AVG\AVG10\Icons\background_top_green.gif
c:\program files\AVG\AVG10\Icons\background_top_orange.gif
c:\program files\AVG\AVG10\Icons\background_top_red.gif
c:\program files\AVG\AVG10\Icons\background_top_yellow.gif
c:\program files\AVG\AVG10\Icons\block-doc.gif
c:\program files\AVG\AVG10\Icons\blocked.gif
c:\program files\AVG\AVG10\Icons\blocked12.png
c:\program files\AVG\AVG10\Icons\border_bottom_gray.gif
c:\program files\AVG\AVG10\Icons\border_bottom_green.gif
c:\program files\AVG\AVG10\Icons\border_bottom_orange.gif
c:\program files\AVG\AVG10\Icons\border_bottom_red.gif
c:\program files\AVG\AVG10\Icons\border_bottom_yellow.gif
c:\program files\AVG\AVG10\Icons\border_top_gray.gif
c:\program files\AVG\AVG10\Icons\border_top_green.gif
c:\program files\AVG\AVG10\Icons\border_top_orange.gif
c:\program files\AVG\AVG10\Icons\border_top_red.gif
c:\program files\AVG\AVG10\Icons\border_top_yellow.gif
c:\program files\AVG\AVG10\Icons\box_bottom_red.gif
c:\program files\AVG\AVG10\Icons\box_top_red.gif
c:\program files\AVG\AVG10\Icons\caution.gif
c:\program files\AVG\AVG10\Icons\caution12.png
c:\program files\AVG\AVG10\Icons\click_here_gray.gif
c:\program files\AVG\AVG10\Icons\click_here_green.gif
c:\program files\AVG\AVG10\Icons\click_here_orange.gif
c:\program files\AVG\AVG10\Icons\click_here_red.gif
c:\program files\AVG\AVG10\Icons\click_here_yellow.gif
c:\program files\AVG\AVG10\Icons\clock.gif
c:\program files\AVG\AVG10\Icons\clock12.png
c:\program files\AVG\AVG10\Icons\close.gif
c:\program files\AVG\AVG10\Icons\icons_blocked.gif
c:\program files\AVG\AVG10\Icons\icons_caution.gif
c:\program files\AVG\AVG10\Icons\icons_close.gif
c:\program files\AVG\AVG10\Icons\icons_safe.gif
c:\program files\AVG\AVG10\Icons\icons_unknown.gif
c:\program files\AVG\AVG10\Icons\icons_warning.gif
c:\program files\AVG\AVG10\Icons\LS_Logo_Results.gif
c:\program files\AVG\AVG10\Icons\safe.gif
c:\program files\AVG\AVG10\Icons\safe12.png
c:\program files\AVG\AVG10\Icons\unknown.gif
c:\program files\AVG\AVG10\Icons\vrsn-secured-lsfo.gif
c:\program files\AVG\AVG10\Icons\warning.gif
c:\program files\AVG\AVG10\Icons\warning12.png
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\avgcslex.dll
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe.old
c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
c:\program files\AVG\AVG10\Identity Protection\Agent\driver\platform_VISTA\UniversalDD.sys
c:\program files\AVG\AVG10\imsdk32.dll
c:\program files\AVG\AVG10\js.dat
c:\program files\AVG\AVG10\license_cz.htm
c:\program files\AVG\AVG10\license_us.htm
c:\program files\AVG\AVG10\mfacz.lns
c:\program files\AVG\AVG10\mfacz.lns.old
c:\program files\AVG\AVG10\mfaus.lns
c:\program files\AVG\AVG10\mfaus.lns.old
c:\program files\AVG\AVG10\mfaverx.txt
c:\program files\AVG\AVG10\mfaverx.txt.old
c:\program files\AVG\AVG10\mwbsr_e_free_cz.mht
c:\program files\AVG\AVG10\mwbsr_e_free_us.mht
c:\program files\AVG\AVG10\mwbsr_f_free_cz.mht
c:\program files\AVG\AVG10\mwbsr_f_free_us.mht
c:\program files\AVG\AVG10\Notification\SPChecker.exe
c:\program files\AVG\AVG10\PCTuneup\AxBrowsers.dll
c:\program files\AVG\AVG10\PCTuneup\DiskCleanerHelper.dll
c:\program files\AVG\AVG10\PCTuneup\DiskDefragHelper.dll
c:\program files\AVG\AVG10\PCTuneup\helper.dll
c:\program files\AVG\AVG10\PCTuneup\localizer.dll
c:\program files\AVG\AVG10\PCTuneup\MicroScanner.exe
c:\program files\AVG\AVG10\PCTuneup\PerlRegExp.bpl
c:\program files\AVG\AVG10\PCTuneup\RegistryCleanerHelper.dll
c:\program files\AVG\AVG10\PCTuneup\RescueCenterHelper.dll
c:\program files\AVG\AVG10\PCTuneup\rtl120.bpl
c:\program files\AVG\AVG10\PCTuneup\vcl120.bpl
c:\program files\AVG\AVG10\ph.dat
c:\program files\AVG\AVG10\sb.dat
c:\program files\AVG\AVG10\sb.dat.old
c:\program files\AVG\AVG10\sb.dat.xcd
c:\program files\AVG\AVG10\sb.dat.xcd.old
c:\program files\AVG\AVG10\sb2.dat
c:\program files\AVG\AVG10\sc.dat
c:\program files\AVG\AVG10\sc.dat.old
c:\program files\AVG\AVG10\sc.dat.xcd
c:\program files\AVG\AVG10\sc.dat.xcd.old
c:\program files\AVG\AVG10\SearchProvider.exe
c:\program files\AVG\AVG10\updatecomps.bak
c:\windows\system32\DRIVERS\AVGIDSDriver.Sys
c:\windows\system32\DRIVERS\AVGIDSEH.Sys
c:\windows\system32\DRIVERS\AVGIDSFilter.Sys
c:\windows\system32\DRIVERS\AVGIDSShim.Sys
c:\windows\system32\DRIVERS\avgldx86.sys
c:\windows\system32\DRIVERS\avgmfx86.sys
c:\windows\system32\DRIVERS\avgrkx86.sys
c:\windows\system32\DRIVERS\avgtdix.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVGIDSDRIVER
-------\Legacy_AVGIDSEH
-------\Legacy_AVGIDSFILTER
-------\Legacy_AVGIDSSHIM
-------\Legacy_AVGLDX86
-------\Legacy_AVGMFX86
-------\Legacy_AVGRKX86
-------\Legacy_AVGTDIX
-------\Service_AdobeARMservice
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_AVGIDSAgent
-------\Service_AVGIDSDriver
-------\Service_AVGIDSEH
-------\Service_AVGIDSFilter
-------\Service_AVGIDSShim
-------\Service_Avgldx86
-------\Service_Avgmfx86
-------\Service_Avgrkx86
-------\Service_Avgtdix
-------\Service_avgwd
-------\Service_BBSvc
-------\Service_CLTNetCnService
-------\Service_SeaPort
-------\Legacy_AVGIDSDRIVER
-------\Legacy_AVGIDSEH
-------\Legacy_AVGIDSFILTER
-------\Legacy_AVGIDSSHIM
-------\Legacy_AVGLDX86
-------\Legacy_AVGMFX86
-------\Legacy_AVGRKX86
-------\Legacy_AVGTDIX
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-06 do 2013-01-06 )))))))))))))))))))))))))))))))
.
.
2013-01-06 20:24 . 2013-01-06 20:27 -------- d-----w- c:\users\Lucinka\AppData\Local\temp
2013-01-06 20:24 . 2013-01-06 20:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-06 17:01 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{788EB9BA-2564-470E-8777-6375C4745C72}\mpengine.dll
2013-01-06 17:00 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DB04DC1-5C8A-46C3-A2DA-B5DA86069120}\mpengine.dll
2013-01-05 22:41 . 2013-01-05 22:41 -------- d-----w- c:\users\Lucinka\AppData\Roaming\Apple Computer
2013-01-05 22:34 . 2013-01-05 22:34 -------- d-----w- c:\users\Lucinka\AppData\Roaming\Malwarebytes
2013-01-05 22:33 . 2013-01-05 22:33 -------- d-----w- c:\programdata\Malwarebytes
2013-01-05 21:05 . 2013-01-05 21:05 -------- d-----w- c:\windows\cs
2013-01-05 21:04 . 2013-01-05 21:04 -------- dc----w- c:\windows\system32\DRVSTORE
2013-01-05 21:04 . 2012-03-08 17:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-01-05 21:02 . 2013-01-05 21:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-01-05 20:59 . 2013-01-05 21:06 -------- d-----w- c:\program files\Windows Live
2013-01-05 20:57 . 2013-01-05 20:57 -------- d-----w- c:\program files\Microsoft
2013-01-05 20:57 . 2013-01-05 20:57 7450888 ----a-w- c:\program files\Common Files\Windows Live\.cache\36aa09b01cdeb872a\bingbarsetup.exe
2013-01-05 20:57 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-01-05 20:57 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-01-05 20:57 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-01-05 20:56 . 2013-01-05 20:56 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\3065aaf01cdeb8729\MeshBetaRemover.exe
2013-01-05 20:56 . 2013-01-05 20:56 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d6991901cdeb8728\DXSETUP.exe
2013-01-05 20:56 . 2013-01-05 20:56 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d6991901cdeb8728\dsetup32.dll
2013-01-05 20:56 . 2013-01-05 20:56 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d6991901cdeb8728\DSETUP.dll
2013-01-05 20:56 . 2013-01-05 20:56 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a025a501cdeb8727\DXSETUP.exe
2013-01-05 20:56 . 2013-01-05 20:56 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a025a501cdeb8727\dsetup32.dll
2013-01-05 20:56 . 2013-01-05 20:56 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2a025a501cdeb8727\DSETUP.dll
2013-01-05 20:50 . 2013-01-05 20:50 -------- d-----w- c:\users\Lucinka\AppData\Local\Windows Live
2013-01-05 20:49 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2013-01-05 20:48 . 2013-01-05 20:48 -------- d-----w- c:\program files\Microsoft Silverlight
2013-01-05 20:47 . 2007-11-17 22:22 3636 ----a-w- c:\windows\system32\drivers\nvphy.bin
2013-01-04 21:18 . 2012-10-12 18:09 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-01-04 19:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-22 21:09 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 21:09 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-13 20:17 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-13 20:17 . 2012-11-14 02:56 149552 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-13 20:17 . 2012-11-14 01:48 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-12-13 20:17 . 2012-11-14 01:51 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-13 20:17 . 2012-11-14 01:49 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-12-13 20:17 . 2012-11-14 01:57 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-12-13 20:17 . 2012-11-14 01:52 194560 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2012-12-13 20:16 . 2012-11-14 02:56 757296 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-12-13 20:16 . 2012-11-14 02:09 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-12-13 20:16 . 2012-11-14 02:00 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2012-12-13 20:16 . 2012-11-14 02:01 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2012-12-13 20:16 . 2012-11-14 01:58 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-13 20:01 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 20:00 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 20:00 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 20:00 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 20:00 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 20:00 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 20:00 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 20:00 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 20:00 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 20:00 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 19:59 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 19:37 . 2012-12-13 19:40 -------- d-----w- C:\8cf8da9cf59c2ae84d91bbe17c
2012-12-12 11:38 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 11:38 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 11:38 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:38 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 11:38 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-05 20:59 . 2011-03-28 17:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-12 00:05 . 2012-04-08 10:55 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-12 00:05 . 2011-07-01 19:41 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-28 14:17 . 2012-11-28 14:20 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3D5197D-9110-4C39-B672-91FD0D869442}\gapaengine.dll
2012-09-06 01:26 . 2012-10-05 13:52 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\users\Lucinka\AppData\Roaming\Seznam.cz\bin\toolbar\toolbar.dll" [2012-09-19 182840]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}"= "c:\users\Lucinka\AppData\Roaming\Seznam.cz\bin\listicka.dll" [2012-09-19 1453624]
.
[HKEY_CLASSES_ROOT\clsid\{34ab3c4c-da1a-4067-96f4-31452c7cfe65}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"fscp"="c:\program files\AVC Finger-sensing Pad Driver\fscp.exe" [2006-11-11 1006592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-08 13605408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-05-08 16:28 13605408 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2009-05-08 16:28 735776 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerManager]
2006-11-06 19:19 26112 ----a-w- c:\program files\Power Manager\PM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://start.alawarhry.cz/?pid=6
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\users\Lucinka\AppData\Roaming\Seznam.cz\bin\listicka.dll
TCP: DhcpNameServer = 192.168.2.1
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
DPF: {AAD68411-5B98-11D3-9B52-00001C0007B3} - hxxp://download.eonreality.com/eonx/4_0_1/eonx.cab
FF - ProfilePath - c:\users\Lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\xz6mo8fh.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.alawarhry.cz/?pid=6
FF - ExtSQL: !HIDDEN! 2011-04-11 22:16; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-06 21:27
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\rundll32.exe
c:\program files\AVC Finger-sensing Pad Driver\FspadSvr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Windows Media Player\wmpnscfg.exe
.
**************************************************************************
.
Celkový čas: 2013-01-06 21:32:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-06 20:32
ComboFix2.txt 2013-01-06 16:47
ComboFix3.txt 2011-03-31 09:46
.
Před spuštěním: Volných bajtů: 44 217 917 440
Po spuštění: Volných bajtů: 43 130 138 624
.
- - End Of File - - 470E2337847296A3AE1A3B1F18AC2425

VIRY.CZ

Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku

Re: Vypíná se mi displej na notebooku