Smart fotress 2012
Napsal: 19 kvě 2012 18:01
Zdravím,
dnes se mi (nevím odkud, všechny stránky, které jsem prohlížel znám a nikdy na nich nic nebylo) dostal do PC tento vir, až v nouzovém režimu se mi podařil spustit combofix, který mi udělal tento log. Dokážete mi prosím někdo poradit jak dále pokračovat?
dnes se mi (nevím odkud, všechny stránky, které jsem prohlížel znám a nikdy na nich nic nebylo) dostal do PC tento vir, až v nouzovém režimu se mi podařil spustit combofix, který mi udělal tento log. Dokážete mi prosím někdo poradit jak dále pokračovat?
Kód: Vybrat vše
ComboFix 12-05-19.01 - Jiřík 19.05.2012 18:38:22.1.4 - x86 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2806.2257 [GMT 2:00]
Spuštěný z: c:\users\Ji°Ýk\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\avrt.dll
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\mfplat.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-19 do 2012-05-19 )))))))))))))))))))))))))))))))
.
.
2012-05-19 16:49 . 2012-05-19 16:53 -------- d-----w- c:\users\Jiřík\AppData\Local\temp
2012-05-19 16:49 . 2012-05-19 16:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-19 16:49 . 2012-05-19 16:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-19 16:14 . 2012-05-19 16:20 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AEA89BC8-ED63-4988-9FEB-3D6319E25B28}\offreg.dll
2012-05-19 15:33 . 2012-05-19 15:33 -------- d-----w- c:\programdata\B7E858980001A19F000B270DB4EB23C1
2012-05-19 10:09 . 2012-05-19 10:09 -------- d-----w- c:\users\Jiřík\AppData\Local\{7B53C057-4031-459F-8E30-F84E7017FECD}
2012-05-19 10:08 . 2012-05-19 10:09 -------- d-----w- c:\users\Jiřík\AppData\Local\{E0BFB475-4316-4754-8CC0-6FEC21257753}
2012-05-19 08:51 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AEA89BC8-ED63-4988-9FEB-3D6319E25B28}\mpengine.dll
2012-05-18 22:08 . 2012-05-18 22:08 -------- d-----w- c:\users\Jiřík\AppData\Local\{2576855F-C296-4F5C-9DD0-E11FDB294BE5}
2012-05-18 22:08 . 2012-05-18 22:08 -------- d-----w- c:\users\Jiřík\AppData\Local\{58E713DB-D712-4DD2-A562-04A74BB0F63A}
2012-05-18 06:54 . 2012-05-18 06:54 -------- d-----w- c:\program files\Common Files\Skype
2012-05-17 22:59 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-17 22:09 . 2012-05-17 22:09 -------- d-----w- c:\users\Jiřík\AppData\Local\{98135271-BB76-48F6-9789-810DE1D55C93}
2012-05-17 22:09 . 2012-05-17 22:09 -------- d-----w- c:\users\Jiřík\AppData\Local\{4A4568D7-8D7F-4310-8096-7645869224EA}
2012-05-17 10:04 . 2012-05-17 10:04 -------- d-----w- c:\users\Jiřík\AppData\Local\{FE2D3A08-ABCF-4037-BA21-102564E0162C}
2012-05-17 10:03 . 2012-05-17 10:04 -------- d-----w- c:\users\Jiřík\AppData\Local\{DC42BAE9-BD64-47D9-916D-3505C5BA6B2A}
2012-05-16 13:37 . 2012-05-16 13:37 -------- d-----w- c:\users\Jiřík\AppData\Local\{74EE064C-D0FF-41A5-9804-2E06ADDA487F}
2012-05-16 13:37 . 2012-05-16 13:37 -------- d-----w- c:\users\Jiřík\AppData\Local\{6F24B6A8-D97A-4124-BA8A-1696046E70C9}
2012-05-15 21:43 . 2012-05-15 21:43 -------- d-----w- c:\users\Jiřík\AppData\Local\{219FF913-99A3-4432-BEA0-C78431FA03BB}
2012-05-15 21:42 . 2012-05-15 21:42 -------- d-----w- c:\users\Jiřík\AppData\Local\{525C8520-848C-4830-881E-ED5F02851AA8}
2012-05-15 19:09 . 2012-05-15 19:09 -------- d-----w- c:\program files\Common Files\Java
2012-05-15 19:08 . 2012-05-15 19:08 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-15 19:08 . 2012-05-15 19:08 -------- d-----w- c:\program files\Java
2012-05-15 09:11 . 2012-05-15 09:11 -------- d-----w- c:\users\Jiřík\AppData\Local\{0523F76F-D607-4AA1-9BD7-2F355C68641D}
2012-05-15 09:11 . 2012-05-15 09:11 -------- d-----w- c:\users\Jiřík\AppData\Local\{01D81106-0FB9-4EC8-B011-D5539F681752}
2012-05-14 09:41 . 2012-05-14 09:41 -------- d-----w- c:\users\Jiřík\AppData\Local\{1A0CE416-15CF-40ED-B56B-96121F67E049}
2012-05-14 09:40 . 2012-05-14 09:41 -------- d-----w- c:\users\Jiřík\AppData\Local\{EC7F6CB5-6439-4CA5-A2D2-9D31760AC7AE}
2012-05-13 21:16 . 2012-05-13 21:16 -------- d-----w- c:\users\Jiřík\AppData\Local\{484486A1-D6AD-49E2-AC55-B8F4A1EEB588}
2012-05-13 21:16 . 2012-05-13 21:16 -------- d-----w- c:\users\Jiřík\AppData\Local\{BC2DE636-FA51-4A49-BF1F-EAEB2D25D033}
2012-05-13 08:54 . 2012-05-13 08:54 -------- d-----w- c:\users\Jiřík\AppData\Local\{053FBDE7-7EB6-4C0C-8B3A-B452B63C8BFF}
2012-05-13 08:54 . 2012-05-13 08:54 -------- d-----w- c:\users\Jiřík\AppData\Local\{31E03B51-F601-41C8-AD51-0D0D700E2548}
2012-05-12 12:52 . 2012-05-12 12:52 -------- d-----w- c:\users\Jiřík\AppData\Local\{BD698C92-FC75-4D78-B95A-073A71EF5BCD}
2012-05-12 12:52 . 2012-05-12 12:52 -------- d-----w- c:\users\Jiřík\AppData\Local\{4E196BF1-9E38-4E27-AF57-E8A170C31023}
2012-05-12 08:32 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-12 08:32 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 08:32 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-12 08:32 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-12 08:32 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-12 08:31 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-12 08:31 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-12 08:31 . 2012-03-31 02:36 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-05-12 08:31 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-12 08:31 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-05-12 00:51 . 2012-05-12 00:51 -------- d-----w- c:\users\Jiřík\AppData\Local\{65E12B16-99E6-4B2D-A36F-623A7D1AA85F}
2012-05-12 00:51 . 2012-05-12 00:51 -------- d-----w- c:\users\Jiřík\AppData\Local\{022791BF-8348-49AF-B1CD-DCBFBD0D539A}
2012-05-11 08:15 . 2012-05-11 08:16 -------- d-----w- c:\users\Jiřík\AppData\Local\{18BE2C29-9AF2-4465-B96B-203583D24863}
2012-05-11 08:15 . 2012-05-11 08:15 -------- d-----w- c:\users\Jiřík\AppData\Local\{7410E5E6-070C-48EC-A550-47751829D0F6}
2012-05-10 09:33 . 2012-05-10 09:33 -------- d-----w- c:\users\Jiřík\AppData\Local\{B759EC2D-F99F-45D4-B58F-D4CB26A94925}
2012-05-10 09:33 . 2012-05-10 09:33 -------- d-----w- c:\users\Jiřík\AppData\Local\{B1824038-8F58-4E6A-9F83-D2FFAAF5BE81}
2012-05-09 21:32 . 2012-05-09 21:32 -------- d-----w- c:\users\Jiřík\AppData\Local\{E8D917C3-8319-4DE9-8521-D63EABD385B8}
2012-05-09 21:32 . 2012-05-09 21:32 -------- d-----w- c:\users\Jiřík\AppData\Local\{0410FC84-4122-4E83-8677-A129DF3BBACF}
2012-05-09 09:32 . 2012-05-09 09:32 -------- d-----w- c:\users\Jiřík\AppData\Local\{3627C6BF-EC15-4011-B50B-52AE500D59A5}
2012-05-09 09:31 . 2012-05-09 09:32 -------- d-----w- c:\users\Jiřík\AppData\Local\{805FAD2C-FAE2-4CCB-BF9E-D971DA380097}
2012-05-08 21:31 . 2012-05-08 21:31 -------- d-----w- c:\users\Jiřík\AppData\Local\{ADAFB1A4-C858-46FF-8C2C-D5D114807C22}
2012-05-08 21:31 . 2012-05-08 21:31 -------- d-----w- c:\users\Jiřík\AppData\Local\{9DFBD8E5-4B6E-454C-922C-321D5448381E}
2012-05-08 09:30 . 2012-05-08 09:31 -------- d-----w- c:\users\Jiřík\AppData\Local\{EBADFFFD-113C-4112-95ED-F252DB5E49B0}
2012-05-08 09:30 . 2012-05-08 09:30 -------- d-----w- c:\users\Jiřík\AppData\Local\{C635A462-7072-45FA-9E8D-E05E803F50FB}
2012-05-07 21:30 . 2012-05-07 21:30 -------- d-----w- c:\users\Jiřík\AppData\Local\{12A4B649-8286-4164-AEF3-470C8575020C}
2012-05-07 21:30 . 2012-05-07 21:30 -------- d-----w- c:\users\Jiřík\AppData\Local\{6072EF52-2B36-4A9B-88B0-5B8A4D1C755F}
2012-05-07 09:29 . 2012-05-07 09:29 -------- d-----w- c:\users\Jiřík\AppData\Local\{54039611-0B9C-466F-A889-C2A90C8EC490}
2012-05-07 09:29 . 2012-05-07 09:29 -------- d-----w- c:\users\Jiřík\AppData\Local\{21BFCD9B-E847-43C5-92EF-1D376348CCB0}
2012-05-06 13:37 . 2012-05-06 13:37 -------- d-----w- c:\users\Jiřík\AppData\Local\{498C584F-B327-48BC-A586-3AFC305FB094}
2012-05-06 13:37 . 2012-05-06 13:37 -------- d-----w- c:\users\Jiřík\AppData\Local\{B3508A58-C5CE-41CE-92E0-9946AAA80354}
2012-05-05 22:52 . 2012-05-05 22:52 -------- d-----w- c:\users\Jiřík\AppData\Local\{5EF9DD02-BDDC-4DAA-921E-897D44BC6FC0}
2012-05-05 22:52 . 2012-05-05 22:52 -------- d-----w- c:\users\Jiřík\AppData\Local\{4B2028B7-4C6C-42B3-86AE-682D65CA75F9}
2012-05-05 09:08 . 2012-05-05 09:08 -------- d-----w- c:\users\Jiřík\AppData\Local\{7D2D239C-9194-4A1C-A7FC-2AE1F7B40CAE}
2012-05-05 09:08 . 2012-05-05 09:08 -------- d-----w- c:\users\Jiřík\AppData\Local\{DFDD4D05-7273-4C53-8B54-15C089D1D4F7}
2012-05-04 15:04 . 2012-05-04 15:05 -------- d-----w- c:\users\Jiřík\AppData\Local\{46358F6E-5EA2-4742-9119-280D6EA6D4B1}
2012-05-04 15:04 . 2012-05-04 15:04 -------- d-----w- c:\users\Jiřík\AppData\Local\{2B8A4F78-F4F1-4552-8C50-E1FF72C0B8BB}
2012-05-03 23:28 . 2012-05-03 23:28 -------- d-----w- c:\users\Jiřík\AppData\Local\{E73704F5-19F8-4D1A-BE99-2FBB15B6E433}
2012-05-03 23:28 . 2012-05-03 23:28 -------- d-----w- c:\users\Jiřík\AppData\Local\{3FE2DB16-E594-4D3E-BEDE-7F1EBE224F75}
2012-05-03 09:35 . 2012-05-03 09:35 -------- d-----w- c:\users\Jiřík\AppData\Local\{74A01F40-6BEC-40C2-AF31-B4BE4FC777D4}
2012-05-03 09:35 . 2012-05-03 09:35 -------- d-----w- c:\users\Jiřík\AppData\Local\{CE6085C5-D305-4087-B692-3901E9EE2B13}
2012-05-02 21:35 . 2012-05-02 21:35 -------- d-----w- c:\users\Jiřík\AppData\Local\{0EFC50F6-8031-42FB-92DF-5C3BECE39F6F}
2012-05-02 21:34 . 2012-05-02 21:35 -------- d-----w- c:\users\Jiřík\AppData\Local\{DFADE552-F56E-442F-BE00-C5FA4570E907}
2012-05-02 09:14 . 2012-05-02 09:14 -------- d-----w- c:\users\Jiřík\AppData\Local\{AA572432-27FE-4055-8B97-08FC90A8F1B9}
2012-05-02 09:14 . 2012-05-02 09:14 -------- d-----w- c:\users\Jiřík\AppData\Local\{437E9123-8E01-497A-B907-E8B045E894AE}
2012-05-01 10:13 . 2012-05-01 10:14 -------- d-----w- c:\users\Jiřík\AppData\Local\{ABF213C5-0363-491E-9C42-59A7329EEE67}
2012-05-01 10:13 . 2012-05-01 10:13 -------- d-----w- c:\users\Jiřík\AppData\Local\{1EAA96EA-9869-4DBD-8EE9-3BFD08277928}
2012-04-30 21:34 . 2012-04-30 21:34 -------- d-----w- c:\users\Jiřík\AppData\Local\{AC02D5F6-2E3A-4BA4-8915-86013F79AD58}
2012-04-30 21:34 . 2012-04-30 21:34 -------- d-----w- c:\users\Jiřík\AppData\Local\{16325F96-FEA8-4742-A591-AECE6A14B827}
2012-04-30 09:32 . 2012-04-30 09:32 -------- d-----w- c:\users\Jiřík\AppData\Local\{7F6DE3BD-71B0-4781-8B4B-2B34FA61F21F}
2012-04-30 09:32 . 2012-04-30 09:32 -------- d-----w- c:\users\Jiřík\AppData\Local\{5E62F060-677C-4307-BC12-43864966E337}
2012-04-29 09:31 . 2012-04-29 09:31 -------- d-----w- c:\users\Jiřík\AppData\Local\{91739962-7C1C-41CB-87ED-9B9AFCF278CE}
2012-04-29 09:30 . 2012-04-29 09:31 -------- d-----w- c:\users\Jiřík\AppData\Local\{F64C6ABB-50B7-4CAD-B2F0-39C11C92E327}
2012-04-28 10:28 . 2012-04-28 10:29 -------- d-----w- c:\users\Jiřík\AppData\Local\{B852656C-A10E-4A46-828C-56FFCB9AD6F9}
2012-04-28 10:28 . 2012-04-28 10:28 -------- d-----w- c:\users\Jiřík\AppData\Local\{0E275C7E-14BF-4CA4-BB8F-5E3A26E4EB59}
2012-04-27 22:28 . 2012-04-27 22:28 -------- d-----w- c:\users\Jiřík\AppData\Local\{DCF98277-45B8-4687-99D7-BB8F09843DA1}
2012-04-27 22:27 . 2012-04-27 22:28 -------- d-----w- c:\users\Jiřík\AppData\Local\{6DBAA99A-4B5B-44B2-A164-81F03DDA811D}
2012-04-26 21:20 . 2012-04-26 21:20 -------- d-----w- c:\users\Jiřík\AppData\Local\{D1F1A2C7-1290-4EE2-AE60-4A2E08D6306A}
2012-04-26 21:20 . 2012-04-26 21:20 -------- d-----w- c:\users\Jiřík\AppData\Local\{C98A0689-4DFF-4AD5-84C5-71276F9E0517}
2012-04-26 09:19 . 2012-04-26 09:19 -------- d-----w- c:\users\Jiřík\AppData\Local\{1C94AFB7-5627-4379-8226-0DA1B181268E}
2012-04-26 09:19 . 2012-04-26 09:19 -------- d-----w- c:\users\Jiřík\AppData\Local\{8B8A32E3-1A9C-4609-8ADD-BC483C0E7408}
2012-04-25 19:36 . 2012-04-25 19:37 -------- d-----w- c:\users\Jiřík\AppData\Local\{199DDBA9-CD6A-48EB-AF74-BED60A5C9085}
2012-04-25 19:36 . 2012-04-25 19:36 -------- d-----w- c:\users\Jiřík\AppData\Local\{D0E5AE61-6216-448C-9210-DFC431973A5A}
2012-04-25 14:41 . 2012-04-25 14:41 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-25 07:36 . 2012-04-25 07:36 -------- d-----w- c:\users\Jiřík\AppData\Local\{C102BB5F-F33F-4960-8BCB-8CEAD29C778C}
2012-04-25 07:36 . 2012-04-25 07:36 -------- d-----w- c:\users\Jiřík\AppData\Local\{A6373AD9-044E-4A60-9D5B-65ADEFED1614}
2012-04-24 09:22 . 2012-04-24 09:22 -------- d-----w- c:\users\Jiřík\AppData\Local\{EB91095E-B1CA-44D6-8712-E1FC349A8839}
2012-04-24 09:21 . 2012-04-24 09:22 -------- d-----w- c:\users\Jiřík\AppData\Local\{75D6CA05-9632-4928-A01B-824DA31E927C}
2012-04-23 21:21 . 2012-04-23 21:21 -------- d-----w- c:\users\Jiřík\AppData\Local\{0B5738E7-3155-4EEE-897D-F7E84A729D07}
2012-04-23 21:21 . 2012-04-23 21:21 -------- d-----w- c:\users\Jiřík\AppData\Local\{49C47BDE-AB07-40C5-B04E-7D8A0AB4C4EB}
2012-04-23 09:20 . 2012-04-23 09:21 -------- d-----w- c:\users\Jiřík\AppData\Local\{37360D1A-5B01-4444-8461-5E64A387B945}
2012-04-23 09:20 . 2012-04-23 09:20 -------- d-----w- c:\users\Jiřík\AppData\Local\{52991EFD-2F46-4CE6-AD22-4408C64C2918}
2012-04-22 09:01 . 2012-04-22 09:01 -------- d-----w- c:\users\Jiřík\AppData\Local\{71FC9BCD-AF54-413F-AE0F-A5961978F81F}
2012-04-22 09:01 . 2012-04-22 09:01 -------- d-----w- c:\users\Jiřík\AppData\Local\{9D7D6EBD-947B-4BB5-91A1-71E387318E80}
2012-04-21 09:30 . 2012-04-21 09:31 -------- d-----w- c:\users\Jiřík\AppData\Local\{FF2783C1-F308-47EF-96EA-3B4178C33234}
2012-04-21 09:30 . 2012-04-21 09:30 -------- d-----w- c:\users\Jiřík\AppData\Local\{FAB28757-F844-4AB2-AFA2-E7B446645150}
2012-04-20 19:50 . 2012-04-20 19:50 -------- d-----w- c:\users\Jiřík\AppData\Local\{6335627F-AC76-4443-8AEE-6D65DC377B3A}
2012-04-20 19:50 . 2012-04-20 19:50 -------- d-----w- c:\users\Jiřík\AppData\Local\{CE90DF49-DCA5-4585-ACD2-C16BFEEF43CB}
2012-04-20 07:50 . 2012-04-20 07:50 -------- d-----w- c:\users\Jiřík\AppData\Local\{8225E4EA-64ED-4DC4-B86B-FD3121F2D18B}
2012-04-20 07:50 . 2012-04-20 07:50 -------- d-----w- c:\users\Jiřík\AppData\Local\{89972FEB-9000-4522-B1DE-28010D33686D}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-15 19:08 . 2011-12-07 12:53 472864 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-05 16:34 . 2012-03-30 07:59 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 16:34 . 2011-07-03 15:27 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-20 18:44 . 2010-10-24 20:25 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2010-10-24 20:25 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-08 16:37 . 2012-03-08 16:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-01 05:46 . 2012-04-12 10:23 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:37 . 2012-04-12 10:23 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:33 . 2012-04-12 10:23 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:29 . 2012-04-12 10:23 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18 . 2012-04-12 10:31 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-12 10:31 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 10:31 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-12 10:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-02-22 943504]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-02-22 3508624]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-29 21416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-11-19 1594664]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-11-19 83240]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2010-09-29 3058304]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HotkeyMon"="AsusSender.exe" [2010-03-03 29184]
"HotkeyService"="AsusSender.exe" [2010-03-03 29184]
"SuperHybridEngine"="AsusSender.exe" [2010-03-03 29184]
"CapsHook"="AsusSender.exe" [2010-03-03 29184]
"GraphicsSwitch"="AsusSender.exe" [2010-03-03 29184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-10 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-10 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-08-24 9722472]
"iSeriesCharge"="c:\program files\ASUS\USBChargeSetting\iSeriesCharge.exe" [2010-08-18 96176]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-09-29 2018032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-01-20 217088]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-07-03 136176]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2011-01-20 36640]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-07-03 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-08-04 105576]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-12-21 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-12-21 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-12-21 123648]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys [2010-12-21 100352]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-07 1343400]
S0 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys [2010-05-20 13224]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-08-04 19656]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-07-29 68208]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 59904]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 139648]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:34]
.
2012-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-03 17:23]
.
2012-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-03 17:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jiřík\AppData\Roaming\Mozilla\Firefox\Profiles\iqd87t3h.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-05-19 18:57:18
ComboFix-quarantined-files.txt 2012-05-19 16:57
.
Před spuštěním: Volných bajtů: 36 984 102 912
Po spuštění: Volných bajtů: 36 796 268 544
.
- - End Of File - - 36DD9D2AAA00E4F22D51E24E971DD1D6