Dobrý večer,prosím o kontrolu logu antivir mi našel v notasu Worm:Win32/Brontok.R@mm .nic jsem nemazala ani z karantény.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013
Ran by Diamond (administrator) on DIAMOND-PC on 12-10-2013 19:45:50
Running from C:\Users\Diamond\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Realtek) C:\Program Files\ZyXEL\NWD2205\RtlService.exe
(ZyXEL) C:\Program Files\ZyXEL\NWD2205\NWD2205.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKCU\...\Run: [] - [x]
HKCU\...\Policies\system: [DisableRegistryTools] 1
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 1
MountPoints2: {2368c851-070d-11e3-a444-f3a03550b210} - E:\AutoRun.exe
==================== Internet (Whitelisted) ====================
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Extension: (Google Docs) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0
CHR Extension: (Skype Click to Call) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
========================== Services (Whitelisted) =================
S4 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2095752 2013-06-04] ()
S4 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
S4 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-08-12] (Microsoft Corporation)
R2 Realtek11nCU; C:\Program Files\ZyXEL\NWD2205\RtlService.exe [36864 2010-04-16] (Realtek)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S4 Virtual Router; C:\Program Files\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (http://pietschsoft.com))
==================== Drivers (Whitelisted) ====================
R3 btaudio; C:\Windows\System32\drivers\btaudio.sys [539072 2007-03-23] (Broadcom Corporation.)
R3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37424 2007-03-23] (Broadcom Corporation.)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [50688 2009-07-14] (Microsoft Corporation)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [876384 2007-03-31] (Broadcom Corporation.)
S3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [149123 2007-03-23] (Broadcom Corporation.)
S3 btwhid; C:\Windows\System32\DRIVERS\btwhid.sys [55352 2007-03-31] (Broadcom Corporation.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 flash; C:\Windows\system32\drivers\flash.sys [8064 2005-11-17] ()
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
R2 int15; C:\Windows\system32\drivers\int15.sys [15392 2007-11-30] (Acer, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [636008 2010-07-13] (Realtek Semiconductor Corporation )
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-12 19:45 - 2013-10-12 19:45 - 00029696 _____ C:\Users\Diamond\AppData\Local\MSGBOX.EXE
2013-10-12 19:45 - 2013-10-12 19:45 - 00000000 ____D C:\FRST
2013-10-12 19:43 - 2013-10-12 19:44 - 01087213 _____ (Farbar) C:\Users\Diamond\Desktop\FRST.exe
2013-10-12 19:41 - 2013-10-12 19:41 - 00112128 _____ (forum.viry.cz) C:\Users\Diamond\Desktop\FRSTLauncher.exe
2013-10-12 19:39 - 2013-10-12 19:39 - 00112107 _____ (forum.viry.cz) C:\Users\Diamond\Downloads\VerzeOS.exe
2013-10-12 19:31 - 2013-10-12 19:31 - 00991232 _____ C:\Users\Diamond\Downloads\MicrosoftFixit50267.msi
2013-10-12 19:21 - 2013-10-12 19:21 - 00012393 _____ C:\Users\Diamond\AppData\Local\Update.12.Bron.Tok.bin
2013-10-12 19:13 - 2013-10-12 19:13 - 00000000 __RSH C:\MSDOS.SYS
2013-10-12 19:13 - 2013-10-12 19:13 - 00000000 __RSH C:\IO.SYS
2013-10-12 12:25 - 2013-10-12 12:25 - 00000000 ____D C:\Users\Diamond\AppData\Local\Bron.tok-12-12
2013-10-11 00:00 - 2013-10-11 00:00 - 00000000 ____D C:\Users\Diamond\AppData\Local\Bron.tok-12-11
2013-10-10 23:40 - 2013-10-10 23:40 - 00012393 _____ C:\Users\Diamond\AppData\Local\Bron.tok.A12.em.bin
2013-10-10 20:16 - 2013-10-10 20:26 - 00000000 ____D C:\Users\Diamond\AppData\Local\Loc.Mail.Bron.Tok
2013-10-10 20:16 - 2013-10-10 20:16 - 00000051 _____ C:\Users\Diamond\AppData\Local\Kosong.Bron.Tok.txt
2013-10-10 20:16 - 2013-10-10 20:16 - 00000000 ____D C:\Users\Diamond\AppData\Local\Ok-SendMail-Bron-tok
2013-10-10 20:11 - 2013-10-10 20:11 - 00012393 _____ C:\Users\Diamond\AppData\Local\ListHost12.txt
2013-10-10 20:10 - 2013-10-10 20:10 - 00000000 ____D C:\Users\Diamond\AppData\Local\Bron.tok-12-10
2013-10-09 15:14 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-09 15:14 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-09 15:14 - 2013-09-23 01:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-09 15:14 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-09 15:14 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-09 15:14 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-09 15:14 - 2013-09-21 04:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-09 11:41 - 2013-10-09 11:43 - 00946176 _____ (Torch Media Inc.) C:\Users\Diamond\Downloads\TorchSetupFull.exe
2013-10-09 07:48 - 2013-09-14 02:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-09 07:48 - 2013-09-08 04:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-09 07:48 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-09 07:48 - 2013-09-04 03:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-09 07:48 - 2013-09-04 03:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-09 07:48 - 2013-09-04 03:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-09 07:48 - 2013-09-04 03:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-09 07:48 - 2013-09-04 03:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-09 07:48 - 2013-09-04 03:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-09 07:48 - 2013-09-04 03:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-09 07:48 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-10-09 07:48 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-09 07:48 - 2013-08-29 03:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-09 07:48 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-09 07:48 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-09 07:48 - 2013-08-29 03:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-09 07:48 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-09 07:48 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-09 07:48 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:48 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-09 07:48 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-09 07:48 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-09 07:48 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-09 07:48 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-09 07:48 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-09 07:48 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-09 07:48 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-09 07:42 - 2013-08-28 03:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-09 07:42 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-09 07:42 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-09 07:42 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-09 07:42 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-09 07:42 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-08 21:08 - 2013-10-08 21:10 - 00504964 _____ C:\Users\Diamond\Downloads\ThinkFlash_S60V5.sis
2013-10-05 12:53 - 2013-10-05 12:53 - 00002036 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Thunderbird
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Mozilla
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Users\Diamond\AppData\Local\Thunderbird
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-05 12:23 - 2013-10-05 12:29 - 21983760 _____ (Mozilla) C:\Users\Diamond\Downloads\Thunderbird Setup 24.0.exe
2013-10-05 11:53 - 2013-10-05 11:53 - 00000631 _____ C:\Users\Diamond\Downloads\outlook.reg
2013-10-05 00:18 - 2013-10-05 00:18 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Macromedia
2013-10-02 13:42 - 2013-10-02 13:42 - 00117060 _____ C:\Users\Diamond\Downloads\angelic_wings_brush_40085.zip
2013-10-01 00:46 - 2013-10-01 00:46 - 00000000 ____D C:\Users\Diamond\Downloads\recepty
2013-10-01 00:46 - 2013-09-25 13:56 - 00001070 _____ C:\Users\Diamond\Desktop\hesla biosů.txt
2013-09-30 22:32 - 2013-10-12 19:16 - 00006704 _____ C:\Windows\setupact.log
2013-09-30 22:32 - 2013-09-30 22:32 - 00000000 _____ C:\Windows\setuperr.log
2013-09-30 00:43 - 2013-09-30 00:48 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-09-30 00:43 - 2013-09-30 00:48 - 00000000 ____D C:\Program Files\ParetoLogic
2013-09-30 00:43 - 2013-09-30 00:43 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\ParetoLogic
2013-09-30 00:43 - 2013-09-30 00:43 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\DriverCure
2013-09-30 00:41 - 2013-09-30 00:42 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Diamond\Downloads\Repair-tool.exe
2013-09-29 21:18 - 2013-09-29 21:18 - 00004652 _____ C:\Users\Diamond\Downloads\coMusim.txt
2013-09-29 21:15 - 2013-09-29 21:15 - 00006531 _____ C:\Users\Diamond\Downloads\U_soudu.txt
2013-09-29 20:35 - 2013-09-30 00:24 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\CzDC
2013-09-29 20:34 - 2013-09-29 20:34 - 00000000 ____D C:\Users\Diamond\Downloads\czdc_0699_d1_32
2013-09-29 20:32 - 2013-09-29 20:34 - 04233079 _____ C:\Users\Diamond\Downloads\czdc_0699_d1_32.rar
2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Program Files\7-Zip
2013-09-29 19:55 - 2013-09-29 19:56 - 01094750 _____ C:\Users\Diamond\Downloads\7zip.exe
2013-09-29 19:52 - 2013-09-29 19:52 - 02210315 _____ C:\Users\Diamond\Downloads\element-browser.zip
2013-09-29 19:44 - 2013-09-29 19:46 - 05156309 _____ C:\Users\Diamond\Downloads\strong-dc.exe
2013-09-29 19:11 - 2013-09-29 19:11 - 00000022 _____ C:\Users\Diamond\Desktop\id.txt
2013-09-26 20:14 - 2013-09-26 20:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-09-26 19:48 - 2013-09-26 19:48 - 00000000 ____D C:\Program Files\WIDCOMM
2013-09-26 19:48 - 2007-03-31 13:02 - 00876384 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btkrnl.sys
2013-09-26 19:48 - 2007-03-31 13:02 - 00055352 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwhid.sys
2013-09-26 19:48 - 2007-03-23 10:50 - 00149123 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwdndis.sys
2013-09-26 19:48 - 2007-03-23 10:50 - 00106557 _____ (Broadcom Corporation.) C:\Windows\system32\btw_ci.dll
2013-09-26 19:48 - 2007-03-23 10:50 - 00037424 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btport.sys
2013-09-26 19:48 - 2007-03-23 10:49 - 00539072 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btaudio.sys
2013-09-26 19:46 - 2013-09-26 19:46 - 00000000 ____D C:\Users\Diamond\Downloads\BlueTooth_WIDCOMM_5.1.0.3300_XPx86
2013-09-26 19:18 - 2013-09-26 19:41 - 42955796 _____ C:\Users\Diamond\Downloads\BlueTooth_WIDCOMM_5.1.0.3300_XPx86.zip
2013-09-26 19:13 - 2013-09-26 19:13 - 00505444 _____ C:\Users\Diamond\Downloads\Nokia_Barcode_Reader.sis
2013-09-26 18:31 - 2013-09-26 18:31 - 00036388 _____ C:\Users\Diamond\Downloads\radary policie.txt
2013-09-26 18:29 - 2013-09-26 18:29 - 00194262 _____ C:\Users\Diamond\Downloads\recepty.zip
2013-09-26 12:00 - 2013-09-26 12:00 - 00118149 _____ C:\Users\Diamond\Downloads\wmpChrome.crx
2013-09-21 00:42 - 2013-09-21 00:43 - 03678753 _____ C:\Users\Diamond\Downloads\implementace_JavaOpenIdClient.zip
2013-09-18 23:30 - 2013-09-18 23:31 - 04337710 _____ (Oracle Corporation) C:\Users\Diamond\Downloads\jre-7u40-windows-i586.exe.ovgarie.partial
2013-09-18 23:29 - 2013-09-18 23:29 - 00000000 _____ C:\Users\Diamond\Downloads\32bit_Vista_Win7_Win8_R271.exe.v9pmik1.partial
2013-09-18 23:24 - 2013-09-18 23:25 - 00335914 _____ C:\Users\Diamond\Downloads\xdman.zip
2013-09-18 23:24 - 2013-09-18 23:24 - 00000000 ____D C:\Users\Diamond\Downloads\xdman
2013-09-16 19:37 - 2013-09-16 19:37 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-09-15 17:47 - 2013-09-15 17:47 - 00000000 ____D C:\Users\Diamond\Documents\Nokia Suite
2013-09-15 17:40 - 2013-09-15 17:40 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Nokia
2013-09-15 15:34 - 2013-09-15 15:34 - 00000000 ____D C:\Users\Diamond\AppData\Local\NokiaAccount
2013-09-15 15:32 - 2013-09-26 20:14 - 00000000 ____D C:\ProgramData\PC Suite
2013-09-15 15:32 - 2013-09-15 17:40 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\PC Suite
2013-09-15 15:32 - 2013-09-15 15:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmb_01009.Wdf
2013-09-15 15:32 - 2013-09-15 15:32 - 00000000 ____D C:\Users\Diamond\AppData\Local\Nokia
2013-09-15 15:31 - 2013-09-15 15:31 - 00002047 _____ C:\Users\Public\Desktop\Nokia Suite.lnk
2013-09-15 15:30 - 2013-09-15 15:31 - 00000000 ____D C:\ProgramData\Nokia
2013-09-15 15:30 - 2013-09-15 15:30 - 00000000 ____D C:\Program Files\Common Files\Nokia
2013-09-15 15:29 - 2013-09-15 15:29 - 00000000 ____D C:\Program Files\PC Connectivity Solution
2013-09-15 15:29 - 2013-09-15 15:29 - 00000000 ____D C:\Program Files\DIFX
2013-09-15 15:29 - 2013-01-23 10:31 - 00075264 _____ (Nokia) C:\Windows\system32\nmwcdcls.dll
2013-09-15 15:29 - 2012-10-17 14:53 - 00019072 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys
2013-09-15 15:27 - 2013-09-15 15:30 - 00000000 ____D C:\Program Files\Nokia
2013-09-15 15:27 - 2013-09-15 15:27 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-09-15 15:26 - 2013-07-05 04:05 - 106311632 _____ C:\Users\Diamond\Downloads\Nokia_Suite_webinstaller_ALL.exe
2013-09-15 14:58 - 2013-09-15 15:03 - 00000000 ____D C:\Users\Diamond\AppData\Local\Microsoft Games
2013-09-13 15:50 - 2013-09-13 16:10 - 00000000 ____D C:\Users\Diamond\Desktop\Katka-fotky
2013-09-12 18:26 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 18:26 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 18:25 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 18:25 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 18:25 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 18:25 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 18:25 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 18:09 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
==================== One Month Modified Files and Folders =======
2013-10-12 19:45 - 2013-10-12 19:45 - 00029696 _____ C:\Users\Diamond\AppData\Local\MSGBOX.EXE
2013-10-12 19:45 - 2013-10-12 19:45 - 00000000 ____D C:\FRST
2013-10-12 19:44 - 2013-10-12 19:43 - 01087213 _____ (Farbar) C:\Users\Diamond\Desktop\FRST.exe
2013-10-12 19:41 - 2013-10-12 19:41 - 00112128 _____ (forum.viry.cz) C:\Users\Diamond\Desktop\FRSTLauncher.exe
2013-10-12 19:39 - 2013-10-12 19:39 - 00112107 _____ (forum.viry.cz) C:\Users\Diamond\Downloads\VerzeOS.exe
2013-10-12 19:38 - 2013-08-16 14:07 - 02088924 _____ C:\Windows\WindowsUpdate.log
2013-10-12 19:31 - 2013-10-12 19:31 - 00991232 _____ C:\Users\Diamond\Downloads\MicrosoftFixit50267.msi
2013-10-12 19:27 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\ShellNew
2013-10-12 19:23 - 2009-07-14 06:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-12 19:23 - 2009-07-14 06:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-12 19:22 - 2013-08-16 14:21 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-12 19:21 - 2013-10-12 19:21 - 00012393 _____ C:\Users\Diamond\AppData\Local\Update.12.Bron.Tok.bin
2013-10-12 19:20 - 2009-07-14 04:04 - 00000007 ___SH C:\autoexec.bat
2013-10-12 19:16 - 2013-09-30 22:32 - 00006704 _____ C:\Windows\setupact.log
2013-10-12 19:16 - 2013-08-17 00:15 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-12 19:16 - 2013-08-16 23:36 - 00000250 _____ C:\Windows\Tasks\RtlVistaStart.job
2013-10-12 19:16 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-12 19:13 - 2013-10-12 19:13 - 00000000 __RSH C:\MSDOS.SYS
2013-10-12 19:13 - 2013-10-12 19:13 - 00000000 __RSH C:\IO.SYS
2013-10-12 14:07 - 2013-09-04 22:15 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-12 13:57 - 2013-08-17 00:15 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-12 12:25 - 2013-10-12 12:25 - 00000000 ____D C:\Users\Diamond\AppData\Local\Bron.tok-12-12
2013-10-11 23:49 - 2013-08-21 17:04 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-11 23:49 - 2013-08-21 17:03 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-11 00:00 - 2013-10-11 00:00 - 00000000 ____D C:\Users\Diamond\AppData\Local\Bron.tok-12-11
2013-10-10 23:40 - 2013-10-10 23:40 - 00012393 _____ C:\Users\Diamond\AppData\Local\Bron.tok.A12.em.bin
2013-10-10 20:26 - 2013-10-10 20:16 - 00000000 ____D C:\Users\Diamond\AppData\Local\Loc.Mail.Bron.Tok
2013-10-10 20:16 - 2013-10-10 20:16 - 00000051 _____ C:\Users\Diamond\AppData\Local\Kosong.Bron.Tok.txt
2013-10-10 20:16 - 2013-10-10 20:16 - 00000000 ____D C:\Users\Diamond\AppData\Local\Ok-SendMail-Bron-tok
2013-10-10 20:11 - 2013-10-10 20:11 - 00012393 _____ C:\Users\Diamond\AppData\Local\ListHost12.txt
2013-10-10 20:10 - 2013-10-10 20:10 - 00000000 ____D C:\Users\Diamond\AppData\Local\Bron.tok-12-10
2013-10-09 23:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-10-09 22:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-09 22:13 - 2013-09-04 22:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 22:13 - 2013-09-04 22:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 19:29 - 2009-07-14 06:33 - 00268520 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 15:22 - 2013-08-19 03:53 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 15:15 - 2013-08-19 03:53 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 11:43 - 2013-10-09 11:41 - 00946176 _____ (Torch Media Inc.) C:\Users\Diamond\Downloads\TorchSetupFull.exe
2013-10-08 21:10 - 2013-10-08 21:08 - 00504964 _____ C:\Users\Diamond\Downloads\ThinkFlash_S60V5.sis
2013-10-08 20:52 - 2013-09-04 00:38 - 00000000 ____D C:\Windows\pss
2013-10-08 20:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-10-06 10:17 - 2013-08-17 00:30 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-05 12:53 - 2013-10-05 12:53 - 00002036 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Thunderbird
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Mozilla
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Users\Diamond\AppData\Local\Thunderbird
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-10-05 12:53 - 2013-10-05 12:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-05 12:29 - 2013-10-05 12:23 - 21983760 _____ (Mozilla) C:\Users\Diamond\Downloads\Thunderbird Setup 24.0.exe
2013-10-05 11:53 - 2013-10-05 11:53 - 00000631 _____ C:\Users\Diamond\Downloads\outlook.reg
2013-10-05 01:10 - 2013-08-17 17:26 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Skype
2013-10-05 01:02 - 2013-08-17 17:25 - 00000000 ___RD C:\Program Files\Skype
2013-10-05 00:58 - 2013-08-17 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-05 00:18 - 2013-10-05 00:18 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Macromedia
2013-10-02 13:42 - 2013-10-02 13:42 - 00117060 _____ C:\Users\Diamond\Downloads\angelic_wings_brush_40085.zip
2013-10-01 00:46 - 2013-10-01 00:46 - 00000000 ____D C:\Users\Diamond\Downloads\recepty
2013-09-30 22:32 - 2013-09-30 22:32 - 00000000 _____ C:\Windows\setuperr.log
2013-09-30 00:48 - 2013-09-30 00:43 - 00000000 ____D C:\ProgramData\ParetoLogic
2013-09-30 00:48 - 2013-09-30 00:43 - 00000000 ____D C:\Program Files\ParetoLogic
2013-09-30 00:43 - 2013-09-30 00:43 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\ParetoLogic
2013-09-30 00:43 - 2013-09-30 00:43 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\DriverCure
2013-09-30 00:42 - 2013-09-30 00:41 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Diamond\Downloads\Repair-tool.exe
2013-09-30 00:24 - 2013-09-29 20:35 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\CzDC
2013-09-29 21:18 - 2013-09-29 21:18 - 00004652 _____ C:\Users\Diamond\Downloads\coMusim.txt
2013-09-29 21:15 - 2013-09-29 21:15 - 00006531 _____ C:\Users\Diamond\Downloads\U_soudu.txt
2013-09-29 20:34 - 2013-09-29 20:34 - 00000000 ____D C:\Users\Diamond\Downloads\czdc_0699_d1_32
2013-09-29 20:34 - 2013-09-29 20:32 - 04233079 _____ C:\Users\Diamond\Downloads\czdc_0699_d1_32.rar
2013-09-29 19:58 - 2013-09-29 19:58 - 00000000 ____D C:\Program Files\7-Zip
2013-09-29 19:56 - 2013-09-29 19:55 - 01094750 _____ C:\Users\Diamond\Downloads\7zip.exe
2013-09-29 19:52 - 2013-09-29 19:52 - 02210315 _____ C:\Users\Diamond\Downloads\element-browser.zip
2013-09-29 19:46 - 2013-09-29 19:44 - 05156309 _____ C:\Users\Diamond\Downloads\strong-dc.exe
2013-09-29 19:11 - 2013-09-29 19:11 - 00000022 _____ C:\Users\Diamond\Desktop\id.txt
2013-09-26 20:14 - 2013-09-26 20:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2013-09-26 20:14 - 2013-09-15 15:32 - 00000000 ____D C:\ProgramData\PC Suite
2013-09-26 19:48 - 2013-09-26 19:48 - 00000000 ____D C:\Program Files\WIDCOMM
2013-09-26 19:46 - 2013-09-26 19:46 - 00000000 ____D C:\Users\Diamond\Downloads\BlueTooth_WIDCOMM_5.1.0.3300_XPx86
2013-09-26 19:41 - 2013-09-26 19:18 - 42955796 _____ C:\Users\Diamond\Downloads\BlueTooth_WIDCOMM_5.1.0.3300_XPx86.zip
2013-09-26 19:13 - 2013-09-26 19:13 - 00505444 _____ C:\Users\Diamond\Downloads\Nokia_Barcode_Reader.sis
2013-09-26 18:31 - 2013-09-26 18:31 - 00036388 _____ C:\Users\Diamond\Downloads\radary policie.txt
2013-09-26 18:29 - 2013-09-26 18:29 - 00194262 _____ C:\Users\Diamond\Downloads\recepty.zip
2013-09-26 12:00 - 2013-09-26 12:00 - 00118149 _____ C:\Users\Diamond\Downloads\wmpChrome.crx
2013-09-25 13:56 - 2013-10-01 00:46 - 00001070 _____ C:\Users\Diamond\Desktop\hesla biosů.txt
2013-09-23 01:28 - 2013-10-09 15:14 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 01:28 - 2013-10-09 15:14 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 01:28 - 2013-10-09 15:14 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 01:27 - 2013-10-09 15:14 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 01:27 - 2013-10-09 15:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-21 05:30 - 2013-10-09 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-21 04:39 - 2013-10-09 15:14 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-21 00:43 - 2013-09-21 00:42 - 03678753 _____ C:\Users\Diamond\Downloads\implementace_JavaOpenIdClient.zip
2013-09-18 23:31 - 2013-09-18 23:30 - 04337710 _____ (Oracle Corporation) C:\Users\Diamond\Downloads\jre-7u40-windows-i586.exe.ovgarie.partial
2013-09-18 23:29 - 2013-09-18 23:29 - 00000000 _____ C:\Users\Diamond\Downloads\32bit_Vista_Win7_Win8_R271.exe.v9pmik1.partial
2013-09-18 23:25 - 2013-09-18 23:24 - 00335914 _____ C:\Users\Diamond\Downloads\xdman.zip
2013-09-18 23:24 - 2013-09-18 23:24 - 00000000 ____D C:\Users\Diamond\Downloads\xdman
2013-09-18 23:23 - 2013-08-17 00:03 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\DMCache
2013-09-16 19:37 - 2013-09-16 19:37 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-09-15 17:47 - 2013-09-15 17:47 - 00000000 ____D C:\Users\Diamond\Documents\Nokia Suite
2013-09-15 17:40 - 2013-09-15 17:40 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\Nokia
2013-09-15 17:40 - 2013-09-15 15:32 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\PC Suite
2013-09-15 15:34 - 2013-09-15 15:34 - 00000000 ____D C:\Users\Diamond\AppData\Local\NokiaAccount
2013-09-15 15:32 - 2013-09-15 15:32 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ccdcmb_01009.Wdf
2013-09-15 15:32 - 2013-09-15 15:32 - 00000000 ____D C:\Users\Diamond\AppData\Local\Nokia
2013-09-15 15:31 - 2013-09-15 15:31 - 00002047 _____ C:\Users\Public\Desktop\Nokia Suite.lnk
2013-09-15 15:31 - 2013-09-15 15:30 - 00000000 ____D C:\ProgramData\Nokia
2013-09-15 15:30 - 2013-09-15 15:30 - 00000000 ____D C:\Program Files\Common Files\Nokia
2013-09-15 15:30 - 2013-09-15 15:27 - 00000000 ____D C:\Program Files\Nokia
2013-09-15 15:29 - 2013-09-15 15:29 - 00000000 ____D C:\Program Files\PC Connectivity Solution
2013-09-15 15:29 - 2013-09-15 15:29 - 00000000 ____D C:\Program Files\DIFX
2013-09-15 15:27 - 2013-09-15 15:27 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2013-09-15 15:03 - 2013-09-15 14:58 - 00000000 ____D C:\Users\Diamond\AppData\Local\Microsoft Games
2013-09-14 18:27 - 2013-09-01 21:28 - 00000000 ____D C:\Windows\Minidump
2013-09-14 16:41 - 2013-08-23 20:17 - 00000000 ____D C:\Users\Diamond\AppData\Roaming\vlc
2013-09-14 16:36 - 2009-07-14 11:20 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-14 02:48 - 2013-10-09 07:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-09-13 21:40 - 2013-08-17 17:19 - 00000000 ____D C:\Users\Diamond\Desktop\Vojta
2013-09-13 16:10 - 2013-09-13 15:50 - 00000000 ____D C:\Users\Diamond\Desktop\Katka-fotky
Some content of TEMP:
====================
C:\Users\Diamond\AppData\Local\Temp\NEventMessages.dll
C:\Users\Diamond\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Diamond\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-11 07:26
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Worm:Win32/Brontok.R@mm v notebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Worm:Win32/Brontok.R@mm v notebooku
- Přílohy
-
- Addition.rar
- (7.69 KiB) Staženo 62 x
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Worm:Win32/Brontok.R@mm v notebooku
Zdravím!
Poprosím o log ComboFix:
Poprosím o log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Worm:Win32/Brontok.R@mm v notebooku
ComboFix 13-10-12.01 - Diamond 13.10.2013 0:21.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2038.1437 [GMT 2:00]
Spuštěný z: c:\users\Diamond\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Diamond\AppData\Local\Bron.tok-12-10
c:\users\Diamond\AppData\Local\Bron.tok-12-11
c:\users\Diamond\AppData\Local\Bron.tok-12-12
c:\users\Diamond\AppData\Local\Bron.tok.A12.em.bin
c:\users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Diamond\AppData\Local\Kosong.Bron.Tok.txt
c:\users\Diamond\AppData\Local\ListHost12.txt
c:\users\Diamond\AppData\Local\MSGBOX.EXE
c:\users\Diamond\AppData\Local\Update.12.Bron.Tok.bin
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-12 do 2013-10-12 )))))))))))))))))))))))))))))))
.
.
2013-10-12 22:28 . 2013-10-12 22:28 -------- d-----w- c:\users\Diamond\AppData\Local\temp
2013-10-12 22:28 . 2013-10-12 22:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-12 22:11 . 2013-10-12 22:11 40392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BEF9600-DD61-4A17-AA09-936AEEE6C787}\MpKsl6a35542f.sys
2013-10-12 17:45 . 2013-10-12 17:45 -------- d-----w- C:\FRST
2013-10-12 17:31 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BEF9600-DD61-4A17-AA09-936AEEE6C787}\mpengine.dll
2013-10-12 17:22 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-11 04:49 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48C4C636-660D-47EF-9271-D28FA709458F}\mpengine.dll
2013-10-10 18:16 . 2013-10-10 18:26 -------- d-----w- c:\users\Diamond\AppData\Local\Loc.Mail.Bron.Tok
2013-10-10 18:16 . 2013-10-10 18:16 -------- d-----w- c:\users\Diamond\AppData\Local\Ok-SendMail-Bron-tok
2013-10-09 05:48 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 05:42 . 2013-08-28 01:04 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-10-09 05:42 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 05:42 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 05:42 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 05:42 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 05:42 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\users\Diamond\AppData\Roaming\Thunderbird
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\users\Diamond\AppData\Local\Thunderbird
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-09-29 22:43 . 2013-09-29 22:43 -------- d-----w- c:\users\Diamond\AppData\Roaming\ParetoLogic
2013-09-29 22:43 . 2013-09-29 22:43 -------- d-----w- c:\users\Diamond\AppData\Roaming\DriverCure
2013-09-29 22:43 . 2013-09-29 22:48 -------- d-----w- c:\program files\ParetoLogic
2013-09-29 22:43 . 2013-09-29 22:48 -------- d-----w- c:\programdata\ParetoLogic
2013-09-29 18:35 . 2013-09-29 22:24 -------- d-----w- c:\users\Diamond\AppData\Roaming\CzDC
2013-09-29 17:58 . 2013-09-29 17:58 -------- d-----w- c:\program files\7-Zip
2013-09-26 17:48 . 2007-03-23 08:50 106557 ----a-w- c:\windows\system32\btw_ci.dll
2013-09-26 17:48 . 2007-03-31 11:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2013-09-26 17:48 . 2007-03-31 11:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
2013-09-26 17:48 . 2007-03-23 08:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2013-09-26 17:48 . 2007-03-23 08:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
2013-09-26 17:48 . 2007-03-23 08:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
2013-09-26 17:48 . 2013-09-26 17:48 -------- d-----w- c:\program files\WIDCOMM
2013-09-22 14:20 . 2013-10-03 13:43 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-18 12:43 . 2013-10-03 13:43 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-09-16 17:37 . 2013-09-16 17:37 -------- d-----w- c:\program files\MSXML 4.0
2013-09-15 15:40 . 2013-09-15 15:40 -------- d-----w- c:\users\Diamond\AppData\Roaming\Nokia
2013-09-15 13:32 . 2013-09-15 13:32 -------- d-----w- c:\users\Diamond\AppData\Local\Nokia
2013-09-15 13:32 . 2013-09-15 15:40 -------- d-----w- c:\users\Diamond\AppData\Roaming\PC Suite
2013-09-15 13:32 . 2013-09-26 18:14 -------- d-----w- c:\programdata\PC Suite
2013-09-15 13:30 . 2013-09-15 13:31 -------- d-----w- c:\programdata\Nokia
2013-09-15 13:30 . 2013-09-15 13:30 -------- d-----w- c:\program files\Common Files\Nokia
2013-09-15 13:29 . 2013-09-15 13:29 -------- d-----w- c:\program files\DIFX
2013-09-15 13:29 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-09-15 13:29 . 2013-09-15 13:29 -------- dc----w- c:\windows\system32\DRVSTORE
2013-09-15 13:29 . 2013-09-15 13:29 -------- d-----w- c:\program files\PC Connectivity Solution
2013-09-15 13:29 . 2013-01-23 08:31 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2013-09-15 13:27 . 2013-09-15 13:30 -------- d-----w- c:\program files\Nokia
2013-09-15 12:58 . 2013-09-15 13:03 -------- d-----w- c:\users\Diamond\AppData\Local\Microsoft Games
2013-09-15 08:00 . 2013-09-15 07:59 718712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52301071-E0BD-487E-9A95-939C09110C2C}\gapaengine.dll
2013-09-15 07:45 . 2013-09-29 13:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-09-15 07:45 . 2013-09-29 13:56 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 20:13 . 2013-09-04 20:15 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 20:13 . 2013-09-04 20:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-23 21:42 . 2013-08-23 21:43 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-22 01:05 . 2013-08-22 01:05 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-08-22 01:05 . 2013-08-22 01:05 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-08-22 01:05 . 2013-08-22 01:05 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-08-22 01:05 . 2013-08-22 01:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-08-22 01:05 . 2013-08-22 01:05 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-08-22 01:05 . 2013-08-22 01:05 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-08-22 01:05 . 2013-08-22 01:05 158720 ----a-w- c:\windows\system32\msls31.dll
2013-08-22 01:05 . 2013-08-22 01:05 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-08-22 01:05 . 2013-08-22 01:05 138752 ----a-w- c:\windows\system32\wextract.exe
2013-08-22 01:05 . 2013-08-22 01:05 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-08-22 01:05 . 2013-08-22 01:05 12800 ----a-w- c:\windows\system32\mshta.exe
2013-08-22 01:05 . 2013-08-22 01:05 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-08-22 01:05 . 2013-08-22 01:05 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-08-22 01:05 . 2013-08-22 01:05 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-08-22 01:05 . 2013-08-22 01:05 361984 ----a-w- c:\windows\system32\html.iec
2013-08-22 01:05 . 2013-08-22 01:05 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-22 01:05 . 2013-08-22 01:05 204800 ----a-w- c:\windows\system32\webcheck.dll
2013-08-22 01:05 . 2013-08-22 01:05 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-22 01:04 . 2013-08-22 01:04 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-08-22 01:04 . 2013-08-22 01:04 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-08-22 01:04 . 2013-08-22 01:04 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-22 01:04 . 2013-08-22 01:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-08-22 01:04 . 2013-08-22 01:04 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-08-22 01:04 . 2013-08-22 01:04 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-08-22 01:04 . 2013-08-22 01:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-08-22 01:04 . 2013-08-22 01:04 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-22 01:04 . 2013-08-22 01:04 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-08-22 01:04 . 2013-08-22 01:04 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-22 01:04 . 2013-08-22 01:04 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-08-22 01:04 . 2013-08-22 01:04 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-22 01:04 . 2013-08-22 01:04 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-08-22 01:04 . 2013-08-22 01:04 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-22 01:04 . 2013-08-22 01:04 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-08-22 01:04 . 2013-08-22 01:04 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-08-22 01:04 . 2013-08-22 01:04 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-22 01:02 . 2013-08-22 01:02 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-20 01:30 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-08-16 21:49 . 2013-08-16 21:49 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-08-16 21:48 . 2013-08-16 21:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-08-16 21:48 . 2013-08-16 21:48 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-08-16 21:48 . 2013-08-16 21:48 1060864 ----a-w- c:\windows\system32\mfc71.dll
2013-08-16 12:24 . 2013-08-16 12:24 319456 ----a-w- c:\windows\DIFxAPI.dll
2013-08-16 12:24 . 2013-08-16 12:24 315392 ----a-w- c:\windows\HideWin.exe
2013-08-05 01:56 . 2013-09-12 16:09 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-12 16:25 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-12 16:25 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 16:25 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-12 16:25 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-12 16:25 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 16:25 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-25 08:57 . 2013-08-21 22:04 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-21 21:59 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-15 01:34 . 2013-08-21 21:50 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A35FE72E-8C5E-47FB-A7CE-9C8584EEEA5F}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 995176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-08-20 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Wireless N USB Utility.lnk - c:\program files\ZyXEL\NWD2205\NWD2205.exe /H [2013-8-16 1867776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk
backup=c:\windows\pss\Virtual Router Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2013-04-18 23:45 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-07-25 06:58 20684656 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft);c:\windows\system32\DRIVERS\bthprint.sys [2009-07-13 50688]
R3 flash;flash;c:\windows\system32\drivers\flash.sys [2005-11-17 8064]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-17 1343400]
R4 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2013-06-04 2095752]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-07-25 162672]
R4 Virtual Router;VirtualRouterService;c:\program files\Virtual Router\VirtualRouterService.exe [2013-02-10 12288]
S1 MpKsl6a35542f;MpKsl6a35542f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BEF9600-DD61-4A17-AA09-936AEEE6C787}\MpKsl6a35542f.sys [2013-10-12 40392]
S2 Realtek11nCU;Realtek11nCU;c:\program files\ZyXEL\NWD2205\RtlService.exe [2010-04-16 36864]
S3 RTL8192cu;Wireless N USB Utility;c:\windows\system32\DRIVERS\RTL8192cu.sys [2010-07-13 636008]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL6A35542F
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-06 08:01 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-04 20:13]
.
2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-16 22:15]
.
2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-16 22:15]
.
2013-10-12 c:\windows\Tasks\RtlVistaStart.job
- c:\program files\ZyXEL\NWD2205\NWD2205.exe [2013-08-16 07:32]
.
.
------- Doplňkový sken -------
.
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-13 00:31:32
ComboFix-quarantined-files.txt 2013-10-12 22:31
.
Před spuštěním: Volných bajtů: 55 924 068 352
Po spuštění: Volných bajtů: 55 529 578 496
.
- - End Of File - - 63C70C0447F3E1D8AC7D1E8157044CB7
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2038.1437 [GMT 2:00]
Spuštěný z: c:\users\Diamond\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Diamond\AppData\Local\Bron.tok-12-10
c:\users\Diamond\AppData\Local\Bron.tok-12-11
c:\users\Diamond\AppData\Local\Bron.tok-12-12
c:\users\Diamond\AppData\Local\Bron.tok.A12.em.bin
c:\users\Diamond\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Diamond\AppData\Local\Kosong.Bron.Tok.txt
c:\users\Diamond\AppData\Local\ListHost12.txt
c:\users\Diamond\AppData\Local\MSGBOX.EXE
c:\users\Diamond\AppData\Local\Update.12.Bron.Tok.bin
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-12 do 2013-10-12 )))))))))))))))))))))))))))))))
.
.
2013-10-12 22:28 . 2013-10-12 22:28 -------- d-----w- c:\users\Diamond\AppData\Local\temp
2013-10-12 22:28 . 2013-10-12 22:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-12 22:11 . 2013-10-12 22:11 40392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BEF9600-DD61-4A17-AA09-936AEEE6C787}\MpKsl6a35542f.sys
2013-10-12 17:45 . 2013-10-12 17:45 -------- d-----w- C:\FRST
2013-10-12 17:31 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BEF9600-DD61-4A17-AA09-936AEEE6C787}\mpengine.dll
2013-10-12 17:22 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-11 04:49 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{48C4C636-660D-47EF-9271-D28FA709458F}\mpengine.dll
2013-10-10 18:16 . 2013-10-10 18:26 -------- d-----w- c:\users\Diamond\AppData\Local\Loc.Mail.Bron.Tok
2013-10-10 18:16 . 2013-10-10 18:16 -------- d-----w- c:\users\Diamond\AppData\Local\Ok-SendMail-Bron-tok
2013-10-09 05:48 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 05:42 . 2013-08-28 01:04 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-10-09 05:42 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 05:42 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 05:42 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 05:42 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 05:42 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\users\Diamond\AppData\Roaming\Thunderbird
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\users\Diamond\AppData\Local\Thunderbird
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-10-05 10:53 . 2013-10-05 10:53 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-09-29 22:43 . 2013-09-29 22:43 -------- d-----w- c:\users\Diamond\AppData\Roaming\ParetoLogic
2013-09-29 22:43 . 2013-09-29 22:43 -------- d-----w- c:\users\Diamond\AppData\Roaming\DriverCure
2013-09-29 22:43 . 2013-09-29 22:48 -------- d-----w- c:\program files\ParetoLogic
2013-09-29 22:43 . 2013-09-29 22:48 -------- d-----w- c:\programdata\ParetoLogic
2013-09-29 18:35 . 2013-09-29 22:24 -------- d-----w- c:\users\Diamond\AppData\Roaming\CzDC
2013-09-29 17:58 . 2013-09-29 17:58 -------- d-----w- c:\program files\7-Zip
2013-09-26 17:48 . 2007-03-23 08:50 106557 ----a-w- c:\windows\system32\btw_ci.dll
2013-09-26 17:48 . 2007-03-31 11:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2013-09-26 17:48 . 2007-03-31 11:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
2013-09-26 17:48 . 2007-03-23 08:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2013-09-26 17:48 . 2007-03-23 08:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
2013-09-26 17:48 . 2007-03-23 08:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
2013-09-26 17:48 . 2013-09-26 17:48 -------- d-----w- c:\program files\WIDCOMM
2013-09-22 14:20 . 2013-10-03 13:43 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-18 12:43 . 2013-10-03 13:43 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-09-16 17:37 . 2013-09-16 17:37 -------- d-----w- c:\program files\MSXML 4.0
2013-09-15 15:40 . 2013-09-15 15:40 -------- d-----w- c:\users\Diamond\AppData\Roaming\Nokia
2013-09-15 13:32 . 2013-09-15 13:32 -------- d-----w- c:\users\Diamond\AppData\Local\Nokia
2013-09-15 13:32 . 2013-09-15 15:40 -------- d-----w- c:\users\Diamond\AppData\Roaming\PC Suite
2013-09-15 13:32 . 2013-09-26 18:14 -------- d-----w- c:\programdata\PC Suite
2013-09-15 13:30 . 2013-09-15 13:31 -------- d-----w- c:\programdata\Nokia
2013-09-15 13:30 . 2013-09-15 13:30 -------- d-----w- c:\program files\Common Files\Nokia
2013-09-15 13:29 . 2013-09-15 13:29 -------- d-----w- c:\program files\DIFX
2013-09-15 13:29 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-09-15 13:29 . 2013-09-15 13:29 -------- dc----w- c:\windows\system32\DRVSTORE
2013-09-15 13:29 . 2013-09-15 13:29 -------- d-----w- c:\program files\PC Connectivity Solution
2013-09-15 13:29 . 2013-01-23 08:31 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2013-09-15 13:27 . 2013-09-15 13:30 -------- d-----w- c:\program files\Nokia
2013-09-15 12:58 . 2013-09-15 13:03 -------- d-----w- c:\users\Diamond\AppData\Local\Microsoft Games
2013-09-15 08:00 . 2013-09-15 07:59 718712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{52301071-E0BD-487E-9A95-939C09110C2C}\gapaengine.dll
2013-09-15 07:45 . 2013-09-29 13:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-09-15 07:45 . 2013-09-29 13:56 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 20:13 . 2013-09-04 20:15 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 20:13 . 2013-09-04 20:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-23 21:42 . 2013-08-23 21:43 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-22 01:05 . 2013-08-22 01:05 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-08-22 01:05 . 2013-08-22 01:05 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-08-22 01:05 . 2013-08-22 01:05 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-08-22 01:05 . 2013-08-22 01:05 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-08-22 01:05 . 2013-08-22 01:05 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-08-22 01:05 . 2013-08-22 01:05 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-08-22 01:05 . 2013-08-22 01:05 158720 ----a-w- c:\windows\system32\msls31.dll
2013-08-22 01:05 . 2013-08-22 01:05 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-08-22 01:05 . 2013-08-22 01:05 138752 ----a-w- c:\windows\system32\wextract.exe
2013-08-22 01:05 . 2013-08-22 01:05 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-08-22 01:05 . 2013-08-22 01:05 12800 ----a-w- c:\windows\system32\mshta.exe
2013-08-22 01:05 . 2013-08-22 01:05 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-08-22 01:05 . 2013-08-22 01:05 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-08-22 01:05 . 2013-08-22 01:05 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-08-22 01:05 . 2013-08-22 01:05 361984 ----a-w- c:\windows\system32\html.iec
2013-08-22 01:05 . 2013-08-22 01:05 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-22 01:05 . 2013-08-22 01:05 204800 ----a-w- c:\windows\system32\webcheck.dll
2013-08-22 01:05 . 2013-08-22 01:05 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-22 01:04 . 2013-08-22 01:04 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-08-22 01:04 . 2013-08-22 01:04 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-08-22 01:04 . 2013-08-22 01:04 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-22 01:04 . 2013-08-22 01:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-08-22 01:04 . 2013-08-22 01:04 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-08-22 01:04 . 2013-08-22 01:04 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-08-22 01:04 . 2013-08-22 01:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-08-22 01:04 . 2013-08-22 01:04 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-22 01:04 . 2013-08-22 01:04 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-22 01:04 . 2013-08-22 01:04 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-08-22 01:04 . 2013-08-22 01:04 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-22 01:04 . 2013-08-22 01:04 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-08-22 01:04 . 2013-08-22 01:04 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-22 01:04 . 2013-08-22 01:04 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-08-22 01:04 . 2013-08-22 01:04 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-22 01:04 . 2013-08-22 01:04 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-08-22 01:04 . 2013-08-22 01:04 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-08-22 01:04 . 2013-08-22 01:04 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-22 01:02 . 2013-08-22 01:02 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-20 01:30 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-08-16 21:49 . 2013-08-16 21:49 47368 ----a-w- c:\windows\system32\certsentry.dll
2013-08-16 21:48 . 2013-08-16 21:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-08-16 21:48 . 2013-08-16 21:48 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2013-08-16 21:48 . 2013-08-16 21:48 1060864 ----a-w- c:\windows\system32\mfc71.dll
2013-08-16 12:24 . 2013-08-16 12:24 319456 ----a-w- c:\windows\DIFxAPI.dll
2013-08-16 12:24 . 2013-08-16 12:24 315392 ----a-w- c:\windows\HideWin.exe
2013-08-05 01:56 . 2013-09-12 16:09 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-12 16:25 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-12 16:25 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 16:25 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-12 16:25 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-12 16:25 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 16:25 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 16:25 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 16:25 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-25 08:57 . 2013-08-21 22:04 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-21 21:59 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-15 01:34 . 2013-08-21 21:50 7143960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A35FE72E-8C5E-47FB-A7CE-9C8584EEEA5F}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 995176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-08-20 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Wireless N USB Utility.lnk - c:\program files\ZyXEL\NWD2205\NWD2205.exe /H [2013-8-16 1867776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Virtual Router Manager.lnk
backup=c:\windows\pss\Virtual Router Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2013-04-18 23:45 1090912 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-07-25 06:58 20684656 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 BTHprint;Třída tiskárny protokolu Bluetooth (Microsoft);c:\windows\system32\DRIVERS\bthprint.sys [2009-07-13 50688]
R3 flash;flash;c:\windows\system32\drivers\flash.sys [2005-11-17 8064]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-17 1343400]
R4 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2013-06-04 2095752]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-07-25 162672]
R4 Virtual Router;VirtualRouterService;c:\program files\Virtual Router\VirtualRouterService.exe [2013-02-10 12288]
S1 MpKsl6a35542f;MpKsl6a35542f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BEF9600-DD61-4A17-AA09-936AEEE6C787}\MpKsl6a35542f.sys [2013-10-12 40392]
S2 Realtek11nCU;Realtek11nCU;c:\program files\ZyXEL\NWD2205\RtlService.exe [2010-04-16 36864]
S3 RTL8192cu;Wireless N USB Utility;c:\windows\system32\DRIVERS\RTL8192cu.sys [2010-07-13 636008]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL6A35542F
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-06 08:01 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-04 20:13]
.
2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-16 22:15]
.
2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-08-16 22:15]
.
2013-10-12 c:\windows\Tasks\RtlVistaStart.job
- c:\program files\ZyXEL\NWD2205\NWD2205.exe [2013-08-16 07:32]
.
.
------- Doplňkový sken -------
.
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\%CurrentUser%_Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_USERS\S-1-5-21-3466381480-1142450762-1991018534-1000\Software\VOS\VLC\Registry\MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-13 00:31:32
ComboFix-quarantined-files.txt 2013-10-12 22:31
.
Před spuštěním: Volných bajtů: 55 924 068 352
Po spuštění: Volných bajtů: 55 529 578 496
.
- - End Of File - - 63C70C0447F3E1D8AC7D1E8157044CB7
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Worm:Win32/Brontok.R@mm v notebooku
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::
Collect::
c:\users\Diamond\AppData\Local\Loc.Mail.Bron.Tok
c:\users\Diamond\AppData\Local\Ok-SendMail-Bron-tok
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Driver::
Skype C2C Service
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.
KillAll::
Collect::
c:\users\Diamond\AppData\Local\Loc.Mail.Bron.Tok
c:\users\Diamond\AppData\Local\Ok-SendMail-Bron-tok
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Driver::
Skype C2C Service
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Worm:Win32/Brontok.R@mm v notebooku
A ten log mám potom znova vložit sem?A potom poslední dotaz.4ím všechny ty combofixy a frst atd. odstraním z notasu.Za vše díky .
-
Rudy
- Site Admin
- Příspěvky: 119704
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Worm:Win32/Brontok.R@mm v notebooku
Ano, log sem vložte. FRST smažete a CF nakonec odinstalujete pomocí T-Cleaneru: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?