Zdravím , kdysi dávno jsem relativně rychlé PC
Napsal: 26 pro 2013 08:24
pak náhla smrt přišla , tak bylo vše smazáno a nová instalace, ale je něco i tak divného na tom to PC
ComboFix 13-12-24.02 - robotic 26.12.2013 0:06.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.993 [GMT 1:00]
Spuštěný z: c:\users\robotic\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\robotic\AppData\Local\Temp\sfamcc00001.dll
c:\users\robotic\AppData\Local\Temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-26 do 2013-12-26 )))))))))))))))))))))))))))))))
.
.
2013-12-26 01:07 . 2013-12-26 01:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-25 12:07 . 2013-12-25 12:10 -------- d-----w- c:\program files\Google
2013-12-25 12:01 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-12-25 12:01 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-25 12:01 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-25 12:01 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-12-25 12:01 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-12-25 12:01 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-12-25 12:01 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-12-25 12:00 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-25 12:00 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-12-25 11:57 . 2013-12-25 11:57 -------- d-----w- c:\programdata\McAfee Security Scan
2013-12-25 11:56 . 2013-12-25 11:56 -------- d-----w- c:\programdata\McAfee
2013-12-25 11:56 . 2013-12-25 11:56 -------- d-----w- c:\program files\McAfee Security Scan
2013-12-25 11:56 . 2013-12-25 12:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-25 11:56 . 2013-12-25 12:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-25 11:56 . 2013-12-25 11:56 -------- d-----w- c:\windows\system32\Macromed
2013-12-25 07:26 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-12-25 02:06 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-12-25 02:04 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-12-25 02:04 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2013-12-25 02:04 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-25 00:02 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-25 00:02 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-25 00:02 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2013-12-25 00:02 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2013-12-25 00:02 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2013-12-25 00:02 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2013-12-25 00:02 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2013-12-25 00:02 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-12-25 00:02 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-12-25 00:02 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2013-12-25 00:02 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2013-12-25 00:02 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2013-12-25 00:00 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2013-12-24 23:50 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-12-24 23:29 . 2013-12-24 23:29 -------- d-----w- c:\windows\system32\ca-ES
2013-12-24 23:29 . 2013-12-24 23:29 -------- d-----w- c:\windows\system32\eu-ES
2013-12-24 23:29 . 2013-12-24 23:29 -------- d-----w- c:\windows\system32\vi-VN
2013-12-24 23:25 . 2013-12-24 23:25 -------- d-----w- c:\windows\system32\SPReview
2013-12-24 23:10 . 2009-04-10 22:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-12-24 23:10 . 2009-04-10 22:27 57856 ----a-w- c:\windows\system32\compcln.exe
2013-12-24 23:04 . 2009-04-10 22:32 35304 ----a-w- c:\windows\system32\drivers\crashdmp.sys
2013-12-24 22:58 . 2013-12-24 22:58 -------- d-----w- c:\windows\system32\EventProviders
2013-12-24 22:54 . 2013-12-25 22:58 -------- d-----w- c:\program files\SpeedFan
2013-12-24 17:36 . 2013-12-24 17:36 -------- d-----w- c:\program files\ESET
2013-12-24 17:15 . 2013-12-25 12:21 -------- d-sh--w- c:\windows\Installer
2013-12-24 17:15 . 2013-12-25 07:25 -------- d--h--w- c:\windows\msdownld.tmp
2013-12-24 17:14 . 2013-12-24 17:14 -------- d-----w- C:\Games
2013-12-24 17:12 . 2013-12-24 17:12 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-12-24 16:59 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2013-12-24 16:59 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2013-12-24 16:59 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2013-12-24 16:59 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2013-12-24 16:59 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2013-12-24 16:59 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-24 16:59 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-12-24 16:59 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2013-12-24 16:59 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-12-24 16:56 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2013-12-24 16:55 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2013-12-24 16:55 . 2013-12-16 00:54 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{994EA31D-334D-4056-AF1E-43FBBF76185C}\mpengine.dll
2013-12-24 16:55 . 2013-11-26 11:25 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-12-24 16:54 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2013-12-24 16:54 . 2009-10-23 17:10 714240 ----a-w- c:\windows\system32\timedate.cpl
2013-12-24 16:52 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-12-24 16:52 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-12-24 16:52 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2013-12-24 16:52 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2013-12-24 16:52 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2013-12-24 16:52 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2013-12-24 16:52 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2013-12-24 16:52 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2013-12-24 16:52 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2013-12-24 16:52 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm
2013-12-24 16:48 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2013-12-24 16:47 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2013-12-24 16:37 . 2013-12-24 16:37 -------- d-----w- C:\PerfLogs
2013-12-24 16:31 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2013-12-24 16:31 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-12-24 16:31 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2013-12-24 16:31 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2013-12-24 16:31 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2013-12-24 16:31 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2013-12-24 16:31 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2013-12-24 16:31 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2013-12-24 16:31 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2013-12-24 16:31 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2013-12-24 16:31 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-12-24 15:59 . 2008-01-18 22:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2013-12-24 15:59 . 2008-01-18 22:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2013-12-24 15:58 . 2008-01-18 22:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2013-12-24 15:53 . 2008-01-18 22:35 48128 ----a-w- c:\windows\system32\nlaapi.dll
2013-12-24 15:50 . 2007-12-06 04:04 6656 ----a-w- c:\windows\system32\kbd106n.dll
2013-12-24 15:45 . 2013-12-24 15:45 -------- d-----w- C:\b27d72ac5b7894aab64c1e
2013-12-24 15:45 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2013-12-24 15:45 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2013-12-24 15:45 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2013-12-24 15:45 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2013-12-24 15:45 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-12-24 15:45 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2013-12-24 15:45 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2013-12-24 15:17 . 2013-12-24 17:45 -------- d-----w- c:\users\robotic
2013-12-24 15:03 . 2013-12-25 12:21 -------- d-----w- c:\windows\system32\catroot2
2013-12-24 15:03 . 2013-12-24 15:10 -------- d-----w- c:\windows\Debug
2013-12-24 15:01 . 2013-12-24 15:07 -------- d-----w- c:\windows\Panther
2013-12-24 15:01 . 2013-12-24 23:35 -------- d-----w- C:\Boot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-24 16:28 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2013-12-24 16:27 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5110672]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-25 19:31 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-25 12:06]
.
2013-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-25 12:08]
.
2013-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-25 12:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\robotic\AppData\Roaming\Mozilla\Firefox\Profiles\lvxie5h2.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-26 08:14
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ESET\ESET Smart Security\ekrn.exe
c:\program files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Celkový čas: 2013-12-26 08:16:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-26 07:16
.
Před spuštěním: Volných bajtů: 139 385 417 728
Po spuštění: Volných bajtů: 135 965 958 144
.
- - End Of File - - 139B78F6D579657989C5F59FE20437D6
5C616939100B85E558DA92B899A0FC36
ComboFix 13-12-24.02 - robotic 26.12.2013 0:06.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.993 [GMT 1:00]
Spuštěný z: c:\users\robotic\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\robotic\AppData\Local\Temp\sfamcc00001.dll
c:\users\robotic\AppData\Local\Temp\sfareca00001.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-26 do 2013-12-26 )))))))))))))))))))))))))))))))
.
.
2013-12-26 01:07 . 2013-12-26 01:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-25 12:07 . 2013-12-25 12:10 -------- d-----w- c:\program files\Google
2013-12-25 12:01 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-12-25 12:01 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-25 12:01 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-25 12:01 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-12-25 12:01 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-12-25 12:01 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-12-25 12:01 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-12-25 12:00 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-25 12:00 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-12-25 11:57 . 2013-12-25 11:57 -------- d-----w- c:\programdata\McAfee Security Scan
2013-12-25 11:56 . 2013-12-25 11:56 -------- d-----w- c:\programdata\McAfee
2013-12-25 11:56 . 2013-12-25 11:56 -------- d-----w- c:\program files\McAfee Security Scan
2013-12-25 11:56 . 2013-12-25 12:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-25 11:56 . 2013-12-25 12:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-25 11:56 . 2013-12-25 11:56 -------- d-----w- c:\windows\system32\Macromed
2013-12-25 07:26 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-12-25 02:06 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-12-25 02:04 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-12-25 02:04 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2013-12-25 02:04 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-25 00:02 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-25 00:02 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-25 00:02 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2013-12-25 00:02 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2013-12-25 00:02 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2013-12-25 00:02 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2013-12-25 00:02 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2013-12-25 00:02 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-12-25 00:02 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-12-25 00:02 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2013-12-25 00:02 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2013-12-25 00:02 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2013-12-25 00:00 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2013-12-24 23:50 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2013-12-24 23:29 . 2013-12-24 23:29 -------- d-----w- c:\windows\system32\ca-ES
2013-12-24 23:29 . 2013-12-24 23:29 -------- d-----w- c:\windows\system32\eu-ES
2013-12-24 23:29 . 2013-12-24 23:29 -------- d-----w- c:\windows\system32\vi-VN
2013-12-24 23:25 . 2013-12-24 23:25 -------- d-----w- c:\windows\system32\SPReview
2013-12-24 23:10 . 2009-04-10 22:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-12-24 23:10 . 2009-04-10 22:27 57856 ----a-w- c:\windows\system32\compcln.exe
2013-12-24 23:04 . 2009-04-10 22:32 35304 ----a-w- c:\windows\system32\drivers\crashdmp.sys
2013-12-24 22:58 . 2013-12-24 22:58 -------- d-----w- c:\windows\system32\EventProviders
2013-12-24 22:54 . 2013-12-25 22:58 -------- d-----w- c:\program files\SpeedFan
2013-12-24 17:36 . 2013-12-24 17:36 -------- d-----w- c:\program files\ESET
2013-12-24 17:15 . 2013-12-25 12:21 -------- d-sh--w- c:\windows\Installer
2013-12-24 17:15 . 2013-12-25 07:25 -------- d--h--w- c:\windows\msdownld.tmp
2013-12-24 17:14 . 2013-12-24 17:14 -------- d-----w- C:\Games
2013-12-24 17:12 . 2013-12-24 17:12 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-12-24 16:59 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2013-12-24 16:59 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2013-12-24 16:59 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2013-12-24 16:59 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2013-12-24 16:59 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2013-12-24 16:59 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-24 16:59 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-12-24 16:59 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2013-12-24 16:59 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-12-24 16:56 . 2009-07-17 13:54 71680 ----a-w- c:\windows\system32\atl.dll
2013-12-24 16:55 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2013-12-24 16:55 . 2013-12-16 00:54 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{994EA31D-334D-4056-AF1E-43FBBF76185C}\mpengine.dll
2013-12-24 16:55 . 2013-11-26 11:25 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-12-24 16:54 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll
2013-12-24 16:54 . 2009-10-23 17:10 714240 ----a-w- c:\windows\system32\timedate.cpl
2013-12-24 16:52 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-12-24 16:52 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-12-24 16:52 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2013-12-24 16:52 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2013-12-24 16:52 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2013-12-24 16:52 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2013-12-24 16:52 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2013-12-24 16:52 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2013-12-24 16:52 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm
2013-12-24 16:52 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm
2013-12-24 16:48 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2013-12-24 16:47 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2013-12-24 16:37 . 2013-12-24 16:37 -------- d-----w- C:\PerfLogs
2013-12-24 16:31 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2013-12-24 16:31 . 2009-12-04 18:29 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-12-24 16:31 . 2009-12-04 18:27 91136 ----a-w- c:\windows\system32\avifil32.dll
2013-12-24 16:31 . 2009-12-04 18:30 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2013-12-24 16:31 . 2009-12-04 18:28 22528 ----a-w- c:\windows\system32\msyuv.dll
2013-12-24 16:31 . 2009-12-04 18:28 31744 ----a-w- c:\windows\system32\msvidc32.dll
2013-12-24 16:31 . 2009-12-04 18:28 123904 ----a-w- c:\windows\system32\msvfw32.dll
2013-12-24 16:31 . 2009-12-04 18:28 13312 ----a-w- c:\windows\system32\msrle32.dll
2013-12-24 16:31 . 2009-12-04 18:28 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2013-12-24 16:31 . 2009-12-04 18:28 82944 ----a-w- c:\windows\system32\mciavi32.dll
2013-12-24 16:31 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2013-12-24 15:59 . 2008-01-18 22:36 6656 ----a-w- c:\windows\system32\sdspres.dll
2013-12-24 15:59 . 2008-01-18 22:33 193024 ----a-w- c:\windows\system32\recdisc.exe
2013-12-24 15:58 . 2008-01-18 22:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
2013-12-24 15:53 . 2008-01-18 22:35 48128 ----a-w- c:\windows\system32\nlaapi.dll
2013-12-24 15:50 . 2007-12-06 04:04 6656 ----a-w- c:\windows\system32\kbd106n.dll
2013-12-24 15:45 . 2013-12-24 15:45 -------- d-----w- C:\b27d72ac5b7894aab64c1e
2013-12-24 15:45 . 2009-09-10 14:58 1418752 ----a-w- c:\program files\Windows Media Player\setup_wm.exe
2013-12-24 15:45 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2013-12-24 15:45 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2013-12-24 15:45 . 2009-07-15 12:39 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2013-12-24 15:45 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\msdxm.ocx
2013-12-24 15:45 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2013-12-24 15:45 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2013-12-24 15:17 . 2013-12-24 17:45 -------- d-----w- c:\users\robotic
2013-12-24 15:03 . 2013-12-25 12:21 -------- d-----w- c:\windows\system32\catroot2
2013-12-24 15:03 . 2013-12-24 15:10 -------- d-----w- c:\windows\Debug
2013-12-24 15:01 . 2013-12-24 15:07 -------- d-----w- c:\windows\Panther
2013-12-24 15:01 . 2013-12-24 23:35 -------- d-----w- C:\Boot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-24 16:28 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2013-12-24 16:27 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5110672]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-25 19:31 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-25 12:06]
.
2013-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-25 12:08]
.
2013-12-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-12-25 12:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\robotic\AppData\Roaming\Mozilla\Firefox\Profiles\lvxie5h2.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-26 08:14
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ESET\ESET Smart Security\ekrn.exe
c:\program files\Microsoft\BingBar\7.1.362.0\SeaPort.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Celkový čas: 2013-12-26 08:16:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-26 07:16
.
Před spuštěním: Volných bajtů: 139 385 417 728
Po spuštění: Volných bajtů: 135 965 958 144
.
- - End Of File - - 139B78F6D579657989C5F59FE20437D6
5C616939100B85E558DA92B899A0FC36
