VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

spambot a mozna dalsi

https://forum.viry.cz:443/viewtopic.php?t=136709

Stránka 1 z 1

spambot a mozna dalsi

Napsal: 08 bře 2014 09:20
od skl
Dobry den,
potřeboval bych pomoct se spambotem, ktery se mi dostal do Outlooku a s kontrolou logu, jestli v pocitaci neni jeste neco dalsiho. Po zjisteni, ze rozesilam spam jsem nechal projet pocitac combofixem, VAPToolem a Malwarebytes ... kazdy si neco ukous :)

Dekuji

log z FRSTU:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2014
Ran by sklendath (administrator) on SKLEN-TOSHIBA on 08-03-2014 08:10:08
Running from C:\Users\sklendath\Desktop
Microsoft® Windows Vista™ Home Premium (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION) c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(RealNetworks, Inc.) E:\filmy\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(forum.viry.cz) C:\Users\sklendath\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4444160 2007-04-25] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509496 2007-05-23] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [HWSetup] - \HWSetup.exe hwSetUP
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [topi] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [577536 2007-04-02] (TOSHIBA)
HKLM\...\Run: [Desktop SMS] - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328 2007-01-19] (Interactive Digital Media)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [571024 2007-05-04] (Toshiba)
HKLM\...\Run: [Symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] - C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM\...\Run: [CloneCDTray] - C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] - e:\filmy\Update\realsched.exe [295512 2013-03-20] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [413696 2006-11-15] (TOSHIBA)
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [ICQ] - C:\Program Files\ICQ7.4\ICQ.exe [119608 2011-04-08] (ICQ, LLC.)
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [201728 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-4178443980-2086641671-1291764792-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... F6CB96857C&
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... F6CB96857C&
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\sklendath\AppData\Roaming\Mozilla\Firefox\Profiles\859fghi3.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.1.18 - e:\filmy\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.1.18 - e:\filmy\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\sklendath\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\sklendath\AppData\Roaming\Mozilla\Firefox\Profiles\859fghi3.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-06]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-06]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2014-02-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{DAC3F861-B30D-40dd-9166-F4E75327FAC7}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-17]
CHR Extension: (AdBlock) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-02-20]
CHR Extension: (RealDownloader) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-03-25]
CHR Extension: (Skype Click to Call) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-17]
CHR Extension: (Peněženka Google) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-17]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 gupdate1ca311b6fb5c570; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-09-09] (Google Inc.)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-26] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
S2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]

==================== Drivers (Whitelisted) ====================

R0 65143846; C:\Windows\System32\DRIVERS\65143846.sys [133208 2014-03-07] (Kaspersky Lab ZAO)
S3 adusbmdm6501; C:\Windows\System32\DRIVERS\adusbmdm65.sys [64896 2005-05-02] (AnyDATA Corporation)
S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [97920 2006-12-20] (QUALCOMM Incorporated)
S3 adusbser6501; C:\Windows\System32\DRIVERS\adusbser65.sys [64896 2005-05-02] (AnyDATA Corporation)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [183912 2006-11-02] (Společnost Microsoft)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1060920 2008-07-24] (Společnost Microsoft)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-09-25] ()
S3 UVCFTR; C:\Windows\System32\DRIVERS\UVCFTR_S.SYS [11264 2007-03-12] (Chicony Electronics Co., Ltd.)
U3 abbggvw6; C:\Windows\system32\Drivers\abbggvw6.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [22016 2006-11-02] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\SKLEND~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-08 08:10 - 2014-03-08 08:10 - 00024394 _____ () C:\Users\sklendath\Desktop\FRST.txt
2014-03-07 16:34 - 2014-03-07 16:34 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-07 16:32 - 2014-03-07 17:50 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\65143846.sys
2014-03-07 16:30 - 2014-03-07 16:31 - 132307720 _____ () C:\Users\sklendath\Downloads\setup_11.0.1.1245.x01_2014_03_07_17_50.exe
2014-03-07 16:27 - 2014-03-07 16:27 - 00000809 _____ () C:\Users\sklendath\Desktop\CCleaner.lnk
2014-03-07 16:27 - 2014-03-07 16:27 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-03-07 16:27 - 2014-03-07 16:27 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-07 16:26 - 2014-03-07 16:26 - 01187896 _____ (Piriform Ltd) C:\Users\sklendath\Downloads\ccleaner.exe
2014-03-07 14:41 - 2014-03-07 14:41 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-07 14:41 - 2014-03-07 14:41 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-07 14:41 - 2014-03-07 14:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-07 14:40 - 2014-03-07 14:40 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-07 14:40 - 2014-03-07 14:40 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-07 14:40 - 2014-03-07 14:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-07 14:39 - 2014-03-07 14:39 - 03502480 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-07 14:39 - 2014-03-07 14:39 - 03468168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-07 14:38 - 2014-03-07 14:38 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-03-07 14:37 - 2014-03-07 14:37 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-03-07 14:37 - 2014-03-07 14:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-07 14:29 - 2014-03-07 14:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-07 14:28 - 2014-03-07 14:28 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-07 14:27 - 2014-03-07 14:27 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-07 14:27 - 2014-03-07 14:27 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2014-03-07 14:27 - 2014-03-07 14:27 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-07 14:27 - 2014-03-07 14:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-03-07 14:27 - 2014-03-07 14:27 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2014-03-07 14:27 - 2014-03-07 14:27 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-03-07 14:27 - 2014-03-07 14:27 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2014-03-07 14:27 - 2014-03-07 14:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2014-03-07 14:25 - 2014-03-07 14:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-07 14:25 - 2014-03-07 14:25 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-03-07 14:21 - 2014-03-07 14:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-07 14:19 - 2014-03-07 14:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-07 14:18 - 2014-03-07 14:18 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-03-07 14:18 - 2014-03-07 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-03-07 14:18 - 2014-03-07 14:18 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-03-07 14:15 - 2014-03-07 14:15 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-03-07 14:15 - 2014-03-07 14:15 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-03-07 12:02 - 2014-03-07 12:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sklendath\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-07 12:02 - 2014-03-07 12:02 - 00000911 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-07 12:02 - 2014-03-07 12:02 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\Malwarebytes
2014-03-07 12:02 - 2014-03-07 12:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-07 12:02 - 2014-03-07 12:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-07 12:02 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-07 11:45 - 2014-03-08 08:10 - 00000000 ____D () C:\FRST
2014-03-07 11:44 - 2014-03-07 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\sklendath\Desktop\FRSTLauncher.exe
2014-03-07 11:43 - 2014-03-07 11:43 - 01145344 _____ (Farbar) C:\Users\sklendath\Desktop\FRST.exe
2014-03-07 11:32 - 2014-03-07 11:32 - 00011126 _____ () C:\ComboFix.txt
2014-03-07 11:20 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-07 11:20 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-07 11:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-07 11:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-07 11:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-07 11:20 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-03-07 11:20 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-07 11:20 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-07 11:20 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-07 11:19 - 2014-03-07 11:33 - 00000000 ____D () C:\ComboFix
2014-03-07 11:18 - 2014-03-07 11:33 - 00000000 ____D () C:\Qoobox
2014-03-07 11:18 - 2014-03-07 11:30 - 00000000 ____D () C:\Windows\erdnt
2014-03-07 11:17 - 2014-03-07 11:18 - 05187267 ____R (Swearware) C:\Users\sklendath\Downloads\ComboFix.exe
2014-03-07 08:43 - 2014-03-07 08:43 - 00000000 ____D () C:\Users\sklendath\AppData\Local\Skype
2014-03-07 08:43 - 2014-03-07 08:43 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-24 09:16 - 2014-02-24 09:16 - 00028028 _____ () C:\Users\sklendath\Downloads\2014-Weekly-Calendar-Monday.xlsx
2014-02-21 16:03 - 2014-02-21 16:04 - 00000000 ____D () C:\Doc-2-Pdf
2014-02-21 16:03 - 2014-02-21 16:03 - 00000563 _____ () C:\Users\Public\Desktop\Batch Word to PDF Converter.lnk
2014-02-21 16:02 - 2014-02-21 16:02 - 01151547 _____ (Batchwork Software ) C:\Users\sklendath\Downloads\Batch-DOC-TO-PDF-Converter_2013.5.320.1678.exe
2014-02-21 15:50 - 2014-02-21 15:51 - 05177938 _____ (XSoft ) C:\Users\sklendath\Downloads\WordToPDF_setup.exe
2014-02-17 12:56 - 2014-02-17 12:56 - 00000000 ____D () C:\usr
2014-02-06 10:14 - 2014-02-21 07:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-08 08:10 - 2014-03-08 08:10 - 00024394 _____ () C:\Users\sklendath\Desktop\FRST.txt
2014-03-08 08:10 - 2014-03-07 11:45 - 00000000 ____D () C:\FRST
2014-03-08 08:04 - 2008-07-22 16:02 - 01489475 _____ () C:\Windows\WindowsUpdate.log
2014-03-08 07:46 - 2006-11-02 13:47 - 00003984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-08 07:46 - 2006-11-02 13:47 - 00003984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-08 07:39 - 2012-12-17 09:00 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 07:33 - 2009-09-09 08:08 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 18:33 - 2009-09-09 08:08 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 17:50 - 2014-03-07 16:32 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\65143846.sys
2014-03-07 16:53 - 2011-02-01 20:04 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\Skype
2014-03-07 16:34 - 2014-03-07 16:34 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-07 16:31 - 2014-03-07 16:30 - 132307720 _____ () C:\Users\sklendath\Downloads\setup_11.0.1.1245.x01_2014_03_07_17_50.exe
2014-03-07 16:29 - 2012-03-28 06:28 - 00000000 ____D () C:\Windows\Minidump
2014-03-07 16:27 - 2014-03-07 16:27 - 00000809 _____ () C:\Users\sklendath\Desktop\CCleaner.lnk
2014-03-07 16:27 - 2014-03-07 16:27 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-03-07 16:27 - 2014-03-07 16:27 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-07 16:26 - 2014-03-07 16:26 - 01187896 _____ (Piriform Ltd) C:\Users\sklendath\Downloads\ccleaner.exe
2014-03-07 14:49 - 2008-07-22 16:20 - 00143880 _____ () C:\Users\sklendath\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 14:47 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-03-07 14:46 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 14:46 - 2006-11-02 13:47 - 00468456 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-07 14:44 - 2006-11-02 14:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-07 14:43 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Movie Maker
2014-03-07 14:42 - 2008-07-24 14:29 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\ICQ
2014-03-07 14:41 - 2014-03-07 14:41 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-07 14:41 - 2014-03-07 14:41 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-07 14:41 - 2014-03-07 14:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-07 14:41 - 2014-03-07 14:41 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-07 14:40 - 2014-03-07 14:40 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-07 14:40 - 2014-03-07 14:40 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-07 14:40 - 2014-03-07 14:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-03-07 14:40 - 2014-03-07 14:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-07 14:39 - 2014-03-07 14:39 - 03502480 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-03-07 14:39 - 2014-03-07 14:39 - 03468168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-07 14:38 - 2014-03-07 14:38 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-03-07 14:37 - 2014-03-07 14:37 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-03-07 14:37 - 2014-03-07 14:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-07 14:29 - 2014-03-07 14:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-07 14:28 - 2014-03-07 14:28 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-07 14:27 - 2014-03-07 14:27 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-07 14:27 - 2014-03-07 14:27 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2014-03-07 14:27 - 2014-03-07 14:27 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-07 14:27 - 2014-03-07 14:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-03-07 14:27 - 2014-03-07 14:27 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2014-03-07 14:27 - 2014-03-07 14:27 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-03-07 14:27 - 2014-03-07 14:27 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2014-03-07 14:27 - 2014-03-07 14:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2014-03-07 14:25 - 2014-03-07 14:25 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-07 14:25 - 2014-03-07 14:25 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-03-07 14:24 - 2014-03-07 14:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-07 14:19 - 2014-03-07 14:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-07 14:19 - 2014-03-07 14:19 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-07 14:19 - 2014-03-07 14:19 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-07 14:18 - 2014-03-07 14:18 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-03-07 14:18 - 2014-03-07 14:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-03-07 14:18 - 2014-03-07 14:18 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-03-07 14:15 - 2014-03-07 14:15 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-03-07 14:15 - 2014-03-07 14:15 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-03-07 14:14 - 2014-03-07 14:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-03-07 13:36 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-07 13:33 - 2008-07-22 23:21 - 00002411 _____ () C:\Windows\WINCMD.INI
2014-03-07 12:02 - 2014-03-07 12:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sklendath\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-07 12:02 - 2014-03-07 12:02 - 00000911 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-07 12:02 - 2014-03-07 12:02 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\Malwarebytes
2014-03-07 12:02 - 2014-03-07 12:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-07 12:02 - 2014-03-07 12:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-07 11:44 - 2014-03-07 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\sklendath\Desktop\FRSTLauncher.exe
2014-03-07 11:43 - 2014-03-07 11:43 - 01145344 _____ (Farbar) C:\Users\sklendath\Desktop\FRST.exe
2014-03-07 11:33 - 2014-03-07 11:19 - 00000000 ____D () C:\ComboFix
2014-03-07 11:33 - 2014-03-07 11:18 - 00000000 ____D () C:\Qoobox
2014-03-07 11:33 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2014-03-07 11:33 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-03-07 11:32 - 2014-03-07 11:32 - 00011126 _____ () C:\ComboFix.txt
2014-03-07 11:30 - 2014-03-07 11:18 - 00000000 ____D () C:\Windows\erdnt
2014-03-07 11:29 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-03-07 11:18 - 2014-03-07 11:17 - 05187267 ____R (Swearware) C:\Users\sklendath\Downloads\ComboFix.exe
2014-03-07 10:12 - 2009-09-09 08:01 - 00000924 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-03-07 09:45 - 2008-09-08 13:25 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\TOSHIBA
2014-03-07 08:43 - 2014-03-07 08:43 - 00000000 ____D () C:\Users\sklendath\AppData\Local\Skype
2014-03-07 08:43 - 2014-03-07 08:43 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-07 08:43 - 2011-02-01 20:04 - 00000000 ___RD () C:\Program Files\Skype
2014-03-07 08:43 - 2011-02-01 20:04 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 14:00 - 2006-11-02 11:33 - 01267844 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-04 07:56 - 2012-12-17 09:08 - 00001976 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-03 13:07 - 2008-08-12 15:13 - 00002627 _____ () C:\Users\sklendath\Desktop\Microsoft Office Word 2007.lnk
2014-03-01 10:04 - 2012-04-26 15:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-24 13:28 - 2008-08-12 15:13 - 00002585 _____ () C:\Users\sklendath\Desktop\Microsoft Office Excel 2007.lnk
2014-02-24 09:16 - 2014-02-24 09:16 - 00028028 _____ () C:\Users\sklendath\Downloads\2014-Weekly-Calendar-Monday.xlsx
2014-02-23 10:57 - 2008-07-22 16:20 - 00000000 ____D () C:\Users\sklendath
2014-02-23 08:54 - 2010-06-07 07:35 - 00000680 _____ () C:\Users\sklendath\AppData\Local\d3d9caps.dat
2014-02-21 16:04 - 2014-02-21 16:03 - 00000000 ____D () C:\Doc-2-Pdf
2014-02-21 16:03 - 2014-02-21 16:03 - 00000563 _____ () C:\Users\Public\Desktop\Batch Word to PDF Converter.lnk
2014-02-21 16:02 - 2014-02-21 16:02 - 01151547 _____ (Batchwork Software ) C:\Users\sklendath\Downloads\Batch-DOC-TO-PDF-Converter_2013.5.320.1678.exe
2014-02-21 15:51 - 2014-02-21 15:50 - 05177938 _____ (XSoft ) C:\Users\sklendath\Downloads\WordToPDF_setup.exe
2014-02-21 14:55 - 2012-10-03 07:39 - 00000000 ____D () C:\Users\sklendath\AppData\Roaming\ArcSoft
2014-02-21 09:39 - 2012-11-01 07:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 09:39 - 2011-05-23 08:21 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 07:47 - 2014-02-06 10:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-17 12:56 - 2014-02-17 12:56 - 00000000 ____D () C:\usr

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================




===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\sklendath\Desktop" je 249 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: spambot a mozna dalsi

Napsal: 08 bře 2014 11:28
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=7E095E74-6060-4CCC-B591-F8E15B5D4DC6&apn_sauid=F12FE435-B5C0-4C72-9562-A3F6CB96857C&
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=7E095E74-6060-4CCC-B591-F8E15B5D4DC6&apn_sauid=F12FE435-B5C0-4C72-9562-A3F6CB96857C&
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
FF ProfilePath: C:\Users\sklendath\AppData\Roaming\Mozilla\Firefox\Profiles\859fghi3.default
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
CHR Extension: (RealDownloader) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-03-25]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
S3 Tosrfcom; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End
Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Po ukončení této akce bych ještě rád viděl log ComboFix. který jste na vlastní riziko provedl včera.

Re: spambot a mozna dalsi

Napsal: 08 bře 2014 12:01
od skl
vypis po ,,fixu,,

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-03-2014
Ran by sklendath at 2014-03-08 11:58:23 Run:1
Running from C:\Users\sklendath\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=7E095E74-6060-4CCC-B591-F8E15B5D4DC6&apn_sauid=F12FE435-B5C0-4C72-9562-A3F6CB96857C&
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=7E095E74-6060-4CCC-B591-F8E15B5D4DC6&apn_sauid=F12FE435-B5C0-4C72-9562-A3F6CB96857C&
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
FF ProfilePath: C:\Users\sklendath\AppData\Roaming\Mozilla\Firefox\Profiles\859fghi3.default
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
CHR Extension: (RealDownloader) - C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-03-25]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-03-06]
S3 Tosrfcom; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key deleted successfully.
HKCR\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => Key deleted successfully.
HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
=> Should not be moved.
HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1 => Key deleted successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1 => Key deleted successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1 => Key deleted successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll => Moved successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ => Moved successfully.
C:\Users\sklendath\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji => Key deleted successfully.
C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx => Moved successfully.
Tosrfcom => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.

==== End of Fixlog ====

a vcerejsi combofix:

ComboFix 14-03-05.01 - sklendath 07.03.2014 11:21:46.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.2045.774 [GMT 1:00]
Spuštěný z: c:\users\sklendath\Downloads\ComboFix.exe
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\SKLEND~1\AppData\Local\Temp\ppcrlui_2264_2
c:\users\sklendath\AppData\Local\Microsoft\Windows\Temporary Internet Files\plot.log
c:\users\sklendath\AppData\Local\Temp\ppcrlui_2264_2
c:\windows\IsUn0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-07 do 2014-03-07 )))))))))))))))))))))))))))))))
.
.
2014-03-07 10:29 . 2014-03-07 10:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-07 07:43 . 2014-03-07 07:43 -------- d-----w- c:\users\sklendath\AppData\Local\Skype
2014-03-07 07:43 . 2014-03-07 07:43 -------- d-----w- c:\program files\Common Files\Skype
2014-03-03 14:20 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBFEA27A-22CE-47F9-B61C-5918635D7E60}\mpengine.dll
2014-02-21 15:03 . 2014-02-21 15:04 -------- d-----w- C:\Doc-2-Pdf
2014-02-17 11:56 . 2014-02-17 11:56 -------- d-----w- C:\usr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 08:39 . 2012-11-01 06:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-21 08:39 . 2011-05-23 07:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-18 05:13 . 2009-10-09 13:38 231584 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-15 413696]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 2159104]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-08 119608]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"="\HWSetup.exe hwSetUP" [X]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-25 4444160]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-05-23 509496]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"NDSTray.exe"="NDSTray.exe" [BU]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-04-02 577536]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-01-19 1507328]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-17 976832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"TkBellExe"="e:\filmy\Update\realsched.exe" [2013-03-20 295512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-7-22 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 06:47 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-01 08:39]
.
2014-03-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-09 08:01]
.
2014-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-09 07:01]
.
2014-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-09 07:01]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\sklendath\AppData\Roaming\Mozilla\Firefox\Profiles\859fghi3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: !HIDDEN! 2009-08-26 13:10; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Asociace souborů -------
.
.scr=DWGTrueViewScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-07 11:29
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????Q>?????8???`????????????
.
skenování skrytých souborů ...
.
.
c:\users\SKLEND~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-03-07 11:32:59
ComboFix-quarantined-files.txt 2014-03-07 10:32
.
Před spuštěním: Volných bajtů: 42 626 965 504
Po spuštění: Volných bajtů: 46 850 555 904
.
- - End Of File - - 8AD4E6AB9FD422677207EBA63C578EB0
5C616939100B85E558DA92B899A0FC36

Re: spambot a mozna dalsi

Napsal: 08 bře 2014 12:37
od Rudy
Něco CF smazal a něco jsme smazali přes FRST. Nastala nějaká změna?

Re: spambot a mozna dalsi

Napsal: 08 bře 2014 13:18
od skl
pozadam o znovuaktivaci e-mailu a uvidim :)

Re: spambot a mozna dalsi

Napsal: 08 bře 2014 16:48
od Rudy
OK. Případně se ozvěte. :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz