
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
To je pravda,že jsem tam měla nebo ještě mám 2 sw.Avast určitě ponecháme.MSE jsem tam taky měla,ale zmyzel mi po testu z oznamovacího pole a navíc jsem ho měla vypnut,právě proto,aby se nepletly. Bránu Firewall mám od windows a antivir.program by měl být Avast.
Re: Prosím o kontrolu


- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- File:: c:\windows\Tasks\Adobe Flash Player Updater.job c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] ClearJavaCache:: Reboot::
- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte


Re: Prosím o kontrolu
Toto my vyběhlo po druhém scanu a restartu pc. Nevím jak se dělají screeny,tak aspoň takto jsem to sem vložila
---------------------------
Microsoft Security Client
---------------------------
An error has occurred in the program during initialization. If this problem continues, please contact your system administrator.
Error code: 0x80070002
---------------------------
OK
---------------------------
---------------------------
Microsoft Security Client
---------------------------
An error has occurred in the program during initialization. If this problem continues, please contact your system administrator.
Error code: 0x80070002
---------------------------
OK
---------------------------
Re: Prosím o kontrolu
OK, on je ten MSE poskozeny, takze to asi neprobehlo jak melo, nevadi, uvidime co tam zbylo a pripadne docistime rucne...
Ten aplikujte ten skript pro ComboFix
Ten aplikujte ten skript pro ComboFix
Re: Prosím o kontrolu
Po vložení do Combo Fixu,chce po mě Combo update.Mám ho dát nebo ne?
Re: Prosím o kontrolu
Ano, update (aktualizaci povolte), sUBs (autor CF) asi pridal nejake dalsi vecicky - kolikrat jej aktualizuje i 3x denne 

Re: Prosím o kontrolu
Aktualizace proběhla, CF my udělal log,ale nešlo zapnout zabezpečení pc a nešlo kliknout na nic. Respektive otevřít,takže jsem provedla další restart,zapnula bránu firewall a Avast a teď nevím,kde ten log mám. Opět my vyskakuje okénko s hlášením "výstraha zabezpečení". Kam se mi ten nový log uložil?
Re: Prosím o kontrolu
Log mi mel byt na c:\combofix
Ta vystraha ted bude chvili skata nez dokoncime leceni, pak ji vypneme
Ta vystraha ted bude chvili skata nez dokoncime leceni, pak ji vypneme
Re: Prosím o kontrolu
Tak už jsem ho našla,byl na C:/ComboFix. Takže přikládám 
ComboFix 12-11-13.02 - Owner 13.11.2012 21:29:26.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16375.14560 [GMT 1:00]
Spuštěný z: e:\dokumenty\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\dokumenty\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-13 do 2012-11-13 )))))))))))))))))))))))))))))))
.
.
2012-11-13 20:33 . 2012-11-13 20:33 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-11-13 20:33 . 2012-11-13 20:33 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-11-13 20:33 . 2012-11-13 20:33 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-11-13 20:33 . 2012-11-13 20:33 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-11-13 20:33 . 2012-11-13 20:33 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-11-13 20:33 . 2012-11-13 20:33 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-11-13 20:33 . 2012-11-13 20:33 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-11-13 20:33 . 2012-11-13 20:33 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-11-13 19:44 . 2012-11-13 19:44 -------- d-----w- C:\WINSSLog
2012-11-13 19:41 . 2012-11-13 19:41 21180 ----a-w- C:\FixitRegBackup.reg
2012-11-13 06:53 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpengine.dll
2012-11-12 20:49 . 2012-11-12 20:49 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\programdata\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-12 20:48 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- C:\rsit
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- c:\program files\trend micro
2012-11-11 22:19 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\VDLL.DLL
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\rundll16.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\RUNDL132.EXE
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo1_.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo_1.exe
2012-11-11 11:08 . 2012-11-11 11:08 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2012-11-11 11:08 . 2012-11-11 11:08 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2012-11-11 11:08 . 2012-11-11 11:08 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\programdata\MicroWorld
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\ATI
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\AMD
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD APP
2012-11-07 13:00 . 2012-11-07 13:01 -------- d-----w- c:\program files\ATI Technologies
2012-11-07 12:58 . 2012-11-07 12:58 -------- d-----w- C:\AMD
2012-11-05 14:14 . 2012-11-13 19:07 -------- d-----w- c:\users\Owner\AppData\Roaming\.minecraft
2012-10-30 10:02 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2012-10-30 09:53 . 2012-10-30 09:53 -------- d-----w- c:\programdata\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 22:51 . 2012-04-29 04:01 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-04-29 04:22 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-04-29 04:01 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-04-29 04:01 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-04-29 04:01 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-04-29 04:00 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-04-29 04:00 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2012-04-29 04:01 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-04-29 04:22 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-10 06:49 . 2012-05-01 04:38 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 16:51 . 2012-08-24 17:25 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 16:51 . 2012-08-24 17:25 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2010-09-29 01:28 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2010-09-29 01:55 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2010-09-29 01:54 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2010-09-29 01:46 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2010-09-29 01:37 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2010-09-29 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2010-09-29 01:14 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2010-09-29 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2010-09-29 01:13 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-14 19:19 . 2012-10-10 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 05:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-13 14:35 . 2012-05-28 12:37 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-13 14:35 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-12 15:17 . 2012-05-28 12:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-12 15:16 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-12 15:03 . 2012-09-12 15:07 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-08-31 18:19 . 2012-10-10 05:32 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 19:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 18:03 . 2012-10-10 05:32 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:32 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 05:32 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 05:32 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 05:32 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 17:58 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 17:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 17:58 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 17:58 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 17:58 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 17:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 17:58 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 17:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 17:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 17:58 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 17:58 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 17:58 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 17:58 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 17:58 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 17:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 17:58 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 17:58 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:58 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:58 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="e:\program files\WFDTV\WFWIZ.exe" [2010-07-22 2920448]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"WinFastDTV"="e:\program files\WFDTV\DTVSchdl.exe" [2010-06-09 101888]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"BCSSync"="e:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-30 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 TomTomHOMEService;TomTomHOMEService;e:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - e:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - e:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wxvixr9s.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-MsMpSvc
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2012-11-13 21:34:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-13 20:34
ComboFix2.txt 2012-11-13 07:33
.
Před spuštěním: Volných bajtů: 35 825 442 816
Po spuštění: Volných bajtů: 35 599 400 960
.
- - End Of File - - 5B7D7700C84134CFF094255CE590AF39

ComboFix 12-11-13.02 - Owner 13.11.2012 21:29:26.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16375.14560 [GMT 1:00]
Spuštěný z: e:\dokumenty\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\dokumenty\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-13 do 2012-11-13 )))))))))))))))))))))))))))))))
.
.
2012-11-13 20:33 . 2012-11-13 20:33 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2012-11-13 20:33 . 2012-11-13 20:33 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2012-11-13 20:33 . 2012-11-13 20:33 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2012-11-13 20:33 . 2012-11-13 20:33 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2012-11-13 20:33 . 2012-11-13 20:33 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2012-11-13 20:33 . 2012-11-13 20:33 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2012-11-13 20:33 . 2012-11-13 20:33 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2012-11-13 20:33 . 2012-11-13 20:33 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2012-11-13 19:44 . 2012-11-13 19:44 -------- d-----w- C:\WINSSLog
2012-11-13 19:41 . 2012-11-13 19:41 21180 ----a-w- C:\FixitRegBackup.reg
2012-11-13 06:53 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpengine.dll
2012-11-12 20:49 . 2012-11-12 20:49 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\programdata\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-12 20:48 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- C:\rsit
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- c:\program files\trend micro
2012-11-11 22:19 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\VDLL.DLL
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\rundll16.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\RUNDL132.EXE
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo1_.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo_1.exe
2012-11-11 11:08 . 2012-11-11 11:08 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2012-11-11 11:08 . 2012-11-11 11:08 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2012-11-11 11:08 . 2012-11-11 11:08 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\programdata\MicroWorld
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\ATI
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\AMD
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD APP
2012-11-07 13:00 . 2012-11-07 13:01 -------- d-----w- c:\program files\ATI Technologies
2012-11-07 12:58 . 2012-11-07 12:58 -------- d-----w- C:\AMD
2012-11-05 14:14 . 2012-11-13 19:07 -------- d-----w- c:\users\Owner\AppData\Roaming\.minecraft
2012-10-30 10:02 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2012-10-30 09:53 . 2012-10-30 09:53 -------- d-----w- c:\programdata\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 22:51 . 2012-04-29 04:01 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-04-29 04:22 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-04-29 04:01 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-04-29 04:01 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-04-29 04:01 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-04-29 04:00 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-04-29 04:00 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2012-04-29 04:01 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-04-29 04:22 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-10 06:49 . 2012-05-01 04:38 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 16:51 . 2012-08-24 17:25 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 16:51 . 2012-08-24 17:25 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2010-09-29 01:28 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2010-09-29 01:55 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2010-09-29 01:54 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2010-09-29 01:46 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2010-09-29 01:37 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2010-09-29 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2010-09-29 01:14 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2010-09-29 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2010-09-29 01:13 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-14 19:19 . 2012-10-10 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 05:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-13 14:35 . 2012-05-28 12:37 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-13 14:35 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-12 15:17 . 2012-05-28 12:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-12 15:16 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-12 15:03 . 2012-09-12 15:07 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-08-31 18:19 . 2012-10-10 05:32 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 19:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 18:03 . 2012-10-10 05:32 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:32 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 05:32 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 05:32 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 05:32 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 17:58 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 17:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 17:58 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 17:58 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 17:58 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 17:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 17:58 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 17:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 17:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 17:58 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 17:58 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 17:58 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 17:58 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 17:58 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 17:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 17:58 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 17:58 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:58 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:58 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="e:\program files\WFDTV\WFWIZ.exe" [2010-07-22 2920448]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"WinFastDTV"="e:\program files\WFDTV\DTVSchdl.exe" [2010-06-09 101888]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"BCSSync"="e:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-30 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 TomTomHOMEService;TomTomHOMEService;e:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - e:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - e:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wxvixr9s.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-MsMpSvc
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2012-11-13 21:34:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-13 20:34
ComboFix2.txt 2012-11-13 07:33
.
Před spuštěním: Volných bajtů: 35 825 442 816
Po spuštění: Volných bajtů: 35 599 400 960
.
- - End Of File - - 5B7D7700C84134CFF094255CE590AF39
Re: Prosím o kontrolu
Zase mi vyběhla hláška :
---------------------------
Microsoft Security Client
---------------------------
An error has occurred in the program during initialization. If this problem continues, please contact your system administrator.
Error code: 0x80070002
---------------------------
OK
---------------------------
---------------------------
Microsoft Security Client
---------------------------
An error has occurred in the program during initialization. If this problem continues, please contact your system administrator.
Error code: 0x80070002
---------------------------
OK
---------------------------
Re: Prosím o kontrolu

Kód: Vybrat vše
KillAll::
SecCenter::
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
{B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
{0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
Folder::
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}
c:\program files\Microsoft Security Client
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"=-
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
Reboot::
Re: Prosím o kontrolu
Dobrý večer. Přikládám log z CF.
ComboFix 12-11-14.01 - Owner 14.11.2012 20:02:52.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16375.14334 [GMT 1:00]
Spuštěný z: e:\dokumenty\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\dokumenty\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Microsoft Security Client
c:\program files\Microsoft Security Client\Antimalware\CS-CZ\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\Antimalware\CS-CZ\MpEvMsg.dll.mui
c:\program files\Microsoft Security Client\Backup\amd64\dw20shared.msi
c:\program files\Microsoft Security Client\Backup\amd64\epp.msi
c:\program files\Microsoft Security Client\Backup\amd64\setup.exe
c:\program files\Microsoft Security Client\Backup\amd64\sqmapi.dll
c:\program files\Microsoft Security Client\Backup\amd64\Windows6.0-KB981889-v2.msu
c:\program files\Microsoft Security Client\Backup\amd64\Windows6.1-KB981889.msu
c:\program files\Microsoft Security Client\Backup\cs-cz\EULA.RTF
c:\program files\Microsoft Security Client\Backup\cs-cz\setupres.dll.mui
c:\program files\Microsoft Security Client\Backup\EppManifest.dll
c:\program files\Microsoft Security Client\Backup\setupres.dll
c:\program files\Microsoft Security Client\cs-cz\amhelp.chm
c:\program files\Microsoft Security Client\cs-cz\eula.rtf
c:\program files\Microsoft Security Client\cs-cz\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\cs-cz\MpEvMsg.dll.mui
c:\program files\Microsoft Security Client\cs-cz\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\cs-cz\msseooberes.dll.mui
c:\program files\Microsoft Security Client\cs-cz\setupres.dll.mui
c:\program files\Microsoft Security Client\cs-cz\shellext.dll.mui
c:\program files\Microsoft Security Client\DbgHelp.dll
c:\program files\Microsoft Security Client\Drivers\Backup\mpfilter\mpfilter.cat
c:\program files\Microsoft Security Client\Drivers\Backup\mpfilter\mpfilter.inf
c:\program files\Microsoft Security Client\Drivers\Backup\mpfilter\mpfilter.sys
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.cat
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.inf
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.man
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys
c:\program files\Microsoft Security Client\Drivers\mpfilter\mpfilter.cat
c:\program files\Microsoft Security Client\Drivers\mpfilter\mpfilter.inf
c:\program files\Microsoft Security Client\Drivers\mpfilter\mpfilter.sys
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.cat
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.inf
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.man
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys
c:\program files\Microsoft Security Client\en-us\amhelp.chm
c:\program files\Microsoft Security Client\en-us\eula.rtf
c:\program files\Microsoft Security Client\en-us\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\en-us\mpevmsg.dll.mui
c:\program files\Microsoft Security Client\en-us\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\en-us\msseooberes.dll.mui
c:\program files\Microsoft Security Client\en-us\setupres.dll.mui
c:\program files\Microsoft Security Client\en-us\shellext.dll.mui
c:\program files\Microsoft Security Client\EppManifest.dll
c:\program files\Microsoft Security Client\MpAsDesc.dll
c:\program files\Microsoft Security Client\MpClient.dll
c:\program files\Microsoft Security Client\MpCmdRun.exe
c:\program files\Microsoft Security Client\MpCommu.dll
c:\program files\Microsoft Security Client\mpevmsg.dll
c:\program files\Microsoft Security Client\MpOAv.dll
c:\program files\Microsoft Security Client\MpRTP.dll
c:\program files\Microsoft Security Client\MpSvc.dll
c:\program files\Microsoft Security Client\MSESysprep.dll
c:\program files\Microsoft Security Client\MsMpCom.dll
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Microsoft Security Client\MsMpLics.dll
c:\program files\Microsoft Security Client\MsMpRes.dll
c:\program files\Microsoft Security Client\msseces.exe
c:\program files\Microsoft Security Client\msseoobe.exe
c:\program files\Microsoft Security Client\msseooberes.dll
c:\program files\Microsoft Security Client\MsseWat.dll
c:\program files\Microsoft Security Client\NisIpsPlugin.dll
c:\program files\Microsoft Security Client\NisLog.dll
c:\program files\Microsoft Security Client\NisSrv.exe
c:\program files\Microsoft Security Client\NisWFP.dll
c:\program files\Microsoft Security Client\Setup.exe
c:\program files\Microsoft Security Client\SetupRes.dll
c:\program files\Microsoft Security Client\shellext.dll
c:\program files\Microsoft Security Client\sqmapi.dll
c:\program files\Microsoft Security Client\SymSrv.dll
c:\program files\Microsoft Security Client\SymSrv.yes
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpasbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpasdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpavbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpavdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NisSrv
-------\Service_NisSrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-14 do 2012-11-14 )))))))))))))))))))))))))))))))
.
.
2012-11-14 19:05 . 2012-11-14 19:05 -------- d-----w- c:\users\filip\AppData\Local\temp
2012-11-14 19:05 . 2012-11-14 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-13 19:44 . 2012-11-13 19:44 -------- d-----w- C:\WINSSLog
2012-11-13 19:41 . 2012-11-13 19:41 21180 ----a-w- C:\FixitRegBackup.reg
2012-11-12 20:49 . 2012-11-12 20:49 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\programdata\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-12 20:48 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- C:\rsit
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- c:\program files\trend micro
2012-11-11 22:19 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\VDLL.DLL
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\rundll16.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\RUNDL132.EXE
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo1_.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo_1.exe
2012-11-11 11:08 . 2012-11-11 11:08 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2012-11-11 11:08 . 2012-11-11 11:08 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2012-11-11 11:08 . 2012-11-11 11:08 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\programdata\MicroWorld
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\ATI
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\AMD
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD APP
2012-11-07 13:00 . 2012-11-07 13:01 -------- d-----w- c:\program files\ATI Technologies
2012-11-07 12:58 . 2012-11-07 12:58 -------- d-----w- C:\AMD
2012-11-05 14:14 . 2012-11-14 14:54 -------- d-----w- c:\users\Owner\AppData\Roaming\.minecraft
2012-10-30 10:02 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2012-10-30 09:53 . 2012-10-30 09:53 -------- d-----w- c:\programdata\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 22:51 . 2012-04-29 04:01 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-04-29 04:22 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-04-29 04:01 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-04-29 04:01 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-04-29 04:01 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-04-29 04:00 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-04-29 04:00 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2012-04-29 04:01 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-04-29 04:22 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-10 06:49 . 2012-05-01 04:38 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 16:51 . 2012-08-24 17:25 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 16:51 . 2012-08-24 17:25 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2010-09-29 01:28 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2010-09-29 01:55 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2010-09-29 01:54 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2010-09-29 01:46 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2010-09-29 01:37 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2010-09-29 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2010-09-29 01:14 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2010-09-29 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2010-09-29 01:13 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-14 19:19 . 2012-10-10 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 05:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-13 14:35 . 2012-05-28 12:37 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-13 14:35 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-12 15:17 . 2012-05-28 12:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-12 15:16 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-12 15:03 . 2012-09-12 15:07 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-08-31 18:19 . 2012-10-10 05:32 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 19:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 18:03 . 2012-10-10 05:32 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:32 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 05:32 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 05:32 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 05:32 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 17:58 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 17:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 17:58 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 17:58 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 17:58 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 17:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 17:58 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 17:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 17:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 17:58 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 17:58 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 17:58 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 17:58 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 17:58 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 17:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 17:58 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 17:58 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:58 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:58 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="e:\program files\WFDTV\WFWIZ.exe" [2010-07-22 2920448]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"WinFastDTV"="e:\program files\WFDTV\DTVSchdl.exe" [2010-06-09 101888]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"BCSSync"="e:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-30 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 TomTomHOMEService;TomTomHOMEService;e:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - e:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - e:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wxvixr9s.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2012-11-14 20:08:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-14 19:08
ComboFix2.txt 2012-11-13 20:34
ComboFix3.txt 2012-11-13 07:33
.
Před spuštěním: Volných bajtů: 35 077 066 752
Po spuštění: Volných bajtů: 34 781 077 504
.
- - End Of File - - 9B7479A70FAEDDA4F4225AA26991ADD0
ComboFix 12-11-14.01 - Owner 14.11.2012 20:02:52.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16375.14334 [GMT 1:00]
Spuštěný z: e:\dokumenty\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\dokumenty\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Microsoft Security Client
c:\program files\Microsoft Security Client\Antimalware\CS-CZ\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\Antimalware\CS-CZ\MpEvMsg.dll.mui
c:\program files\Microsoft Security Client\Backup\amd64\dw20shared.msi
c:\program files\Microsoft Security Client\Backup\amd64\epp.msi
c:\program files\Microsoft Security Client\Backup\amd64\setup.exe
c:\program files\Microsoft Security Client\Backup\amd64\sqmapi.dll
c:\program files\Microsoft Security Client\Backup\amd64\Windows6.0-KB981889-v2.msu
c:\program files\Microsoft Security Client\Backup\amd64\Windows6.1-KB981889.msu
c:\program files\Microsoft Security Client\Backup\cs-cz\EULA.RTF
c:\program files\Microsoft Security Client\Backup\cs-cz\setupres.dll.mui
c:\program files\Microsoft Security Client\Backup\EppManifest.dll
c:\program files\Microsoft Security Client\Backup\setupres.dll
c:\program files\Microsoft Security Client\cs-cz\amhelp.chm
c:\program files\Microsoft Security Client\cs-cz\eula.rtf
c:\program files\Microsoft Security Client\cs-cz\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\cs-cz\MpEvMsg.dll.mui
c:\program files\Microsoft Security Client\cs-cz\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\cs-cz\msseooberes.dll.mui
c:\program files\Microsoft Security Client\cs-cz\setupres.dll.mui
c:\program files\Microsoft Security Client\cs-cz\shellext.dll.mui
c:\program files\Microsoft Security Client\DbgHelp.dll
c:\program files\Microsoft Security Client\Drivers\Backup\mpfilter\mpfilter.cat
c:\program files\Microsoft Security Client\Drivers\Backup\mpfilter\mpfilter.inf
c:\program files\Microsoft Security Client\Drivers\Backup\mpfilter\mpfilter.sys
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.cat
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.inf
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.man
c:\program files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys
c:\program files\Microsoft Security Client\Drivers\mpfilter\mpfilter.cat
c:\program files\Microsoft Security Client\Drivers\mpfilter\mpfilter.inf
c:\program files\Microsoft Security Client\Drivers\mpfilter\mpfilter.sys
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.cat
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.inf
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.man
c:\program files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys
c:\program files\Microsoft Security Client\en-us\amhelp.chm
c:\program files\Microsoft Security Client\en-us\eula.rtf
c:\program files\Microsoft Security Client\en-us\MpAsDesc.dll.mui
c:\program files\Microsoft Security Client\en-us\mpevmsg.dll.mui
c:\program files\Microsoft Security Client\en-us\MsMpRes.dll.mui
c:\program files\Microsoft Security Client\en-us\msseooberes.dll.mui
c:\program files\Microsoft Security Client\en-us\setupres.dll.mui
c:\program files\Microsoft Security Client\en-us\shellext.dll.mui
c:\program files\Microsoft Security Client\EppManifest.dll
c:\program files\Microsoft Security Client\MpAsDesc.dll
c:\program files\Microsoft Security Client\MpClient.dll
c:\program files\Microsoft Security Client\MpCmdRun.exe
c:\program files\Microsoft Security Client\MpCommu.dll
c:\program files\Microsoft Security Client\mpevmsg.dll
c:\program files\Microsoft Security Client\MpOAv.dll
c:\program files\Microsoft Security Client\MpRTP.dll
c:\program files\Microsoft Security Client\MpSvc.dll
c:\program files\Microsoft Security Client\MSESysprep.dll
c:\program files\Microsoft Security Client\MsMpCom.dll
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Microsoft Security Client\MsMpLics.dll
c:\program files\Microsoft Security Client\MsMpRes.dll
c:\program files\Microsoft Security Client\msseces.exe
c:\program files\Microsoft Security Client\msseoobe.exe
c:\program files\Microsoft Security Client\msseooberes.dll
c:\program files\Microsoft Security Client\MsseWat.dll
c:\program files\Microsoft Security Client\NisIpsPlugin.dll
c:\program files\Microsoft Security Client\NisLog.dll
c:\program files\Microsoft Security Client\NisSrv.exe
c:\program files\Microsoft Security Client\NisWFP.dll
c:\program files\Microsoft Security Client\Setup.exe
c:\program files\Microsoft Security Client\SetupRes.dll
c:\program files\Microsoft Security Client\shellext.dll
c:\program files\Microsoft Security Client\sqmapi.dll
c:\program files\Microsoft Security Client\SymSrv.dll
c:\program files\Microsoft Security Client\SymSrv.yes
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpasbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpasdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpavbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpavdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4C5434B6-D756-46EA-B8FB-AF05512B27C7}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NisSrv
-------\Service_NisSrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-14 do 2012-11-14 )))))))))))))))))))))))))))))))
.
.
2012-11-14 19:05 . 2012-11-14 19:05 -------- d-----w- c:\users\filip\AppData\Local\temp
2012-11-14 19:05 . 2012-11-14 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-13 19:44 . 2012-11-13 19:44 -------- d-----w- C:\WINSSLog
2012-11-13 19:41 . 2012-11-13 19:41 21180 ----a-w- C:\FixitRegBackup.reg
2012-11-12 20:49 . 2012-11-12 20:49 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\programdata\Malwarebytes
2012-11-12 20:48 . 2012-11-12 20:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-12 20:48 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- C:\rsit
2012-11-12 10:43 . 2012-11-12 10:44 -------- d-----w- c:\program files\trend micro
2012-11-11 22:19 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\VDLL.DLL
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\SysWow64\runouce.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\rundll16.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\RUNDL132.EXE
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo1_.exe
2012-11-11 11:19 . 2012-11-11 11:19 -------- d---a-w- c:\windows\logo_1.exe
2012-11-11 11:08 . 2012-11-11 11:08 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2012-11-11 11:08 . 2012-11-11 11:08 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2012-11-11 11:08 . 2012-11-11 11:08 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld
2012-11-11 11:08 . 2012-11-11 11:08 -------- d-----w- c:\programdata\MicroWorld
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\ATI
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\programdata\AMD
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-07 13:01 . 2012-11-07 13:01 -------- d-----w- c:\program files (x86)\AMD APP
2012-11-07 13:00 . 2012-11-07 13:01 -------- d-----w- c:\program files\ATI Technologies
2012-11-07 12:58 . 2012-11-07 12:58 -------- d-----w- C:\AMD
2012-11-05 14:14 . 2012-11-14 14:54 -------- d-----w- c:\users\Owner\AppData\Roaming\.minecraft
2012-10-30 10:02 . 2007-10-22 02:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2012-10-30 09:53 . 2012-10-30 09:53 -------- d-----w- c:\programdata\Origin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 22:51 . 2012-04-29 04:01 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-04-29 04:22 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-04-29 04:01 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-04-29 04:01 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-04-29 04:01 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-04-29 04:00 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-04-29 04:00 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 22:50 . 2012-04-29 04:01 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-15 16:59 . 2012-04-29 04:22 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-10 06:49 . 2012-05-01 04:38 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 16:51 . 2012-08-24 17:25 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 16:51 . 2012-08-24 17:25 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-28 14:37 . 2012-09-28 14:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 14:36 . 2012-09-28 14:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 14:36 . 2012-09-28 14:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 14:36 . 2012-09-28 14:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 14:36 . 2012-09-28 14:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 14:36 . 2012-09-28 14:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 14:32 . 2012-09-28 14:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 14:28 . 2012-09-28 14:28 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-28 14:28 . 2012-09-28 14:28 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-09-28 02:23 . 2010-09-29 01:28 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2010-09-29 01:55 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2010-09-29 01:54 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2010-09-29 01:46 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-09-28 01:31 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-09-28 01:25 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2010-09-29 01:37 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2010-09-29 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2010-09-29 01:14 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2010-09-29 01:14 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2012-09-28 01:11 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2010-09-29 01:13 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-14 19:19 . 2012-10-10 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 05:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-13 14:35 . 2012-05-28 12:37 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-09-13 14:35 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-09-12 15:17 . 2012-05-28 12:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-09-12 15:16 . 2012-05-28 12:34 298016 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-12 15:03 . 2012-09-12 15:07 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-08-31 18:19 . 2012-10-10 05:32 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 20:03 . 2012-08-30 20:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 19:25 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-30 18:03 . 2012-10-10 05:32 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 05:32 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 05:32 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 05:32 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 05:32 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 17:58 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 17:58 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 17:58 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 17:58 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 17:58 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 17:58 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 17:58 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 17:58 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 17:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 17:58 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 17:58 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 17:58 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 17:58 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 17:58 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 17:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 17:58 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 17:58 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 17:58 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 17:58 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 17:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 17:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="e:\program files\WFDTV\WFWIZ.exe" [2010-07-22 2920448]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"WinFastDTV"="e:\program files\WFDTV\DTVSchdl.exe" [2010-06-09 101888]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"BCSSync"="e:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-01 1255736]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-30 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 TomTomHOMEService;TomTomHOMEService;e:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 75264]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 176640]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - e:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - e:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\wxvixr9s.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2012-11-14 20:08:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-14 19:08
ComboFix2.txt 2012-11-13 20:34
ComboFix3.txt 2012-11-13 07:33
.
Před spuštěním: Volných bajtů: 35 077 066 752
Po spuštění: Volných bajtů: 34 781 077 504
.
- - End Of File - - 9B7479A70FAEDDA4F4225AA26991ADD0
Re: Prosím o kontrolu
Jak se chova nas pacient nyni 

Re: Prosím o kontrolu
Pacient si ze mě dělá srandu.Upozorňuje mě pořád na výstrahu zabezpečení a přijde mi,že pomalu načítá mail od seznamu.Ale to je asi normální.Co předělaly všem schránky,tak od té doby to jde pomalu.Někdy ještě pomalejš.Jak to vidíte vy? Už to vypadá dobře? Ta hláška Microsoft security client už mi po restartu nevyběhla.
Re: Prosím o kontrolu

- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky

- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC

- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte

Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy



