Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

VIR? - restarty systemu, conhost..

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

VIR? - restarty systemu, conhost..

#1 Příspěvek od mikkie »

Přikládám log z combofix a prosím o případné další rady. Děkuji:

Kód: Vybrat vše

ComboFix 11-07-26.02 - Pavel 26.07.2011  18:07:00.2.2 - x64
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\users\Pavel\AppData\Roaming\Microsoft\conhost.exe
c:\users\Pavel\Flash-Player.exe
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\gbot111.exe
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\services32.exe
c:\windows\sysdriver32.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\update.1\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladače/Služby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_srvsysdriver32
-------\Service_wxpdrivers
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2011-06-26 do 2011-07-26  )))))))))))))))))))))))))))))))
.
.
2011-07-26 16:14 . 2011-07-26 16:14	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-07-25 19:46 . 2011-07-04 11:36	288088	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-07-25 19:46 . 2011-07-04 11:35	45400	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-07-25 19:46 . 2011-07-04 11:32	31064	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-07-25 19:46 . 2011-07-04 11:32	22360	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-07-25 19:46 . 2011-07-04 11:43	253888	----a-w-	c:\windows\system32\aswBoot.exe
2011-07-25 19:46 . 2011-07-04 11:36	600920	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-07-25 19:46 . 2011-07-04 11:32	64856	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-07-25 19:45 . 2011-07-04 11:43	40112	----a-w-	c:\windows\avastSS.scr
2011-07-25 19:45 . 2011-07-04 11:43	199304	----a-w-	c:\windows\SysWow64\aswBoot.exe
2011-07-25 19:45 . 2011-07-25 19:45	--------	d-----w-	c:\programdata\AVAST Software
2011-07-25 19:45 . 2011-07-25 19:45	--------	d-----w-	c:\program files\AVAST Software
2011-07-25 19:42 . 2011-07-25 19:42	--------	d-----w-	c:\users\Pavel\AppData\Local\ElevatedDiagnostics
2011-07-25 19:36 . 2011-07-25 19:36	--------	d-----w-	c:\programdata\McAfee
2011-07-25 19:30 . 2011-07-25 19:30	--------	d-----w-	c:\programdata\CyberLink
2011-07-25 19:11 . 2011-07-26 05:25	--------	d--h--w-	c:\windows\update.tray-7-0
2011-07-17 09:32 . 2011-07-17 09:32	--------	d-----w-	c:\windows\ufa
2011-07-17 09:32 . 2011-07-17 09:32	--------	d-----w-	c:\windows\rpcminer
2011-07-17 09:32 . 2011-07-17 09:32	--------	d-----w-	c:\windows\phoenix
2011-07-17 09:32 . 2011-07-23 16:07	246272	----a-w-	c:\windows\unrar.exe
2011-07-17 09:30 . 2011-07-26 05:25	--------	d-----w-	c:\windows\av_ico
2011-07-17 09:28 . 2011-07-26 05:25	--------	d--h--w-	c:\windows\update.tray-9-0
2011-07-17 09:28 . 2011-07-26 05:25	--------	d--h--w-	c:\windows\update.tray-9-0-lnk
2011-07-17 09:11 . 2011-06-02 06:39	422400	----a-w-	c:\windows\system32\KernelBase.dll
2011-07-17 09:11 . 2011-06-02 05:54	272384	----a-w-	c:\windows\SysWow64\KernelBase.dll
2011-07-17 09:11 . 2011-06-02 06:23	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-17 09:11 . 2011-06-02 05:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-09 17:05 . 2011-07-09 17:05	--------	d-----w-	c:\users\Pavel\AppData\Roaming\Registry Mechanic
2011-07-07 18:45 . 2011-07-07 18:45	--------	d-----w-	c:\users\Pavel\AppData\Roaming\DivX
2011-07-07 18:44 . 2011-07-07 18:44	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2011-07-07 18:44 . 2011-07-07 18:44	--------	d-----w-	c:\program files\DivX
2011-07-07 18:43 . 2011-07-07 18:44	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2011-07-07 18:42 . 2011-07-07 18:45	--------	d-----w-	c:\program files (x86)\DivX
2011-07-07 18:41 . 2011-07-07 18:45	--------	d-----w-	c:\programdata\DivX
2011-07-07 08:07 . 2011-07-07 08:07	--------	d-----w-	c:\users\Pavel\AppData\Roaming\Unity
2011-07-07 07:47 . 2011-07-25 19:39	--------	d-----w-	c:\users\Pavel\AppData\Local\Unity
2011-06-27 17:52 . 2011-06-28 20:55	--------	d-----w-	c:\windows\system32\SPReview
2011-06-27 17:50 . 2011-06-27 17:50	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-27 17:50 . 2011-06-28 20:56	--------	d-----w-	C:\c47c419a446106a8764464422f
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-22 18:07 . 2011-06-22 18:07	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-02 17:53 . 2011-06-02 17:53	94208	----a-w-	c:\windows\SysWow64\dpl100.dll
2011-06-02 05:56 . 2011-07-17 09:10	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2011-05-28 03:25 . 2011-06-17 12:24	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-05-28 03:00 . 2011-06-17 12:24	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-05-04 02:51 . 2011-06-17 12:25	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:51 . 2011-06-17 12:25	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-05-04 02:51 . 2011-06-17 12:25	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-05-03 05:21 . 2011-06-17 12:24	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-05-03 04:50 . 2011-06-17 12:24	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:13 . 2011-06-17 12:24	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-04-29 03:12 . 2011-06-17 12:24	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-04-29 03:12 . 2011-06-17 12:24	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
R2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 funfrm;funfrm; [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs	REG_MULTI_SZ   	ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2997335487-3770393647-607407720-1000Core.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:27]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2997335487-3770393647-607407720-1000UA.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:27]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43	134384	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-10-24 13:07	1502720	----a-w-	c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF12451.cfxxe" [X]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 365592]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-09-29 4366704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:63050
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 62.240.178.250 10.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico1 - (no file)
Wow6432Node-HKLM-Run-tray_ico2 - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-07-26  18:19:00
ComboFix-quarantined-files.txt  2011-07-26 16:18
.
Před spuštěním: Volných bajtů: 418 276 175 872
Po spuštění: Volných bajtů: 418 156 150 784
.
- - End Of File - - 060C4ED15EC9A6F69B08F53926D8C5D0
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: VIR? - restarty systemu, conhost..

#2 Příspěvek od Rudy »

Máte vir z FB, klikl jste si na update flash playeru. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj::
KillAll::

Collect::
c:\windows\unrar.exe

Driver::
funfrm

Folder::
c:\windows\update.tray-7-0
c:\windows\ufa
c:\windows\rpcminer
c:\windows\phoenix
c:\windows\av_ico
c:\windows\update.tray-9-0
c:\windows\update.tray-9-0-lnk
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: VIR? - restarty systemu, conhost..

#3 Příspěvek od mikkie »

Zasílám nový log po provedení skriptu, děkuji:

Kód: Vybrat vše

ComboFix 11-07-26.02 - Pavel 26.07.2011  19:24:52.3.2 - x64
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
.
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\av_ico
c:\windows\av_ico\ico_mcafee_start.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\update.tray-7-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0-lnk\svchost.exe
c:\windows\update.tray-9-0
c:\windows\update.tray-9-0\svchost.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladače/Služby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_funfrm
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2011-06-26 do 2011-07-26  )))))))))))))))))))))))))))))))
.
.
2011-07-25 19:46 . 2011-07-04 11:36	288088	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-07-25 19:46 . 2011-07-04 11:35	45400	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-07-25 19:46 . 2011-07-04 11:32	31064	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-07-25 19:46 . 2011-07-04 11:32	22360	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-07-25 19:46 . 2011-07-04 11:43	253888	----a-w-	c:\windows\system32\aswBoot.exe
2011-07-25 19:46 . 2011-07-04 11:36	600920	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-07-25 19:46 . 2011-07-04 11:32	64856	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-07-25 19:45 . 2011-07-04 11:43	40112	----a-w-	c:\windows\avastSS.scr
2011-07-25 19:45 . 2011-07-04 11:43	199304	----a-w-	c:\windows\SysWow64\aswBoot.exe
2011-07-25 19:45 . 2011-07-25 19:45	--------	d-----w-	c:\programdata\AVAST Software
2011-07-25 19:45 . 2011-07-25 19:45	--------	d-----w-	c:\program files\AVAST Software
2011-07-25 19:42 . 2011-07-25 19:42	--------	d-----w-	c:\users\Pavel\AppData\Local\ElevatedDiagnostics
2011-07-25 19:36 . 2011-07-25 19:36	--------	d-----w-	c:\programdata\McAfee
2011-07-25 19:30 . 2011-07-25 19:30	--------	d-----w-	c:\programdata\CyberLink
2011-07-17 09:32 . 2011-07-23 16:07	246272	------w-	c:\windows\unrar.exe
2011-07-17 09:11 . 2011-06-02 06:39	422400	----a-w-	c:\windows\system32\KernelBase.dll
2011-07-17 09:11 . 2011-06-02 05:54	272384	----a-w-	c:\windows\SysWow64\KernelBase.dll
2011-07-17 09:11 . 2011-06-02 06:23	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-17 09:11 . 2011-06-02 05:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-09 17:05 . 2011-07-09 17:05	--------	d-----w-	c:\users\Pavel\AppData\Roaming\Registry Mechanic
2011-07-07 18:45 . 2011-07-07 18:45	--------	d-----w-	c:\users\Pavel\AppData\Roaming\DivX
2011-07-07 18:44 . 2011-07-07 18:44	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2011-07-07 18:44 . 2011-07-07 18:44	--------	d-----w-	c:\program files\DivX
2011-07-07 18:43 . 2011-07-07 18:44	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2011-07-07 18:42 . 2011-07-07 18:45	--------	d-----w-	c:\program files (x86)\DivX
2011-07-07 18:41 . 2011-07-07 18:45	--------	d-----w-	c:\programdata\DivX
2011-07-07 08:07 . 2011-07-07 08:07	--------	d-----w-	c:\users\Pavel\AppData\Roaming\Unity
2011-07-07 07:47 . 2011-07-25 19:39	--------	d-----w-	c:\users\Pavel\AppData\Local\Unity
2011-06-27 17:52 . 2011-06-28 20:55	--------	d-----w-	c:\windows\system32\SPReview
2011-06-27 17:50 . 2011-06-27 17:50	--------	d-----w-	c:\windows\system32\EventProviders
2011-06-27 17:50 . 2011-06-28 20:56	--------	d-----w-	C:\c47c419a446106a8764464422f
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-22 18:07 . 2011-06-22 18:07	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-02 17:53 . 2011-06-02 17:53	94208	----a-w-	c:\windows\SysWow64\dpl100.dll
2011-06-02 05:56 . 2011-07-17 09:10	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2011-05-28 03:25 . 2011-06-17 12:24	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-05-28 03:00 . 2011-06-17 12:24	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-05-04 02:51 . 2011-06-17 12:25	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:51 . 2011-06-17 12:25	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-05-04 02:51 . 2011-06-17 12:25	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-05-03 05:21 . 2011-06-17 12:24	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-05-03 04:50 . 2011-06-17 12:24	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:13 . 2011-06-17 12:24	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-04-29 03:12 . 2011-06-17 12:24	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-04-29 03:12 . 2011-06-17 12:24	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-07-26_16.15.08   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-26 16:00	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-26 17:36	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-26 16:00	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 17:36	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-26 16:00	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 17:36	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-07-26 16:25	48736              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-07-26 16:30	80736              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-06 20:26 . 2011-07-26 16:25	3636              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2997335487-3770393647-607407720-1000_UserData.bin
+ 2009-07-28 23:04 . 2011-07-26 17:34	3155              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2009-07-28 23:04 . 2011-07-26 15:49	3155              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-07-26 15:57 . 2011-07-26 15:57	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-26 17:34 . 2011-07-26 17:34	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-26 15:57 . 2011-07-26 15:57	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-26 17:34 . 2011-07-26 17:34	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-06 18:48 . 2011-07-26 17:21	279416              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2011-07-26 16:06	620150              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-26 16:31	620150              c:\windows\system32\perfh009.dat
+ 2010-08-07 14:53 . 2011-07-26 16:31	635232              c:\windows\system32\perfh005.dat
- 2010-08-07 14:53 . 2011-07-26 16:06	635232              c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-07-26 16:31	108332              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-07-26 16:06	108332              c:\windows\system32\perfc009.dat
+ 2010-08-07 14:53 . 2011-07-26 16:31	123974              c:\windows\system32\perfc005.dat
- 2010-08-07 14:53 . 2011-07-26 16:06	123974              c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2011-07-26 15:45	405156              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-26 17:34	405156              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34 . 2011-07-26 15:45	10223616              c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-07-26 16:37	10223616              c:\windows\system32\SMI\Store\Machine\schema.dat
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
R2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs	REG_MULTI_SZ   	ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2997335487-3770393647-607407720-1000Core.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:27]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2997335487-3770393647-607407720-1000UA.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:27]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43	134384	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-10-24 13:07	1502720	----a-w-	c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF30533.cfxxe" [X]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 365592]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-09-29 4366704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:63050
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 62.240.178.250 10.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26  19:46:16 - počítač byl restartován
ComboFix-quarantined-files.txt  2011-07-26 17:46
ComboFix2.txt  2011-07-26 16:19
.
Před spuštěním: Volných bajtů: 418 260 029 440
Po spuštění: Volných bajtů: 418 171 199 488
.
- - End Of File - - 23B67DB657F56BED418FA4D9B13CCE0B
Nahr nˇ probŘhlo ŁspŘçnŘ
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: VIR? - restarty systemu, conhost..

#4 Příspěvek od Rudy »

Ještě jednou spusťte CF tímto skriptem:
Collect::
c:\windows\unrar.exe
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: VIR? - restarty systemu, conhost..

#5 Příspěvek od mikkie »

Kód: Vybrat vše

ComboFix 11-07-26.03 - Pavel 26.07.2011  20:47:24.5.2 - x64
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\unrar.exe
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2011-06-26 do 2011-07-26  )))))))))))))))))))))))))))))))
.
.
2011-07-26 18:58 . 2011-07-26 18:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-07-25 19:46 . 2011-07-04 11:43	253888	----a-w-	c:\windows\system32\aswBoot.exe
2011-07-25 19:45 . 2011-07-26 18:43	--------	d-----w-	c:\programdata\AVAST Software
2011-07-25 19:45 . 2011-07-25 19:45	--------	d-----w-	c:\program files\AVAST Software
2011-07-25 19:42 . 2011-07-25 19:42	--------	d-----w-	c:\users\Pavel\AppData\Local\ElevatedDiagnostics
2011-07-25 19:36 . 2011-07-25 19:36	--------	d-----w-	c:\programdata\McAfee
2011-07-25 19:30 . 2011-07-25 19:30	--------	d-----w-	c:\programdata\CyberLink
2011-07-17 09:11 . 2011-06-02 06:39	422400	----a-w-	c:\windows\system32\KernelBase.dll
2011-07-17 09:11 . 2011-06-02 05:54	272384	----a-w-	c:\windows\SysWow64\KernelBase.dll
2011-07-17 09:11 . 2011-06-02 06:23	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-17 09:11 . 2011-06-02 05:45	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-09 17:05 . 2011-07-09 17:05	--------	d-----w-	c:\users\Pavel\AppData\Roaming\Registry Mechanic
2011-07-07 18:45 . 2011-07-07 18:45	--------	d-----w-	c:\users\Pavel\AppData\Roaming\DivX
2011-07-07 18:44 . 2011-07-07 18:44	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2011-07-07 18:44 . 2011-07-07 18:44	--------	d-----w-	c:\program files\DivX
2011-07-07 18:43 . 2011-07-07 18:44	--------	d-----w-	c:\program files (x86)\Common Files\DivX Shared
2011-07-07 18:42 . 2011-07-07 18:45	--------	d-----w-	c:\program files (x86)\DivX
2011-07-07 18:41 . 2011-07-07 18:45	--------	d-----w-	c:\programdata\DivX
2011-07-07 08:07 . 2011-07-07 08:07	--------	d-----w-	c:\users\Pavel\AppData\Roaming\Unity
2011-07-07 07:47 . 2011-07-25 19:39	--------	d-----w-	c:\users\Pavel\AppData\Local\Unity
2011-06-27 17:52 . 2011-06-28 20:55	--------	d-----w-	c:\windows\system32\SPReview
2011-06-27 17:50 . 2011-06-27 17:50	--------	d-----w-	c:\windows\system32\EventProviders
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-26 18:03 . 2011-06-22 18:07	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-02 17:53 . 2011-06-02 17:53	94208	----a-w-	c:\windows\SysWow64\dpl100.dll
2011-06-02 05:56 . 2011-07-17 09:10	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2011-05-04 02:51 . 2011-06-17 12:25	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-05-04 02:51 . 2011-06-17 12:25	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-05-04 02:51 . 2011-06-17 12:25	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-05-03 05:21 . 2011-06-17 12:24	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-05-03 04:50 . 2011-06-17 12:24	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-04-29 03:13 . 2011-06-17 12:24	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-04-29 03:12 . 2011-06-17 12:24	399872	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-04-29 03:12 . 2011-06-17 12:24	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-07-26_16.15.08   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-26 18:15 . 2011-07-26 18:15	76800              c:\windows\SysWOW64\SetIEInstalledDate.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	74752              c:\windows\SysWOW64\RegisterIEPKEYs.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	54272              c:\windows\SysWOW64\pngfilt.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	48640              c:\windows\SysWOW64\mshtmler.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	72704              c:\windows\SysWOW64\mshtmled.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	11776              c:\windows\SysWOW64\mshta.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	10752              c:\windows\SysWOW64\msfeedssync.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	41472              c:\windows\SysWOW64\msfeedsbs.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	66048              c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	23552              c:\windows\SysWOW64\licmgr10.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	65024              c:\windows\SysWOW64\jsproxy.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	78848              c:\windows\SysWOW64\inseng.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	35840              c:\windows\SysWOW64\imgutil.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	86528              c:\windows\SysWOW64\iesysprep.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	74752              c:\windows\SysWOW64\iesetup.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	31744              c:\windows\SysWOW64\iernonce.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	74240              c:\windows\SysWOW64\ie4uinit.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	66048              c:\windows\SysWOW64\icardie.dll
+ 2009-07-14 04:54 . 2011-07-26 18:43	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-26 16:00	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-26 18:43	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-26 16:00	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-26 16:00	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 18:43	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-07 07:18 . 2011-07-26 19:01	34474              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-26 18:42	48872              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-07-26 18:15 . 2011-07-26 18:15	91648              c:\windows\system32\SetIEInstalledDate.exe
+ 2009-12-03 07:27 . 2009-12-03 07:27	74272              c:\windows\system32\RtNicProp64.dll
- 2010-10-24 12:56 . 2009-12-03 09:27	74272              c:\windows\system32\RtNicProp64.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	89088              c:\windows\system32\RegisterIEPKEYs.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	65024              c:\windows\system32\pngfilt.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	48640              c:\windows\system32\mshtmler.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	96256              c:\windows\system32\mshtmled.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	12288              c:\windows\system32\mshta.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	10752              c:\windows\system32\msfeedssync.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	55296              c:\windows\system32\msfeedsbs.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	86528              c:\windows\system32\migration\WininetPlugin.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	30720              c:\windows\system32\licmgr10.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	85504              c:\windows\system32\jsproxy.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	49664              c:\windows\system32\imgutil.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	85504              c:\windows\system32\iesetup.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	39936              c:\windows\system32\iernonce.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	89088              c:\windows\system32\ie4uinit.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	82432              c:\windows\system32\icardie.dll
+ 2009-07-14 05:30 . 2011-07-26 17:52	86016              c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-07-26 15:45	86016              c:\windows\system32\DriverStore\infpub.dat
+ 2009-12-03 07:27 . 2009-12-03 07:27	74272              c:\windows\system32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_62cb6bec0444b008\RtNicProp64.dll
- 2011-01-06 20:27 . 2011-07-26 15:47	32768              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 20:27 . 2011-07-26 18:15	32768              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 20:27 . 2011-07-26 18:15	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-01-06 20:27 . 2011-07-26 15:47	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-26 18:15	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-26 15:47	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-07-26 18:49	80736              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	32768              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-06 13:55 . 2011-07-26 17:35	16384              c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 13:55 . 2011-07-26 18:03	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-01-06 13:55 . 2011-07-26 18:03	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-06 13:55 . 2011-07-26 15:58	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-08 09:09 . 2011-07-26 18:19	5292              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-01-06 20:26 . 2011-07-26 18:42	4286              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2997335487-3770393647-607407720-1000_UserData.bin
- 2009-07-28 23:04 . 2011-07-26 15:49	3155              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2009-07-28 23:04 . 2011-07-26 18:58	3155              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-07-26 15:57 . 2011-07-26 15:57	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-26 18:59 . 2011-07-26 18:59	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-26 18:59 . 2011-07-26 18:59	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-26 15:57 . 2011-07-26 15:57	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-26 18:15 . 2011-07-26 18:15	152064              c:\windows\SysWOW64\wextract.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	203776              c:\windows\SysWOW64\webcheck.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	420864              c:\windows\SysWOW64\vbscript.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	231936              c:\windows\SysWOW64\url.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	123392              c:\windows\SysWOW64\occache.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	162304              c:\windows\SysWOW64\msrating.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	161792              c:\windows\SysWOW64\msls31.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	580608              c:\windows\SysWOW64\msfeeds.dll
+ 2011-07-26 18:03 . 2011-07-26 18:03	243360              c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
+ 2011-07-26 18:03 . 2011-07-26 18:03	328864              c:\windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	716800              c:\windows\SysWOW64\jscript.dll
- 2011-04-15 13:48 . 2011-02-18 05:35	716800              c:\windows\SysWOW64\jscript.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	150528              c:\windows\SysWOW64\iexpress.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	142848              c:\windows\SysWOW64\ieUnatt.exe
- 2011-06-17 12:24 . 2011-04-22 19:31	176640              c:\windows\SysWOW64\ieui.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	176640              c:\windows\SysWOW64\ieui.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	118784              c:\windows\SysWOW64\iepeers.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	353584              c:\windows\SysWOW64\iedkcs32.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	434176              c:\windows\SysWOW64\ieapfltr.dll
- 2009-07-13 23:42 . 2009-07-14 01:05	163840              c:\windows\SysWOW64\ieakui.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	163840              c:\windows\SysWOW64\ieakui.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	227840              c:\windows\SysWOW64\ieaksie.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	130560              c:\windows\SysWOW64\ieakeng.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	110592              c:\windows\SysWOW64\IEAdvpack.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	223232              c:\windows\SysWOW64\dxtrans.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	353792              c:\windows\SysWOW64\dxtmsft.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	101888              c:\windows\SysWOW64\admparse.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	160256              c:\windows\system32\wextract.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	249344              c:\windows\system32\webcheck.dll
+ 2011-01-06 18:48 . 2011-07-26 17:21	279416              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-07-26 18:15 . 2011-07-26 18:15	603648              c:\windows\system32\vbscript.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	236544              c:\windows\system32\url.dll
- 2010-10-24 12:56 . 2010-01-05 16:39	107552              c:\windows\system32\RTNUninst64.dll
+ 2010-10-24 12:56 . 2010-01-05 14:39	107552              c:\windows\system32\RTNUninst64.dll
- 2009-07-14 02:36 . 2011-07-26 16:06	620150              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-07-26 18:45	620150              c:\windows\system32\perfh009.dat
- 2010-08-07 14:53 . 2011-07-26 16:06	635232              c:\windows\system32\perfh005.dat
+ 2010-08-07 14:53 . 2011-07-26 18:45	635232              c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-07-26 16:06	108332              c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-07-26 18:45	108332              c:\windows\system32\perfc009.dat
+ 2010-08-07 14:53 . 2011-07-26 18:45	123974              c:\windows\system32\perfc005.dat
- 2010-08-07 14:53 . 2011-07-26 16:06	123974              c:\windows\system32\perfc005.dat
+ 2011-07-26 18:15 . 2011-07-26 18:15	149504              c:\windows\system32\occache.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	197120              c:\windows\system32\msrating.dll
- 2009-07-13 23:39 . 2009-07-14 01:41	222208              c:\windows\system32\msls31.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	222208              c:\windows\system32\msls31.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	697344              c:\windows\system32\msfeeds.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	818176              c:\windows\system32\jscript.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	103936              c:\windows\system32\inseng.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	165888              c:\windows\system32\iexpress.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	173056              c:\windows\system32\ieUnatt.exe
+ 2011-07-26 18:15 . 2011-07-26 18:15	248320              c:\windows\system32\ieui.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	111616              c:\windows\system32\iesysprep.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	145920              c:\windows\system32\iepeers.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	403248              c:\windows\system32\iedkcs32.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	534528              c:\windows\system32\ieapfltr.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	163840              c:\windows\system32\ieakui.dll
- 2009-07-13 23:58 . 2009-07-14 01:27	163840              c:\windows\system32\ieakui.dll
- 2009-07-13 23:58 . 2009-07-14 01:41	267776              c:\windows\system32\ieaksie.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	267776              c:\windows\system32\ieaksie.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	160256              c:\windows\system32\ieakeng.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	135168              c:\windows\system32\IEAdvpack.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	282112              c:\windows\system32\dxtrans.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	452608              c:\windows\system32\dxtmsft.dll
+ 2009-07-14 05:30 . 2011-07-26 17:52	143360              c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-07-26 15:45	143360              c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2011-07-26 17:52	143360              c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2011-07-26 15:45	143360              c:\windows\system32\DriverStore\infstor.dat
+ 2010-01-05 14:39 . 2010-01-05 14:39	107552              c:\windows\system32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_62cb6bec0444b008\RTNUninst64.dll
+ 2010-06-23 07:10 . 2010-06-23 07:10	344680              c:\windows\system32\DriverStore\FileRepository\rt64win7.inf_amd64_neutral_62cb6bec0444b008\Rt64win7.sys
+ 2010-06-23 07:10 . 2010-06-23 07:10	344680              c:\windows\system32\drivers\Rt64win7.sys
+ 2011-07-26 18:15 . 2011-07-26 18:15	114176              c:\windows\system32\admparse.dll
+ 2009-07-14 05:01 . 2011-07-26 18:58	405156              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-07-26 15:45	405156              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-26 18:15 . 2011-07-26 18:15	1126912              c:\windows\SysWOW64\wininet.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	1102336              c:\windows\SysWOW64\urlmon.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	1797632              c:\windows\SysWOW64\jscript9.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	1785344              c:\windows\SysWOW64\iertutil.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	9703936              c:\windows\SysWOW64\ieframe.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	3695416              c:\windows\SysWOW64\ieapfltr.dat
+ 2011-07-26 18:15 . 2011-07-26 18:15	1389056              c:\windows\system32\wininet.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	1344000              c:\windows\system32\urlmon.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	2303488              c:\windows\system32\jscript9.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	2136064              c:\windows\system32\iertutil.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	3695416              c:\windows\system32\ieapfltr.dat
+ 2009-07-14 04:45 . 2011-07-26 18:22	3860019              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-07-26 16:00	3860019              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-07-26 18:15 . 2011-07-26 18:15	12269056              c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2011-07-26 18:55	10485760              c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-07-26 18:15 . 2011-07-26 18:15	17773568              c:\windows\system32\mshtml.dll
+ 2011-07-26 18:15 . 2011-07-26 18:15	10885632              c:\windows\system32\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McMPFSvc;McAfee Služba programu Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
R2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs	REG_MULTI_SZ   	ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2997335487-3770393647-607407720-1000Core.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:27]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2997335487-3770393647-607407720-1000UA.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-20 12:27]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 365592]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-09-29 4366704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-08-19 5825536]
.
------- Doplňkový sken -------
.
uStart Page = my.daemon-search.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:63050
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 62.240.178.250 10.0.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Opera\opera.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26  21:13:24 - počítač byl restartován
ComboFix-quarantined-files.txt  2011-07-26 19:13
ComboFix2.txt  2011-07-26 17:47
ComboFix3.txt  2011-07-26 16:19
.
Před spuštěním: Volných bajtů: 418 131 918 848
Po spuštění: Volných bajtů: 418 604 777 472
.
- - End Of File - - 4620C1AE9F79E020B19105CD5A67A788
Nahr nˇ probŘhlo ŁspŘçnŘ
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: VIR? - restarty systemu, conhost..

#6 Příspěvek od Rudy »

Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
mikkie
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 črc 2011 16:56

Re: VIR? - restarty systemu, conhost..

#7 Příspěvek od mikkie »

naprostý rozdíl.. systém už reaguje svižněj a nejsou žádné prodlevy..nerestartuje se sám neustále dokola apod.

mnohokrát děkuji a vážím si vaší rychlosti, kvality a profesionality ;-)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: VIR? - restarty systemu, conhost..

#8 Příspěvek od Rudy »

Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“