Kontrola logů

Zpráva

chali · #1 Příspěvek od **chali** » 10 kvě 2012 01:51

Zdravím Vás odborníci, přicházím s problémem ohledně ntb,poslední dobou se začal sekat např.při psaní dokumentu a jednoduchých operací,řešilo jen hardreset, ted už je věc taková že norlmáně windows dlouho načítá a ani nechce,takže mě zbývá v nouzovým režimu se přihlásit..mám podezření zřejmě na pár virů,nebo možná špatný hw,možná pamět ale memtest to prošlo ok. Jsem tady nováček,budu se rád jsem vracet abych zde co nejvíce pobral,proto mě prosím ze začátku neukamenujte.Přikládám z combofixu.Děkuji za pomoc

ComboFix 12-05-09.01 - P.e.t.r.y 10.05.2012 2:30.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4008.2901 [GMT 2:00]
Spuštěný z: c:\users\P.e.t.r.y\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\SysWow64\tmp2F5.tmp
c:\windows\SysWow64\tmp2F6.tmp
c:\windows\SysWow64\tmp7538.tmp
c:\windows\SysWow64\tmp7539.tmp
c:\windows\SysWow64\tmpA97A.tmp
c:\windows\SysWow64\tmpA98A.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-10 do 2012-05-10 )))))))))))))))))))))))))))))))
.
.
2012-05-09 23:42 . 2012-05-09 23:42 -------- d-----w- c:\users\P.e.t.r.y\AppData\Local\adawarebp
2012-05-09 23:42 . 2012-05-09 23:42 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-05-09 23:42 . 2012-05-09 23:42 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-05-09 23:41 . 2012-05-09 23:42 -------- d-----w- c:\users\P.e.t.r.y\AppData\Roaming\Ad-Aware Antivirus
2012-05-09 21:37 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DE17F1F0-5F70-435E-B5D3-25C1A3B0978F}\mpengine.dll
2012-05-09 13:16 . 2012-05-09 13:16 -------- d-----w- c:\program files (x86)\IObit
2012-05-09 11:55 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 11:55 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 11:55 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 11:55 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 11:55 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 11:55 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 11:54 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 11:53 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 11:53 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 11:53 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 11:53 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 11:53 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-05-09 11:53 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-07 10:21 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-06 20:09 . 2012-05-06 20:09 -------- d-----w- c:\program files (x86)\WinSCP
2012-05-06 15:18 . 2012-05-06 15:19 -------- d-----w- c:\users\P.e.t.r.y\AppData\Roaming\SecondLife
2012-05-06 15:18 . 2012-05-06 15:47 -------- d-----w- c:\users\P.e.t.r.y\AppData\Local\SecondLife
2012-05-06 15:10 . 2012-05-06 15:18 -------- d-----w- c:\program files (x86)\SecondLifeViewer
2012-05-04 17:19 . 2011-07-22 11:43 44400 ----a-w- c:\windows\system32\drivers\RK290X.sys
2012-04-13 05:10 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-13 05:10 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-13 05:10 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-13 05:10 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-13 05:10 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-13 05:10 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-13 05:10 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-18 13:18 . 2011-06-10 12:44 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-04-11 18:50 . 2011-07-30 06:17 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-04-11 18:50 . 2011-07-30 06:17 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-03-23 21:43 . 2011-08-27 07:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-03-23 21:43 . 2011-08-27 07:39 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-07 22:38 . 2012-03-07 22:38 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2012-03-07 00:15 . 2012-03-07 23:49 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2012-03-07 23:49 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:15 . 2012-03-07 23:50 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:04 . 2012-03-07 23:50 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:04 . 2012-03-07 23:50 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2012-03-07 23:50 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-07 00:01 . 2012-03-07 23:50 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2012-03-07 23:50 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2012-03-07 23:50 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-17 06:38 . 2012-03-14 09:39 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 05:34 . 2012-03-14 09:39 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58 . 2012-03-14 09:39 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:57 . 2012-03-14 09:39 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 08:51 . 2012-02-10 08:51 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B47EBAB-B3E8-4E1C-B886-1BCAC8A7A0BB}\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" [2012-03-11 4785536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"Wireless Console 3"="c:\program files (x86)\asus\wireless console 3\wcourier.exe" [2010-09-23 1601536]
"HControlUser"="c:\program files (x86)\asus\atk hotkey\hcontroluser.exe" [2009-06-19 105016]
"ATKMEDIA"="c:\program files (x86)\asus\atk package\atk media\dmedia.exe" [2010-10-07 170624]
"SonicMasterTray"="c:\program files (x86)\asus\sonicmaster\sonicmastertray.exe" [2010-07-10 984400]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-03-28 200600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-12 548528]
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-6-14 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R3 AF9035BDA;AF9035 BDA Devices;c:\windows\system32\Drivers\AF9035BDA.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x]
R3 ASUSVRC64;ASUSTeK Virtual Capture Device;c:\windows\system32\DRIVERS\AsusVRC64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE [2011-08-11 140672]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 14:45]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 14:45]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2730171602-3884643260-2702677352-1001Core.job
- c:\users\P.e.t.r.y\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-13 12:18]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2730171602-3884643260-2702677352-1001UA.job
- c:\users\P.e.t.r.y\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-13 12:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-03 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-03 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-03 417304]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-08-11 324096]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" [2010-03-06 500208]
"RtHDVBg"="c:\program files\realtek\audio\hda\ravbg64.exe" [2010-11-30 2186856]
"ASUS WebStorage"="c:\program files (x86)\asus\asus webstorage\service\asuswsservice.exe" [2010-03-16 1754448]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.funmoods.com/?f=1&a=make
mStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 212.96.160.7 212.96.161.6
FF - ProfilePath - c:\users\P.e.t.r.y\AppData\Roaming\Mozilla\Firefox\Profiles\1qtqy1vl.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.funmoods.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=make
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=make
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=make&q=
FF - user.js: extensions.funmoods_i.id - d202b4a7000000000000eab9a566cf2b
FF - user.js: extensions.funmoods_i.instlDay - 15381
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1612:31
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - make
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
FF - user.js: general.useragent.extra.brc -
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\elantech\etdctrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="E81BD73604BDC7637BE40575376631E8D9DD377DDFD42D9D427D6A32C7C52CB41B217E1963CB38DB68823ECD78CA67F2A853B0801C9A94D8ED4FBF0D72A16E45D0722D984E17D0B230B3D44A17C0F458C1D5BF06FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407A2D97226D213B555BA7FD869164D6794CFB400E3770A8F060FF897212A4A5DA7DFC821D5D5A2AA842A489955B81E085388516EDFDCADE67534B7B39DB073B231BB9A9CA4DB22B38B895649957CEFBFA342EDE1461B0CC4AE649C057E07B6186FC8E4033C6C58A0CE693CE815CC364402753CE29D3AAB3232BDECDFE26BFAF54AED1C957619ADD74311C0C80831FC1907EFF16D12D5D87064B2708C91AD6F6691DF398A51074EF03E1EACAA44C3127134D4CBF0731EA1F08E0C71C972B50139F52B360D6E732CB97981CF4746368638EC18065136D7D9D9DAE1C04793F9E5730C3117BA14A97CB194FD78C6AA49B08AF684E4E7715B98065CA432A9A48A954ACDA45EA52C0D380D90AF7E4A3655AB3A00B72F006215B80305171B8BFB86CB2C190C155344931CB4D401BBE54E46554C15242FD8E605D8152FCFDA78902309B52E45C9BD0F492AC52B338C1D7F9AD0FAAB8D3328043E5E3096B8CD72012B123C33FE89D261C9A610425B53ED76E501331A908D9462EAEC825A91D96E8C7B6E4632BDECF535499B98ADE1F54788CE93969B9895BB4CC6736701ECE4D41A84691017D7887B2A8D5617E1835D0AAB11F4FA50E8A6AAB3229DF2F1B15C82B1CB9509B3FAFC2E7FF0E6F8B952778FFAFB57E93B959D68A9E0616B799A2EC97F6BC4D4BEA5E8CC9DE1235FF431B521B4733120C38ADE6B69FAF4CBC7B6CEEE550F10C9CFABEF080D61A31C345A0F7FBBEC3D8F35834FA0CC7E52C1F167B52A287AD3F5E535BC867C86C6BA7FD87B5C9776785E3F155B67D289BAAFEFE45F2910802F16E1BD7BE1BB7C2CF63F8FF9DEF2AC266575227014A1512F2C9EB9CA0E4A0C871F87165C2943803ABF44B18A221CC34B334F6402EE809EF883BDC47B6CB7990539036014DD2CE5993B3FC9B4B507043307276C8633DA4C21B17238794D5DBA92BEDF155BF5B311B7C14733819CC9C7EBD83D9AF711C0CBF8EA449A4F2F6515E1BE1001EEDBBC7E45DFD69DFDCC217D46D135A356ACE522911520C78E811A6065FD69C2106C4CBA3755CB90BBB2E8AA5ACD9512A21F23E5C24BD6ED492BEE6BD6F3244D82F98DE8C717E8E3D02CA6E480DFCA44E4F2F2C2A8DA9C1097027617324BDE6A0E4C4C3E724D54C2D70D7FD7D6CDA26BA6A8F5FB2248880516D5EBD8B6E41AB4819BFB87F9D598AFEC9CBFC1420FD20D77356F64514898F6E2E7A9B96853BB9CAC1633206240247EB21554"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-05-10 02:37:49
ComboFix-quarantined-files.txt 2012-05-10 00:37
.
Před spuštěním: 2 268 790 784
Po spuštění: 2 177 310 720
.
- - End Of File - - 7965FE6FCF40DDDEF37578E959EBA63B

#2 Příspěvek od **JaRon** » 10 kvě 2012 06:48

ahoj,
mas tam vsetkeho nejak privela

- mas 2 AV - jeden z nich odinstaluj - AVAST alebo MSE
- odinstaluj Ad-aware + Terminator
- vycisti PC s CCleanerom
napis aky je stav

chali · #3 Příspěvek od **chali** » 10 kvě 2012 21:03

Tak jsem věci vymazal,zastavil jsem spoustu procesů při spuštění a aji nějaké neznámé co se mě fakt nezdali a ejhle system naskočil..vypadá to že je nyní stabilnější ale problem mám ted s avastem,nejde odinstalovat ani spustit,píše že nenačetl language dll, když chci nainstalovat avast,chce to po mě restart,po provedení tohoto restartu se přihlásím do windows naběhne obrazovka a restart a furt dokola

chali · #4 Příspěvek od **chali** » 10 kvě 2012 21:31

Tak avast odinstalovan jak tady popisoval jeden uživatel přes aswclear.exe...

#5 Příspěvek od **motji** » 12 kvě 2012 17:25

Jsou ještě s pc nějaké problémy?

VIRY.CZ

Kontrola logů

Kontrola logů

Re: Kontrola logů

Re: Kontrola logů

Re: Kontrola logů

Re: Kontrola logů