Nelze spustit exe soubory - zcela zasekané

[Michal.3393]

Dobrý den asi to bude nečekané, ale potřebuji prosím pěkně pomoc Stalo se mi to stejné, co člověku v tomto odkazu, kterému jste už dříve pomohli - http://forum.viry.cz/viewtopic.php?f=13&t=112471 - . Jel jsem podle tohoto návodu a vše bylo super, nootebook se rozchodil, paráda. Ale postupně se začaly objevovat další malwary, které jsem pořád mazal v tom jednom programu, který byl v tomto návodu. Dnes jsem ale nainstaloval avast a opět to po dalším spuštění kleklo, nevím jestli to s tím třeba něják souvisí.. Nejspíše mi muselo v pc ještě něco špatného zůstat

[JaRon]

ahoj,
pouzi navod kolegu z 13:11
http://forum.viry.cz/viewtopic.php?f=30 ... l#p1125250

[Michal.3393]

Myslíte ten Rkill a combofix? A poté sem dát z combofixu log?

[JaRon]

presne tak
ak by mal CF problem so spustenim, tak premenuj ComboFix.exe na cudo.com a spust tak

[Michal.3393]

Tak hotovo log z CF sem mám nakopírovat nebo něják vložit odkaz? Nutno říct že s druhou variantou si nejsem příliš jistý přes co O:-)

[JaRon]

vloz sem, ak bude velky rozdel na viac casti

[Michal.3393]

ComboFix 12-07-16.01 - User 17.07.2012 10:44:21.2.8 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6054.5144 [GMT 2:00]
Spuštěný z: c:\users\User\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-17 do 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-17 08:49 . 2012-07-17 08:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-17 08:49 . 2012-07-17 08:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-16 08:21 . 2012-07-17 08:47 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{31101041-CEE9-40FD-9928-EE64B6FB98A0}\offreg.dll
2012-07-13 14:53 . 2012-06-18 01:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{31101041-CEE9-40FD-9928-EE64B6FB98A0}\mpengine.dll
2012-07-12 09:07 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 16:10 . 2012-07-11 16:10 -------- d-----w- c:\users\User\AppData\Roaming\The Creative Assembly
2012-07-11 15:09 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 15:09 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 15:09 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 15:09 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 15:09 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 15:09 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 14:46 . 2012-07-17 07:59 -------- d-----w- c:\program files (x86)\Steam
2012-07-11 14:26 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 14:26 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 14:26 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 14:26 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 14:26 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-11 14:26 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 14:26 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-11 14:26 . 2012-06-02 04:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-11 14:26 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-11 13:20 . 2012-07-11 13:20 -------- d-----w- c:\users\User\AppData\Local\ElevatedDiagnostics
2012-07-11 12:21 . 2012-07-11 12:21 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2012-07-11 12:21 . 2012-07-11 12:21 -------- d-----w- c:\programdata\Malwarebytes
2012-07-11 12:21 . 2012-07-16 08:10 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-11 12:21 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-09 12:12 . 2012-07-10 15:22 -------- d-----w- c:\users\User\AppData\Local\Windows Live
2012-07-09 08:43 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-09 08:42 . 2012-07-17 08:39 -------- d-----w- c:\programdata\AVAST Software
2012-07-09 08:42 . 2012-07-16 11:44 -------- d-----w- c:\program files\AVAST Software
2012-07-07 09:14 . 2012-07-07 09:14 -------- d-----w- C:\Logs
2012-07-07 09:14 . 2012-07-07 09:14 -------- d-----w- c:\program files (x86)\SlySoft
2012-07-06 15:26 . 2012-07-06 15:31 -------- d-----w- c:\program files (x86)\MagicISO
2012-07-06 12:51 . 2012-07-06 12:51 -------- d-----w- c:\users\User\AppData\Local\xc341db93fc3c3195
2012-07-06 12:32 . 2012-07-06 12:32 -------- d-----w- c:\windows\ISO Creator
2012-07-06 12:08 . 2012-07-06 12:08 -------- d-----w- c:\users\User\AppData\Roaming\Canneverbe Limited
2012-07-06 12:08 . 2012-07-06 12:08 -------- d-----w- c:\program files (x86)\CDBurnerXP
2012-07-06 12:08 . 2012-07-06 12:08 -------- d-----w- c:\programdata\Canneverbe Limited
2012-07-06 10:26 . 2012-07-06 14:42 -------- d-----w- c:\program files (x86)\Electronic Arts
2012-07-06 09:24 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-03 20:06 . 2012-07-03 20:06 -------- d-----w- c:\users\User\AppData\Local\4A Games
2012-07-03 19:58 . 2012-07-03 19:58 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-07-03 15:41 . 2012-07-11 14:56 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-07-02 20:56 . 2012-07-11 14:36 -------- d-----w- c:\programdata\Electronic Arts
2012-07-02 20:38 . 2012-07-02 20:38 -------- d-----w- c:\program files (x86)\Microsoft WSE
2012-07-02 09:27 . 2012-02-23 08:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-07-01 10:11 . 2012-07-01 10:11 -------- d-----w- c:\programdata\Premium
2012-07-01 10:11 . 2012-07-01 10:11 -------- d-----w- c:\programdata\OptimizerPro
2012-07-01 10:10 . 2012-07-01 10:10 453 ----a-w- C:\user.js
2012-07-01 10:10 . 2012-07-11 13:59 -------- d-----w- c:\program files\Web Assistant
2012-07-01 10:09 . 2012-07-09 10:04 -------- d-----w- c:\programdata\ADDICT-THING
2012-07-01 10:09 . 2012-07-01 10:11 -------- d-----w- c:\programdata\InstallMate
2012-06-29 15:59 . 2012-06-29 15:59 -------- d-----w- c:\users\User\AppData\Local\Activision
2012-06-26 18:53 . 2012-06-26 18:53 -------- d-----w- c:\users\User\AppData\Local\Fallout3
2012-06-26 18:49 . 2012-06-26 18:49 -------- d-----w- c:\program files (x86)\Bethesda Softworks
2012-06-26 18:47 . 2012-06-26 18:47 -------- d-----w- c:\windows\SysWow64\xlive
2012-06-26 18:36 . 2012-06-26 18:36 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-26 18:36 . 2012-07-09 08:36 -------- d-----w- c:\users\User\AppData\Roaming\DAEMON Tools Lite
2012-06-26 18:36 . 2012-06-26 18:36 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-06-26 18:35 . 2012-06-26 18:46 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-06-25 22:07 . 2012-06-25 22:07 -------- d-----w- c:\program files\CCleaner
2012-06-25 22:07 . 2012-07-09 08:38 -------- d-----w- c:\users\User\AppData\Local\Google
2012-06-22 12:05 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 12:05 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 12:05 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 12:05 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 12:05 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 12:05 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 12:05 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 12:05 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 12:05 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-20 13:22 . 2012-06-20 13:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-06-20 13:22 . 2012-06-20 13:22 -------- d-----w- c:\program files (x86)\Oracle
2012-06-20 13:22 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-06-20 13:22 . 2012-05-04 17:29 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-20 13:21 . 2012-06-20 13:21 -------- d-----w- c:\program files (x86)\Java
2012-06-19 09:45 . 2012-06-19 09:45 -------- d-----w- c:\users\User\AppData\Roaming\FLEXnet
2012-06-19 09:45 . 2012-06-19 09:45 -------- d-----w- c:\users\User\AppData\Roaming\Nuance
2012-06-19 09:45 . 2012-06-19 09:45 -------- d-----w- c:\users\User\AppData\Roaming\Zeon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 11:59 . 2012-06-04 10:04 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-06-06 07:35 . 2010-06-24 18:33 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-05 13:45 . 2012-06-04 10:07 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-05 13:45 . 2012-06-04 10:07 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-05 13:45 . 2012-06-05 13:45 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-06-02 05:45 . 2012-07-11 14:26 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-11 14:26 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-04 11:06 . 2012-06-13 07:56 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 07:56 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 07:56 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 07:56 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 07:48 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 07:56 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 07:56 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 07:56 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 07:48 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 07:48 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 07:48 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 07:48 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 07:48 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 07:48 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-11_14.00.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-12 09:03 . 2012-06-02 08:17 73216 c:\windows\SysWOW64\mshtmled.dll
- 2012-06-13 11:17 . 2012-05-17 22:25 73216 c:\windows\SysWOW64\mshtmled.dll
+ 2012-07-12 09:03 . 2012-06-02 08:22 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
- 2012-06-13 11:17 . 2012-05-17 22:31 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2012-07-12 09:03 . 2012-06-02 08:21 65024 c:\windows\SysWOW64\jsproxy.dll
- 2012-06-13 11:17 . 2012-05-17 22:31 65024 c:\windows\SysWOW64\jsproxy.dll
+ 2009-07-14 04:54 . 2012-07-17 08:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-11 12:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-17 08:00 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-11 12:56 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-17 08:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-11 12:56 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-07-16 08:13 45796 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-16 12:01 38190 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2012-06-13 11:17 . 2012-05-18 01:51 96768 c:\windows\system32\mshtmled.dll
+ 2012-07-12 09:03 . 2012-06-02 11:57 96768 c:\windows\system32\mshtmled.dll
+ 2012-07-12 09:03 . 2012-06-02 12:03 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-06-13 11:17 . 2012-05-18 01:56 86528 c:\windows\system32\migration\WininetPlugin.dll
- 2012-06-13 11:17 . 2012-05-18 01:56 85504 c:\windows\system32\jsproxy.dll
+ 2012-07-12 09:03 . 2012-06-02 12:03 85504 c:\windows\system32\jsproxy.dll
- 2012-06-04 10:08 . 2012-07-10 07:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-06-04 10:08 . 2012-07-14 19:37 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-06-04 10:08 . 2012-07-14 19:37 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2012-06-04 10:08 . 2012-07-10 07:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-14 19:37 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-10 07:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-07-14 16:46 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-07-11 14:46 . 2012-07-11 14:46 27648 c:\windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe
+ 2012-07-11 20:52 . 2012-07-11 20:52 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-06-04 10:05 . 2012-07-16 12:01 9894 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3781232518-3517860701-3357000934-1001_UserData.bin
+ 2012-07-17 03:33 . 2012-07-17 08:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-11 12:54 . 2012-07-11 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-17 03:33 . 2012-07-17 08:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-11 12:54 . 2012-07-11 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-12 09:03 . 2012-06-02 08:23 231936 c:\windows\SysWOW64\url.dll
- 2012-06-13 11:17 . 2012-05-17 22:33 231936 c:\windows\SysWOW64\url.dll
+ 2012-07-11 14:26 . 2012-06-02 04:40 225280 c:\windows\SysWOW64\schannel.dll
- 2012-06-13 11:17 . 2012-05-17 22:29 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-07-12 09:03 . 2012-06-02 08:19 716800 c:\windows\SysWOW64\jscript.dll
+ 2012-07-12 09:03 . 2012-06-02 08:20 142848 c:\windows\SysWOW64\ieUnatt.exe
- 2012-06-13 11:17 . 2012-05-17 22:29 142848 c:\windows\SysWOW64\ieUnatt.exe
+ 2012-07-12 09:03 . 2012-06-02 08:14 176640 c:\windows\SysWOW64\ieui.dll
- 2012-06-13 11:17 . 2012-05-17 22:20 176640 c:\windows\SysWOW64\ieui.dll
- 2011-02-18 19:49 . 2010-11-20 12:18 805376 c:\windows\SysWOW64\cdosys.dll
+ 2012-07-11 14:48 . 2012-06-06 05:03 805376 c:\windows\SysWOW64\cdosys.dll
+ 2012-06-08 20:25 . 2012-07-16 11:42 221678 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
- 2012-06-13 11:17 . 2012-05-18 01:58 237056 c:\windows\system32\url.dll
+ 2012-07-12 09:03 . 2012-06-02 12:04 237056 c:\windows\system32\url.dll
+ 2009-07-14 02:36 . 2012-07-13 11:18 627420 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-11 12:34 627420 c:\windows\system32\perfh009.dat
- 2011-02-19 05:36 . 2012-07-11 12:34 642704 c:\windows\system32\perfh005.dat
+ 2011-02-19 05:36 . 2012-07-13 11:18 642704 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-07-13 11:18 110140 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-11 12:34 110140 c:\windows\system32\perfc009.dat
+ 2011-02-19 05:36 . 2012-07-13 11:18 125666 c:\windows\system32\perfc005.dat
- 2011-02-19 05:36 . 2012-07-11 12:34 125666 c:\windows\system32\perfc005.dat
+ 2012-07-12 09:03 . 2012-06-02 12:00 818688 c:\windows\system32\jscript.dll
- 2012-06-13 11:17 . 2012-05-18 01:55 818688 c:\windows\system32\jscript.dll
- 2012-06-13 11:17 . 2012-05-18 01:55 173056 c:\windows\system32\ieUnatt.exe
+ 2012-07-12 09:03 . 2012-06-02 12:01 173056 c:\windows\system32\ieUnatt.exe
+ 2012-07-12 09:03 . 2012-06-02 11:54 248320 c:\windows\system32\ieui.dll
- 2012-06-13 11:17 . 2012-05-18 01:47 248320 c:\windows\system32\ieui.dll
- 2009-07-14 04:45 . 2012-06-13 13:32 358024 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-07-12 11:46 358024 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:01 . 2012-07-10 15:46 285228 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-16 21:10 285228 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-11 20:52 . 2012-07-11 20:52 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-06-13 11:17 . 2012-05-17 22:35 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-07-12 09:03 . 2012-06-02 08:25 1129472 c:\windows\SysWOW64\wininet.dll
+ 2012-07-12 09:03 . 2012-06-02 08:26 1103872 c:\windows\SysWOW64\urlmon.dll
- 2012-06-13 11:17 . 2012-05-17 22:36 1103872 c:\windows\SysWOW64\urlmon.dll
- 2012-06-13 11:17 . 2012-05-17 22:45 1800192 c:\windows\SysWOW64\jscript9.dll
+ 2012-07-12 09:03 . 2012-06-02 08:33 1800192 c:\windows\SysWOW64\jscript9.dll
+ 2012-07-12 09:03 . 2012-06-02 08:19 1793024 c:\windows\SysWOW64\iertutil.dll
- 2012-06-13 11:17 . 2012-05-17 22:27 1793024 c:\windows\SysWOW64\iertutil.dll
- 2012-06-13 11:17 . 2012-05-17 22:48 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-07-12 09:03 . 2012-06-02 08:43 9737728 c:\windows\SysWOW64\ieframe.dll
+ 2012-07-12 09:03 . 2012-06-02 12:05 1392128 c:\windows\system32\wininet.dll
- 2012-06-13 11:17 . 2012-05-18 01:59 1392128 c:\windows\system32\wininet.dll
- 2012-06-13 11:17 . 2012-05-18 01:59 1346048 c:\windows\system32\urlmon.dll
+ 2012-07-12 09:03 . 2012-06-02 12:05 1346048 c:\windows\system32\urlmon.dll
- 2012-06-13 11:17 . 2012-05-18 02:06 2311680 c:\windows\system32\jscript9.dll
+ 2012-07-12 09:03 . 2012-06-02 12:12 2311680 c:\windows\system32\jscript9.dll
+ 2012-07-12 09:03 . 2012-06-02 11:59 2144768 c:\windows\system32\iertutil.dll
- 2012-06-13 11:17 . 2012-05-18 01:54 2144768 c:\windows\system32\iertutil.dll
- 2011-02-18 19:49 . 2010-11-20 13:25 1133568 c:\windows\system32\cdosys.dll
+ 2012-07-11 14:48 . 2012-06-06 06:02 1133568 c:\windows\system32\cdosys.dll
- 2009-07-14 04:45 . 2012-07-09 09:01 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2012-07-12 11:48 7111262 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2011-11-09 06:32 . 2012-07-10 15:46 1783736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-11-09 06:32 . 2012-07-16 21:10 1783736 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-06-04 10:09 . 2012-07-16 21:10 3848656 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3781232518-3517860701-3357000934-1001-8192.dat
- 2012-07-03 17:40 . 2012-07-03 17:40 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 17:40 . 2012-07-03 17:40 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 20:52 . 2012-07-11 20:52 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-11 15:08 . 2012-06-09 04:41 12873728 c:\windows\SysWOW64\shell32.dll
+ 2012-07-12 09:03 . 2012-06-02 09:07 12314624 c:\windows\SysWOW64\mshtml.dll
- 2012-06-13 11:17 . 2012-05-17 23:11 12314624 c:\windows\SysWOW64\mshtml.dll
+ 2009-07-14 02:34 . 2012-07-12 10:23 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-07-11 15:09 . 2012-06-09 05:43 14172672 c:\windows\system32\shell32.dll
- 2012-06-05 19:28 . 2012-01-04 10:44 14172672 c:\windows\system32\shell32.dll
+ 2012-07-12 09:03 . 2012-06-02 12:49 17807360 c:\windows\system32\mshtml.dll
- 2012-06-13 11:17 . 2012-05-18 02:47 17807360 c:\windows\system32\mshtml.dll
+ 2012-07-09 08:20 . 2012-07-12 09:05 59701280 c:\windows\system32\MRT.exe
- 2012-06-13 11:17 . 2012-05-18 02:16 10924032 c:\windows\system32\ieframe.dll
+ 2012-07-12 09:03 . 2012-06-02 12:17 10924032 c:\windows\system32\ieframe.dll
+ 2009-01-31 16:56 . 2009-01-31 16:56 10796032 c:\windows\Installer\1d689a.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-07-11 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-24 1601536]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2011-11-9 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-01 1166848]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-09-08 92800]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 257696]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-01-27 125416]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-04 13:45]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25 22:07]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25 22:07]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3781232518-3517860701-3357000934-1001Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 11:59]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3781232518-3517860701-3357000934-1001UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-06 11:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-12 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-12 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-12 416024]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-28 1935120]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.3.3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-07-17 10:50:59
ComboFix-quarantined-files.txt 2012-07-17 08:50
ComboFix2.txt 2012-07-11 14:01
.
Před spuštěním: Volných bajtů: 181 928 251 392
Po spuštění: Volných bajtů: 181 638 057 984
.
- - End Of File - - FCE32732FFAAB781B1538232070511E7

[JaRon]

skor ako budeme pokracovat odinstaluj jeden z dvojice AV:
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
potom restart a popis problemy PC

[Michal.3393]

Já ten avast odnistaloval už před stisknutím OK, ale asi jak jsem v nouzovem režimu, tak to neaktualizovalo. Každopádně jsem smazal i ten druhy antivirák. Notebook jsem teď spustil v normálním režimu a všechno zase funguje takto to bylo i před tím týdnem podle toho prvního návodu, ale aniž bych tam přidal něco krom toho avastu, začal se objevovat sem tam nějáký malware, který jsem hned smazal v Malwarebytes Anti-malware. Ale i tak se to právě dneska zase uplně kouslo

[JaRon]

vycisti PC s CCleanerom
sleduj ho 24 hod, a ak bude vsetko OK doinstaluj nejaky AV

[Michal.3393]

Dobře co všechno mám dát v tom cleaneru vyhledat a smazat? už se trošku těch AV bojím, vždycky když jsem ho nainstaloval, další den jsem to nerozchodil Je možné, že by po combofixu něco zůstalo a mě to tak spadlo ted po tom týdnu kvuli tomu?

[JaRon]

v CC nic nemen, vsetko nechaj ako je predvolene ,,,
citat:
Stahnete Ccleaner (viz muj podpis)
Panel čistič
• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

[Michal.3393]

Tak děkuju mockráát až budu moct, musim vám něco poslat do kasičky.. přímo teď jsem ale začínající vysokoškolák oškubaný jak kostelní myš vděčím za to právě tomuto novému notebooku snad se tento problem neobjeví znovu, už bych fakt nevěděl, odkud se to bere.. Tak ještě jednou, děkuju moc

[JaRon]

rado sa stalo
ak by nieco, kludne sa ozvi znovu

[Michal.3393]

Pardon, že ještě otravuju.. Ale po těchto všech změnách, nebo nevím čím by to mohlo být se objevil problem. Toto je herní notebook a když teď chci něco pustit, tak mi u všeho vyskočí okno, že se mi od posledního spuštění hry změnil HW, jestli to chci přizpůsobit. To co dřív šlapalo na plné detaily se dost seká.. Nemohl Combofix nebo některý program odinstalovat nějáké ovladače nebo něco?