SpyBot-Nejde odstranit Right Media 2

Zpráva

Václav Sedlář

mám problém-SpyBot-Nejde odstranit Right Media....

log z combofixu (co dělat?):

ComboFix 11-02-20.03 - Václav Sedlář 21.02.2011 19:44:52.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4094.2349 [GMT 1:00]
Spuštěný z: c:\users\Václav Sedlář\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Disabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\SysWow64\CFG
c:\windows\SysWow64\CFG\log.cfg
c:\windows\SysWow64\CFG\pten.cfg
c:\windows\SysWow64\html
c:\windows\SysWow64\html\calendar.html
c:\windows\SysWow64\html\calendarbottom.html
c:\windows\SysWow64\html\calendartop.html
c:\windows\SysWow64\html\crystalexportdialog.htm
c:\windows\SysWow64\html\crystalprinthost.html
c:\windows\SysWow64\images
c:\windows\SysWow64\images\toolbar\calendar.gif
c:\windows\SysWow64\images\toolbar\crlogo.gif
c:\windows\SysWow64\images\toolbar\export.gif
c:\windows\SysWow64\images\toolbar\export_over.gif
c:\windows\SysWow64\images\toolbar\exportd.gif
c:\windows\SysWow64\images\toolbar\First.gif
c:\windows\SysWow64\images\toolbar\first_over.gif
c:\windows\SysWow64\images\toolbar\Firstd.gif
c:\windows\SysWow64\images\toolbar\gotopage.gif
c:\windows\SysWow64\images\toolbar\gotopage_over.gif
c:\windows\SysWow64\images\toolbar\gotopaged.gif
c:\windows\SysWow64\images\toolbar\grouptree.gif
c:\windows\SysWow64\images\toolbar\grouptree_over.gif
c:\windows\SysWow64\images\toolbar\grouptreed.gif
c:\windows\SysWow64\images\toolbar\grouptreepressed.gif
c:\windows\SysWow64\images\toolbar\Last.gif
c:\windows\SysWow64\images\toolbar\last_over.gif
c:\windows\SysWow64\images\toolbar\Lastd.gif
c:\windows\SysWow64\images\toolbar\Next.gif
c:\windows\SysWow64\images\toolbar\next_over.gif
c:\windows\SysWow64\images\toolbar\Nextd.gif
c:\windows\SysWow64\images\toolbar\Prev.gif
c:\windows\SysWow64\images\toolbar\prev_over.gif
c:\windows\SysWow64\images\toolbar\Prevd.gif
c:\windows\SysWow64\images\toolbar\print.gif
c:\windows\SysWow64\images\toolbar\print_over.gif
c:\windows\SysWow64\images\toolbar\printd.gif
c:\windows\SysWow64\images\toolbar\Refresh.gif
c:\windows\SysWow64\images\toolbar\refresh_over.gif
c:\windows\SysWow64\images\toolbar\refreshd.gif
c:\windows\SysWow64\images\toolbar\Search.gif
c:\windows\SysWow64\images\toolbar\search_over.gif
c:\windows\SysWow64\images\toolbar\searchd.gif
c:\windows\SysWow64\images\toolbar\up.gif
c:\windows\SysWow64\images\toolbar\up_over.gif
c:\windows\SysWow64\images\toolbar\upd.gif
c:\windows\SysWow64\images\tree\begindots.gif
c:\windows\SysWow64\images\tree\beginminus.gif
c:\windows\SysWow64\images\tree\beginplus.gif
c:\windows\SysWow64\images\tree\blank.gif
c:\windows\SysWow64\images\tree\blankdots.gif
c:\windows\SysWow64\images\tree\dots.gif
c:\windows\SysWow64\images\tree\lastdots.gif
c:\windows\SysWow64\images\tree\lastminus.gif
c:\windows\SysWow64\images\tree\lastplus.gif
c:\windows\SysWow64\images\tree\Magnify.gif
c:\windows\SysWow64\images\tree\minus.gif
c:\windows\SysWow64\images\tree\minusbox.gif
c:\windows\SysWow64\images\tree\plus.gif
c:\windows\SysWow64\images\tree\plusbox.gif
c:\windows\SysWow64\images\tree\singleminus.gif
c:\windows\SysWow64\images\tree\singleplus.gif

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-21 do 2011-02-21 )))))))))))))))))))))))))))))))
.

2011-02-21 18:50 . 2011-02-21 18:50 -------- d-----w- c:\users\Martina Sedlářová\AppData\Local\temp
2011-02-21 18:50 . 2011-02-21 18:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-18 08:20 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6189533-F149-4E9A-A7F4-34FF04F33919}\mpengine.dll
2011-02-11 08:11 . 2011-02-11 08:11 -------- d-----w- c:\users\Václav Sedlář\AppData\Local\CrashRpt
2011-02-11 07:40 . 2011-02-11 07:40 -------- d-----w- c:\program files (x86)\Atari
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-21 18:54 . 2010-02-17 02:36 30528 ----a-w- c:\windows\GVTDrv64.sys
2011-02-21 18:53 . 2010-02-17 02:34 25640 ----a-w- c:\windows\gdrv.sys
2011-01-11 22:27 . 2010-06-01 17:00 362784 ----a-w- c:\windows\system32\guard64.dll
2011-01-11 22:27 . 2010-06-01 17:00 285480 ----a-w- c:\windows\SysWow64\guard32.dll
2011-01-11 22:27 . 2010-06-01 17:00 89840 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-11 22:27 . 2010-06-01 17:00 39888 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-11 22:27 . 2010-06-01 17:00 14184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-11 22:27 . 2010-06-04 09:55 250008 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-12-10 17:29 . 2010-12-10 17:29 64864 ----a-w- c:\windows\SysWow64\sqlctr90.dll
2010-12-10 17:29 . 2010-12-10 17:29 2248032 ----a-w- c:\windows\SysWow64\sqlncli.dll
2010-12-10 16:34 . 2010-12-10 16:34 2882400 ----a-w- c:\windows\system32\sqlncli.dll
2010-11-27 00:38 . 2010-11-27 00:38 1146 ----a-w- C:\zalohasptd.reg
2006-01-09 19:59 . 2010-08-15 22:21 7101440 ----a-w- c:\program files (x86)\PocketDivXEncoder_0.3.60.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-11-17 1242448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-02-16 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2009-02-28 75048]
"Openwares LiveUpdate"="c:\program files\LiveUpdate\LiveUpdate.exe" [2003-12-13 61440]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"EasyTuneVPro"="c:\program files (x86)\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-26 98304]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 atidgllk;atidgllk;c:\program files (x86)\GIGABYTE\ET5Pro\atidgllk.sys [2006-07-19 12048]
R3 cpuz130;cpuz130;c:\users\VCLAVS~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-07-05 25640]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 24064]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-04-06 50688]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-21 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-27 834544]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-01-11 250008]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-01-11 39888]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/17 20:48];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [2009-02-28 18:40 146928]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2008-10-27 759072]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 203776]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-11-16 735960]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 123200]
S2 GEST Service;GEST Service for program management.;c:\program files (x86)\Gigabyte\EnergySaver\GSvr.exe [2009-12-02 68136]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27136]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 8012288]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 287232]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
S3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-02-21 30528]
S3 MarkFun_NT;MarkFun_NT;c:\program files (x86)\GIGABYTE\ET5Pro\markfun.a64 [2007-09-21 19008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S4 atillk64;atillk64;c:\program files (x86)\GIGABYTE\ET5Pro\atillk64.sys [2006-07-19 14608]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MARKFUN_NT

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-08 9642528]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2716216]
"WheelMouse"="c:\program files\Mouse\Amoumain.exe" [2008-03-03 196608]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 3832064]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-22 8866120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Václav Sedlář\AppData\Roaming\Mozilla\Firefox\Profiles\sdv1213o.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: ÄŚeskĂ© slovnĂky pro kontrolu pravopisu: cs@dictionaries.addons.mozilla.org - %profile%\extensions\cs@dictionaries.addons.mozilla.org
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: Ant Video Downloader: anttoolbar@ant.com - %profile%\extensions\anttoolbar@ant.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\UninstFl.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MarkFun_NT]
"ImagePath"="\??\c:\program files (x86)\GIGABYTE\ET5Pro\markfun.a64"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-342074640-1979808654-670201236-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b3,56,35,a2,e3,5f,e7,87,cf,98,f8,0a,89,07,cf,27,71,fe,52,7c,6f,74,03,
30,93,eb,63,dc,1a,83,c0,cd,64,32,c3,08,8c,63,74,7d,7d,03,9e,8f,3d,b8,b5,df,\
"??"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="FBB11AEE139EC2BCA218027050D98813F79978B4C9E51BD85AEBDD150A5FEE49B5EE27F77F08991726C8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA9C6AECB7A5D1407BA7FD869164D6794E4934890366DB336925C0F848BDC9E40C26F5DBF3553A75C410B7D533E89BA9AE6A1AAC7D8865B1967DF8D339BF1BEA6F9B7815F91EDC3704D0A2E0294FCAD3EC753ED03FA00B84324F38DD090C175FC4D7DCAC8E60C809E1A97332F70D97C924DF2CDB06E0AE50A6A4C0DFD29313295DCFB9C70016D415BE89AF83EC9D51ECEF23258C576F20F831305DF609549750CFA5830C81FF37C6127DE3B158D4E21EDE5A4EF394F31F78E2A982E1FFEB956BAB217114D7327BFB07D130C9E1A4324AE0943CB86A25CF3C9EDEAF2E6FCD3004640A4237B27B1A709C3CBD2CAC457DB94F2EA772D1332EC19D1BF006A1E8CAF1112CD975552E2E87187FE460AD5D38FE6EE5AD0B1B514DFA5FEC0F65BE4FEB8C4CEC4FADD862D4A348B8976D387231E30FA378A9B1305DED9CFFBD07547E77F4F4E21A62345A828DEC4AA44238C56F440C809ACF529AF0F6753E2D8F22F2A7FE19DDCCB2F850E6F44DC04E6F686211B2AC03E10D067DF28C24D4AAE15F94BC8F07C567195B33DA5FAAF9F66510F5BA645FBA4E43F3508782336EB4721F9F479365FCFEDEAADBAE0DBD06621B93180432CC8F22ED9683BE18439E468DF7675CB2EEE6FF0C846AACD86062A4839ECB0343D2B40C13C50B359A736B6AF1DA7BF889A884078CE465A2ADBC69B63DFB7B04B9D5808C905AD4E6891BFC60C2ABC678C01BB305A9CE6B7CA82C1544AC0F7E6F2B3BAACC6D8350AAA089D5FC1DA57274CA94E133ED757549464D84FABF00A6125A972718ADE108ED299CA2C68090E5E4D21B69CA32BBB6984B0A16B890BBECCF2EFD07F3CC2DA23A69478BFEA10690EA93A23E8D8C32A512AD8656C3930D98080B9DBE2D634A7357E8E09100AD1695A108974F683532D0A2812A079657F927287FC4E8BA8677A55485E147459B2FE10C1E73D279C0FC4B6B558851E0A23163E527518CD54924CB88521652DC09A109B1672C7427032649E1E68FA49F9C3042542225AE250F28AB749B77C58FB76F68DF68B9071A077F12C40C4984F5B8F6F0ACB47ECE6E84896CF3F448C7E9938029EE2564642A024C9EE90B3ADE6283AE175F66A58D9BBD4C4A1A3AFFD077FD172A7EBBCCFA83A7BB81916BF392B2DF9D513DFD7DCA0BB61DE72C8A6E940E3BE7EA5B76CC37A0A470583EBB6F39D0C0B3CB2361FEC042FB8A0AB1299245B537AD03B8156F0F101D562A5BFAAC49EBCA87AC73F912E2FB12BBC58FABCAB6C2E84072F98AF55AD6379FDA0D7F0CAF7069966EAD2477B34B18BD72A"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files (x86)\GIGABYTE\ET5Pro\GUI.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Celkový čas: 2011-02-21 19:58:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-21 18:58

Před spuštěním: Volných bajtů: 28 486 430 720
Po spuštění: Volných bajtů: 28 332 109 824

- - End Of File - - DDDEDAEBA1B284B05018C64985C7C168

#2 Příspěvek od **Rudy** » 21 úno 2011 21:16

Několik položek bylo smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?

Václav Sedlář

zkusím spustit spybota jestli něco najde a dám vědět....

#4 Příspěvek od **Rudy** » 21 úno 2011 22:40

Václav Sedlář

tak jsme to projel spybotem a je to ok...vidíte v tom výpisu ještě nějaký zádrhel?

#6 Příspěvek od **Rudy** » 22 úno 2011 18:32

Ne, nevidím.

Václav Sedlář

tak jsem po týdnu spustil test ve spybotovy a je to tu zas...přikládám výpis v odkazu...

http://img560.imageshack.us/img560/1124/spybot.jpg

P.S.: internet explorer nepoužívám, jen když např. stahuju z ulozto, tak stahuju současně z firefoxu a IE...zrovna včera jsem to tak dělal...

#8 Příspěvek od **Rudy** » 26 úno 2011 20:13

Je to jen cookie. Klidně smažte a pokud nechcete, aby se vám cookies v PC ukládaly, zakažte to v prohlížeči webu. Cookies jsou txt soubory, které umožní identifikaci vašeho PC webem, který ho do vašeho PC uložil. Většina webů cookies používá ke zcela legitimním účelům.

Václav Sedlář

ok...nebudu dále řešit...jen poslední dotaz-kdybyste si měl povinně vybrat mezi Spybotem, nebo Spyware Terminatorem, který byste vybral? Děkuji...

#10 Příspěvek od **Márty84** » 27 úno 2011 09:12

Zdravim

Omlouvam se za vstup

Pockejte co napise Rudy, ale myslim, ze Spybota nedoporuci. Uz davno neni to co byval. Prectete si napriklad toto http://www.viry.cz/forum/viewtopic.php?f=14&t=102358

Zatim jsem se jeste nesetkal, ze by Terminator pusobil kolizi rezidentnich stitu (NOD totiz obsahuje i antispyware), pouzivam ho s Avastem (ktery taky obsahuje i antispyware) a zatim naprosta spokojenost. Ale kdyby nahodou, dejte ho pak pryc a nainstalujte SAS, ktery nema ve free verzi rezident

Preji hezky zbytek vikendu

#11 Příspěvek od **Rudy** » 27 úno 2011 10:45

Já se moju k Mártymu jen připojit. Musíte to ale vyzkoušet, případně Antispy v NODu vypnout, nebo používat ST jen jako skener.

Václav Sedlář

Tak jsem tam dal ST a je vše zapnuto a ok...není jen zapnutý nějaký HIPS....mám to povolit? Co to je?

P.S.: Na pc mám nod 32 antivirus, comodo firewall s funkcí defense+

#13 Příspěvek od **Rudy** » 27 úno 2011 12:26

HIPS je rez. štít. Zkuste povolit, kdyby se tloukl s NODem, zachovejte se tak, jak píši výše.

Václav Sedlář

Tímto oficiálně hlásím, že i když mám na PC i Notebooku stejný SW, tak na PC můžu mít plně zapnutý antispyware terminátor i HIPS, tak i plně zapnutý nod32, ale na notebooku i když úplně vypnu rezidenta ST i HIPS ST, tak to hází nepravidelně bsod s chybou fltmgr.sys ...jediné co je ještě zapnuté, tak web sec.guard...ale chyba se stane i když je vypnutý prohlížeč...

takže prosím o doporučení jiného anti spyware sw...díky

#15 Příspěvek od **Rudy** » 08 bře 2011 19:09

Zde: http://www.viry.cz/forum/viewtopic.php?f=29&t=38810 si můžete vybrat.

VIRY.CZ

SpyBot-Nejde odstranit Right Media 2

SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2

Re: SpyBot-Nejde odstranit Right Media 2