Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu Nefunkční háčky na klávesnici

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
menge1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 11 čer 2009 12:46

Prosím o kontrolu Nefunkční háčky na klávesnici

#1 Příspěvek od menge1 »

Dobrý den,
PROSÍÍM o kontrolu, zda mám v PC něco co tam nemá být??Klávesnice mi přestala psát háčky u písmen
-d,t,n,-..místo toho při shiftu a háčku píšedvojtý háček..:ˇˇ,ˇˇ,ˇˇ nevím si rady

ComboFix 11-06-01.07 - autosip 02.06.2011 14:22:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3949.2074 [GMT 2:00]
SpuÜtýnř z: c:\users\autosip\Desktop\ComboFix.exe
AV: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Profi Antivirus 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvo°en novř Bod ObnovenÝ
.
.
((((((((((((((((((((((((((((((((((((((( OstatnÝ vřmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\users\autosip\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\autosip\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\windows\SysWow64\oledb32.dll
c:\windows\SysWow64\W020T32W.DLL
c:\windows\SysWow64\W021T32W.DLL
.
.
((((((((((((((((((((((((( Soubory vytvo°enÚ od 2011-05-02 do 2011-06-02 )))))))))))))))))))))))))))))))
.
.
2011-06-02 12:26 . 2011-06-02 12:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-02 11:08 . 2011-06-02 12:09 301568 ----a-w- c:\windows\SysWow64\cmd.execf
2011-05-29 19:29 . 2007-11-20 12:33 47680 ----a-w- c:\windows\system32\drivers\Capt905c.sys
2011-05-29 19:29 . 2007-08-21 12:28 39872 ----a-w- c:\windows\system32\drivers\Camd905c.sys
2011-05-29 19:29 . 2011-06-02 10:51 -------- d-----w- c:\program files (x86)\MyDSC2
2011-05-29 19:29 . 2011-05-29 19:29 -------- d-----w- c:\users\autosip\AppData\Roaming\InstallShield
2011-05-25 04:23 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-20 04:11 . 2011-05-20 04:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-20 03:53 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-20 03:53 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 05:01 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 05:01 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 05:01 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 05:01 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 05:01 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 05:01 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 05:01 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 05:01 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 05:01 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 05:01 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-09 05:18 . 2011-05-09 05:28 -------- d-----w- c:\users\autosip\SUS MTS
2011-05-08 13:13 . 2003-07-15 05:30 21941 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\STRINGS.JS
2011-05-08 13:13 . 2003-07-15 05:30 18690 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\PRELOAD.JS
2011-05-08 13:13 . 2003-07-15 05:30 14396 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\FPLIB.JS
2011-05-08 13:13 . 2003-07-15 05:30 11729 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\_JMPMENU.JS
2011-05-08 13:13 . 2003-07-15 05:30 18219 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\SETTEXT.JS
2011-05-08 13:13 . 2003-07-15 05:30 15020 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\_PRELOAD.JS
2011-05-08 13:13 . 2003-07-15 05:30 13773 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\DOM.JS
2011-05-08 13:13 . 2003-07-15 05:30 11988 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\GETOBJ.JS
2011-05-08 12:55 . 2011-05-09 19:18 -------- d-----w- c:\users\autosip\AppData\Roaming\FileZilla
2011-05-08 12:54 . 2011-05-08 12:54 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2011-05-06 07:52 . 2011-05-06 07:52 2190 ----a-w- c:\users\autosip\ia_remove.sh5790.tmp
2011-05-06 07:41 . 2011-05-06 07:41 -------- d-----w- c:\users\autosip\AppData\Local\{7148F0A6-6813-11D6-A77B-00B0D0142100}
2011-05-05 06:14 . 2011-05-05 06:14 2190 ----a-w- c:\users\autosip\ia_remove.sh7462.tmp
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\tools
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\texts
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\skins
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\res
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\plugins
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\includes
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\help
2011-05-05 06:12 . 2011-05-05 06:14 -------- d-----w- c:\program files (x86)\Uninstall_JAlbum
2011-05-05 06:06 . 2011-05-05 06:06 2190 ----a-w- c:\users\autosip\ia_remove.sh2909.tmp
2011-05-05 05:29 . 2011-05-05 05:29 2190 ----a-w- c:\users\autosip\ia_remove.sh7570.tmp
2011-05-05 05:13 . 2011-05-05 05:13 2190 ----a-w- c:\users\autosip\ia_remove.sh4213.tmp
2011-05-05 05:10 . 2011-05-06 07:48 -------- d-----w- c:\users\autosip\JAlbum
2011-05-05 05:10 . 2011-05-05 05:12 -------- d--h--w- c:\users\autosip\Zero G Registry
2011-05-05 05:06 . 2011-05-05 05:07 -------- d-----w- c:\program files (x86)\Web Album Generator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vřpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-05 12:23 . 2011-04-05 12:23 131072 ----a-w- c:\windows\SysWow64\duninstall.exe
2011-04-05 12:23 . 2011-04-05 12:23 608448 ----a-w- c:\windows\comctl32.ocx
2011-04-05 12:23 . 2011-04-05 12:23 122128 ----a-w- c:\windows\SysWow64\VB6IT.DLL
2011-04-05 12:23 . 2011-04-05 12:23 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-03-29 08:00 . 2011-04-05 12:21 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-03-24 19:35 . 2011-04-05 12:21 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-03-24 19:28 . 2011-04-05 12:21 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-03-19 19:00 . 2011-04-05 12:21 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-03-12 12:03 . 2011-04-27 03:46 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-12 11:31 . 2011-04-27 03:46 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:23 . 2011-04-27 03:46 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 06:23 . 2011-04-27 03:46 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:23 . 2011-04-27 03:46 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:23 . 2011-04-27 03:46 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:23 . 2011-04-27 03:46 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:22 . 2011-04-27 03:46 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:22 . 2011-04-27 03:46 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:19 . 2011-04-13 11:38 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:19 . 2011-04-13 11:38 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:18 . 2011-04-27 03:46 2566144 ----a-w- c:\windows\system32\esent.dll
2011-03-11 06:15 . 2011-04-27 03:46 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-03-11 05:40 . 2011-04-13 11:38 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:40 . 2011-04-13 11:38 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:39 . 2011-04-27 03:46 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-03-11 05:37 . 2011-04-27 03:46 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-03-08 06:14 . 2011-04-13 11:39 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-13 11:39 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((( SpouÜtýcÝ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnÚ zßznamy a legitimnÝ vřchozÝ ˙daje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-22 39408]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-09-19 26624]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2010-11-20 397176]
"FCACheck"="c:\windows\SysWOW64\FCA\FCACheck.exe" [2009-02-08 28672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-22 2429]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2004-08-25 1465856]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"FamilyCyberAlert"="c:\windows\SysWOW64\FCA\Syslogin.exe" [2011-04-03 1667072]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-8-22 12862]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
ImageMixer HDD Camera Monitor.lnk - c:\program files (x86)\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2010-9-18 2117632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 gupdatem;Slu×ba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 WatAdminSvc;Slu×ba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 PxHlpa64;PxHlpa64;c:\windows\SysWOW64\Drivers\PxHlpa64.sys [2006-10-18 52760]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2010-11-30 194728]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresß°e 'NaplßnovanÚ ˙lohy'
.
2011-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
2011-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Dopl˛kovř sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentß°e Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\program files (x86)\F-Secure\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
.
- - - - NEPLATN╔ POLOÄKY ODSTRAN╠N╔ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-WEBTRAN - (no file)
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-AVQ Player - c:\windows\system32\duninstall.exe
AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
.
.
.
--------------------- ZAMKNUT╔ KL═╚E V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19F985A9-9D7E-6A2F-B975-61EB306B4932}*]
@Allowed: (Read) (RestrictedCode)
"iaaplkfebmkdcpfdnf"=hex:6a,61,6c,62,61,63,6e,6f,62,67,6b,6f,67,6d,63,63,67,67,
66,6a,00,00
"hakojlhdaiknedlb"=hex:6a,61,6d,62,6c,64,6f,6d,6c,66,6d,67,62,70,6e,62,61,6a,
70,6a,00,fe
"gannecjofoadhh"=hex:6a,61,6c,62,61,63,6e,6f,62,67,6b,6f,67,6d,63,63,67,67,66,
6a,00,a0
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\SecuROM\License information*]
"datasecu"=hex:a8,2b,0f,ea,91,7c,53,42,6e,03,da,dd,79,66,9c,17,d9,24,de,29,32,
57,04,74,bb,da,d3,9b,85,8c,47,42,e1,8f,57,97,8e,ce,8a,ed,eb,99,b8,4a,be,ec,\
"rkeysecu"=hex:00,13,46,d3,6d,d2,38,b3,ee,25,fb,75,c0,a7,ce,33
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkovř Ŕas: 2011-06-02 14:29:32
ComboFix-quarantined-files.txt 2011-06-02 12:29
.
P°ed spuÜtýnÝm: Volnřch bajt¨: 24á853á864á448
Po spuÜtýnÝ: Volnřch bajt¨: 25á925á500á928
.
- - End Of File - - 89F144669E034F4E84A11CCF79507637
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#2 Příspěvek od Rudy »

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Regnull::
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19F985A9-9D7E-6A2F-B975-61EB306B4932}*]
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
menge1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 11 čer 2009 12:46

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#3 Příspěvek od menge1 »

Děkuji, provedeno a již háčky fungují.
nový log

ComboFix 11-06-01.07 - autosip 02.06.2011 20:31:05.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3949.1894 [GMT 2:00]
Spuštěný z: c:\users\autosip\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\autosip\Desktop\CFScript.txt
AV: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Profi Antivirus 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\autosip\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\autosip\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-02 do 2011-06-02 )))))))))))))))))))))))))))))))
.
.
2011-06-02 18:34 . 2011-06-02 18:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-02 11:09 . 2011-06-02 11:09 301568 ----a-w- c:\windows\SysWow64\CF24095.exe
2011-06-02 11:09 . 2011-06-02 11:09 8704 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS
2011-06-02 11:08 . 2011-06-02 12:09 301568 ----a-w- c:\windows\SysWow64\cmd.execf
2011-05-29 19:29 . 2007-11-20 12:33 47680 ----a-w- c:\windows\system32\drivers\Capt905c.sys
2011-05-29 19:29 . 2007-08-21 12:28 39872 ----a-w- c:\windows\system32\drivers\Camd905c.sys
2011-05-29 19:29 . 2011-06-02 10:51 -------- d-----w- c:\program files (x86)\MyDSC2
2011-05-29 19:29 . 2011-05-29 19:29 -------- d-----w- c:\users\autosip\AppData\Roaming\InstallShield
2011-05-25 04:23 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-20 04:11 . 2011-05-20 04:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-20 03:53 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-20 03:53 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-11 05:01 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 05:01 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 05:01 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 05:01 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 05:01 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 05:01 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 05:01 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 05:01 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 05:01 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 05:01 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-09 05:18 . 2011-05-09 05:28 -------- d-----w- c:\users\autosip\SUS MTS
2011-05-08 13:13 . 2003-07-15 05:30 21941 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\STRINGS.JS
2011-05-08 13:13 . 2003-07-15 05:30 18690 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\PRELOAD.JS
2011-05-08 13:13 . 2003-07-15 05:30 14396 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\FPLIB.JS
2011-05-08 13:13 . 2003-07-15 05:30 11729 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\_JMPMENU.JS
2011-05-08 13:13 . 2003-07-15 05:30 18219 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\SETTEXT.JS
2011-05-08 13:13 . 2003-07-15 05:30 15020 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\_PRELOAD.JS
2011-05-08 13:13 . 2003-07-15 05:30 13773 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\DOM.JS
2011-05-08 13:13 . 2003-07-15 05:30 11988 ----a-w- c:\users\autosip\AppData\Roaming\Microsoft\FrontPage\Behaviors\Actions\GETOBJ.JS
2011-05-08 12:55 . 2011-05-09 19:18 -------- d-----w- c:\users\autosip\AppData\Roaming\FileZilla
2011-05-08 12:54 . 2011-05-08 12:54 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2011-05-06 07:52 . 2011-05-06 07:52 2190 ----a-w- c:\users\autosip\ia_remove.sh5790.tmp
2011-05-06 07:41 . 2011-05-06 07:41 -------- d-----w- c:\users\autosip\AppData\Local\{7148F0A6-6813-11D6-A77B-00B0D0142100}
2011-05-05 06:14 . 2011-05-05 06:14 2190 ----a-w- c:\users\autosip\ia_remove.sh7462.tmp
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\tools
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\texts
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\skins
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\res
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\plugins
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\includes
2011-05-05 06:13 . 2011-05-05 06:13 -------- d-----w- c:\program files (x86)\help
2011-05-05 06:12 . 2011-05-05 06:14 -------- d-----w- c:\program files (x86)\Uninstall_JAlbum
2011-05-05 06:06 . 2011-05-05 06:06 2190 ----a-w- c:\users\autosip\ia_remove.sh2909.tmp
2011-05-05 05:29 . 2011-05-05 05:29 2190 ----a-w- c:\users\autosip\ia_remove.sh7570.tmp
2011-05-05 05:13 . 2011-05-05 05:13 2190 ----a-w- c:\users\autosip\ia_remove.sh4213.tmp
2011-05-05 05:10 . 2011-05-06 07:48 -------- d-----w- c:\users\autosip\JAlbum
2011-05-05 05:10 . 2011-05-05 05:12 -------- d--h--w- c:\users\autosip\Zero G Registry
2011-05-05 05:06 . 2011-05-05 05:07 -------- d-----w- c:\program files (x86)\Web Album Generator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-05 12:23 . 2011-04-05 12:23 131072 ----a-w- c:\windows\SysWow64\duninstall.exe
2011-04-05 12:23 . 2011-04-05 12:23 608448 ----a-w- c:\windows\comctl32.ocx
2011-04-05 12:23 . 2011-04-05 12:23 122128 ----a-w- c:\windows\SysWow64\VB6IT.DLL
2011-04-05 12:23 . 2011-04-05 12:23 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-03-29 08:00 . 2011-04-05 12:21 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-03-24 19:35 . 2011-04-05 12:21 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-03-24 19:28 . 2011-04-05 12:21 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-03-19 19:00 . 2011-04-05 12:21 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2011-03-12 12:03 . 2011-04-27 03:46 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-12 11:31 . 2011-04-27 03:46 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-11 06:23 . 2011-04-27 03:46 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2011-03-11 06:23 . 2011-04-27 03:46 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-03-11 06:23 . 2011-04-27 03:46 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-03-11 06:23 . 2011-04-27 03:46 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-03-11 06:23 . 2011-04-27 03:46 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-03-11 06:22 . 2011-04-27 03:46 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-03-11 06:22 . 2011-04-27 03:46 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-03-11 06:19 . 2011-04-13 11:38 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 06:19 . 2011-04-13 11:38 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:18 . 2011-04-27 03:46 2566144 ----a-w- c:\windows\system32\esent.dll
2011-03-11 06:15 . 2011-04-27 03:46 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-03-11 05:40 . 2011-04-13 11:38 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:40 . 2011-04-13 11:38 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:39 . 2011-04-27 03:46 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2011-03-11 05:37 . 2011-04-27 03:46 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-03-08 06:14 . 2011-04-13 11:39 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-13 11:39 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-02_12.27.45 )))))))))))))))))))))))))))))))))))))))))
.
- 2010-09-16 02:34 . 2011-06-02 11:24 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 02:34 . 2011-06-02 13:14 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 02:34 . 2011-06-02 11:24 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-16 02:34 . 2011-06-02 13:14 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-02 13:14 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-02 11:24 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-22 39408]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-09-19 26624]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2010-11-20 397176]
"FCACheck"="c:\windows\SysWOW64\FCA\FCACheck.exe" [2009-02-08 28672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-22 2429]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2004-08-25 1465856]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"FamilyCyberAlert"="c:\windows\SysWOW64\FCA\Syslogin.exe" [2011-04-03 1667072]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-8-22 12862]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
ImageMixer HDD Camera Monitor.lnk - c:\program files (x86)\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2010-9-18 2117632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 PxHlpa64;PxHlpa64;c:\windows\SysWOW64\Drivers\PxHlpa64.sys [2006-10-18 52760]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2010-11-30 194728]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
2011-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\program files (x86)\F-Secure\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19F985A9-9D7E-6A2F-B975-61EB306B4932}*]
@Allowed: (Read) (RestrictedCode)
"iaaplkfebmkdcpfdnf"=hex:6a,61,6c,62,61,63,6e,6f,62,67,6b,6f,67,6d,63,63,67,67,
66,6a,00,00
"hakojlhdaiknedlb"=hex:6a,61,6d,62,6c,64,6f,6d,6c,66,6d,67,62,70,6e,62,61,6a,
70,6a,00,fe
"gannecjofoadhh"=hex:6a,61,6c,62,61,63,6e,6f,62,67,6b,6f,67,6d,63,63,67,67,66,
6a,00,a0
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\SecuROM\License information*]
"datasecu"=hex:a8,2b,0f,ea,91,7c,53,42,6e,03,da,dd,79,66,9c,17,d9,24,de,29,32,
57,04,74,bb,da,d3,9b,85,8c,47,42,e1,8f,57,97,8e,ce,8a,ed,eb,99,b8,4a,be,ec,\
"rkeysecu"=hex:00,13,46,d3,6d,d2,38,b3,ee,25,fb,75,c0,a7,ce,33
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-02 20:36:07
ComboFix-quarantined-files.txt 2011-06-02 18:36
ComboFix2.txt 2011-06-02 12:29
.
Před spuštěním: Volných bajtů: 25 922 248 704
Po spuštění: Volných bajtů: 25 863 979 008
.
- - End Of File - - 970F2A60A37A04B2D94509EAF9860D06
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#4 Příspěvek od Rudy »

OK. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
menge1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 11 čer 2009 12:46

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#5 Příspěvek od menge1 »

Dobrý den,
opět háčky nefungují. :( :(
navíc vyskakuje program Family Cyber Alert , pod procesem
Syslogin.exe , ten nelze ukončit, furt se opakovaně vrací.

prosím o pomoc
nový log:




ComboFix 11-06-20.01 - autosip 21.06.2011 11:50:04.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3949.2402 [GMT 2:00]
Spuštěný z: c:\users\autosip\Desktop\ComboFix.exe
AV: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Profi Antivirus 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-21 do 2011-06-21 )))))))))))))))))))))))))))))))
.
.
2011-06-21 09:54 . 2011-06-21 09:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-19 19:22 . 2011-06-19 19:32 -------- d-----w- c:\program files (x86)\AD Stahovač souborů
2011-06-19 19:18 . 2011-06-19 19:18 -------- d-----w- c:\users\autosip\AppData\Roaming\VitySoft
2011-06-19 19:12 . 2011-06-19 19:12 -------- d-----w- c:\users\autosip\AppData\Roaming\FlashGet
2011-06-19 19:12 . 2011-06-19 19:34 -------- d-----w- c:\users\autosip\AppData\Roaming\BITS
2011-06-19 19:12 . 2011-06-19 19:12 -------- d-----w- c:\program files (x86)\FlashGet Network
2011-06-15 19:46 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 19:46 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 19:46 . 2011-04-27 02:39 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 19:46 . 2011-04-27 02:39 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 19:46 . 2011-04-27 02:40 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 19:46 . 2011-05-28 03:06 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-06-15 19:46 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 19:46 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 19:46 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 19:45 . 2011-02-25 06:22 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 19:45 . 2011-02-25 05:34 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-15 19:45 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 19:45 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-10 04:20 . 2011-06-10 04:20 -------- d-----w- c:\windows\system32\SPReview
2011-06-10 04:20 . 2011-06-10 04:20 -------- d-----w- c:\windows\system32\EventProviders
2011-06-07 04:07 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-07 04:07 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-06-07 04:07 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-06-07 04:05 . 2010-11-20 13:27 263168 ----a-w- c:\windows\system32\spwizui.dll
2011-06-07 04:04 . 2010-11-20 13:28 459248 ----a-w- c:\windows\system32\drivers\cng.sys
2011-06-07 04:03 . 2010-11-20 13:33 63360 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-06-07 04:02 . 2010-11-20 13:27 71680 ----a-w- c:\windows\system32\wkscli.dll
2011-06-07 04:01 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2011-06-07 04:01 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2011-06-07 04:01 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2011-06-07 04:01 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2011-06-07 04:01 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-06-07 04:01 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
2011-06-07 04:00 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-06-07 04:00 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-06-07 04:00 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-06-07 04:00 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-06-07 03:58 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-06-07 03:58 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-06-07 03:58 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-06-07 03:57 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-06-07 03:57 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-06-07 03:57 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-06-07 03:57 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-06-02 11:09 . 2011-06-02 11:09 301568 ----a-w- c:\windows\SysWow64\CF24095.exe
2011-06-02 11:09 . 2011-06-02 11:09 8704 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS
2011-05-29 19:29 . 2007-11-20 12:33 47680 ----a-w- c:\windows\system32\drivers\Capt905c.sys
2011-05-29 19:29 . 2007-08-21 12:28 39872 ----a-w- c:\windows\system32\drivers\Camd905c.sys
2011-05-29 19:29 . 2011-06-19 10:10 -------- d-----w- c:\program files (x86)\MyDSC2
2011-05-29 19:29 . 2011-05-29 19:29 -------- d-----w- c:\users\autosip\AppData\Roaming\InstallShield
2011-05-25 04:23 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-10 09:29 . 2011-05-20 04:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-10 04:26 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-10 04:26 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-19 12:32 . 2011-05-19 12:32 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-19 12:32 . 2011-05-19 12:32 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-19 12:32 . 2011-05-19 12:32 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-05-19 12:32 . 2011-05-19 12:32 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-05-19 12:32 . 2011-05-19 12:32 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-19 12:32 . 2011-05-19 12:32 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-05-19 12:32 . 2011-05-19 12:32 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-19 12:32 . 2011-05-19 12:32 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-05-19 12:32 . 2011-05-19 12:32 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-05-19 12:32 . 2011-05-19 12:32 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-05-19 12:32 . 2011-05-19 12:32 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-05-19 12:32 . 2011-05-19 12:32 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-05-19 12:32 . 2011-05-19 12:32 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-19 12:32 . 2011-05-19 12:32 448512 ----a-w- c:\windows\system32\html.iec
2011-05-19 12:32 . 2011-05-19 12:32 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-19 12:32 . 2011-05-19 12:32 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-05-19 12:32 . 2011-05-19 12:32 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-05-19 12:32 . 2011-05-19 12:32 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-19 12:32 . 2011-05-19 12:32 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-05-19 12:32 . 2011-05-19 12:32 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-05-19 12:32 . 2011-05-19 12:32 222208 ----a-w- c:\windows\system32\msls31.dll
2011-05-19 12:32 . 2011-05-19 12:32 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-05-19 12:32 . 2011-05-19 12:32 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-19 12:32 . 2011-05-19 12:32 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-05-19 12:32 . 2011-05-19 12:32 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-05-19 12:32 . 2011-05-19 12:32 160256 ----a-w- c:\windows\system32\wextract.exe
2011-05-19 12:32 . 2011-05-19 12:32 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-05-19 12:32 . 2011-05-19 12:32 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-05-19 12:32 . 2011-05-19 12:32 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-19 12:32 . 2011-05-19 12:32 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-05-19 12:32 . 2011-05-19 12:32 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-05-19 12:32 . 2011-05-19 12:32 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-05-19 12:32 . 2011-05-19 12:32 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-19 12:32 . 2011-05-19 12:32 12288 ----a-w- c:\windows\system32\mshta.exe
2011-05-19 12:32 . 2011-05-19 12:32 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-05-19 12:32 . 2011-05-19 12:32 114176 ----a-w- c:\windows\system32\admparse.dll
2011-05-19 12:32 . 2011-05-19 12:32 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-19 12:32 . 2011-05-19 12:32 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-19 12:32 . 2011-05-19 12:32 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-05-19 12:32 . 2011-05-19 12:32 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-05-06 07:52 . 2011-05-06 07:52 2190 ----a-w- c:\users\autosip\ia_remove.sh5790.tmp
2011-05-05 06:14 . 2011-05-05 06:14 2190 ----a-w- c:\users\autosip\ia_remove.sh7462.tmp
2011-05-05 06:06 . 2011-05-05 06:06 2190 ----a-w- c:\users\autosip\ia_remove.sh2909.tmp
2011-05-05 05:29 . 2011-05-05 05:29 2190 ----a-w- c:\users\autosip\ia_remove.sh7570.tmp
2011-05-05 05:13 . 2011-05-05 05:13 2190 ----a-w- c:\users\autosip\ia_remove.sh4213.tmp
2011-04-09 07:02 . 2011-05-11 05:01 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-20 03:53 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-11 05:01 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-11 05:01 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-20 03:53 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-04-05 12:23 . 2011-04-05 12:23 131072 ----a-w- c:\windows\SysWow64\duninstall.exe
2011-04-05 12:23 . 2011-04-05 12:23 608448 ----a-w- c:\windows\comctl32.ocx
2011-04-05 12:23 . 2011-04-05 12:23 122128 ----a-w- c:\windows\SysWow64\VB6IT.DLL
2011-04-05 12:23 . 2011-04-05 12:23 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-03-29 08:00 . 2011-04-05 12:21 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-03-25 03:29 . 2011-05-11 05:01 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 03:29 . 2011-05-11 05:01 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 03:29 . 2011-05-11 05:01 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 03:29 . 2011-05-11 05:01 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 03:29 . 2011-05-11 05:01 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-03-25 03:29 . 2011-05-11 05:01 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 03:28 . 2011-05-11 05:01 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-24 19:35 . 2011-04-05 12:21 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-03-24 19:28 . 2011-04-05 12:21 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-06-20_04.22.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-06-20 04:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-18 04:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-18 04:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-20 04:27 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-18 04:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-20 04:27 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-06-20 04:30 31232 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-06-18 04:45 31232 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-16 02:34 . 2011-06-21 09:48 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 02:34 . 2011-06-19 19:12 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 02:34 . 2011-06-19 19:12 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-16 02:34 . 2011-06-21 09:48 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-21 09:48 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-19 19:12 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-06-20 04:30 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-09-15 11:40 . 2011-06-20 04:30 8440 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3213582312-2653984884-1375828948-1001_UserData.bin
- 2011-06-18 04:42 . 2011-06-18 04:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-20 04:27 . 2011-06-20 04:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-18 04:42 . 2011-06-18 04:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-20 04:27 . 2011-06-20 04:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-10-14 10:53 . 2011-06-21 08:05 356792 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-07-14 02:36 . 2011-06-20 04:32 626040 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-06-19 07:35 626040 c:\windows\system32\perfh009.dat
+ 2009-08-03 20:00 . 2011-06-20 04:32 641674 c:\windows\system32\perfh005.dat
- 2009-08-03 20:00 . 2011-06-19 07:35 641674 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-06-19 07:35 110476 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-06-20 04:32 110476 c:\windows\system32\perfc009.dat
+ 2009-08-03 20:00 . 2011-06-20 04:32 126348 c:\windows\system32\perfc005.dat
- 2009-08-03 20:00 . 2011-06-19 07:35 126348 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:01 . 2011-06-20 04:26 432648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-06-17 19:58 432648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-23 09:30 . 2011-06-20 04:26 21272516 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3213582312-2653984884-1375828948-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-22 39408]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-09-19 26624]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2010-11-20 397176]
"FCACheck"="c:\windows\SysWOW64\FCA\FCACheck.exe" [2009-02-08 28672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-22 2429]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2004-08-25 1465856]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"FamilyCyberAlert"="c:\windows\SysWOW64\FCA\syslogin.exe" [2011-04-03 1667072]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
ImageMixer HDD Camera Monitor.lnk - c:\program files (x86)\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2010-9-18 2117632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 PxHlpa64;PxHlpa64;c:\windows\SysWOW64\Drivers\PxHlpa64.sys [2006-10-18 52760]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
2011-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: ????3?? - c:\users\autosip\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\autosip\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\program files (x86)\F-Secure\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\autosip\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\autosip\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19F985A9-9D7E-6A2F-B975-61EB306B4932}*]
@Allowed: (Read) (RestrictedCode)
"iaaplkfebmkdcpfdnf"=hex:6a,61,6c,62,61,63,6e,6f,62,67,6b,6f,67,6d,63,63,67,67,
66,6a,00,00
"hakojlhdaiknedlb"=hex:6a,61,6d,62,6c,64,6f,6d,6c,66,6d,67,62,70,6e,62,61,6a,
70,6a,00,fe
"gannecjofoadhh"=hex:6a,61,6c,62,61,63,6e,6f,62,67,6b,6f,67,6d,63,63,67,67,66,
6a,00,a0
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\SecuROM\License information*]
"datasecu"=hex:a8,2b,0f,ea,91,7c,53,42,6e,03,da,dd,79,66,9c,17,d9,24,de,29,32,
57,04,74,bb,da,d3,9b,85,8c,47,42,e1,8f,57,97,8e,ce,8a,ed,eb,99,b8,4a,be,ec,\
"rkeysecu"=hex:00,13,46,d3,6d,d2,38,b3,ee,25,fb,75,c0,a7,ce,33
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-21 11:55:56
ComboFix-quarantined-files.txt 2011-06-21 09:55
ComboFix2.txt 2011-06-20 04:25
ComboFix3.txt 2011-06-04 14:37
ComboFix4.txt 2011-06-02 18:36
ComboFix5.txt 2011-06-21 09:49
.
Před spuštěním: Volných bajtů: 13 050 400 768
Po spuštění: Volných bajtů: 12 994 949 120
.
- - End Of File - - 5308D422FB0315ED925D9F9EB30A3B0B
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Regnull::
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{19F985A9-9D7E-6A2F-B975-61EB306B4932}*]
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
menge1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 11 čer 2009 12:46

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#7 Příspěvek od menge1 »

posílám nový log.

ComboFix 11-06-21.04 - autosip 21.06.2011 20:47:34.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3949.1819 [GMT 2:00]
Spuštěný z: c:\users\autosip\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\autosip\Desktop\CFScript.txt
AV: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Profi Antivirus 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Profi Antivirus 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-21 do 2011-06-21 )))))))))))))))))))))))))))))))
.
.
2011-06-21 18:52 . 2011-06-21 18:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-21 11:51 . 2011-06-21 11:52 -------- d-----w- c:\users\autosip\AppData\Local\Adobe
2011-06-21 10:16 . 2011-06-21 10:16 -------- d-----w- c:\users\autosip\AppData\Local\Broadcom
2011-06-21 10:15 . 2011-06-21 10:15 -------- d-----w- c:\users\autosip\AppData\Local\ATI
2011-06-19 19:22 . 2011-06-19 19:32 -------- d-----w- c:\program files (x86)\AD Stahovač souborů
2011-06-19 19:18 . 2011-06-19 19:18 -------- d-----w- c:\users\autosip\AppData\Roaming\VitySoft
2011-06-19 19:12 . 2011-06-19 19:12 -------- d-----w- c:\users\autosip\AppData\Roaming\FlashGet
2011-06-19 19:12 . 2011-06-19 19:34 -------- d-----w- c:\users\autosip\AppData\Roaming\BITS
2011-06-19 19:12 . 2011-06-19 19:12 -------- d-----w- c:\program files (x86)\FlashGet Network
2011-06-15 19:46 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 19:46 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 19:46 . 2011-04-27 02:39 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 19:46 . 2011-04-27 02:39 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 19:46 . 2011-04-27 02:40 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 19:46 . 2011-05-28 03:06 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-06-15 19:46 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 19:46 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 19:46 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 19:45 . 2011-02-25 06:22 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 19:45 . 2011-02-25 05:34 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-15 19:45 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 19:45 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-10 04:20 . 2011-06-10 04:20 -------- d-----w- c:\windows\system32\SPReview
2011-06-10 04:20 . 2011-06-10 04:20 -------- d-----w- c:\windows\system32\EventProviders
2011-06-07 04:07 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2011-06-07 04:07 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-06-07 04:07 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-06-07 04:05 . 2010-11-20 13:27 263168 ----a-w- c:\windows\system32\spwizui.dll
2011-06-07 04:04 . 2010-11-20 13:28 459248 ----a-w- c:\windows\system32\drivers\cng.sys
2011-06-07 04:03 . 2010-11-20 13:33 63360 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-06-07 04:02 . 2010-11-20 13:27 71680 ----a-w- c:\windows\system32\wkscli.dll
2011-06-07 04:01 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2011-06-07 04:01 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2011-06-07 04:01 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2011-06-07 04:01 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2011-06-07 04:01 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2011-06-07 04:01 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
2011-06-07 04:00 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
2011-06-07 04:00 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
2011-06-07 04:00 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2011-06-07 04:00 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2011-06-07 03:58 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-06-07 03:58 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-06-07 03:58 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2011-06-07 03:57 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
2011-06-07 03:57 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
2011-06-07 03:57 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
2011-06-07 03:57 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2011-06-02 11:09 . 2011-06-02 11:09 301568 ----a-w- c:\windows\SysWow64\CF24095.exe
2011-06-02 11:09 . 2011-06-02 11:09 8704 ----a-w- c:\windows\system32\drivers\PROCEXP90.SYS
2011-05-29 19:29 . 2007-11-20 12:33 47680 ----a-w- c:\windows\system32\drivers\Capt905c.sys
2011-05-29 19:29 . 2007-08-21 12:28 39872 ----a-w- c:\windows\system32\drivers\Camd905c.sys
2011-05-29 19:29 . 2011-06-19 10:10 -------- d-----w- c:\program files (x86)\MyDSC2
2011-05-29 19:29 . 2011-05-29 19:29 -------- d-----w- c:\users\autosip\AppData\Roaming\InstallShield
2011-05-25 04:23 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-10 09:29 . 2011-05-20 04:11 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-10 04:26 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-06-10 04:26 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-05-19 12:32 . 2011-05-19 12:32 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-05-19 12:32 . 2011-05-19 12:32 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-05-19 12:32 . 2011-05-19 12:32 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-05-19 12:32 . 2011-05-19 12:32 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-05-19 12:32 . 2011-05-19 12:32 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-05-19 12:32 . 2011-05-19 12:32 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-05-19 12:32 . 2011-05-19 12:32 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-05-19 12:32 . 2011-05-19 12:32 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-05-19 12:32 . 2011-05-19 12:32 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-05-19 12:32 . 2011-05-19 12:32 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-05-19 12:32 . 2011-05-19 12:32 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-05-19 12:32 . 2011-05-19 12:32 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-05-19 12:32 . 2011-05-19 12:32 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-05-19 12:32 . 2011-05-19 12:32 448512 ----a-w- c:\windows\system32\html.iec
2011-05-19 12:32 . 2011-05-19 12:32 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-05-19 12:32 . 2011-05-19 12:32 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-05-19 12:32 . 2011-05-19 12:32 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-05-19 12:32 . 2011-05-19 12:32 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-19 12:32 . 2011-05-19 12:32 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-05-19 12:32 . 2011-05-19 12:32 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-05-19 12:32 . 2011-05-19 12:32 222208 ----a-w- c:\windows\system32\msls31.dll
2011-05-19 12:32 . 2011-05-19 12:32 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-05-19 12:32 . 2011-05-19 12:32 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-19 12:32 . 2011-05-19 12:32 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-05-19 12:32 . 2011-05-19 12:32 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-05-19 12:32 . 2011-05-19 12:32 160256 ----a-w- c:\windows\system32\wextract.exe
2011-05-19 12:32 . 2011-05-19 12:32 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-05-19 12:32 . 2011-05-19 12:32 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-05-19 12:32 . 2011-05-19 12:32 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-19 12:32 . 2011-05-19 12:32 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-05-19 12:32 . 2011-05-19 12:32 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-05-19 12:32 . 2011-05-19 12:32 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-05-19 12:32 . 2011-05-19 12:32 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-05-19 12:32 . 2011-05-19 12:32 12288 ----a-w- c:\windows\system32\mshta.exe
2011-05-19 12:32 . 2011-05-19 12:32 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-05-19 12:32 . 2011-05-19 12:32 114176 ----a-w- c:\windows\system32\admparse.dll
2011-05-19 12:32 . 2011-05-19 12:32 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-05-19 12:32 . 2011-05-19 12:32 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-19 12:32 . 2011-05-19 12:32 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-05-19 12:32 . 2011-05-19 12:32 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-05-06 07:52 . 2011-05-06 07:52 2190 ----a-w- c:\users\autosip\ia_remove.sh5790.tmp
2011-05-05 06:14 . 2011-05-05 06:14 2190 ----a-w- c:\users\autosip\ia_remove.sh7462.tmp
2011-05-05 06:06 . 2011-05-05 06:06 2190 ----a-w- c:\users\autosip\ia_remove.sh2909.tmp
2011-05-05 05:29 . 2011-05-05 05:29 2190 ----a-w- c:\users\autosip\ia_remove.sh7570.tmp
2011-05-05 05:13 . 2011-05-05 05:13 2190 ----a-w- c:\users\autosip\ia_remove.sh4213.tmp
2011-04-09 07:02 . 2011-05-11 05:01 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-20 03:53 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:02 . 2011-05-11 05:01 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-11 05:01 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-20 03:53 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-04-05 12:23 . 2011-04-05 12:23 131072 ----a-w- c:\windows\SysWow64\duninstall.exe
2011-04-05 12:23 . 2011-04-05 12:23 608448 ----a-w- c:\windows\comctl32.ocx
2011-04-05 12:23 . 2011-04-05 12:23 122128 ----a-w- c:\windows\SysWow64\VB6IT.DLL
2011-04-05 12:23 . 2011-04-05 12:23 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2011-03-29 08:00 . 2011-04-05 12:21 80896 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2011-03-25 03:29 . 2011-05-11 05:01 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 03:29 . 2011-05-11 05:01 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 03:29 . 2011-05-11 05:01 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 03:29 . 2011-05-11 05:01 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 03:29 . 2011-05-11 05:01 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-03-25 03:29 . 2011-05-11 05:01 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 03:28 . 2011-05-11 05:01 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-24 19:35 . 2011-04-05 12:21 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-03-24 19:28 . 2011-04-05 12:21 631808 ----a-w- c:\windows\SysWow64\xvidcore.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-06-20_04.22.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-06-21 10:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-18 04:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-06-18 04:42 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-21 10:14 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-18 04:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-21 10:14 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2011-06-21 10:17 31374 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-16 02:34 . 2011-06-21 11:55 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 02:34 . 2011-06-19 19:12 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 02:34 . 2011-06-19 19:12 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-09-16 02:34 . 2011-06-21 11:55 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-19 19:12 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-21 11:55 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-06-20 04:30 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-09-15 11:40 . 2011-06-21 10:17 8456 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3213582312-2653984884-1375828948-1001_UserData.bin
- 2011-06-18 04:42 . 2011-06-18 04:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-21 10:14 . 2011-06-21 10:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-21 10:14 . 2011-06-21 10:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-18 04:42 . 2011-06-18 04:42 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-10-14 10:53 . 2011-06-21 08:05 356792 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-09-15 17:05 . 2011-06-21 18:36 411696 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2011-06-21 12:11 626040 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2011-06-19 07:35 626040 c:\windows\system32\perfh009.dat
+ 2009-08-03 20:00 . 2011-06-21 12:11 641674 c:\windows\system32\perfh005.dat
- 2009-08-03 20:00 . 2011-06-19 07:35 641674 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2011-06-21 12:11 110476 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-06-19 07:35 110476 c:\windows\system32\perfc009.dat
+ 2009-08-03 20:00 . 2011-06-21 12:11 126348 c:\windows\system32\perfc005.dat
- 2009-08-03 20:00 . 2011-06-19 07:35 126348 c:\windows\system32\perfc005.dat
+ 2009-07-14 05:01 . 2011-06-21 10:13 432648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-06-17 19:58 432648 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-23 09:30 . 2011-06-21 10:13 21432356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3213582312-2653984884-1375828948-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-10-18 11:26 3908192 ----a-w- c:\program files (x86)\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\tbBitT.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-04-05 370480]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-22 39408]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-09-19 26624]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"NokiaOviSuite2"="c:\program files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2010-11-20 397176]
"FCACheck"="c:\windows\SysWOW64\FCA\FCACheck.exe" [2009-02-08 28672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-08-22 2429]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"DU Meter"="c:\program files (x86)\DU Meter\DUMeter.exe" [2004-08-25 1465856]
"F-Secure Manager"="c:\program files (x86)\F-Secure\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\F-Secure\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"FamilyCyberAlert"="c:\windows\SysWOW64\FCA\syslogin.exe" [2011-04-03 1667072]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-3 1080608]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
ImageMixer HDD Camera Monitor.lnk - c:\program files (x86)\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2010-9-18 2117632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 135664]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hpfx64fax.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S0 PxHlpa64;PxHlpa64;c:\windows\SysWOW64\Drivers\PxHlpa64.sys [2006-10-18 52760]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\F-Secure\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [x]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-06-09 198824]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
2011-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-22 03:54]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: ????3?? - c:\users\autosip\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\autosip\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\program files (x86)\F-Secure\FSPS\program\FSLSP.DLL
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\autosip\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\autosip\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-3213582312-2653984884-1375828948-1001\Software\SecuROM\License information*]
"datasecu"=hex:a8,2b,0f,ea,91,7c,53,42,6e,03,da,dd,79,66,9c,17,d9,24,de,29,32,
57,04,74,bb,da,d3,9b,85,8c,47,42,e1,8f,57,97,8e,ce,8a,ed,eb,99,b8,4a,be,ec,\
"rkeysecu"=hex:00,13,46,d3,6d,d2,38,b3,ee,25,fb,75,c0,a7,ce,33
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-06-21 20:55:16
ComboFix-quarantined-files.txt 2011-06-21 18:55
ComboFix2.txt 2011-06-21 09:55
ComboFix3.txt 2011-06-20 04:25
ComboFix4.txt 2011-06-04 14:37
ComboFix5.txt 2011-06-21 18:46
.
Před spuštěním: Volných bajtů: 12 988 125 184
Po spuštění: Volných bajtů: 12 961 828 864
.
- - End Of File - - E2F3ECED5DAA7B1943A3049F44CAAAA0
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119506
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu Nefunkční háčky na klávesnici

#8 Příspěvek od Rudy »

Je to pryč. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“