VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problem s HDD

https://forum.viry.cz:443/viewtopic.php?t=106438

Stránka 2 z 2

Re: Problem s HDD

Napsal: 20 lis 2010 22:50
od Rudy
Omlouvám se, měl jsem dojem, že ano.

Re: Problem s HDD

Napsal: 22 lis 2010 13:08
od Zello
TU JE LOG Z COMBOFIXU.
ComboFix 10-11-21.02 - STANO ILENIN 22.11.2010 12:40:06.5.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2046.1646 [GMT 1:00]
Running from: c:\documents and settings\STANO ILENIN\Desktop\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\cleansweep.exe
c:\cleansweep.exe\cleansweep.exe
c:\cleansweep.exe\config.bin

.
((((((((((((((((((((((((( Files Created from 2010-10-22 to 2010-11-22 )))))))))))))))))))))))))))))))
.

2010-11-21 12:48 . 2010-11-21 12:48 -------- d-----w- c:\documents and settings\STANO ILENIN\Local Settings\Application Data\119615131254334708
2010-11-21 12:48 . 2010-11-21 12:48 -------- d-----w- c:\documents and settings\STANO ILENIN\Local Settings\Application Data\119611918618797300
2010-11-21 12:48 . 2010-11-21 12:48 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-21 12:48 . 2010-11-21 12:48 -------- d-----w- c:\program files\OpenAL
2010-11-21 12:42 . 2010-11-21 12:48 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-21 12:21 . 2010-11-21 12:47 -------- d-----w- C:\KaL
2010-11-10 09:12 . 2010-11-10 09:12 -------- d-----w- C:\found.000
2010-11-09 17:21 . 2010-11-09 17:21 -------- d-----w- c:\documents and settings\STANO ILENIN\Local Settings\Application Data\FalloutNV
2010-11-09 17:05 . 2010-11-11 20:17 -------- d-----w- C:\Fallout New Vegas
2010-10-24 13:22 . 2010-11-02 07:33 249856 ------w- c:\windows\Setup1.exe
2010-10-24 13:22 . 2010-11-02 07:33 73216 ----a-w- c:\windows\ST6UNST.EXE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-08 08:30 . 2010-10-19 19:26 888424 ----a-w- c:\windows\system32\nvdispco32.dll
2010-10-08 08:30 . 2010-10-19 19:26 813672 ----a-w- c:\windows\system32\nvgenco32.dll
2010-10-08 08:30 . 2010-10-18 09:48 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-10-08 08:30 . 2010-10-18 09:48 13012992 ----a-w- c:\windows\system32\nvcompiler.dll
2010-10-08 08:30 . 2009-04-30 20:02 2932840 ----a-w- c:\windows\system32\nvcuvid.dll
2010-10-08 08:30 . 2009-04-30 20:02 2666088 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-10-08 08:30 . 2008-01-09 09:51 9587776 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-10-08 08:30 . 2008-01-09 09:51 6358784 ----a-w- c:\windows\system32\nv4_disp.dll
2010-10-08 08:30 . 2008-01-09 09:51 4882432 ----a-w- c:\windows\system32\nvcuda.dll
2010-10-08 08:30 . 2008-01-09 09:51 1462272 ----a-w- c:\windows\system32\nvapi.dll
2010-10-08 08:30 . 2008-01-09 09:51 14528512 ----a-w- c:\windows\system32\nvoglnt.dll
2010-10-08 00:28 . 2010-10-08 00:28 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-10-08 00:28 . 2010-10-08 00:28 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-10-08 00:28 . 2010-10-08 00:28 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-08 00:28 . 2010-10-08 00:28 13851752 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-08 00:28 . 2010-10-08 00:28 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2010-10-08 00:28 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-09-18 10:23 . 2004-08-04 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 13:38 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 13:38 . 2004-08-04 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-09-09 13:38 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-09-09 13:38 . 2004-08-04 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-09-08 15:57 . 2004-08-04 12:00 389120 ----a-w- c:\windows\system32\html.iec
2010-09-01 11:51 . 2004-08-04 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-04 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2009-12-03 08:42 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2008-05-04 03:58 . 2008-05-04 03:58 22300968 ----a-w- c:\program files\SkypeSetup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 220544]
"Google Update"="c:\documents and settings\STANO ILENIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-28 133104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-21 68856]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-04-30 949376]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"Gainward"="c:\windows\TBPanel.exe" [2008-01-09 2189864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-15 54832]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-08 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-08 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2010-11-03 413696]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-11-1 25214]
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
Document Assistant.lnk - c:\hpdesk\hppddir.exe [2008-5-15 384512]
Exif Launcher S.lnk - c:\program files\FinePixViewerS\QuickDCF2.exe [2008-5-15 303104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-07 06:46 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 17:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\INSTAL\\rc10\\StrongDC.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\HRY\\Ultima Online Kelevar\\client.exe"=
"e:\\HRY\\Ultima Online Kelevar\\KelevarClient.exe"=
"c:\\Program Files\\UOAM\\uoam.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\12Voip.com\\12Voip\\12Voip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\HRY\\MEerchant\\KaM - The Peasants Rebellion\\KM_TPR.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\FIFA 2010\\FIFA10.exe"=
"e:\\HRY\\Dragon Age\\bin_ship\\daorigins.exe"=
"e:\\HRY\\Dragon Age\\DAOriginsLauncher.exe"=
"e:\\HRY\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Documents and Settings\\STANO ILENIN\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\AOE\\age2_x1.exe"=
"c:\\Program Files\\Bit\\BitComet.exe"=
"e:\\HRY\\Wiggles 2\\Wiggles.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\FIFA 11\\Game\\fifa.exe"=
"c:\\DR2\\deadrising2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"24285:TCP"= 24285:TCP:BitComet 24285 TCP
"24285:UDP"= 24285:UDP:BitComet 24285 UDP

R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [12.4.2010 9:03 15172]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.5.2008 0:11 685816]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [30.4.2008 19:12 15424]
S2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [7.10.2009 2:44 129856]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [26.12.2009 14:19 233472]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2010 14:52 135664]
S2 HPPECP00;HPPECP00;c:\windows\system32\drivers\hppecp00.sys [15.5.2008 2:54 42048]
S2 LF30FS;LF30FS;c:\program files\WinZip\LF30XP.sys [20.11.2004 2:07 101488]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;e:\hry\Dragon Age\bin_ship\daupdatersvc.service.exe [20.2.2010 12:13 25832]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [26.12.2009 14:19 36608]
S3 MaxuvDevice;Maxuv hak pro 9 draku;c:\documents and settings\STANO ILENIN\My Documents\ICQ\335983735\ReceivedFiles\338786477 Roggi\Tool\Driver.sys [2.3.2010 19:21 4096]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1.3.2010 10:30 38224]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [26.12.2009 14:19 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [26.12.2009 14:19 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [26.12.2009 14:19 121856]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [7.10.2009 2:44 752984]
.
Contents of the 'Scheduled Tasks' folder

2010-11-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 13:52]

2010-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 13:52]

2010-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1644491937-725345543-1003Core.job
- c:\documents and settings\STANO ILENIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-28 15:10]

2010-11-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1644491937-725345543-1003UA.job
- c:\documents and settings\STANO ILENIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-28 15:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.tuke.sk/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyServer = proxy.tuke.sk:3128
uInternet Settings,ProxyOverride = ;*.lokal;<local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\STANO ILENIN\Application Data\Mozilla\Firefox\Profiles\pdne8svo.default\
FF - plugin: c:\documents and settings\STANO ILENIN\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Musicnotes\npmusicn.dll
FF - plugin: c:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKU-Default-Run-cleansweep.exe - c:\cleansweep.exe\cleansweep.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-22 12:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1220945662-1644491937-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:17,e7,ec,73,25,fd,02,37,1d,f8,67,ac,93,6c,c3,e9,d7,07,f5,87,8d,ab,ad,
72,77,35,63,57,4f,57,08,88,d5,cf,43,b3,28,d2,49,ed,7a,f1,f1,5d,ef,9f,55,a2,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-1220945662-1644491937-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:fb,10,96,c9,88,0b,1c,d3,47,9d,80,f4,a4,dc,a8,89,d0,73,9f,e0,2d,
99,09,1b,8c,e0,29,64,f7,71,ca,91,f0,0b,79,dd,11,34,e2,f0,27,f8,7d,a6,6f,9e,\
"rkeysecu"=hex:54,a2,9b,f5,48,a1,50,04,d3,11,06,0f,69,6b,e2,fa

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1660)
c:\windows\system32\WININET.dll
.
Completion time: 2010-11-22 12:54:52 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-22 11:54

Pre-Run: 8 767 426 560 bytes free
Post-Run: 9 371 385 856 bytes free

- - End Of File - - AB394B4DE1243734FF449123211119A9


DIAKRITIKA JE ZNOVA FUNKCNA, S TYM KEYLOGGEROM STE MALI PRAVDU, TAKTIEZ MODRA OBRAZOVKA UZ PRI STARTE WINDIWS NENABEHUJE
PC SOM PRECISTIL CCLEANEROM

Re: Problem s HDD

Napsal: 22 lis 2010 15:20
od Rudy
3 položky smazány, zbytek logu vypadá čistý.

Re: Problem s HDD

Napsal: 22 lis 2010 16:54
od Zello
Dakujem za pomoc :worship: :worship:

Re: Problem s HDD

Napsal: 22 lis 2010 18:46
od Rudy
Nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz