Mám podezření, že by se mohlo i jednat o chyby na disku, protože nejde spustit scandisk s kontrolou povrchu.
Povedlo se donkočit v nouzovém režimu, tad je log:
ComboFix 14-03-10.01 - dharma 10.03.2014 23:03:29.22.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1791.1454 [GMT 1:00]
Spuštěný z: c:\documents and settings\dharma\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\drivers\tcpip.copy
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-10 do 2014-03-10 )))))))))))))))))))))))))))))))
.
.
2014-03-10 19:14 . 2014-03-10 19:14 -------- d-----w- c:\documents and settings\dharma\Data aplikací\AVAST Software
2014-03-10 19:12 . 2014-03-10 19:11 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-03-10 19:12 . 2014-03-10 19:11 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-03-10 19:12 . 2014-03-10 19:11 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-03-10 19:12 . 2014-03-10 19:11 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-03-10 19:12 . 2014-03-10 19:11 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-03-10 19:12 . 2014-03-10 19:13 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-03-10 19:12 . 2014-03-10 19:11 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-03-10 19:12 . 2014-03-10 19:11 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-10 19:11 . 2014-03-10 19:11 43152 ----a-w- c:\windows\avastSS.scr
2014-03-07 14:14 . 2014-03-07 14:16 -------- d-----w- c:\documents and settings\dharma\Data aplikací\Tomabo
2014-03-07 14:14 . 2014-03-07 14:14 -------- d-----w- c:\program files\Tomabo
2014-03-07 14:12 . 2014-03-07 14:13 -------- d-----w- c:\program files\GetFLV
2014-03-06 20:42 . 2014-03-06 22:52 -------- d-----w- C:\FFOutput
2014-03-06 18:02 . 2014-03-10 19:36 -------- d-----w- C:\FRST
2014-03-06 13:26 . 2014-03-06 13:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-03-06 09:24 . 2014-03-10 19:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2014-03-06 08:46 . 2014-03-06 12:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-02-28 22:45 . 2009-08-02 20:09 1554944 ----a-w- c:\windows\system32\vorbis.acm
2014-02-28 22:44 . 2014-02-28 22:45 -------- d-----w- c:\program files\Image-Line
2014-02-28 22:44 . 2014-02-28 22:44 -------- d-----w- c:\program files\Outsim
2014-02-28 22:01 . 2014-02-28 22:01 -------- d-----w- c:\documents and settings\dharma\Data aplikací\Ableton
2014-02-28 21:57 . 2014-02-28 21:57 -------- d-----w- C:\ProgramData
2014-02-28 21:53 . 2014-02-28 21:53 -------- d-----w- c:\program files\Common Files\Propellerhead Software
2014-02-28 13:40 . 2014-02-28 13:40 -------- d-----w- c:\program files\7-Zip
2014-02-20 23:52 . 2014-02-20 23:52 -------- d-----w- c:\documents and settings\dharma\Local Settings\Data aplikací\TV_Online
2014-02-20 23:51 . 2014-02-20 23:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Caphyon
2014-02-20 23:09 . 2014-02-20 23:50 -------- d-----w- c:\documents and settings\dharma\Data aplikací\TV Online
2014-02-17 12:27 . 2014-01-23 03:21 184192 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2014-02-17 12:27 . 2014-01-23 03:21 88576 ----a-w- c:\windows\system32\drivers\ssudbus.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-10 18:29 . 2011-02-21 06:33 138992 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-03-10 18:29 . 2011-02-21 06:31 281152 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-03-10 18:29 . 2010-09-05 12:17 281152 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-03-10 12:52 . 2010-09-05 12:17 281152 ----a-w- c:\windows\system32\PnkBstrB.ex0
2014-01-11 15:57 . 2014-01-11 15:57 96328 ----a-w- c:\windows\HMFAxCore5decdc700443adec5f3e84408e3098ff.sys
2013-12-20 21:13 . 2011-02-21 06:31 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-12-12 20:03 . 2013-11-14 17:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-12 20:03 . 2013-11-14 17:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-27 08:27 . 2013-07-27 08:20 11019776 ----a-w- c:\program files\Common Files\lpuninstall.exe
2004-03-11 11:27 . 2010-07-12 17:43 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-03-31 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2003-04-16 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[-] 2003-04-16 . 8708BE15AC5F27386B5D5FE7A1EBAF26 . 13312 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2003-04-16 . 8708BE15AC5F27386B5D5FE7A1EBAF26 . 13312 . . [5.1.2600.1106] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-03-10 19:11 259464 ----a-w- d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-02-28 16:39 97064 ----a-w- c:\program files\Nero\Nero8\InCD\NBHShx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="d:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-10 3767096]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^EPSON Status Monitor 3 Environment Check 2.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\EPSON Status Monitor 3 Environment Check 2.lnk
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^dharma^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnkStartup
path=c:\documents and settings\dharma\Nabídka Start\Programy\Po spuštění\MagicDisc.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^dharma^Nabídka Start^Programy^Po spuštění^Vesmír na dlani.lnk]
backup=c:\windows\pss\Vesmír na dlani.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-11-03 16:13 64104 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
c:\documents and settings\dharma\Data aplikací\Seznam.cz\bin\wszndesktop.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2007-02-13 00:00 312240 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2008-04-13 20:13 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2014-02-14 12:55 1564992 ----a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2014-02-14 12:55 311616 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddamon]
2007-02-05 23:32 20480 ----a-w- c:\program files\Lexmark 2500 Series\lxddamon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXDDCATS]
2007-04-13 05:22 98304 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\lxddtime.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxddmon.exe]
2007-02-12 23:58 291760 ----a-w- c:\program files\Lexmark 2500 Series\lxddmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-05-25 07:26 13895272 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2011-07-05 14:08 20053608 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
2013-05-16 13:25 1062472 ----a-w- c:\program files\Seznam.cz\distribution\szninstall.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
"Lavasoft Ad-Aware Service"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"NeroRegInCDSrv"=2 (0x2)
"InCDsrvR"=2 (0x2)
"Adobe Version Cue CS2"=2 (0x2)
"gusvc"=2 (0x2)
"gupdate1c98fa28e326f70"=2 (0x2)
"NVSvc"=2 (0x2)
"Adobe Version Cue CS4"=3 (0x3)
"EPSONStatusAgent2"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"ForcewareWebInterface"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"lxdd_device"=2 (0x2)
"nvUpdatusService"=2 (0x2)
"CyberLink PowerDVD 11.0 Service"=2 (0x2)
"CyberLink PowerDVD 11.0 Monitor Service"=2 (0x2)
"CryptSvc"=3 (0x3)
"CLHNServiceForPowerDVD"=2 (0x2)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\App4R.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"f:\\Program Files\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"d:\\Program Files\\World_of_Tanks\\WOTLauncher.exe"=
"d:\\Program Files\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Simple Port Forwarding\\spf.exe"=
"c:\\Documents and Settings\\dharma\\Data aplikací\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\VSO\\VSO Downloader\\3\\VsoDownloader.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Simple Port Tester\\spt.exe"=
"c:\\Documents and Settings\\dharma\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Tomabo\\YouTube Video Downloader\\YouTubeVideoDownloader.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54321:TCP"= 54321:TCP:uTorrent
"5400:TCP"= 5400:TCP:ed
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 HMFAxCore5decdc700443adec5f3e84408e3098ff;HMFAxCore5decdc700443adec5f3e84408e3098ff;HMFAxCore5decdc700443adec5f3e84408e3098ff.sys --> HMFAxCore5decdc700443adec5f3e84408e3098ff.sys [?]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [10.3.2014 20:12 49944]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [10.3.2014 20:12 180248]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10.3.2014 20:12 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.3.2014 20:12 410784]
S1 Eve;EVE Protocol Driver;c:\windows\system32\drivers\eve.sys [11.7.2013 17:05 33624]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [10.3.2014 20:12 67824]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [5.3.2013 18:26 233472]
S2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [27.5.2011 18:03 10384]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.7.2010 1:45 35088]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [31.7.2013 0:21 66944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.12.2009 18:21 1691480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [17.2.2014 13:27 88576]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [9.1.2014 13:53 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [5.3.2013 18:26 37344]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [28.12.2012 20:36 145280]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [4.1.2013 21:09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [4.1.2013 21:09 8576]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [13.12.2009 15:06 58536]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [17.2.2014 13:27 184192]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 15:21 30720]
S3 vdrive;vdrive;c:\windows\system32\DRIVERS\vdrive.sys --> c:\windows\system32\DRIVERS\vdrive.sys [?]
S4 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]
S4 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [28.2.2008 17:39 53032]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - LBEEPKE
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-10 c:\windows\Tasks\avast! Emergency Update.job
- d:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-10 19:11]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.google.cz/
uDefault_Search_URL =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
uSearchAssistant =
uCustomizeSearch =
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: Interfaces\{D535C484-1F1E-41D8-9FFF-A96EBC8FABE1}: NameServer = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\6a65fmkt.default\
FF - prefs.js: network.proxy.http - 46.36.35.24
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.type - 0
.
.
------- Asociace souborů -------
.
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-BlazeServoTool - c:\program files\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe
MSConfigStartUp-cz.seznam.software - c:\documents and settings\dharma\Data aplikací\Seznam.cz\szninstall.exe
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
MSConfigStartUp-SDP - c:\documents and settings\dharma\Local Settings\Data aplikací\FilesFrog Update Checker\update_checker.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-UnityWebPlayer - c:\documents and settings\dharma\Local Settings\Data aplikací\Unity\WebPlayer\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2014-03-10 23:24
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-03-10 23:31:01
ComboFix-quarantined-files.txt 2014-03-10 22:30
.
Před spuštěním: Volných bajtů: 13 861 748 736
Po spuštění: Volných bajtů: 13 790 281 728
.
- - End Of File - - 519C0A3F6E1480EB21BC5234608F4FA5
413FC2A0C716421B3158746D63736515
