VIRY.CZ

Teď vám trošku nerozumím.

ComboFix 12-02-08.01 - Kuba 08.02.2012 19:09:13.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.933 [GMT 1:00]
Spuštěný z: c:\users\Kuba\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kuba\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-08 do 2012-02-08 )))))))))))))))))))))))))))))))
.
.
2012-02-08 18:25 . 2012-02-08 18:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-08 10:05 . 2006-10-26 20:40 344064 ----a-w- c:\windows\system32\MSVCR70.DLL
2012-02-08 07:40 . 2012-01-17 03:39 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{01118408-4207-41B3-91DC-C6449335DED0}\mpengine.dll
2012-02-07 16:28 . 2012-02-07 16:35 -------- d-----w- c:\program files\ICQ7.7
2012-02-06 17:51 . 2012-02-06 17:51 -------- d-----w- c:\windows\system32\IO
2012-02-02 11:20 . 2012-01-26 23:21 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-01 17:34 . 2012-02-07 17:18 -------- d-----w- c:\program files\trend micro
2012-02-01 17:34 . 2012-02-01 17:35 -------- d-----w- C:\rsit
2012-02-01 13:26 . 2005-11-18 13:08 9600 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2012-02-01 13:26 . 2005-11-18 13:08 5120 ----a-w- c:\windows\system32\vnetinst.dll
2012-02-01 13:26 . 2005-11-18 13:08 106496 ----a-w- c:\windows\system32\vmnetdhcp.exe
2012-02-01 13:25 . 2005-11-18 13:08 15616 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-02-01 13:25 . 2005-11-18 13:08 135168 ----a-w- c:\windows\system32\vmnat.exe
2012-02-01 13:25 . 2005-11-18 13:08 10240 ----a-r- c:\windows\system32\drivers\vmnet.sys
2012-02-01 13:25 . 2005-11-18 13:08 385024 ----a-w- c:\windows\system32\vnetlib.dll
2012-02-01 13:22 . 2012-02-01 13:22 -------- d-----w- c:\program files\VMware
2012-02-01 13:22 . 2012-02-01 13:22 -------- d-----w- c:\program files\Common Files\VMware
2012-02-01 09:37 . 2012-02-01 14:33 -------- d-----w- c:\programdata\TamoSoft
2012-01-26 17:27 . 2012-02-08 14:51 -------- d-----w- c:\programdata\VMware
2012-01-26 11:44 . 2012-01-26 11:44 -------- d-----w- C:\SPDISK
2012-01-25 17:55 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-25 17:55 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-25 17:55 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-25 17:55 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-25 17:55 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-25 17:55 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-24 09:10 . 2012-01-24 09:10 515856 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-24 08:37 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2012-01-24 08:05 . 2012-01-24 08:05 -------- d-----w- c:\program files\Windows Portable Devices
2012-01-23 23:57 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2012-01-23 23:57 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2012-01-23 23:57 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-01-23 23:56 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-01-23 23:56 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-01-23 23:56 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-01-23 23:56 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-01-23 23:56 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-01-23 23:56 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-01-23 23:56 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-01-23 05:07 . 2011-10-27 08:01 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-01-23 05:06 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-23 05:06 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-23 05:06 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-23 05:06 . 2011-09-20 21:02 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-01-23 05:06 . 2011-11-23 13:37 2043904 ----a-w- c:\windows\system32\win32k.sys
2012-01-23 05:06 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-01-23 05:06 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-23 05:06 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-23 05:06 . 2011-11-08 14:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-01-23 05:06 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-01-23 05:06 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2012-01-23 05:06 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2012-01-23 05:06 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-01-23 05:05 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-01-23 05:05 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-01-23 04:52 . 2012-01-23 04:52 -------- d-----w- c:\program files\Common Files\McAfee
2012-01-23 04:52 . 2012-02-01 07:44 -------- d-----w- c:\program files\McAfee
2012-01-20 09:42 . 2012-01-20 09:42 -------- d-----w- c:\program files\7-Zip
2012-01-20 09:07 . 2012-01-20 09:07 -------- d-----w- c:\programdata\LightScribe
2012-01-20 08:36 . 2012-01-20 08:37 -------- d-----w- c:\windows\system32\ca-ES
2012-01-20 08:36 . 2012-01-20 08:37 -------- d-----w- c:\windows\system32\eu-ES
2012-01-20 08:36 . 2012-01-20 08:37 -------- d-----w- c:\windows\system32\vi-VN
2012-01-20 08:10 . 2012-01-20 08:10 -------- d-----w- c:\windows\system32\EventProviders
2012-01-19 08:40 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2012-01-19 08:39 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2012-01-18 21:31 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2012-01-18 21:11 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-01-18 21:11 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-01-18 21:11 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-01-18 21:11 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-01-18 21:11 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-01-18 21:08 . 2012-01-18 21:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-01-18 21:06 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2012-01-18 13:19 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2012-01-18 13:18 . 2009-04-11 06:28 644608 ----a-w- c:\windows\system32\p2psvc.dll
2012-01-18 13:17 . 2009-04-11 06:28 310272 ----a-w- c:\windows\system32\mtxclu.dll
2012-01-18 13:16 . 2009-04-11 06:28 24576 ----a-w- c:\windows\system32\msjint40.dll
2012-01-18 13:15 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2012-01-18 13:15 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2012-01-18 13:14 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2012-01-18 12:02 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2012-01-18 12:02 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2012-01-18 12:02 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2012-01-18 12:02 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2012-01-18 12:02 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2012-01-18 12:02 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2012-01-18 12:02 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2012-01-18 12:02 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2012-01-18 12:02 . 2011-02-16 14:02 292864 ----a-w- c:\windows\system32\atmfd.dll
2012-01-18 12:02 . 2011-02-16 16:16 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-01-18 12:02 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2012-01-18 12:01 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2012-01-18 12:01 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-01-18 12:01 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2012-01-18 12:01 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-01-18 12:01 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2012-01-18 12:01 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2012-01-18 12:01 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-01-18 12:01 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-01-18 12:01 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2012-01-18 12:01 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\system32\mfc42.dll
2012-01-18 12:01 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2012-01-18 12:01 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2012-01-18 11:59 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2012-01-18 11:58 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2012-01-18 11:58 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2012-01-18 11:58 . 2009-04-11 06:28 63488 ----a-w- c:\windows\system32\tscupgrd.exe
2012-01-18 11:57 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2012-01-18 11:46 . 2012-01-18 11:55 -------- d-----r- c:\program files\Skype
2012-01-18 11:45 . 2012-01-18 11:46 -------- d-----w- c:\programdata\Skype
2012-01-18 11:39 . 2012-02-07 16:30 -------- d-----w- c:\program files\ICQ6Toolbar
2012-01-18 11:39 . 2012-01-18 11:39 -------- d-----w- c:\program files\Guard-ICQ
2012-01-18 11:39 . 2012-02-07 16:30 -------- d-----w- c:\programdata\ICQ
2012-01-18 11:00 . 2011-03-02 11:43 175616 ----a-w- c:\windows\system32\unrar.dll
2012-01-18 11:00 . 2011-12-29 18:00 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2012-01-18 11:00 . 2011-12-21 18:14 151552 ----a-w- c:\windows\system32\ac3acm.acm
2012-01-18 11:00 . 2011-06-24 15:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2012-01-18 11:00 . 2011-06-24 15:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-18 11:00 . 2006-10-18 19:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2012-01-18 11:00 . 2012-01-18 11:00 -------- d-----w- c:\program files\K-Lite Codec Pack
2012-01-17 19:56 . 2012-01-17 19:56 -------- d-----w- C:\PerfLogs
2012-01-17 18:08 . 2008-01-19 07:29 705536 ----a-w- c:\windows\system32\imagesp1.dll
2012-01-17 18:08 . 2008-01-19 07:36 116736 ----a-w- c:\windows\system32\sstpsvc.dll
2012-01-17 18:08 . 2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
2012-01-17 18:08 . 2008-01-19 07:37 1675264 ----a-w- c:\windows\system32\xpssvcs.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-07 18:57 . 2007-08-01 15:29 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-01-27 07:59 . 2012-01-27 07:59 203776 ----a-w- c:\windows\system32\webcheck.dll
2012-01-17 19:31 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2012-01-17 19:31 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2012-01-15 19:53 . 2012-01-15 19:53 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2012-01-11 18:26 . 2007-08-01 14:58 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ICQ"="c:\program files\ICQ7.7\ICQ.exe" [2012-02-07 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-26 161328]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-03-26 1057328]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-24 107112]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-10-26 22696]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-21 17920]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-01-15 778240]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2007-08-01 33136]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2007-08-01 37232]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-11 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Kuba.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-07 17:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-08 19:25
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-2139762894-2808136389-793043689-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5984)
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
.
Celkový čas: 2012-02-08 19:28:09
ComboFix-quarantined-files.txt 2012-02-08 18:28
ComboFix2.txt 2012-02-07 19:05
ComboFix3.txt 2012-02-06 10:05
.
Před spuštěním: Volných bajtů: 15 478 644 736
Po spuštění: Volných bajtů: 15 368 060 928
.
- - End Of File - - 66F4AF3197CCDF96D2EC77883D039D50

Co počítač?

Pc je dost pomalé. A pořád nejde odinstalovat ten program VMware workstation. Pokusil jsem se ho opět odinstalovat to samé jak předtím. V půlce uninstal modrá obrazovka co si napsané restart. Jiné programi jdou odinstalovat.

No i po předchozích problémech mi přijde, že máte nabouraný systém. Takže především si zazálohujte data !
Nejde to odinstalovat ani v nouzovém režimu?

stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V

Maslíte tohle?
----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2012/02/08 22:32:32

-- Controller Map ----------------------------------------------------------
- Ricoh SD/MMC Host Controller [ATA]
- Ricoh Memory Stick Controller [ATA]
- Ricoh xD-Picture Card Controller [ATA]
+ Řadiče úložiště Intel(R) ICH8M v režimu Ultra ATA - 2850 [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVDRAM GSA-T20L ATA Device
+ Intel(R) 82801HEM/HBM SATA AHCI Controller [ATA]
- ST9160821AS
- JMicron JMB36X Controller [SCSI]
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST9160821AS : 160.0 GB [0-1-0, pd1]

----------------------------------------------------------------------------
(1) ST9160821AS
----------------------------------------------------------------------------
Model : ST9160821AS
Firmware : 3.ALC
Serial Number : 5MA3VQF8
Disk Size : 160.0 GB (8.4/137.4/160.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/150
Power On Hours : 11885 hod.
Power On Count : 2299 krát
Temparature : 36 C (96 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000A02 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _82 _60 _30 000428D866D5 Počet chybných hledání
09 _87 _87 __0 000000002E6D Hodin v činnosti
0A 100 100 _34 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 _20 0000000008FB Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _64 _41 _45 23662A210024 Teplota toku vzduchu
C0 100 100 __0 000000000326 Počet vypnutí disku
C1 _98 _98 __0 000000000FAE Počet cyklů načítání/vymazání
C2 _36 _59 __0 000C00000024 Teplota
C3 _60 _48 __0 000007EF3D0C Počet oprav chybného čtení
C5 100 100 __0 000000000002 Počet podezřelých sektorů
C6 100 100 __0 000000000002 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0C 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 20
020: 35 4D 41 33 56 51 46 38 00 00 40 00 00 04 33 2E
030: 41 4C 43 20 20 20 53 54 39 31 36 30 38 32 31 41
040: 53 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 F0 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 05 02 00 00 00 48 00 48
0A0: 00 FE 00 00 34 6B 7D 09 60 03 34 69 3C 09 60 03
0B0: 40 7F 00 00 00 00 80 80 FF FE 00 00 FE 00 00 00
0C0: 00 00 00 00 00 00 00 00 9E B0 12 A1 00 00 00 00
0D0: 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 02
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 9E B0 12 A1 9E B0 12 A1 20 20 00 02 8A B6
110: 80 02 00 00 3C 06 3C 06 FF FF 07 C6 01 00 00 00
120: 10 0F 18 00 00 02 00 80 00 00 00 00 60 A0 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 0A 00 00 0B
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E9 A5

ANo To není moc dobré, proklepneme ho důkladněji. Pokud by se potvrdilo poškození disku, minimálně formát Vás nemine.

Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená

Udělal jsem to 3 krát v půlce se to vždycky sekne a musím restartovat pc.

A byly tak nějaké červené čtverečky?

V době kdy se to sekne tak je všechno zelené. CrystalDisk hlásí již 3 chybné sektory.

zkuste ho spustit v nouzovém režimu.
A určitě si hned zazálohujte důležitá data.

TAk jsem to udělal a je tam jedna červená tečka.

Fajn. Disk Vám pomalu a jistě odchází. Můžete ho zkusit zformátovat a dát nový systém. Ale na disk se moc nespoléhejte, důležitá data si zálohujte.
A pravidelně ho kontrolujte, pokud by se to zhoršovalo, raději ho vyměnte.

A nedá se to nějak zvrátit?