problem
Napsal: 17 říj 2010 17:18
prosim o kontrolu.
musel som pouzit CF lebo mi to vyhadzovalo taku stranku s plno virusmi.
dik
ComboFix 10-10-16.04 - Tato . 10. 2010 18:10:35.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.2039.1542 [GMT 2:00]
Running from: c:\users\Tato\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2010-09-17 to 2010-10-17 )))))))))))))))))))))))))))))))
.
2010-10-17 16:14 . 2010-10-17 16:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-21 12:37 . 2010-09-21 12:37 -------- d-----w- c:\users\Tato\AppData\Local\Diagnostics
2010-09-19 17:53 . 2010-09-19 17:54 -------- d-----w- c:\program files\PhotoFiltre
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-12-18 90112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\Tato\AppData\Roaming\Mozilla\Firefox\Profiles\pcbrpas5.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-10-17 18:15:50
ComboFix-quarantined-files.txt 2010-10-17 16:15
Pre-Run: Volných bajtů: 13 333 377 024
Post-Run: Volných bajtů: 13 267 279 872
- - End Of File - - 2C13441F0A6BF331DF3C631528AD57F7
musel som pouzit CF lebo mi to vyhadzovalo taku stranku s plno virusmi.
dik
ComboFix 10-10-16.04 - Tato . 10. 2010 18:10:35.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.2039.1542 [GMT 2:00]
Running from: c:\users\Tato\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2010-09-17 to 2010-10-17 )))))))))))))))))))))))))))))))
.
2010-10-17 16:14 . 2010-10-17 16:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-21 12:37 . 2010-09-21 12:37 -------- d-----w- c:\users\Tato\AppData\Local\Diagnostics
2010-09-19 17:53 . 2010-09-19 17:54 -------- d-----w- c:\program files\PhotoFiltre
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-12-18 90112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\Tato\AppData\Roaming\Mozilla\Firefox\Profiles\pcbrpas5.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-10-17 18:15:50
ComboFix-quarantined-files.txt 2010-10-17 16:15
Pre-Run: Volných bajtů: 13 333 377 024
Post-Run: Volných bajtů: 13 267 279 872
- - End Of File - - 2C13441F0A6BF331DF3C631528AD57F7