Dobrý den,
chtěl bych Vás požádat o kontrolu logu z ComboFixu.
Počítač byl zpomalený a většina aplikací se zasekávala při spuštění. Nyní se to zdá být ok, ale to předtím to občas taky bylo chvíli v pohodě.
Děkuji předem za rady.
Dvakrát jsem to projel Combofixem, toto je záznam z druhého projíždění:
ComboFix 10-12-25.01 - FILIP 25.12.2010 21:55:41.2.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4087.2673 [GMT 1:00]
Spuštěný z: c:\users\FILIP\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-25 do 2010-12-25 )))))))))))))))))))))))))))))))
.
2010-12-25 20:57 . 2010-12-25 20:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-25 19:26 . 2010-11-09 20:35 8199504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{130522C9-B9E3-4B00-B88F-18D8F67D3679}\mpengine.dll
2010-12-25 10:58 . 2010-12-25 10:58 -------- d-----w- c:\windows\cs
2010-12-25 10:54 . 2010-12-25 10:54 -------- d-----w- c:\program files\Windows Live
2010-12-24 22:14 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2010-12-24 22:14 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2010-12-24 22:14 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2010-12-24 18:37 . 2010-12-25 00:28 -------- d-----w- C:\Games
2010-12-24 15:05 . 2010-12-24 15:05 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-24 14:37 . 2010-12-24 14:38 -------- d-----w- c:\program files (x86)\PowerISO
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----r- c:\program files (x86)\Skype
2010-12-23 21:35 . 2010-12-23 21:35 -------- d-----w- c:\program files\PDF Viewer
2010-12-23 17:33 . 2010-12-23 17:33 30528 ----a-w- c:\windows\GVTDrv64.sys
2010-12-23 17:32 . 2010-12-25 20:19 25640 ----a-w- c:\windows\gdrv.sys
2010-12-23 17:27 . 2009-06-18 18:43 208896 ----a-w- c:\windows\SysWow64\CommCmd.dll
2010-12-23 17:27 . 2009-05-19 13:34 69944 ----a-w- c:\windows\SysWow64\vhdmount.dll
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\programdata\InstallShield
2010-12-23 17:24 . 2010-12-23 17:28 -------- d-----w- c:\program files (x86)\GIGABYTE
2010-12-23 17:24 . 2010-12-23 17:27 -------- d-----w- c:\program files\GIGABYTE
2010-12-23 17:24 . 2005-02-17 06:15 73728 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\windows\SysWow64\RTCOM
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\program files\Realtek
2010-12-23 17:23 . 2010-12-23 17:23 -------- d-----w- c:\program files (x86)\Realtek
2010-12-23 17:23 . 2010-12-25 00:50 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2010-12-23 17:23 . 2010-12-23 17:24 -------- d--h--w- c:\program files (x86)\Temp
2010-12-23 17:23 . 2010-03-22 06:22 1247776 ------r- c:\windows\RtlExUpd.dll
2010-12-23 17:23 . 2010-12-23 17:25 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2010-12-23 17:22 . 2010-12-23 17:22 -------- d-----w- c:\program files (x86)\Intel
2010-12-23 17:22 . 2010-03-02 08:04 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2010-12-23 17:22 . 2010-12-23 17:22 -------- d-----w- C:\Intel
2010-12-23 17:20 . 2010-12-25 14:11 -------- d-----w- c:\users\FILIP
2010-12-23 15:31 . 2010-12-23 15:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-23 15:31 . 2010-12-23 15:31 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-23 14:36 . 2010-12-24 19:10 -------- d-----r- C:\Music
2010-12-23 14:35 . 2010-12-23 14:35 -------- d-----w- c:\programdata\Skype
2010-12-23 14:30 . 2010-12-23 14:30 -------- d-----w- c:\program files (x86)\ICQ
2010-12-23 14:28 . 2010-12-23 14:28 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2010-12-23 14:27 . 2010-12-25 10:56 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2010-12-23 14:27 . 2010-12-23 14:27 -------- d-----w- c:\windows\PCHEALTH
2010-12-23 14:27 . 2010-12-23 14:27 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2010-12-23 14:25 . 2010-12-23 14:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2010-12-23 14:24 . 2010-12-23 14:24 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2010-12-23 14:23 . 2010-12-23 15:11 -------- d-----w- c:\programdata\Microsoft Help
2010-12-23 14:23 . 2010-12-23 14:23 -------- d-----r- C:\MSOCache
2010-12-23 14:02 . 2010-12-23 14:02 -------- d-----w- c:\programdata\Saitek
2010-12-23 14:02 . 2010-12-23 14:02 -------- d-----w- c:\program files\Saitek
2010-12-23 13:49 . 2010-12-23 13:49 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-23 13:48 . 2010-12-23 13:48 -------- d-----w- c:\program files\Common Files\logishrd
2010-12-23 13:42 . 2010-11-09 20:35 8199504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-23 12:29 . 2010-12-23 12:29 -------- d-----w- c:\windows\Sun
2010-12-23 12:29 . 2010-12-23 12:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-23 12:28 . 2010-11-12 17:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-23 12:28 . 2010-12-24 00:53 -------- d-----w- c:\program files (x86)\Java
2010-12-23 12:12 . 2010-12-25 14:10 -------- d-----w- c:\users\Pavel
2010-12-23 01:31 . 2010-12-23 01:31 -------- d-----w- c:\programdata\AVer MediaCenter
2010-12-23 01:30 . 2009-07-29 06:23 102400 ----a-w- c:\windows\SysWow64\CardID.dll
2010-12-23 01:30 . 2007-02-09 04:09 49152 ----a-w- c:\windows\SysWow64\AVerIO.dll
2010-12-23 01:30 . 2005-04-29 10:08 3456 ----a-w- c:\windows\SysWow64\AVerIO.sys
2010-12-23 01:30 . 2009-07-03 10:38 294912 ----a-w- c:\windows\SysWow64\sptlib11.dll
2010-12-23 01:30 . 2009-07-03 04:49 598016 ----a-w- c:\windows\SysWow64\sptlib21.dll
2010-12-23 01:30 . 2009-05-26 05:56 249856 ----a-w- c:\windows\SysWow64\sptlib03.dll
2010-12-23 01:30 . 2009-05-26 05:56 249856 ----a-w- c:\windows\SysWow64\sptlib01.dll
2010-12-23 01:30 . 2009-03-24 04:59 225280 ----a-w- c:\windows\SysWow64\sptlib02.dll
2010-12-23 01:30 . 2008-12-03 07:03 135168 ----a-w- c:\windows\SysWow64\sptlib12.dll
2010-12-23 01:30 . 2008-10-08 08:31 290816 ----a-w- c:\windows\SysWow64\sptlib22.dll
2010-12-23 01:30 . 2010-12-23 01:30 -------- d-----w- c:\program files (x86)\Common Files\AVerMedia
2010-12-23 01:20 . 2010-12-23 01:20 -------- d-----w- c:\programdata\AVerMedia
2010-12-23 01:20 . 2010-12-25 20:51 -------- d-----w- c:\users\User
2010-12-23 01:20 . 2010-12-23 01:24 -------- d-----w- c:\windows\Driver Cache
2010-12-23 01:20 . 2010-12-23 01:31 -------- d-----w- c:\program files (x86)\AVerMedia
2010-12-23 00:58 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-12-23 00:52 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-23 00:52 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-23 00:52 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-23 00:52 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-23 00:52 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-23 00:32 . 2010-12-25 10:58 -------- d-----w- c:\program files (x86)\Windows Live
2010-12-23 00:31 . 2010-12-25 19:16 -------- d-----w- c:\program files (x86)\Microsoft
2010-12-23 00:30 . 2010-12-23 13:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2010-12-23 00:29 . 2010-12-23 00:29 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2010-12-23 00:28 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-23 00:28 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-23 00:28 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-23 00:25 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-12-23 00:25 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-12-23 00:25 . 2010-03-24 06:37 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
2010-12-23 00:25 . 2010-04-07 07:10 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2010-12-23 00:23 . 2010-11-02 04:40 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-12-23 00:22 . 2010-01-18 23:29 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-12-23 00:09 . 2010-11-04 06:37 696592 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2010-12-23 00:09 . 2010-11-04 05:48 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-12-23 00:09 . 2010-11-04 05:48 163328 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2010-12-23 00:09 . 2010-11-04 04:41 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-12-23 00:09 . 2010-11-04 04:08 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-12-23 00:08 . 2010-12-23 00:08 -------- d-----w- C:\Foto
2010-12-23 00:07 . 2010-12-23 00:07 -------- d-----w- c:\program files (x86)\uTorrent
2010-12-23 00:07 . 2010-12-23 17:19 -------- d-----w- c:\windows\Panther
2010-12-23 00:01 . 2010-12-23 00:01 -------- d-----w- C:\PFiles
2010-12-22 23:53 . 2010-12-22 23:55 -------- d-----w- C:\Zaloha
2010-12-22 18:09 . 2010-12-25 15:37 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-22 18:04 . 2010-12-22 18:04 -------- d-----w- c:\program files (x86)\VideoLAN
2010-12-22 17:53 . 2010-12-22 17:53 -------- d-----w- c:\program files (x86)\Microsoft Antimalware
2010-12-22 17:53 . 2010-12-22 18:10 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-12-22 17:43 . 2010-12-22 17:43 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2010-12-22 17:42 . 2010-12-22 17:42 -------- d-----w- C:\NVIDIA
2010-12-22 17:38 . 2010-12-22 17:52 -------- d-----w- c:\windows\totalcmd
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\UC.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\RAR.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\PKZIP.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\LHA.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\ARJ.PIF
2010-12-22 17:37 . 2010-12-23 01:29 -------- d-----w- C:\Install
2010-12-22 17:36 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-12-22 17:36 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-12-22 17:35 . 2010-12-22 17:35 -------- d-----w- c:\windows\SysWow64\Macromed
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-11-02 04:34 . 2010-12-23 00:23 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2010-10-22 11:43 . 2010-10-22 11:43 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-12-23 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-12-23 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-12-23 30528]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-09 344064]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-10 405504]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service;c:\windows\system32\DRIVERS\AVerBDA3x_x64.sys [2007-08-29 1729024]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1400102357-370865352-3125588132-1000Core.job
- c:\users\FILIP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 23:39]
2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1400102357-370865352-3125588132-1000UA.job
- c:\users\FILIP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 23:39]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1448568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1400102357-370865352-3125588132-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
[HKEY_USERS\S-1-5-21-1400102357-370865352-3125588132-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-25 21:59:14
ComboFix-quarantined-files.txt 2010-12-25 20:59
ComboFix2.txt 2010-12-25 20:51
Před spuštěním: Volných bajtů: 359 345 315 840
Po spuštění: Volných bajtů: 359 054 622 720
- - End Of File - - 9C0F74A28A4C06B4CE65FA145E2F2E8B
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu z Combofixu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu z Combofixu
Buďte rád, že jste si neshodil systém. Spouštět CF bez předchozího informativního skenu RSIT si nedovolí ani profík. Druhý sken je mi k ničemu, pokud první něco smazal, v druhém to neuvidím. Chcete-li vědět, zda jste v systému neměl vir, dejte log z toho prvního (pokud ho najdete a bude k dispozici).Dvakrát jsem to projel Combofixem.....
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu z Combofixu
Aha, tak to jsem teda pitomec. Ještě, že se tak nestalo.
Log z druhého jsem dal protože ten přepsal ten první. Naštěstí jsem v počítači našel i ten první.
ComboFix 10-12-25.01 - FILIP 25.12.2010 21:44:02.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4087.2733 [GMT 1:00]
Spuštěný z: c:\users\FILIP\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\SysWow64\pthreadVC.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-25 do 2010-12-25 )))))))))))))))))))))))))))))))
.
2010-12-25 20:47 . 2010-12-25 20:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-25 19:26 . 2010-11-09 20:35 8199504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{130522C9-B9E3-4B00-B88F-18D8F67D3679}\mpengine.dll
2010-12-25 10:58 . 2010-12-25 10:58 -------- d-----w- c:\windows\cs
2010-12-25 10:54 . 2010-12-25 10:54 -------- d-----w- c:\program files\Windows Live
2010-12-24 22:14 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2010-12-24 22:14 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2010-12-24 22:14 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2010-12-24 18:37 . 2010-12-25 00:28 -------- d-----w- C:\Games
2010-12-24 15:05 . 2010-12-24 15:05 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-24 14:37 . 2010-12-24 14:38 -------- d-----w- c:\program files (x86)\PowerISO
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----r- c:\program files (x86)\Skype
2010-12-23 21:35 . 2010-12-23 21:35 -------- d-----w- c:\program files\PDF Viewer
2010-12-23 17:33 . 2010-12-23 17:33 30528 ----a-w- c:\windows\GVTDrv64.sys
2010-12-23 17:32 . 2010-12-25 20:19 25640 ----a-w- c:\windows\gdrv.sys
2010-12-23 17:27 . 2009-06-18 18:43 208896 ----a-w- c:\windows\SysWow64\CommCmd.dll
2010-12-23 17:27 . 2009-05-19 13:34 69944 ----a-w- c:\windows\SysWow64\vhdmount.dll
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\programdata\InstallShield
2010-12-23 17:24 . 2010-12-23 17:28 -------- d-----w- c:\program files (x86)\GIGABYTE
2010-12-23 17:24 . 2010-12-23 17:27 -------- d-----w- c:\program files\GIGABYTE
2010-12-23 17:24 . 2005-02-17 06:15 73728 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\windows\SysWow64\RTCOM
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\program files\Realtek
2010-12-23 17:23 . 2010-12-23 17:23 -------- d-----w- c:\program files (x86)\Realtek
2010-12-23 17:23 . 2010-12-25 00:50 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2010-12-23 17:23 . 2010-12-23 17:24 -------- d--h--w- c:\program files (x86)\Temp
2010-12-23 17:23 . 2010-03-22 06:22 1247776 ------r- c:\windows\RtlExUpd.dll
2010-12-23 17:23 . 2010-12-23 17:25 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2010-12-23 17:22 . 2010-12-23 17:22 -------- d-----w- c:\program files (x86)\Intel
2010-12-23 17:22 . 2010-03-02 08:04 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2010-12-23 17:22 . 2010-12-23 17:22 -------- d-----w- C:\Intel
2010-12-23 17:20 . 2010-12-25 14:11 -------- d-----w- c:\users\FILIP
2010-12-23 15:31 . 2010-12-23 15:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-23 15:31 . 2010-12-23 15:31 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-23 14:36 . 2010-12-24 19:10 -------- d-----r- C:\Music
2010-12-23 14:35 . 2010-12-23 14:35 -------- d-----w- c:\programdata\Skype
2010-12-23 14:30 . 2010-12-23 14:30 -------- d-----w- c:\program files (x86)\ICQ
2010-12-23 14:28 . 2010-12-23 14:28 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2010-12-23 14:27 . 2010-12-25 10:56 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2010-12-23 14:27 . 2010-12-23 14:27 -------- d-----w- c:\windows\PCHEALTH
2010-12-23 14:27 . 2010-12-23 14:27 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2010-12-23 14:25 . 2010-12-23 14:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2010-12-23 14:24 . 2010-12-23 14:24 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2010-12-23 14:23 . 2010-12-23 15:11 -------- d-----w- c:\programdata\Microsoft Help
2010-12-23 14:23 . 2010-12-23 14:23 -------- d-----r- C:\MSOCache
2010-12-23 14:02 . 2010-12-23 14:02 -------- d-----w- c:\programdata\Saitek
2010-12-23 14:02 . 2010-12-23 14:02 -------- d-----w- c:\program files\Saitek
2010-12-23 13:49 . 2010-12-23 13:49 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-23 13:48 . 2010-12-23 13:48 -------- d-----w- c:\program files\Common Files\logishrd
2010-12-23 13:42 . 2010-11-09 20:35 8199504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-23 12:29 . 2010-12-23 12:29 -------- d-----w- c:\windows\Sun
2010-12-23 12:29 . 2010-12-23 12:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-23 12:28 . 2010-11-12 17:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-23 12:28 . 2010-12-24 00:53 -------- d-----w- c:\program files (x86)\Java
2010-12-23 12:12 . 2010-12-25 14:10 -------- d-----w- c:\users\Pavel
2010-12-23 01:31 . 2010-12-23 01:31 -------- d-----w- c:\programdata\AVer MediaCenter
2010-12-23 01:30 . 2009-07-29 06:23 102400 ----a-w- c:\windows\SysWow64\CardID.dll
2010-12-23 01:30 . 2007-02-09 04:09 49152 ----a-w- c:\windows\SysWow64\AVerIO.dll
2010-12-23 01:30 . 2005-04-29 10:08 3456 ----a-w- c:\windows\SysWow64\AVerIO.sys
2010-12-23 01:30 . 2009-07-03 10:38 294912 ----a-w- c:\windows\SysWow64\sptlib11.dll
2010-12-23 01:30 . 2009-07-03 04:49 598016 ----a-w- c:\windows\SysWow64\sptlib21.dll
2010-12-23 01:30 . 2009-05-26 05:56 249856 ----a-w- c:\windows\SysWow64\sptlib03.dll
2010-12-23 01:30 . 2009-05-26 05:56 249856 ----a-w- c:\windows\SysWow64\sptlib01.dll
2010-12-23 01:30 . 2009-03-24 04:59 225280 ----a-w- c:\windows\SysWow64\sptlib02.dll
2010-12-23 01:30 . 2008-12-03 07:03 135168 ----a-w- c:\windows\SysWow64\sptlib12.dll
2010-12-23 01:30 . 2008-10-08 08:31 290816 ----a-w- c:\windows\SysWow64\sptlib22.dll
2010-12-23 01:30 . 2010-12-23 01:30 -------- d-----w- c:\program files (x86)\Common Files\AVerMedia
2010-12-23 01:20 . 2010-12-23 01:20 -------- d-----w- c:\programdata\AVerMedia
2010-12-23 01:20 . 2010-12-23 01:20 -------- d-----w- c:\users\User
2010-12-23 01:20 . 2010-12-23 01:24 -------- d-----w- c:\windows\Driver Cache
2010-12-23 01:20 . 2010-12-23 01:31 -------- d-----w- c:\program files (x86)\AVerMedia
2010-12-23 00:58 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-12-23 00:52 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-23 00:52 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-23 00:52 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-23 00:52 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-23 00:52 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-23 00:32 . 2010-12-25 10:58 -------- d-----w- c:\program files (x86)\Windows Live
2010-12-23 00:31 . 2010-12-25 19:16 -------- d-----w- c:\program files (x86)\Microsoft
2010-12-23 00:30 . 2010-12-23 13:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2010-12-23 00:29 . 2010-12-23 00:29 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2010-12-23 00:28 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-23 00:28 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-23 00:28 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-23 00:25 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-12-23 00:25 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-12-23 00:25 . 2010-03-24 06:37 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
2010-12-23 00:25 . 2010-04-07 07:10 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2010-12-23 00:23 . 2010-11-02 04:40 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-12-23 00:22 . 2010-01-18 23:29 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-12-23 00:09 . 2010-11-04 06:37 696592 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2010-12-23 00:09 . 2010-11-04 05:48 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-12-23 00:09 . 2010-11-04 05:48 163328 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2010-12-23 00:09 . 2010-11-04 04:41 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-12-23 00:09 . 2010-11-04 04:08 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-12-23 00:08 . 2010-12-23 00:08 -------- d-----w- C:\Foto
2010-12-23 00:07 . 2010-12-23 00:07 -------- d-----w- c:\program files (x86)\uTorrent
2010-12-23 00:07 . 2010-12-23 17:19 -------- d-----w- c:\windows\Panther
2010-12-23 00:01 . 2010-12-23 00:01 -------- d-----w- C:\PFiles
2010-12-22 23:53 . 2010-12-22 23:55 -------- d-----w- C:\Zaloha
2010-12-22 18:09 . 2010-12-25 15:37 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-22 18:04 . 2010-12-22 18:04 -------- d-----w- c:\program files (x86)\VideoLAN
2010-12-22 17:53 . 2010-12-22 17:53 -------- d-----w- c:\program files (x86)\Microsoft Antimalware
2010-12-22 17:53 . 2010-12-22 18:10 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-12-22 17:43 . 2010-12-22 17:43 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2010-12-22 17:42 . 2010-12-22 17:42 -------- d-----w- C:\NVIDIA
2010-12-22 17:38 . 2010-12-22 17:52 -------- d-----w- c:\windows\totalcmd
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\UC.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\RAR.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\PKZIP.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\LHA.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\ARJ.PIF
2010-12-22 17:37 . 2010-12-23 01:29 -------- d-----w- C:\Install
2010-12-22 17:36 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-12-22 17:36 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-12-22 17:35 . 2010-12-22 17:35 -------- d-----w- c:\windows\SysWow64\Macromed
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-11-02 04:34 . 2010-12-23 00:23 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2010-10-22 11:43 . 2010-10-22 11:43 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-12-23 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-12-23 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-12-23 30528]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-09 344064]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-10 405504]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service;c:\windows\system32\DRIVERS\AVerBDA3x_x64.sys [2007-08-29 1729024]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1400102357-370865352-3125588132-1000Core.job
- c:\users\FILIP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 23:39]
2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1400102357-370865352-3125588132-1000UA.job
- c:\users\FILIP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 23:39]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1448568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1400102357-370865352-3125588132-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
[HKEY_USERS\S-1-5-21-1400102357-370865352-3125588132-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-25 21:51:28
ComboFix-quarantined-files.txt 2010-12-25 20:51
Před spuštěním: Volných bajtů: 358 970 179 584
Po spuštění: Volných bajtů: 359 427 592 192
- - End Of File - - F304BE967A121FEF509A0D9EA9609E02
Log z druhého jsem dal protože ten přepsal ten první. Naštěstí jsem v počítači našel i ten první.
ComboFix 10-12-25.01 - FILIP 25.12.2010 21:44:02.1.4 - x64
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4087.2733 [GMT 1:00]
Spuštěný z: c:\users\FILIP\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Disabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\SysWow64\pthreadVC.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-25 do 2010-12-25 )))))))))))))))))))))))))))))))
.
2010-12-25 20:47 . 2010-12-25 20:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-25 19:26 . 2010-11-09 20:35 8199504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{130522C9-B9E3-4B00-B88F-18D8F67D3679}\mpengine.dll
2010-12-25 10:58 . 2010-12-25 10:58 -------- d-----w- c:\windows\cs
2010-12-25 10:54 . 2010-12-25 10:54 -------- d-----w- c:\program files\Windows Live
2010-12-24 22:14 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2010-12-24 22:14 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2010-12-24 22:14 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2010-12-24 18:37 . 2010-12-25 00:28 -------- d-----w- C:\Games
2010-12-24 15:05 . 2010-12-24 15:05 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-24 14:37 . 2010-12-24 14:38 -------- d-----w- c:\program files (x86)\PowerISO
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----r- c:\program files (x86)\Skype
2010-12-23 21:35 . 2010-12-23 21:35 -------- d-----w- c:\program files\PDF Viewer
2010-12-23 17:33 . 2010-12-23 17:33 30528 ----a-w- c:\windows\GVTDrv64.sys
2010-12-23 17:32 . 2010-12-25 20:19 25640 ----a-w- c:\windows\gdrv.sys
2010-12-23 17:27 . 2009-06-18 18:43 208896 ----a-w- c:\windows\SysWow64\CommCmd.dll
2010-12-23 17:27 . 2009-05-19 13:34 69944 ----a-w- c:\windows\SysWow64\vhdmount.dll
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\programdata\InstallShield
2010-12-23 17:24 . 2010-12-23 17:28 -------- d-----w- c:\program files (x86)\GIGABYTE
2010-12-23 17:24 . 2010-12-23 17:27 -------- d-----w- c:\program files\GIGABYTE
2010-12-23 17:24 . 2005-02-17 06:15 73728 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\windows\SysWow64\RTCOM
2010-12-23 17:24 . 2010-12-23 17:24 -------- d-----w- c:\program files\Realtek
2010-12-23 17:23 . 2010-12-23 17:23 -------- d-----w- c:\program files (x86)\Realtek
2010-12-23 17:23 . 2010-12-25 00:50 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2010-12-23 17:23 . 2010-12-23 17:24 -------- d--h--w- c:\program files (x86)\Temp
2010-12-23 17:23 . 2010-03-22 06:22 1247776 ------r- c:\windows\RtlExUpd.dll
2010-12-23 17:23 . 2010-12-23 17:25 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2010-12-23 17:22 . 2010-12-23 17:22 -------- d-----w- c:\program files (x86)\Intel
2010-12-23 17:22 . 2010-03-02 08:04 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2010-12-23 17:22 . 2010-12-23 17:22 -------- d-----w- C:\Intel
2010-12-23 17:20 . 2010-12-25 14:11 -------- d-----w- c:\users\FILIP
2010-12-23 15:31 . 2010-12-23 15:31 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-23 15:31 . 2010-12-23 15:31 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-23 14:36 . 2010-12-24 19:10 -------- d-----r- C:\Music
2010-12-23 14:35 . 2010-12-23 14:35 -------- d-----w- c:\programdata\Skype
2010-12-23 14:30 . 2010-12-23 14:30 -------- d-----w- c:\program files (x86)\ICQ
2010-12-23 14:28 . 2010-12-23 14:28 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2010-12-23 14:27 . 2010-12-25 10:56 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2010-12-23 14:27 . 2010-12-23 14:27 -------- d-----w- c:\windows\PCHEALTH
2010-12-23 14:27 . 2010-12-23 14:27 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2010-12-23 14:25 . 2010-12-23 14:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2010-12-23 14:24 . 2010-12-23 14:24 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2010-12-23 14:23 . 2010-12-23 15:11 -------- d-----w- c:\programdata\Microsoft Help
2010-12-23 14:23 . 2010-12-23 14:23 -------- d-----r- C:\MSOCache
2010-12-23 14:02 . 2010-12-23 14:02 -------- d-----w- c:\programdata\Saitek
2010-12-23 14:02 . 2010-12-23 14:02 -------- d-----w- c:\program files\Saitek
2010-12-23 13:49 . 2010-12-23 13:49 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-23 13:48 . 2010-12-23 13:48 -------- d-----w- c:\program files\Common Files\logishrd
2010-12-23 13:42 . 2010-11-09 20:35 8199504 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-12-23 12:29 . 2010-12-23 12:29 -------- d-----w- c:\windows\Sun
2010-12-23 12:29 . 2010-12-23 12:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-23 12:28 . 2010-11-12 17:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-23 12:28 . 2010-12-24 00:53 -------- d-----w- c:\program files (x86)\Java
2010-12-23 12:12 . 2010-12-25 14:10 -------- d-----w- c:\users\Pavel
2010-12-23 01:31 . 2010-12-23 01:31 -------- d-----w- c:\programdata\AVer MediaCenter
2010-12-23 01:30 . 2009-07-29 06:23 102400 ----a-w- c:\windows\SysWow64\CardID.dll
2010-12-23 01:30 . 2007-02-09 04:09 49152 ----a-w- c:\windows\SysWow64\AVerIO.dll
2010-12-23 01:30 . 2005-04-29 10:08 3456 ----a-w- c:\windows\SysWow64\AVerIO.sys
2010-12-23 01:30 . 2009-07-03 10:38 294912 ----a-w- c:\windows\SysWow64\sptlib11.dll
2010-12-23 01:30 . 2009-07-03 04:49 598016 ----a-w- c:\windows\SysWow64\sptlib21.dll
2010-12-23 01:30 . 2009-05-26 05:56 249856 ----a-w- c:\windows\SysWow64\sptlib03.dll
2010-12-23 01:30 . 2009-05-26 05:56 249856 ----a-w- c:\windows\SysWow64\sptlib01.dll
2010-12-23 01:30 . 2009-03-24 04:59 225280 ----a-w- c:\windows\SysWow64\sptlib02.dll
2010-12-23 01:30 . 2008-12-03 07:03 135168 ----a-w- c:\windows\SysWow64\sptlib12.dll
2010-12-23 01:30 . 2008-10-08 08:31 290816 ----a-w- c:\windows\SysWow64\sptlib22.dll
2010-12-23 01:30 . 2010-12-23 01:30 -------- d-----w- c:\program files (x86)\Common Files\AVerMedia
2010-12-23 01:20 . 2010-12-23 01:20 -------- d-----w- c:\programdata\AVerMedia
2010-12-23 01:20 . 2010-12-23 01:20 -------- d-----w- c:\users\User
2010-12-23 01:20 . 2010-12-23 01:24 -------- d-----w- c:\windows\Driver Cache
2010-12-23 01:20 . 2010-12-23 01:31 -------- d-----w- c:\program files (x86)\AVerMedia
2010-12-23 00:58 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-12-23 00:52 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-23 00:52 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-23 00:52 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-23 00:52 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-23 00:52 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-23 00:32 . 2010-12-25 10:58 -------- d-----w- c:\program files (x86)\Windows Live
2010-12-23 00:31 . 2010-12-25 19:16 -------- d-----w- c:\program files (x86)\Microsoft
2010-12-23 00:30 . 2010-12-23 13:50 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2010-12-23 00:29 . 2010-12-23 00:29 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2010-12-23 00:28 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-23 00:28 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-23 00:28 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-23 00:25 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-12-23 00:25 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-12-23 00:25 . 2010-03-24 06:37 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
2010-12-23 00:25 . 2010-04-07 07:10 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2010-12-23 00:23 . 2010-11-02 04:40 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-12-23 00:22 . 2010-01-18 23:29 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-12-23 00:09 . 2010-11-04 06:37 696592 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2010-12-23 00:09 . 2010-11-04 05:48 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2010-12-23 00:09 . 2010-11-04 05:48 163328 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2010-12-23 00:09 . 2010-11-04 04:41 386048 ----a-w- c:\windows\SysWow64\html.iec
2010-12-23 00:09 . 2010-11-04 04:08 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2010-12-23 00:08 . 2010-12-23 00:08 -------- d-----w- C:\Foto
2010-12-23 00:07 . 2010-12-23 00:07 -------- d-----w- c:\program files (x86)\uTorrent
2010-12-23 00:07 . 2010-12-23 17:19 -------- d-----w- c:\windows\Panther
2010-12-23 00:01 . 2010-12-23 00:01 -------- d-----w- C:\PFiles
2010-12-22 23:53 . 2010-12-22 23:55 -------- d-----w- C:\Zaloha
2010-12-22 18:09 . 2010-12-25 15:37 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-22 18:04 . 2010-12-22 18:04 -------- d-----w- c:\program files (x86)\VideoLAN
2010-12-22 17:53 . 2010-12-22 17:53 -------- d-----w- c:\program files (x86)\Microsoft Antimalware
2010-12-22 17:53 . 2010-12-22 18:10 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-12-22 17:43 . 2010-12-22 17:43 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2010-12-22 17:42 . 2010-12-22 17:42 -------- d-----w- C:\NVIDIA
2010-12-22 17:38 . 2010-12-22 17:52 -------- d-----w- c:\windows\totalcmd
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\UC.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\RAR.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\PKZIP.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\LHA.PIF
2010-12-22 17:38 . 2007-03-21 06:00 545 ----a-w- c:\windows\ARJ.PIF
2010-12-22 17:37 . 2010-12-23 01:29 -------- d-----w- C:\Install
2010-12-22 17:36 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-12-22 17:36 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-12-22 17:35 . 2010-12-22 17:35 -------- d-----w- c:\windows\SysWow64\Macromed
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2010-11-10 01:28 . 2010-11-10 01:28 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-11-02 04:34 . 2010-12-23 00:23 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2010-10-22 11:43 . 2010-10-22 11:43 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-12-23 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-12-23 651264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-12-23 30528]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-09 344064]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-10 405504]
S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 AVerBDA3x_x64;AVerMedia SAA713x BDA Service;c:\windows\system32\DRIVERS\AVerBDA3x_x64.sys [2007-08-29 1729024]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 40832]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1400102357-370865352-3125588132-1000Core.job
- c:\users\FILIP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 23:39]
2010-12-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1400102357-370865352-3125588132-1000UA.job
- c:\users\FILIP\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-22 23:39]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1448568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1400102357-370865352-3125588132-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
[HKEY_USERS\S-1-5-21-1400102357-370865352-3125588132-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-25 21:51:28
ComboFix-quarantined-files.txt 2010-12-25 20:51
Před spuštěním: Volných bajtů: 358 970 179 584
Po spuštění: Volných bajtů: 359 427 592 192
- - End Of File - - F304BE967A121FEF509A0D9EA9609E02
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu z Combofixu
Smazána 1 infikovaná položka, zbytek logu vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu z Combofixu
Děkuji za kontrolu.
Vypadá to, že vše již funguje jak má. Bylo to strašné, nešlo pustit žádné video, televize, písnička (ani na webu),
žádná hra a další důležité aplikace.(vždy to zamrzlo při spuštění)
Díky za velký přínos tohoto fóra které mi párkrát už pomohlo.
Přeji Vašemu týmu poklidný zbytek svátků a hodně úspěchu v roce 2011.
Vypadá to, že vše již funguje jak má. Bylo to strašné, nešlo pustit žádné video, televize, písnička (ani na webu),
žádná hra a další důležité aplikace.(vždy to zamrzlo při spuštění)
Díky za velký přínos tohoto fóra které mi párkrát už pomohlo.
Přeji Vašemu týmu poklidný zbytek svátků a hodně úspěchu v roce 2011.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu z Combofixu
Totéž přeji i já vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?