Stránka 1 z 1

Problém s externím diskem.

Napsal: 17 kvě 2011 17:01
od Willsoon
Zdravím, nedávno jsem známé přeinstalovával operační systém na jejím notebooku a musel jsem si od ní přetáhnout nějaký vir na svůj ext. disk. Všechny složky na něm nejdou otevřít a každá má příponu Ink, po otevření složky vyskočí tato chyba http://imageshack.us/photo/my-images/845/vstiekr.png/

Do jednotlivých složek se dostanu jedině tehdy, když povolím skryté a systémové soubory ( každá složka má svoji skrytou). Stejný problém mám u flešky, na pevných discích to není. Zkoušel jsem to projet různými antivir. programy (avast, spywaredoctor, malwarebytes), nějaké viry jsem tam našel, ale po odstranění účinek žádný. Prosím o pomoc.

příkládám logy z RSIT a combofix:

RSIT LOG

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukáš at 2011-05-17 17:24:30
Microsoft Windows 7 Ultimate
System drive C: has 10 GB (10%) free of 100 GB
Total RAM: 6135 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:44, on 17.5.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
O:\RSIT.exe
C:\Program Files (x86)\trend micro\Lukáš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12802 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12 1144784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-27 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2011-03-27 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files (x86)\Seznam.cz\listicka.dll [2011-03-15 2201600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll [2011-03-10 183808]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-27 278192]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12 1144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-08-26 75048]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"PCTools FGuard"=C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [2011-04-12 247760]
"AutorunRemover.exe"=C:\Program Files (x86)\AutorunRemover\AutorunRemover.exe -Hide []
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
WDDMStatus.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-05-17 17:24:31 ----D---- C:\Program Files (x86)\trend micro
2011-05-17 17:24:30 ----D---- C:\rsit
2011-05-15 18:58:28 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2011-05-15 18:58:23 ----D---- C:\ProgramData\Alwil Software
2011-05-14 09:05:49 ----D---- C:\Windows\Minidump
2011-05-13 12:34:31 ----D---- C:\Program Files (x86)\AutorunRemover
2011-05-13 12:11:18 ----D---- C:\Users\Lukáš\AppData\Roaming\PCTools
2011-05-13 11:32:30 ----D---- C:\Users\Lukáš\AppData\Roaming\Malwarebytes
2011-05-13 11:32:23 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
2011-05-13 11:32:22 ----D---- C:\ProgramData\Malwarebytes
2011-05-13 11:32:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-05-13 10:42:45 ----A---- C:\Windows\ntbtlog.txt
2011-05-13 09:59:25 ----A---- C:\Windows\SGDetectionTool.dll
2011-05-13 09:59:25 ----A---- C:\Windows\PCTBDRes.dll
2011-05-13 09:59:25 ----A---- C:\Windows\PCTBDCore.dll
2011-05-13 09:59:25 ----A---- C:\Windows\BDTSupport.dll
2011-05-13 09:56:24 ----D---- C:\ProgramData\PC Tools
2011-05-13 09:56:24 ----D---- C:\Program Files (x86)\PC Tools Security
2011-05-13 09:56:24 ----D---- C:\Program Files (x86)\Common Files\PC Tools
2011-05-11 21:00:48 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2011-05-11 21:00:48 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2011-05-01 11:14:19 ----D---- C:\Windows\Sun
2011-04-27 23:32:59 ----A---- C:\Windows\explorer.exe
2011-04-27 23:32:58 ----A---- C:\Windows\SysWOW64\explorer.exe
2011-04-27 23:32:57 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2011-04-27 23:32:49 ----A---- C:\Windows\SysWOW64\esent.dll
2011-04-27 23:32:48 ----A---- C:\Windows\SysWOW64\fsutil.exe
2011-04-27 23:32:42 ----A---- C:\Windows\SysWOW64\prevhost.exe
2011-04-26 18:11:45 ----D---- C:\ProgramData\FLEXnet
2011-04-24 16:35:08 ----D---- C:\Program Files (x86)\Boilsoft Video Joiner
2011-04-24 09:26:23 ----D---- C:\Program Files (x86)\Common Files\3DO Shared
2011-04-24 09:26:23 ----D---- C:\Program Files (x86)\3DO
2011-04-24 09:25:49 ----A---- C:\Windows\IsUninst.exe
2011-04-18 21:14:22 ----D---- C:\Program Files (x86)\CCleaner

======List of files/folders modified in the last 1 months======

2011-05-17 17:24:31 ----RD---- C:\Program Files (x86)
2011-05-17 17:15:02 ----D---- C:\Windows
2011-05-17 17:00:15 ----D---- C:\Users\Lukáš\AppData\Roaming\vlc
2011-05-17 16:37:40 ----D---- C:\Windows\Temp
2011-05-17 16:22:44 ----AD---- C:\ProgramData\Temp
2011-05-16 20:27:24 ----D---- C:\Users\Lukáš\AppData\Roaming\dvdcss
2011-05-16 19:03:27 ----D---- C:\Program Files (x86)\RapidShareManager
2011-05-16 18:38:18 ----D---- C:\Windows\Prefetch
2011-05-15 23:16:14 ----SHD---- C:\System Volume Information
2011-05-15 19:15:03 ----SHD---- C:\Windows\Installer
2011-05-15 19:14:56 ----HD---- C:\ProgramData
2011-05-15 19:14:55 ----RD---- C:\Program Files
2011-05-15 19:14:46 ----D---- C:\Windows\inf
2011-05-15 18:58:41 ----D---- C:\Windows\SysWOW64
2011-05-15 18:58:41 ----D---- C:\Windows\System32
2011-05-13 11:32:23 ----D---- C:\Windows\SysWOW64\drivers
2011-05-13 09:57:13 ----D---- C:\Windows\winsxs
2011-05-13 09:56:24 ----D---- C:\Program Files (x86)\Common Files
2011-05-07 02:32:56 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-01 19:19:34 ----A---- C:\treelog.txt
2011-04-29 00:58:16 ----D---- C:\Users\Lukáš\AppData\Roaming\ICQ
2011-04-28 21:52:22 ----D---- C:\Windows\rescache
2011-04-28 17:37:44 ----D---- C:\Windows\SysWOW64\cs-CZ
2011-04-28 17:37:44 ----D---- C:\Windows\AppPatch
2011-04-28 00:56:45 ----D---- C:\Windows\debug
2011-04-26 18:19:00 ----D---- C:\Users\Lukáš\AppData\Roaming\Autodesk
2011-04-26 18:17:52 ----D---- C:\ProgramData\Autodesk

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys []
R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS64.sys []
R0 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys []
R0 TFSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 pctgntdi;pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi64.sys []
R1 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD64.sys []
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys []
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys []
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/03/04 16:46:45]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-08-26 146928]
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys []
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys []
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys []
S3 a8frkkha;a8frkkha; C:\Windows\SysWOW64\drivers\a8frkkha.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\LUK~1\AppData\Local\Temp\ALSysIO64.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 pctplsg;pctplsg; \??\C:\Windows\System32\drivers\pctplsg64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcuxd.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2008-09-10 352256]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-07-15 409600]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-04-12 337872]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-03-29 66872]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 116224]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-20 1436424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-02-18 371472]
S3 sdCoreService;PC Tools Security Service; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-04-06 1117144]
S3 ThreatFire;ThreatFire; C:\Program Files (x86)\PC Tools Security\TFEngine\TFService.exe [2011-01-20 70928]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------


COMBOFIX LOG


ComboFix 11-05-16.04 - Lukáš 17.05.2011 17:36:56.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6135.4257 [GMT 2:00]
Spuštěný z: O:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Spyware Doctor with AntiVirus *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\Filters
c:\windows\SysWow64\Filters\AviSplitter.ax
c:\windows\SysWow64\Filters\ffdshow\custom matrices\andreas_78er.matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\andreas_doppelte_99er.matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\andreas_einfache_99er.matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Bulletproof's Heavy Compression Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Bulletproof's High Quality Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\CG-Animation Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\hvs-best-picture.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\hvs-better-picture.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\hvs-good-picture.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Low Bitrate Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\MPEG.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\pvcd.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Soulhunters V3.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Soulhunters V5.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Standard.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Ultimate Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Ultra Low Bitrate Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\custom matrices\Very Low Bitrate Matrix.xcm
c:\windows\SysWow64\Filters\ffdshow\dict\Czech.dic
c:\windows\SysWow64\Filters\ffdshow\dict\dicts.txt
c:\windows\SysWow64\Filters\ffdshow\dict\Greek.dic
c:\windows\SysWow64\Filters\ffdshow\dict\Polski.dic
c:\windows\SysWow64\Filters\ffdshow\ff_kernelDeint.dll
c:\windows\SysWow64\Filters\ffdshow\ff_liba52.dll
c:\windows\SysWow64\Filters\ffdshow\ff_libdts.dll
c:\windows\SysWow64\Filters\ffdshow\ff_libfaad2.dll
c:\windows\SysWow64\Filters\ffdshow\ff_libmad.dll
c:\windows\SysWow64\Filters\ffdshow\ff_realaac.dll
c:\windows\SysWow64\Filters\ffdshow\ff_samplerate.dll
c:\windows\SysWow64\Filters\ffdshow\ff_theora.dll
c:\windows\SysWow64\Filters\ffdshow\ff_tremor.dll
c:\windows\SysWow64\Filters\ffdshow\ff_unrar.dll
c:\windows\SysWow64\Filters\ffdshow\ff_wmv9.dll
c:\windows\SysWow64\Filters\ffdshow\ff_x264.dll
c:\windows\SysWow64\Filters\ffdshow\ffdshow.ax
c:\windows\SysWow64\Filters\ffdshow\ffdshow.ax.manifest
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1028.tc
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1029.cz
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1031.de
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1033.en
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1034.es
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1036.fr
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1038.hu
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1040.it
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1041.ja
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1041.jp
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1045.pl
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1046.br
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1049.ru
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1051.sk
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.1053.se
c:\windows\SysWow64\Filters\ffdshow\languages\ffdshow.2052.sc
c:\windows\SysWow64\Filters\ffdshow\libavcodec.dll
c:\windows\SysWow64\Filters\ffdshow\libmpeg2_ff.dll
c:\windows\SysWow64\Filters\ffdshow\libmplayer.dll
c:\windows\SysWow64\Filters\ffdshow\reg\ffdshow.reg
c:\windows\SysWow64\Filters\ffdshow\reg\reg.exe
c:\windows\SysWow64\Filters\ffdshow\reg\rempc.reg
c:\windows\SysWow64\Filters\ffdshow\TomsMoComp_ff.dll
c:\windows\SysWow64\Filters\FLVSplitter.ax
c:\windows\SysWow64\Filters\MatroskaSplitter.ax
c:\windows\SysWow64\Filters\MP4Splitter.ax
c:\windows\SysWow64\Filters\Quicktime.ax
c:\windows\SysWow64\Filters\RealMediaSplitter.ax
c:\windows\SysWow64\Filters\VSFilter.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-17 do 2011-05-17 )))))))))))))))))))))))))))))))
.
.
2011-05-17 15:43 . 2011-05-17 15:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 15:24 . 2011-05-17 15:25 -------- d-----w- c:\program files (x86)\trend micro
2011-05-17 15:24 . 2011-05-17 15:25 -------- d-----w- C:\rsit
2011-05-16 00:05 . 2011-05-16 00:05 -------- d-----w- c:\users\Lukáš\AppData\Local\ElevatedDiagnostics
2011-05-15 16:58 . 2011-01-13 07:41 273488 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-15 16:58 . 2011-01-13 07:37 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-15 16:58 . 2011-01-13 07:40 51792 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-15 16:58 . 2011-01-13 07:37 29264 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-15 16:58 . 2011-01-13 07:47 237168 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-15 16:58 . 2011-01-13 07:37 62032 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-15 16:58 . 2011-01-13 07:47 38848 ----a-w- c:\windows\avastSS.scr
2011-05-15 16:58 . 2011-01-13 07:47 188216 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-05-15 16:58 . 2011-05-15 16:58 -------- d-----w- c:\programdata\Alwil Software
2011-05-15 16:58 . 2011-05-15 16:58 -------- d-----w- c:\program files\Alwil Software
2011-05-13 10:34 . 2011-05-16 16:39 -------- d-----w- c:\program files (x86)\AutorunRemover
2011-05-13 10:11 . 2011-05-13 10:11 -------- d-----w- c:\users\Lukáš\AppData\Roaming\PCTools
2011-05-13 09:32 . 2011-05-13 09:32 -------- d-----w- c:\users\Lukáš\AppData\Roaming\Malwarebytes
2011-05-13 09:32 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-13 09:32 . 2011-05-13 09:32 -------- d-----w- c:\programdata\Malwarebytes
2011-05-13 09:32 . 2011-05-13 09:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-13 09:32 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-13 09:06 . 2011-01-20 11:27 74824 --s---w- c:\windows\system32\drivers\TfSysMon.sys
2011-05-13 09:06 . 2011-01-20 11:27 41888 --s---w- c:\windows\system32\drivers\TfNetMon.sys
2011-05-13 09:06 . 2011-01-20 11:27 65072 --s---w- c:\windows\system32\drivers\TfFsMon.sys
2011-05-13 07:59 . 2011-04-12 08:44 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-05-11 19:00 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 19:00 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 19:00 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 19:00 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 19:00 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 19:00 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 19:00 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 19:00 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 19:00 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 19:00 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 19:00 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C257E0D-DD89-45EA-AB3F-7CE3F2C3E6A9}\mpengine.dll
2011-05-01 09:14 . 2011-05-01 09:14 -------- d-----w- c:\windows\Sun
2011-04-26 16:11 . 2011-04-26 16:11 -------- d-----w- c:\programdata\FLEXnet
2011-04-24 14:35 . 2011-04-24 14:35 -------- d-----w- c:\program files (x86)\Boilsoft Video Joiner
2011-04-24 07:26 . 2011-04-24 07:26 -------- d-----w- c:\program files (x86)\Common Files\3DO Shared
2011-04-24 07:26 . 2011-04-24 07:26 -------- d-----w- c:\program files (x86)\3DO
2011-04-24 07:25 . 1998-10-02 17:00 327168 ----a-w- c:\windows\IsUninst.exe
2011-04-20 15:22 . 2011-04-20 15:22 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-18 19:14 . 2011-04-18 19:14 -------- d-----w- c:\program files (x86)\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-03-29 19:26 . 2011-03-29 18:28 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-29 19:26 . 2011-03-29 18:28 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-29 19:26 . 2011-03-29 18:28 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-03-15 16:48 . 2011-03-15 16:48 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-15 16:48 . 2011-03-15 16:48 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-15 16:48 . 2011-03-15 16:48 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-03-15 16:48 . 2011-03-15 16:48 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-03-15 16:48 . 2011-03-15 16:48 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-03-15 16:48 . 2011-03-15 16:48 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-03-15 16:48 . 2011-03-15 16:48 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-03-15 16:48 . 2011-03-15 16:48 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-03-15 16:48 . 2011-03-15 16:48 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-03-15 16:48 . 2011-03-15 16:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-15 16:48 . 2011-03-15 16:48 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-03-15 16:48 . 2011-03-15 16:48 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-03-15 16:48 . 2011-03-15 16:48 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-03-15 16:48 . 2011-03-15 16:48 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-03-15 16:48 . 2011-03-15 16:48 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-15 16:48 . 2011-03-15 16:48 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-03-15 16:48 . 2011-03-15 16:48 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-03-15 16:48 . 2011-03-15 16:48 222208 ----a-w- c:\windows\system32\msls31.dll
2011-03-15 16:48 . 2011-03-15 16:48 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-03-15 16:48 . 2011-03-15 16:48 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-15 16:48 . 2011-03-15 16:48 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-03-15 16:48 . 2011-03-15 16:48 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-03-15 16:48 . 2011-03-15 16:48 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-03-15 16:48 . 2011-03-15 16:48 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-03-15 16:48 . 2011-03-15 16:48 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-03-15 16:48 . 2011-03-15 16:48 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-03-15 16:48 . 2011-03-15 16:48 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-15 16:48 . 2011-03-15 16:48 12288 ----a-w- c:\windows\system32\mshta.exe
2011-03-15 16:48 . 2011-03-15 16:48 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-03-15 16:48 . 2011-03-15 16:48 114176 ----a-w- c:\windows\system32\admparse.dll
2011-03-15 16:48 . 2011-03-15 16:48 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-03-15 16:48 . 2011-03-15 16:48 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-15 16:48 . 2011-03-15 16:48 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-03-15 16:48 . 2011-03-15 16:48 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-03-15 16:48 . 2011-03-15 16:48 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-03-15 16:48 . 2011-03-15 16:48 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-03-15 16:48 . 2011-03-15 16:48 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-03-15 16:48 . 2011-03-15 16:48 448512 ----a-w- c:\windows\system32\html.iec
2011-03-15 16:48 . 2011-03-15 16:48 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-15 16:48 . 2011-03-15 16:48 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-03-15 16:48 . 2011-03-15 16:48 160256 ----a-w- c:\windows\system32\wextract.exe
2011-03-15 16:48 . 2011-03-15 16:48 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-11 06:19 . 2011-04-14 16:27 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-14 16:27 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-14 16:27 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:40 . 2011-04-14 16:27 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:14 . 2011-04-14 16:27 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-14 16:27 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-06 08:20 . 2011-03-06 08:20 65536 ----a-r- c:\users\Lukáš\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2011-03-06 08:20 . 2011-03-06 08:20 65536 ----a-r- c:\users\Lukáš\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2011-03-04 15:44 . 2011-03-04 15:45 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2011-03-04 15:44 . 2008-12-04 09:40 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-03-04 15:44 . 2008-12-04 09:40 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-03-04 06:17 . 2011-04-27 21:32 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-27 21:32 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-14 16:27 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-14 16:27 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-14 16:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-14 16:27 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-15 05:19 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-15 05:19 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 05:16 . 2011-04-14 16:27 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-14 16:27 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-14 16:27 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-14 16:27 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-14 16:27 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-14 16:27 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-14 16:27 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-02-19 06:37 . 2011-03-09 14:27 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 14:27 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 14:27 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:36 . 2011-04-14 16:27 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 05:32 . 2011-03-09 14:27 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 14:27 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-19 05:32 . 2011-04-14 16:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-19 04:13 . 2011-04-14 16:27 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-02-19 03:37 . 2011-04-14 16:27 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files (x86)\Seznam.cz\toolbar\toolbar.dll" [2011-03-10 183808]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-08-26 75048]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-04-12 247760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-1-28 159744]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-1-28 663552]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2111296]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
R3 ALSysIO;ALSysIO;c:\users\LUK~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-03-20 1436424]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2011-02-18 371472]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools Security\TFEngine\TFService.exe service [x]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
S1 aswSP;aswSP; [x]
S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/03/04 16:46];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-08-26 09:18 146928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2008-09-10 352256]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-07-15 409600]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-04-12 337872]
S2 NAUpdate;Aktualizace Nero;c:\program files (x86)\Nero\Update\NASvc.exe [2010-02-18 462632]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 116224]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 AVerFx2hbtv64;AVerMedia USB SW Hybrid Tuner;c:\windows\system32\drivers\AVerFx2hbtv64.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 17:57]
.
2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-27 17:57]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files (x86)\ICQ7.1\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files (x86)\Seznam.cz\listicka.dll
LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
.
.
------- Asociace souborů -------
.
.scr does not exist!
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-AutorunRemover.exe - c:\program files (x86)\AutorunRemover\AutorunRemover.exe
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-265546915-3213521108-2806015542-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,0d,8d,0c,2e,c3,ca,78,d6,7e,e9,3f,74,b4,1c,8d,73,32,ad,f4,03,2d,8b,
43,7e,0a,ff,54,70,b5,c6,2d,ae,6a,b9,21,9e,5c,f8,d6,4e,e0,0f,af,97,5c,21,d7,\
"??"=hex:3b,ed,7c,cd,0f,1d,24,6d,a7,2b,b7,bc,e0,50,1b,5c
.
[HKEY_USERS\S-1-5-21-265546915-3213521108-2806015542-1000\Software\SecuROM\License information*]
"datasecu"=hex:28,c4,74,6a,52,fa,db,59,f7,00,dd,f2,d1,8b,bd,d7,55,04,27,ca,e0,
82,a9,54,61,a8,7c,50,9c,3d,f6,58,ac,8a,ae,55,55,53,8d,66,1e,40,2c,f3,e9,2b,\
"rkeysecu"=hex:80,0d,25,13,58,53,34,87,55,85,59,24,a1,7f,15,32
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-05-17 17:47:15
ComboFix-quarantined-files.txt 2011-05-17 15:47
.
Před spuštěním: Volných bajtů: 11 651 088 384
Po spuštění: Volných bajtů: 12 292 689 920
.
- - End Of File - - 0D6D9C0A05DE016E4F37F5032E4B24D6

Re: Problém s externím diskem.

Napsal: 17 kvě 2011 18:58
od Rudy
CF smazal vše, co měl. Připojte zavirovaný disk a spusťte FlashDisinfector: http://www.myantispyware.com/2009/01/08 ... oval-tool/ .

Re: Problém s externím diskem.

Napsal: 18 kvě 2011 20:33
od Willsoon
Díky za pomoc,disk už je v pohodě.

Re: Problém s externím diskem.

Napsal: 18 kvě 2011 21:37
od Rudy
Nemáte zač!