uf to bylo neco..ale tak snad se podarilo.Tak tady log:
ComboFix 12-05-31.02 - acer 01.11.2008 5:44.1.2 - x64 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.2814.2155 [GMT 1:00]
Spuštěný z: c:\users\acer\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\HTV
c:\program files (x86)\HTV\akv.cfg
c:\users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32.exe
c:\users\Public\Documents\NTIBUN5.dll
c:\users\Public\Documents\NTIMP3.dll
c:\users\Public\Documents\NTIMPEG2.dll
c:\users\Public\Documents\NTIOFM4.dll
c:\windows\iun6002.exe
c:\windows\system32\drivers\etc\host
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
---- Předchozí spuštění -------
.
c:\program files (x86)\HTV
c:\program files (x86)\HTV\akv.cfg
c:\program files (x86)\HTV\htv.001
c:\program files (x86)\HTV\HTV.002
c:\users\acer\AppData\Local\assembly\tmp
c:\users\acer\AppData\Local\Temp\rundll32.exe
c:\users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32.exe
c:\users\Public\Documents\NTIBUN5.dll
c:\users\Public\Documents\NTIMP3.dll
c:\users\Public\Documents\NTIMPEG2.dll
c:\users\Public\Documents\NTIOFM4.dll
c:\windows\iun6002.exe
c:\windows\system32\drivers\etc\host
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-10-01 do 2008-11-01 )))))))))))))))))))))))))))))))
.
.
2012-01-07 12:55 . 2012-01-07 13:09 -------- d-----w- c:\program files (x86)\Real
2011-12-18 08:10 . 2011-12-18 08:27 -------- d-----w- c:\program files (x86)\NCsoft
2011-09-15 08:51 . 2011-09-15 08:51 -------- d-----w- c:\program files (x86)\JoWooD
2011-09-13 12:04 . 2012-01-07 13:01 -------- d-----w- c:\program files (x86)\DsNET Corp
2011-06-17 12:25 . 2011-04-21 15:02 634648 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2011-06-17 10:50 . 2011-05-02 12:00 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2011-06-17 10:45 . 2011-05-02 16:00 766464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\vgx\VGX.dll
2011-05-29 09:45 . 2010-12-28 14:56 708608 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-05-29 09:45 . 2010-12-28 14:56 57344 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadcs.dll
2011-05-29 09:45 . 2010-12-28 14:56 253952 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-05-29 09:45 . 2010-12-28 14:56 241664 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-05-29 09:45 . 2010-12-28 14:56 180224 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-05-29 09:43 . 2010-10-12 15:48 33280 ----a-w- c:\program files (x86)\Windows Mail\wabfind.dll
2011-05-29 09:43 . 2010-10-12 13:52 66048 ----a-w- c:\program files (x86)\Windows Mail\wabmig.exe
2011-05-29 09:43 . 2010-10-12 13:52 515584 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2010-11-14 16:41 . 2010-11-15 14:04 -------- d-----w- c:\program files (x86)\JoWooD Entertainment AG
2010-10-31 14:40 . 2010-10-31 14:40 -------- d-----w- c:\programdata\ATI
2010-10-31 11:26 . 2010-10-31 14:30 -------- d-----w- c:\program files\ATI Technologies
2010-10-21 14:40 . 2010-10-21 14:40 -------- d-----w- c:\program files (x86)\Microsoft Games
2010-10-17 16:54 . 2010-10-17 16:54 -------- d-----w- c:\program files\Windows NT
2010-10-15 09:55 . 2010-06-28 14:31 339968 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe
2010-10-15 09:54 . 2010-09-10 16:35 168960 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2010-10-11 17:07 . 2008-11-05 18:25 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2010-10-11 14:23 . 2010-10-11 14:23 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2010-10-11 13:51 . 2010-10-11 14:05 -------- d-----w- c:\program files\2K Games
2010-09-28 20:35 . 2008-11-05 18:17 -------- d-----w- C:\bwinPoker
2010-08-09 18:43 . 2010-08-09 18:43 -------- d-----w- c:\program files\WinPcap
2010-08-06 11:44 . 2010-08-06 11:44 -------- d-----w- c:\programdata\Funcom
2010-07-11 19:41 . 2010-07-11 19:41 -------- d-----r- c:\program files (x86)\Skype
2010-07-11 19:41 . 2010-07-11 19:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-07-11 19:41 . 2010-07-11 19:41 -------- d-----w- c:\programdata\Skype
2010-06-25 19:58 . 2008-10-31 06:06 -------- d-----w- c:\program files (x86)\Warcraft III
2010-06-10 15:01 . 2010-06-10 15:01 -------- d-----w- c:\program files\Reference Assemblies
2010-05-27 17:27 . 2010-05-27 17:27 -------- d-----w- c:\program files\Alwil Software
2010-05-27 17:23 . 2010-05-27 17:23 -------- d-----w- c:\program files (x86)\3DO
2010-05-13 13:06 . 2009-01-17 09:35 -------- d-----w- c:\program files (x86)\Diablo II
2010-05-12 13:15 . 2010-01-29 16:22 1616384 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2010-04-16 10:42 . 2010-08-14 01:23 -------- d-----w- c:\program files\Movie Maker
2010-04-15 07:59 . 2008-10-31 02:18 -------- d-----w- c:\program files\Windows Mail
2010-04-14 14:12 . 2010-03-09 20:23 6611280 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A5CC2050-880D-43BD-B1E3-A487218FBEEB}\mpengine.dll
2010-01-08 14:02 . 2009-02-08 08:14 -------- d-----w- c:\program files (x86)\Common Files\Steam
2009-12-18 11:02 . 2009-12-18 11:02 -------- d-----w- c:\program files (x86)\BurnAware Free
2009-12-10 05:24 . 2009-12-10 05:24 -------- d-----w- c:\programdata\WindowsSearch
2009-11-15 23:38 . 2009-11-15 23:38 -------- d-----w- c:\program files (x86)\Codec Pack - All In 1
2009-11-15 23:19 . 2009-01-18 20:55 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2009-11-15 23:19 . 2009-01-18 20:55 -------- d-----w- c:\program files (x86)\DivX
2009-11-14 09:52 . 2009-11-14 09:52 -------- d-----w- c:\programdata\Meridian93
2009-11-13 11:52 . 2008-11-01 04:20 -------- d-----w- c:\program files (x86)\Webteh
2009-11-10 12:57 . 2008-11-23 11:06 -------- d-----w- c:\program files (x86)\EA Games
2009-11-10 11:19 . 2009-11-15 23:10 -------- d-----w- c:\programdata\Electronic Arts
2009-11-09 20:54 . 2009-11-10 12:53 -------- d-----w- c:\program files (x86)\Electronic Arts
2009-11-06 17:51 . 2010-04-14 14:14 -------- d-----w- c:\users\AppData
2009-11-06 17:51 . 2009-11-06 17:51 -------- d-----w- c:\program files (x86)\Alcohol Soft
2009-11-06 17:30 . 2009-11-06 17:30 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2009-11-06 17:29 . 2009-11-06 17:30 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2009-11-06 17:28 . 2009-11-06 17:29 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-11-05 16:11 . 2008-11-04 15:48 -------- d-----w- c:\program files (x86)\uTorrent
2009-11-05 15:58 . 2009-02-01 20:09 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2009-11-05 15:58 . 2009-11-05 15:59 -------- d-----w- c:\program files (x86)\Winamp
2009-11-05 15:53 . 2009-11-05 15:53 -------- d-----w- c:\program files (x86)\MSXML 4.0
2009-11-05 15:17 . 2009-09-10 15:21 1418752 ----a-w- c:\program files (x86)\Windows Media Player\setup_wm.exe
2009-11-05 15:17 . 2009-11-05 15:17 -------- d-----w- c:\programdata\ICQ
2009-11-05 15:13 . 2008-11-19 18:54 -------- d-----w- c:\program files (x86)\ICQ6.5
2009-11-05 15:07 . 2009-07-14 10:59 107520 ----a-w- c:\program files (x86)\Windows Media Player\wmpconfig.exe
2009-11-05 15:07 . 2009-07-14 10:58 107520 ----a-w- c:\program files (x86)\Windows Media Player\wmpshare.exe
2009-11-05 11:54 . 2009-11-05 11:54 -------- d-----w- c:\program files\YUAN
2009-11-05 11:50 . 2010-04-16 16:24 -------- d-----w- c:\program files (x86)\Google
2009-11-05 11:48 . 2008-11-01 04:06 -------- d-----w- c:\users\acer
2009-11-05 11:23 . 2009-11-05 11:23 -------- d-----w- c:\users\Default\AppData\Roaming\ATI
2009-11-05 11:23 . 2009-11-05 11:23 -------- d-----w- c:\users\Default\AppData\Local\ATI
2009-11-05 11:21 . 2010-10-31 14:29 -------- d-----w- c:\program files (x86)\ATI Technologies
2009-11-05 11:20 . 2009-11-05 11:20 -------- d-----w- c:\program files\ATI
2009-07-12 10:11 . 2009-07-12 10:11 670016 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VC\msdia90.dll
2009-07-11 20:37 . 2009-07-11 20:37 641536 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VC\msdia80.dll
2009-04-04 20:34 . 2009-01-18 20:55 -------- d-----w- c:\programdata\DivX
2009-03-07 19:06 . 2008-11-01 13:01 -------- d-----w- c:\programdata\Spyware Terminator
2009-03-07 19:06 . 2008-11-01 13:01 -------- d-----w- c:\program files (x86)\Spyware Terminator
2009-03-07 18:55 . 2010-08-11 10:30 -------- d-----w- c:\programdata\Alwil Software
2009-03-07 18:55 . 2010-04-15 07:54 -------- d-----w- c:\program files\Setup
2009-03-07 18:09 . 2008-11-08 06:04 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2009-03-06 11:17 . 2009-03-06 11:17 -------- d-----w- c:\programdata\Solidshield
2009-03-05 11:48 . 2009-03-05 11:48 -------- d-----w- c:\programdata\Blizzard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-29 15:25 . 2011-07-18 02:42 344576 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 14:54 . 2011-07-18 02:42 276992 ----a-w- c:\windows\SysWow64\schannel.dll
2011-03-03 15:06 . 2011-05-29 09:48 100352 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2011-03-03 15:06 . 2011-05-29 09:48 331776 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:06 . 2011-05-29 09:48 281600 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2011-03-03 14:56 . 2011-05-29 09:48 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 14:56 . 2011-05-29 09:48 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 14:56 . 2011-05-29 09:48 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 14:56 . 2011-05-29 09:48 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-11-06 04:35 . 2011-05-29 09:42 854528 ----a-w- c:\windows\system32\schedsvc.dll
2009-06-07 05:27 . 2002-12-20 13:02 1071088 ----a-w- c:\windows\SysWow64\MsComCtl.ocx
2009-03-17 03:52 . 2009-11-05 15:13 55296 ----a-w- c:\windows\apppatch\AppPatch64\apihex64.dll
2009-03-17 03:38 . 2009-11-05 15:13 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2008-11-01 03:57 . 2009-02-20 13:04 145920 ----a-w- c:\windows\apppatch\AppPatch64\iebrshim.dll
2008-11-01 03:44 . 2009-02-20 13:04 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2008-09-19 21:55 . 2008-09-19 21:55 200704 ----a-w- c:\windows\SysWow64\ssldivx.dll
2008-09-19 21:55 . 2008-09-19 21:55 1044480 ----a-w- c:\windows\SysWow64\libdivx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"SpywareTerminatorUpdate"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-11-28 3318784]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-11-09 3077528]
"Facebook Update"="c:\users\acer\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-12-30 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PCMMediaSharing"="c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-05-20 204908]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2009-07-01 37888]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-24 98304]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-05-20 269448]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1018544741-754534756-2578017032-1000Core.job
- c:\users\acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-30 15:42]
.
2012-01-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1018544741-754534756-2578017032-1000UA.job
- c:\users\acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-30 15:42]
.
2008-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-15 23:19]
.
2009-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-15 23:19]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:53 50736 ----a-w- c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eDataSecurity Loader"="c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe" [2008-07-29 561200]
"RtHDVCpl"="RAVCpl64.exe" [2008-05-20 6296064]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files (x86)\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files (x86)\Verdict Free\etnxp.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.2.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\gbm0a0lm.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-eRecoveryService - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-Acer Empowering Technology Monitor - c:\program files\Acer\Empowering Technology\SysMonitor.exe
HKLM-Run-EmpoweringTechnology - c:\program files\Acer\Empowering Technology\Framework.Launcher.exe
AddRemove-4shared Desktop - c:\users\acer\Desktop\MOJE SLOZKY\Game\Lineage 2 int\4shared Desktop\uninstall.exe
AddRemove-7-Zip - c:\users\acer\Desktop\CSS\7-Zip\Uninstall.exe
AddRemove-CCleaner - c:\users\acer\Desktop\CCleaner\uninst.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-CSS FULL DZ [Oct 15 2007] - c:\users\acer\Desktop\Tom\Game\VALVe\Counter-Strike Source\uninst.exe
AddRemove-Left 4 Dead_is1 - c:\program files (x86)\Left4Dead\unins000.exe
AddRemove-S.T.A.L.K.E.R. - Shadow of Chernobyl_is1 - d:\program files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457} - c:\program files (x86)\Acer GameZone\Galapago\Uninstall.exe
AddRemove-{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363} - c:\program files (x86)\Acer GameZone\Mystery Solitaire - Secret Island\Uninstall.exe
AddRemove-{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110} - c:\program files (x86)\Acer GameZone\Dream Day First Home\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\Spyware Terminator\sp_rsser.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
.
**************************************************************************
.
Celkový čas: 2008-11-01 06:06:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2008-11-01 05:06
.
Před spuštěním: Volných bajtů: 175 523 049 472
Po spuštění: Volných bajtů: 172 145 348 608
.
- - End Of File - - BC041D6C8E1E6911840AC1CCA5E9A75F
Poprosim o log z DDS
Log neni cely...
