Prosím o kontrolu logu

Zpráva

geraltt · #1 Příspěvek od **geraltt** » 06 úno 2010 19:15

Dobrý den, nějak se mi z času na čas vypne notebook. Hlavně při konvezi videa. Prosaím o kntrolu logu. Děkuji.

Tady je log (ComboFix):

ComboFix 10-02-05.04 - ingeli 06.02.2010 19:02:10.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3015.1837 [GMT 1:00]
Spuštěný z: c:\users\ingeli\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\MSVCP71.DLL
c:\program files\RelevantKnowledge\MSVCR71.DLL
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\AVSredirect.dll

----- BITS: Možné infikované stránky -----

hxxp://NTSSMS:80
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-06 do 2010-02-06 )))))))))))))))))))))))))))))))
.

2010-02-06 18:07 . 2010-02-06 18:07 -------- d-----w- c:\users\Luzny\AppData\Local\temp
2010-02-06 18:07 . 2010-02-06 18:07 -------- d-----w- c:\users\hofbauer\AppData\Local\temp
2010-02-06 18:07 . 2010-02-06 18:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-06 18:07 . 2010-02-06 18:07 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-01-30 17:59 . 2004-02-22 09:11 719872 ----a-w- c:\windows\system32\devil.dll
2010-01-30 17:59 . 2009-09-27 08:39 369152 ----a-w- c:\windows\system32\avisynth.dll
2010-01-30 17:59 . 2010-01-30 17:59 -------- d-----w- c:\program files\AviSynth 2.5
2010-01-30 17:59 . 2004-01-24 23:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2010-01-30 17:59 . 2004-01-24 23:00 70656 ----a-w- c:\windows\system32\i420vfw.dll
2010-01-30 16:34 . 2010-01-30 16:34 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-01-28 18:17 . 2010-01-28 18:35 -------- d-----w- c:\users\ingeli\AppData\Roaming\PC Suite
2010-01-28 18:17 . 2010-01-28 18:35 -------- d-----w- c:\users\ingeli\AppData\Roaming\Nokia
2010-01-28 18:17 . 2010-01-28 18:35 -------- d-----w- c:\programdata\PC Suite
2010-01-28 18:16 . 2010-01-28 18:16 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-28 18:16 . 2010-01-28 18:16 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-28 18:16 . 2010-01-28 18:17 -------- d-----w- c:\program files\DIFX
2010-01-28 18:16 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-01-28 18:15 . 2010-01-28 18:16 -------- dc----w- c:\windows\system32\DRVSTORE
2010-01-28 18:15 . 2010-01-28 18:15 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-28 18:13 . 2009-10-06 10:52 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-01-28 18:13 . 2010-01-28 18:16 -------- d-----w- c:\program files\Nokia
2010-01-28 18:13 . 2010-01-28 18:11 34701512 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_cze_web.exe
2010-01-28 18:13 . 2010-01-28 18:13 95232 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-28 18:13 . 2010-01-28 18:13 8192 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-28 18:13 . 2010-01-28 18:13 61440 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-28 18:13 . 2010-01-28 18:13 10240 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-28 18:13 . 2010-01-28 18:13 -------- d-----w- c:\programdata\Installations
2010-01-28 11:31 . 2010-01-28 11:31 -------- d-----w- c:\program files\FreeTime
2010-01-25 17:55 . 2010-01-25 17:55 -------- d-----w- c:\users\ingeli\AppData\Roaming\F-Secure
2010-01-25 17:27 . 2010-01-25 17:27 -------- d-----w- c:\users\ingeli\AppData\Roaming\Leawo
2010-01-25 17:27 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2010-01-25 17:03 . 2010-01-25 17:03 -------- d-----w- c:\users\ingeli\AppData\Roaming\AnvSoft
2010-01-16 13:30 . 2009-11-12 12:48 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2010-01-16 07:00 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-16 07:00 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-13 08:02 . 2010-01-27 22:48 -------- d-----w- c:\users\ingeli\AppData\Roaming\Audacity
2010-01-13 08:02 . 2010-01-13 08:02 -------- d-----w- c:\program files\Lame for Audacity
2010-01-13 08:02 . 2010-01-13 08:02 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-06 16:37 . 2009-04-13 23:31 607682 ----a-w- c:\windows\system32\perfh005.dat
2010-02-06 16:37 . 2009-04-13 23:31 118812 ----a-w- c:\windows\system32\perfc005.dat
2010-02-06 16:35 . 2009-09-11 09:47 -------- d-----w- c:\program files\F-Secure
2010-02-05 06:47 . 2009-09-22 10:56 -------- d-----w- c:\users\ingeli\AppData\Roaming\vlc
2010-02-03 19:37 . 2009-08-20 14:59 1076 ----a-w- c:\windows\bthservsdp.dat
2010-02-03 19:37 . 2009-10-06 11:39 -------- d-----w- c:\users\ingeli\AppData\Roaming\Skype
2010-02-03 18:56 . 2009-10-06 11:40 -------- d-----w- c:\users\ingeli\AppData\Roaming\skypePM
2010-01-30 09:44 . 2010-01-30 09:44 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-28 18:35 . 2010-01-28 18:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-16 14:13 . 2009-08-24 16:01 -------- d-----w- c:\programdata\Microsoft Help
2010-01-16 14:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-16 13:31 . 2009-09-11 09:43 -------- d-----w- c:\program files\CDBurnerXP
2010-01-07 10:50 . 2009-11-27 06:13 -------- d-----w- c:\users\ingeli\AppData\Roaming\dvdcss
2010-01-02 06:38 . 2010-01-23 18:15 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 18:15 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-23 18:15 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-23 18:15 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-15 05:38 . 2009-12-15 05:38 -------- d-----w- c:\programdata\WindowsSearch
2009-12-09 13:35 . 2009-12-09 13:35 56000 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\uninstall.exe
2009-12-09 13:35 . 2009-12-09 13:35 156968 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\InstallHelper.exe
2009-12-09 13:35 . 2009-12-09 13:35 300328 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe
2009-12-09 13:35 . 2009-12-09 13:35 234792 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsHostCheckerProxy.exe
2009-12-09 13:35 . 2009-12-09 13:35 65536 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\CertAuthIMC.dll
2009-12-09 13:35 . 2009-12-09 13:35 40448 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\JSystemIMC.dll
2009-12-09 13:28 . 2009-12-18 09:38 85288 ----a-w- c:\windows\system32\drivers\NEOFLTR_650_14951.SYS
2009-12-09 13:10 . 2009-12-18 09:37 548864 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\Microsoft.VC80.CRT\msvcp80.dll
2009-12-09 13:10 . 2009-12-09 13:10 401462 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\msvcp60.dll
2009-11-18 21:48 . 2009-09-09 00:28 882224 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\AVManagerUnified.dll
2009-11-18 21:48 . 2009-09-09 00:28 85552 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\CAntiVirusCOM.dll
2009-11-18 21:48 . 2009-09-09 00:28 35888 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\OPSWATProcessesScanner.dll
2009-11-18 21:48 . 2009-09-09 00:28 33840 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\Impl_AntivirusLib.dll
2009-11-18 21:48 . 2009-09-09 00:28 31280 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\CFireWallCOM.dll
2009-11-18 21:48 . 2009-09-09 00:28 293424 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\OESISCore.dll
2009-11-18 21:48 . 2009-09-09 00:28 18992 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\Impl_SoftwareProductLib.dll
2009-11-18 21:48 . 2009-09-09 00:28 170544 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\FWManager.dll
2009-11-18 21:48 . 2009-09-09 00:28 14384 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\Impl_FirewallLib.dll
2009-11-13 02:14 . 2009-11-13 02:14 50776 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\uninstall.exe
2009-11-13 02:14 . 2009-11-13 02:14 132392 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmf.exe
2009-11-13 02:14 . 2009-11-13 02:14 496936 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
2009-11-13 02:14 . 2009-11-13 02:14 230696 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupDLL.dll
2009-11-13 02:13 . 2009-11-13 02:13 329752 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe
2009-11-13 02:13 . 2009-11-13 02:13 29696 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_de.dll
2009-11-13 02:13 . 2009-11-13 02:13 3072 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_fr.dll
2009-11-13 02:13 . 2009-11-13 02:13 2560 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_es.dll
2009-11-13 02:13 . 2009-11-13 02:13 2560 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_de.dll
2009-11-13 02:13 . 2009-11-13 02:13 2560 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_zh.dll
2009-11-13 02:13 . 2009-11-13 02:13 2560 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_ko.dll
2009-11-13 02:13 . 2009-11-13 02:13 2560 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_ja.dll
2009-11-13 02:13 . 2009-11-13 02:13 2560 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\dsmmfres_zh_cn.dll
2009-11-13 02:13 . 2009-11-13 02:13 23552 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_zh_cn.dll
2009-11-13 02:12 . 2009-11-13 02:12 23552 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_zh.dll
2009-11-13 02:12 . 2009-11-13 02:12 28160 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_en.dll
2009-11-13 02:12 . 2009-11-13 02:12 25088 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_ko.dll
2009-11-13 02:12 . 2009-11-13 02:12 29184 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_fr.dll
2009-11-13 02:12 . 2009-11-13 02:12 28672 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_es.dll
2009-11-13 02:12 . 2009-11-13 02:12 25088 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\setupResource_ja.dll
2009-11-13 02:12 . 2009-11-13 02:12 217800 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupXP.exe
2009-11-13 02:02 . 2009-11-13 02:02 16896 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_JA.dll
2009-11-13 02:00 . 2009-11-13 02:00 18944 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_DE.dll
2009-11-13 02:00 . 2009-11-13 02:00 18432 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_ES.dll
2009-11-13 02:00 . 2009-11-13 02:00 18944 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_FR.dll
2009-11-13 02:00 . 2009-11-13 02:00 16384 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_ZH_CN.dll
2009-11-13 02:00 . 2009-11-13 02:00 16896 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_KO.dll
2009-11-13 02:00 . 2009-11-13 02:00 24576 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_EN.dll
2009-11-13 02:00 . 2009-11-13 02:00 16384 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClientResource_ZH.dll
2009-11-13 02:00 . 2009-11-13 02:00 303104 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsWinClient.dll
2009-11-13 01:59 . 2009-11-13 01:59 290816 ----a-w- c:\users\ingeli\AppData\Roaming\Juniper Networks\Host Checker\dsInstallerClient.dll
2009-11-09 12:31 . 2009-12-18 10:41 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-18 10:41 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-18 10:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2009-04-11 1233920]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-03-09 176128]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-29 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-29 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-29 154136]
"TpShocks"="TpShocks.exe" [2009-02-02 181536]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2008-09-10 182936]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2008-09-10 1182304]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

c:\users\ingeli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
setproxyNB.vbs [2009-10-23 3683]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceStartMenuLogOff"= 1 (0x1)
"MaxRecentDocs"= 8 (0x8)
"NoSimpleStartMenu"= 1 (0x1)
"RecycleBinSize"= 2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1177238915-1229272821-842925246-28160\Scripts\Logon\0\0]
"Script"=driveMapping_v27.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1177238915-1229272821-842925246-5528\Scripts\Logon\0\0]
"Script"=driveMapping_v27.vbs

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1177238915-1229272821-842925246-5623\Scripts\Logon\0\0]
"Script"=driveMapping_v27.vbs

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f7,b9,e3,0b,aa,ba,c9,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1604434036-377866606-3883331986-500]
"EnableNotificationsRef"=dword:00000001

R0 fsbts;fsbts;c:\windows\System32\drivers\fsbts.sys [11.9.2009 10:53 33920]
R0 TPDIGIMN;TPDIGIMN;c:\windows\System32\drivers\ApsHM86.sys [28.1.2009 16:57 20520]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [11.9.2009 10:47 66720]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\System32\drivers\fses.sys [11.9.2009 10:47 35552]
R1 FSFW;F-Secure Firewall Driver;c:\windows\System32\drivers\fsdfw.sys [11.9.2009 10:47 70944]
R1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\Anti-Virus\minifilter\fsvista.sys [11.9.2009 10:47 12384]
R1 NEOFLTR_650_14951;Juniper Networks TDI Filter Driver (NEOFLTR_650_14951);c:\windows\System32\drivers\NEOFLTR_650_14951.SYS [18.12.2009 10:38 85288]
R2 JuniperAccessService;Juniper Unified Network Service;c:\program files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [9.3.2009 20:19 87416]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\System32\drivers\ATSwpWDF.sys [12.9.2009 2:08 482176]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21.1.2008 3:23 179712]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [11.9.2009 10:47 100984]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [11.9.2009 10:47 55904]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [12.9.2009 2:09 4232704]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:24 21504]
S3 GemCCID;GemCCID;c:\windows\System32\drivers\GemCCID.sys [4.4.2008 8:02 87424]
S3 GPR400;Čtecí zařízení čipových karet GEMPLUS GPR400 PCMCIA;c:\windows\System32\drivers\gpr400.sys [21.1.2008 3:23 22528]
S4 ApRunSvc;Alps Application Launcher Service;c:\program files\Apoint2K\ApRunSvc.exe --> c:\program files\Apoint2K\ApRunSvc.exe [?]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [11.9.2009 10:47 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [11.9.2009 10:47 25184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://info.ans.cz/
uInternet Settings,ProxyServer = squid.ans.cz:3128
uInternet Settings,ProxyOverride = *.ans.cz;*.rlp.cz;10.*.*.*;193.0.231.*;qcrldp1.ica.cz;scrldp1.ica.cz;<local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://ssl.rlp.cz/dana-cached/sc/JuniperSetupClient.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-06 19:07
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(4952)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
Celkový čas: 2010-02-06 19:09:43
ComboFix-quarantined-files.txt 2010-02-06 18:09

Před spuštěním: Volných bajtů: 15 539 134 464
Po spuštění: Volných bajtů: 15 490 420 736

- - End Of File - - 817435E27EC29054C0F41DF0F637AC10

#2 Příspěvek od **Rudy** » 06 úno 2010 20:22

Několik položek bylo smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?

geraltt · #3 Příspěvek od **geraltt** » 07 úno 2010 09:00

Děkuji, zatím se nic nestalo. Aso je to již OK. Kdyby něco, tak se ozvu. Ještě jednou dík za kontrolu logu.

D.

#4 Příspěvek od **Rudy** » 07 úno 2010 11:23

Nemáte zač!

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu