Zamrzlý notebook

methis · Příspěvekod **methis** » 24 čer 2011 19:01

Už jede v normálním modu- akorát nefunguje scroll touchpadu- ale jinak zatím nezamrznul

Reklama

methis · Příspěvekod **methis** » 24 čer 2011 19:57

Tak pomohl restart a vypadá to víc než dobře. Díky, díky díky

Příspěvekod **jaro3** » 24 čer 2011 20:34

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

DDS::
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu .

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

methis · Příspěvekod **methis** » 24 čer 2011 21:47

ComboFix 11-06-23.03 - MissMys 24.06.2011 20:50:54.6.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2038.1201 [GMT 2:00]
Spuštěný z: c:\users\MissMys\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MissMys\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-24 do 2011-06-24 )))))))))))))))))))))))))))))))
.
.
2011-06-24 19:10 . 2011-06-24 19:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-24 19:10 . 2011-06-24 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-24 11:54 . 2011-06-24 19:10 -------- d-----w- c:\users\MissMys\AppData\Local\temp
2011-06-24 08:20 . 2011-06-24 08:20 -------- d-----w- c:\users\MissMys\AppData\Local\Ahead
2011-06-23 17:32 . 2011-06-23 17:32 -------- d-----w- C:\9802ab276ef2b53332
2011-06-22 06:05 . 2011-06-22 06:05 -------- d-----w- c:\windows\system32\SPReview
2011-06-22 06:04 . 2011-06-22 06:04 -------- d-----w- c:\windows\system32\EventProviders
2011-06-21 08:39 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0203FAF9-0B44-417C-A7A0-935E6A5F4A46}\mpengine.dll
2011-06-21 01:05 . 2011-06-21 01:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-06-19 13:33 . 2011-06-21 01:03 -------- d-----w- c:\program files\Microsoft Works
2011-06-19 13:30 . 2011-06-19 13:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-06-15 14:07 . 2011-06-16 06:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 09:42 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 09:42 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 09:42 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 09:42 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 09:42 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 09:42 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 09:42 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-15 09:42 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 09:42 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 09:40 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:40 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:40 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-10 12:00 . 2011-06-10 12:00 -------- d-----w- c:\program files\Tracker Software
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-05-26 22:07 . 2011-05-26 22:09 -------- d-----w- c:\users\MissMys\AppData\Roaming\vlc
2011-05-26 22:07 . 2011-05-26 22:07 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 18:13 . 2011-01-06 15:36 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-05-29 07:11 . 2011-04-12 14:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-04-12 14:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2010-07-26 11:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_ScreenshotReader.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_FineReader.exe
2011-05-10 12:10 . 2011-04-12 20:04 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-12 20:04 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-12 20:04 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-12 20:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-12 20:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-12 20:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-12 20:04 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-12 20:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-04 20:17 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-04 20:17 . 2011-01-06 15:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-04 20:17 . 2011-01-06 15:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-04 20:17 . 2011-01-06 15:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-22 19:36 . 2011-05-25 06:55 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-16 19:19 . 2011-04-16 19:19 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:13 . 2011-05-11 17:48 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 17:48 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-18 21:13 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-11 2552648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2010-7-26 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-26 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-02 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-04 238960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-04 37592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}\D49775C414E4: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\MissMys\AppData\Roaming\Mozilla\Firefox\Profiles\2cnw3fw9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Zoom Page: zoompage@DW-dev - %profile%\extensions\zoompage@DW-dev
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.arw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.cs1"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djv"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djvu"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.fff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.gif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.j2k"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jp2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpe"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpk"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.kdc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.lbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.mef"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.nrw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pct"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pgm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.pict"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pix"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.ppm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspbrush"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ras"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgba"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rsb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rw2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rwl"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sgi"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.sr2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.thm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]
"japkoliikiidoelbjlbj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,
70,65,63,00,00
"iapkinomklkkhblnko"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
65,63,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(580)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(4792)
c:\windows\system32\guard32.dll
.
Celkový čas: 2011-06-24 21:14:55
ComboFix-quarantined-files.txt 2011-06-24 19:14
ComboFix2.txt 2011-06-24 16:55
ComboFix3.txt 2011-06-24 11:54
ComboFix4.txt 2011-06-24 09:19
ComboFix5.txt 2011-06-24 18:49
.
Před spuštěním: Volných bajtů: 323 490 816 000
Po spuštění: Volných bajtů: 323 442 962 432
.
- - End Of File - - 9C221803446590FA1B90C9C4681BB8E1

Příspěvekod **jaro3** » 24 čer 2011 22:12

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DDS::
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25

RegNull::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]
"japkoliikiidoelbjlbj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,
 70,65,63,00,00
"iapkinomklkkhblnko"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
 65,63,00,00

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90E5CD19-8B06-76EF-018A-B4C1371E6C67}\InProcServer32*]
"japkoliikiidoelbjlbj"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,
 70,65,63,00,00
"iapkinomklkkhblnko"=hex:6a,61,6b,6b,62,6a,6d,68,67,66,68,63,6e,6e,67,63,69,70,
 65,63,00,00

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

methis · Příspěvekod **methis** » 25 čer 2011 00:06

ComboFix 11-06-23.03 - MissMys 24.06.2011 23:23:59.7.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2038.1176 [GMT 2:00]
Spuštěný z: c:\users\MissMys\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MissMys\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-24 do 2011-06-24 )))))))))))))))))))))))))))))))
.
.
2011-06-24 21:48 . 2011-06-24 21:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-24 21:48 . 2011-06-24 21:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-24 11:54 . 2011-06-24 21:50 -------- d-----w- c:\users\MissMys\AppData\Local\temp
2011-06-24 08:20 . 2011-06-24 08:20 -------- d-----w- c:\users\MissMys\AppData\Local\Ahead
2011-06-23 17:32 . 2011-06-23 17:32 -------- d-----w- C:\9802ab276ef2b53332
2011-06-22 06:05 . 2011-06-22 06:05 -------- d-----w- c:\windows\system32\SPReview
2011-06-22 06:04 . 2011-06-22 06:04 -------- d-----w- c:\windows\system32\EventProviders
2011-06-21 08:39 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0203FAF9-0B44-417C-A7A0-935E6A5F4A46}\mpengine.dll
2011-06-21 01:05 . 2011-06-21 01:05 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-06-19 13:33 . 2011-06-21 01:03 -------- d-----w- c:\program files\Microsoft Works
2011-06-19 13:30 . 2011-06-19 13:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-06-15 14:07 . 2011-06-16 06:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-15 09:42 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 09:42 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 09:42 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 09:42 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 09:42 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 09:42 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 09:42 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-15 09:42 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 09:42 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 09:40 . 2011-05-04 02:43 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:40 . 2011-05-04 02:43 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:40 . 2011-05-04 02:43 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-10 12:00 . 2011-06-10 12:00 -------- d-----w- c:\program files\Tracker Software
2011-06-07 10:35 . 2011-06-07 10:35 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-05-26 22:07 . 2011-05-26 22:09 -------- d-----w- c:\users\MissMys\AppData\Roaming\vlc
2011-05-26 22:07 . 2011-05-26 22:07 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 18:13 . 2011-01-06 15:36 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-05-29 07:11 . 2011-04-12 14:15 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2011-04-12 14:15 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 17:14 . 2010-07-26 11:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_ScreenshotReader.exe
2011-05-18 20:07 . 2011-05-18 20:07 65536 ----a-r- c:\users\MissMys\AppData\Roaming\Microsoft\Installer\{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}\ICON_FineReader.exe
2011-05-10 12:10 . 2011-04-12 20:04 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-12 20:04 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-12 20:04 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-12 20:04 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-12 20:04 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-12 20:04 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-12 20:04 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-12 20:04 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-04 20:17 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-04 20:17 . 2011-01-06 15:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-04 20:17 . 2011-01-06 15:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-04 20:17 . 2011-01-06 15:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-22 19:36 . 2011-05-25 06:55 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-16 19:19 . 2011-04-16 19:19 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:13 . 2011-05-11 17:48 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 17:48 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-18 21:13 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-11 2552648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2010-7-26 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-26 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-02 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-04 238960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-04 37592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{8514580E-46BC-42D7-871D-0DE4C4599D69}\D49775C414E4: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\MissMys\AppData\Roaming\Mozilla\Firefox\Profiles\2cnw3fw9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: LogMeInClient@logmein.com - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Zoom Page: zoompage@DW-dev - %profile%\extensions\zoompage@DW-dev
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.032"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.apd"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.arw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bay"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.bw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.cs1"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djv"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.djvu"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.fff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.fpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.gif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.icn"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iff"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ilbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.int"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.inta"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.iw4"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.j2c"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.j2k"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jp2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpe"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.jpg"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpk"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.jpx"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.kdc"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.lbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.mef"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.nrw"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pbr"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pct"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pgm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
"Progid"="ACDSee Pro 3.pict"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pix"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.ppm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.pspbrush"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.ras"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rgba"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.rsb"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rw2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.rwl"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.sgi"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.sr2"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.thm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ZPS130.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xbm"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (S-1-5-21-414971957-2290763319-2668887875-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-414971957-2290763319-2668887875-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 3.xpm"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(580)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(2132)
c:\windows\system32\guard32.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Dell\QuickSet\quickset.exe
.
**************************************************************************
.
Celkový čas: 2011-06-25 00:05:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-24 22:04
ComboFix2.txt 2011-06-24 19:14
ComboFix3.txt 2011-06-24 16:55
ComboFix4.txt 2011-06-24 11:54
ComboFix5.txt 2011-06-24 21:22
.
Před spuštěním: Volných bajtů: 323 488 673 792
Po spuštění: Volných bajtů: 323 443 453 952
.
- - End Of File - - 2155CBFED5359D784DCB9C1F8C35F269

methis · Příspěvekod **methis** » 25 čer 2011 00:11

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:07:47, on 25.6.2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\taskeng.exe
C:\Users\MissMys\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{8514580E-46BC-42D7-871D-0DE4C4599D69}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{0A7EA12F-1FAA-4069-98B8-41B79C34517C}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 5932 bytes

methis · Příspěvekod **methis** » 25 čer 2011 00:13

Jinak ta IPna 156.154.70.25 by měla být nějáký prefervaný DNS Comoda

Příspěvekod **jaro3** » 25 čer 2011 09:28

Aha.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner

http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

methis · Příspěvekod **methis** » 25 čer 2011 10:30

Děkuji mnohokrát

Zamrzlý notebook Vyřešeno

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Re: Zamrzlý notebook

Kdo je online