problem s internetem

Zpráva

Frazier · #1 Příspěvek od **Frazier** » 09 črc 2012 11:19

Zdravim,

Chtel bych vas pozadat o pomoc s mojim notebookem, na kterem mi najednou prestal jit internet. U ikonky pripojeni k internetu mam budto pouze "identifikace", nebo pokud se pripoji, tak jenom "omezeny pristup". Kontroloval jsem nastaveni pripojeni, IP atd a to by melo byt ok.(stejne jako na jinych PC). Co je nejpodivnejsi, je ze i kdyz pripojim k notebooku kabel primo z routeru, tak je stale ten samy problem. Uz si vazne nevim rady, preinstaloval jsem i ovladace k sitove karte a take zadna zmena. Obnova systemu neni mozna, protoze nemam zadne body obnoveni.

Predem diky

Logfile of random's system information tool 1.09 (written by random/random)
Run by Alena at 2012-07-09 12:07:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 164 GB (85%) free of 192 GB
Total RAM: 1790 MB (69% free)

HijackThis download failed

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-06-16 453104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-06-16 157680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-23 1537320]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-07-15 4081480]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2000-01-01 10996328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\windows\WindowsMobile\wmdcBase.exe [2007-05-31 648072]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-12-05 203776]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\wpdshserviceobj.dll [2010-11-20 105984]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-07-09 12:07:46 ----D---- C:\Program Files\trend micro
2012-07-09 12:07:45 ----D---- C:\rsit
2012-06-19 00:48:01 ----SHD---- C:\$RECYCLE.BIN
2012-06-16 17:58:13 ----A---- C:\windows\ntbtlog.txt
2012-06-16 17:56:24 ----D---- C:\windows\Minidump
2012-06-16 17:36:55 ----RAD---- C:\Autorun.inf
2012-06-16 16:03:18 ----A---- C:\windows\system32\qdvd.dll
2012-06-16 15:51:07 ----D---- C:\windows\system32\RTCOM
2012-06-16 15:49:41 ----A---- C:\windows\system32\WavesLib.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\WavesGUILib.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\tosade.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\tadefxapo2.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\tadefxapo.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\SRSWOW.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\SRSTSXT.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\SRSTSHD.dll
2012-06-16 15:49:41 ----A---- C:\windows\system32\SRSHP360.dll
2012-06-16 15:49:40 ----A---- C:\windows\system32\SFNHK.dll
2012-06-16 15:49:40 ----A---- C:\windows\system32\SFCOM.dll
2012-06-16 15:49:40 ----A---- C:\windows\system32\SFAPO.dll
2012-06-16 15:49:39 ----A---- C:\windows\system32\drivers\RTKVHDA.sys
2012-06-16 15:49:38 ----A---- C:\windows\system32\RtkPgExt.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RtkCoInst.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RtkApoApi.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RtkAPO.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RTEEP32A.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RTEEL32A.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RTEEG32A.dll
2012-06-16 15:49:38 ----A---- C:\windows\system32\RTEED32A.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\RP3DHT32.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\RP3DAA32.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\RCoRes.dat
2012-06-16 15:49:37 ----A---- C:\windows\system32\R4EEP32A.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\R4EEL32A.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\R4EEG32A.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\R4EED32A.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\R4EEA32A.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\MaxxVolumeSDAPO.dll
2012-06-16 15:49:37 ----A---- C:\windows\system32\MaxxAudioRealtek.dll
2012-06-16 15:49:36 ----A---- C:\windows\system32\MaxxAudioEQ.dll
2012-06-16 15:49:36 ----A---- C:\windows\system32\MaxxAudioAPO30.dll
2012-06-16 15:49:36 ----A---- C:\windows\system32\MaxxAudioAPO20.dll
2012-06-16 15:49:36 ----A---- C:\windows\system32\MaxxAudioAPO.dll
2012-06-16 15:49:36 ----A---- C:\windows\system32\KAAPORT.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\FMAPO.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSVoiceClarityDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSU2PREC32.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSU2PLFX32.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSU2PGFX32.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSSymmetryDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSS2SpeakerDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSS2HeadphoneDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSNeoPCDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSLimiterDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSLFXAPO.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSGFXAPONS.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSGFXAPO.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSGainCompensatorDLL.dll
2012-06-16 15:49:34 ----A---- C:\windows\system32\DTSBoostDLL.dll
2012-06-16 15:49:33 ----A---- C:\windows\system32\DTSBassEnhancementDLL.dll
2012-06-16 15:49:33 ----A---- C:\windows\system32\AERTARen.dll
2012-06-16 15:49:33 ----A---- C:\windows\system32\AERTACap.dll
2012-06-16 15:35:26 ----A---- C:\windows\system32\NVCOSMU.DLL
2012-06-16 15:35:26 ----A---- C:\windows\system32\drivers\nvsmu.sys
2012-06-16 15:35:20 ----A---- C:\windows\system32\nvusmu.exe
2012-06-16 15:04:36 ----A---- C:\windows\system32\nvusmb.exe
2012-06-16 15:04:35 ----D---- C:\Drivers
2012-06-16 14:28:38 ----A---- C:\windows\system32\easyupdatusapiu.dll
2012-06-16 14:28:17 ----D---- C:\ProgramData\NVIDIA Corporation
2012-06-16 14:27:32 ----A---- C:\windows\system32\nvhdap32.dll
2012-06-16 14:27:32 ----A---- C:\windows\system32\nvhdagenco3220102.dll
2012-06-16 14:27:32 ----A---- C:\windows\system32\nvapo32v.dll
2012-06-16 14:27:32 ----A---- C:\windows\system32\drivers\nvhda32v.sys
2012-06-16 14:27:31 ----A---- C:\windows\system32\OpenCL.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvwgf2um.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvoglv32.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvgenco32.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvdispco32.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvd3dum.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvcuvid.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvcuvenc.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvcuda.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\nvcompiler.dll
2012-06-16 14:27:31 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2012-06-16 14:23:26 ----D---- C:\Program Files\NVIDIA Corporation
2012-06-16 14:18:57 ----D---- C:\SWTOOLS
2012-06-16 14:13:48 ----A---- C:\windows\system32\javaws.exe
2012-06-16 14:13:33 ----A---- C:\windows\system32\javaw.exe
2012-06-16 14:13:33 ----A---- C:\windows\system32\java.exe
2012-06-16 12:55:48 ----A---- C:\windows\system32\mshtmled.dll
2012-06-16 12:55:48 ----A---- C:\windows\system32\iertutil.dll
2012-06-16 12:55:46 ----A---- C:\windows\system32\jsproxy.dll
2012-06-16 12:55:46 ----A---- C:\windows\system32\ieUnatt.exe
2012-06-16 12:55:46 ----A---- C:\windows\system32\ieui.dll
2012-06-16 12:55:45 ----A---- C:\windows\system32\wininet.dll
2012-06-16 12:55:44 ----A---- C:\windows\system32\jscript.dll
2012-06-16 12:55:43 ----A---- C:\windows\system32\url.dll
2012-06-16 12:55:43 ----A---- C:\windows\system32\jscript9.dll
2012-06-16 12:55:42 ----A---- C:\windows\system32\urlmon.dll
2012-06-16 12:55:38 ----A---- C:\windows\system32\mshtml.dll
2012-06-16 12:55:37 ----A---- C:\windows\system32\ieframe.dll
2012-06-16 12:43:45 ----A---- C:\windows\system32\FlashPlayerApp.exe
2012-06-16 12:37:08 ----A---- C:\windows\system32\drivers\SWDUMon.sys
2012-06-13 20:44:42 ----A---- C:\windows\system32\drivers\rdpwd.sys
2012-06-13 20:44:40 ----A---- C:\windows\system32\msi.dll
2012-06-13 20:44:38 ----A---- C:\windows\system32\win32k.sys
2012-06-13 20:44:36 ----A---- C:\windows\system32\rdrmemptylst.exe
2012-06-13 20:44:36 ----A---- C:\windows\system32\rdpwsx.dll
2012-06-13 20:44:36 ----A---- C:\windows\system32\rdpcorekmts.dll
2012-06-13 20:44:35 ----A---- C:\windows\system32\profsvc.dll
2012-06-13 20:44:27 ----A---- C:\windows\system32\cryptsvc.dll
2012-06-13 20:44:27 ----A---- C:\windows\system32\crypt32.dll
2012-06-13 20:44:26 ----A---- C:\windows\system32\cryptnet.dll

======List of files/folders modified in the last 1 month======

2012-07-09 12:07:47 ----D---- C:\windows\temp
2012-07-09 12:07:46 ----D---- C:\Program Files
2012-07-09 12:07:05 ----D---- C:\windows\Prefetch
2012-07-08 21:01:43 ----D---- C:\windows\System32
2012-07-08 21:01:43 ----D---- C:\windows\inf
2012-07-08 21:01:43 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-06-22 14:42:25 ----D---- C:\windows\system32\drivers\etc
2012-06-22 14:25:36 ----D---- C:\windows\system32\config
2012-06-22 14:23:39 ----D---- C:\Windows
2012-06-22 14:15:27 ----A---- C:\AtmApInit.txt
2012-06-22 14:08:08 ----D---- C:\windows\system32\drivers
2012-06-21 19:23:07 ----D---- C:\windows\system32\NDF
2012-06-19 22:17:45 ----SHD---- C:\System Volume Information
2012-06-19 16:30:58 ----SHD---- C:\windows\Installer
2012-06-19 01:29:53 ----D---- C:\windows\rescache
2012-06-19 01:02:04 ----D---- C:\windows\system32\catroot
2012-06-19 00:43:16 ----A---- C:\windows\system.ini
2012-06-19 00:33:36 ----D---- C:\windows\AppPatch
2012-06-19 00:33:32 ----D---- C:\Program Files\Common Files
2012-06-16 18:00:18 ----D---- C:\windows\system32\catroot2
2012-06-16 17:48:44 ----D---- C:\windows\Logs
2012-06-16 17:48:44 ----D---- C:\windows\debug
2012-06-16 17:30:12 ----D---- C:\windows\system32\Tasks
2012-06-16 17:30:06 ----D---- C:\windows\Tasks
2012-06-16 16:38:43 ----D---- C:\windows\Microsoft.NET
2012-06-16 16:37:20 ----RSD---- C:\windows\assembly
2012-06-16 16:24:21 ----D---- C:\Users\Alena\AppData\Roaming\Skype
2012-06-16 16:22:35 ----D---- C:\ProgramData\Skype
2012-06-16 16:22:29 ----RD---- C:\Program Files\Skype
2012-06-16 16:06:49 ----D---- C:\windows\winsxs
2012-06-16 16:06:21 ----D---- C:\windows\system32\cs-CZ
2012-06-16 16:06:19 ----D---- C:\Program Files\Internet Explorer
2012-06-16 15:50:55 ----D---- C:\windows\system32\DriverStore
2012-06-16 15:49:31 ----D---- C:\Program Files\InstallShield Installation Information
2012-06-16 15:40:08 ----D---- C:\ProgramData\NVIDIA
2012-06-16 14:28:17 ----D---- C:\ProgramData
2012-06-16 14:13:20 ----A---- C:\windows\system32\npdeployJava1.dll
2012-06-16 14:13:20 ----A---- C:\windows\system32\deployJava1.dll
2012-06-16 13:49:10 ----A---- C:\windows\win.ini
2012-06-16 13:39:53 ----D---- C:\Program Files\WinRAR
2012-06-16 13:38:50 ----D---- C:\windows\system32\migration
2012-06-16 13:13:06 ----D---- C:\windows\WindowsMobile
2012-06-16 13:04:34 ----A---- C:\windows\system32\MRT.exe
2012-06-16 12:57:49 ----D---- C:\Program Files\Microsoft Office
2012-06-16 12:43:18 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-06-30 2505720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2000-01-01 3665704]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2000-01-01 139880]
R3 nvsmu;nvsmu; C:\windows\system32\DRIVERS\nvsmu.sys [2000-01-01 17920]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-23 212912]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2009-07-29 1182320]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SWDUMon;SWDUMon; C:\windows\system32\DRIVERS\SWDUMon.sys [2012-06-16 11232]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2000-01-01 1136448]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-30 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 09 črc 2012 17:31

Zdravím!
Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Frazier · #3 Příspěvek od **Frazier** » 09 črc 2012 20:08

ComboFix 12-07-08.02 - Alena 09.07.2012 20:03:08.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1790.1146 [GMT 2:00]
Spuštěný z: c:\users\Alena\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-09 do 2012-07-09 )))))))))))))))))))))))))))))))
.
.
2012-07-09 18:17 . 2012-07-09 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-09 10:16 . 2012-07-09 10:16 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABCB6BDF-F68D-4040-9885-7E0641FB4418}\offreg.dll
2012-07-09 10:07 . 2012-07-09 10:07 -------- d-----w- C:\rsit
2012-06-16 14:03 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-06-16 13:51 . 2012-06-16 13:51 -------- d-----w- c:\windows\system32\RTCOM
2012-06-16 13:35 . 2000-01-01 00:00 17920 ----a-w- c:\windows\system32\drivers\nvsmu.sys
2012-06-16 13:35 . 2000-01-01 00:00 151552 ----a-w- c:\windows\system32\NVCOSMU.DLL
2012-06-16 13:35 . 2000-01-01 00:00 485920 ----a-w- c:\windows\system32\nvusmu.exe
2012-06-16 13:04 . 2008-08-20 09:35 453152 ----a-w- c:\windows\system32\nvusmb.exe
2012-06-16 13:04 . 2012-06-16 13:04 -------- d-----w- C:\Drivers
2012-06-16 12:28 . 2000-01-01 00:00 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-06-16 12:28 . 2012-06-16 12:28 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-06-16 12:23 . 2012-06-16 12:28 -------- d-----w- c:\program files\NVIDIA Corporation
2012-06-16 12:18 . 2012-06-16 12:18 -------- d-----w- C:\SWTOOLS
2012-06-16 10:43 . 2012-06-16 10:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-16 10:37 . 2012-06-16 15:25 11232 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-06-16 10:37 . 2012-06-16 10:37 -------- d-----w- c:\users\Alena\AppData\Local\SlimWare Utilities Inc
2012-06-16 08:33 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABCB6BDF-F68D-4040-9885-7E0641FB4418}\mpengine.dll
2012-06-13 18:44 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 18:44 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 18:44 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 18:44 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 18:44 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 18:44 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 18:44 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 18:44 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 18:44 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 18:44 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-16 12:13 . 2012-04-23 13:22 772592 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 12:13 . 2012-04-23 13:22 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-16 10:43 . 2011-11-24 19:49 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-23 1537320]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-07-15 4081480]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-11 19:21]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-11 19:21]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2752)
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
c:\program files\Lenovo\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\conhost.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-07-09 20:27:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-09 18:26
.
Před spuštěním: Volných bajtů: 171 607 957 504
Po spuštění: Volných bajtů: 171 476 983 808
.
- - End Of File - - CF90672EC14F1F4A7E9C4D3755F0EFB5

#4 Příspěvek od **Rudy** » 09 črc 2012 21:14

Otevřte poznámkový blok a zkopírujte do něj:

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Frazier · #5 Příspěvek od **Frazier** » 10 črc 2012 11:11

ComboFix 12-07-08.02 - Alena 09.07.2012 23:49:01.6.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1790.988 [GMT 2:00]
Spuštěný z: c:\users\Alena\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Alena\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-09 do 2012-07-09 )))))))))))))))))))))))))))))))
.
.
2012-07-09 22:04 . 2012-07-09 22:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-09 22:04 . 2012-07-09 22:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-09 10:16 . 2012-07-09 10:16 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABCB6BDF-F68D-4040-9885-7E0641FB4418}\offreg.dll
2012-07-09 10:07 . 2012-07-09 10:07 -------- d-----w- C:\rsit
2012-06-16 14:03 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-06-16 13:51 . 2012-06-16 13:51 -------- d-----w- c:\windows\system32\RTCOM
2012-06-16 13:35 . 2000-01-01 00:00 17920 ----a-w- c:\windows\system32\drivers\nvsmu.sys
2012-06-16 13:35 . 2000-01-01 00:00 151552 ----a-w- c:\windows\system32\NVCOSMU.DLL
2012-06-16 13:35 . 2000-01-01 00:00 485920 ----a-w- c:\windows\system32\nvusmu.exe
2012-06-16 13:04 . 2008-08-20 09:35 453152 ----a-w- c:\windows\system32\nvusmb.exe
2012-06-16 13:04 . 2012-06-16 13:04 -------- d-----w- C:\Drivers
2012-06-16 12:28 . 2000-01-01 00:00 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-06-16 12:28 . 2012-06-16 12:28 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-06-16 12:23 . 2012-06-16 12:28 -------- d-----w- c:\program files\NVIDIA Corporation
2012-06-16 12:18 . 2012-06-16 12:18 -------- d-----w- C:\SWTOOLS
2012-06-16 10:43 . 2012-06-16 10:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-16 10:37 . 2012-06-16 15:25 11232 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-06-16 10:37 . 2012-06-16 10:37 -------- d-----w- c:\users\Alena\AppData\Local\SlimWare Utilities Inc
2012-06-16 08:33 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABCB6BDF-F68D-4040-9885-7E0641FB4418}\mpengine.dll
2012-06-13 18:44 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 18:44 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 18:44 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 18:44 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 18:44 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 18:44 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 18:44 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 18:44 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 18:44 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 18:44 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-16 12:13 . 2012-04-23 13:22 772592 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 12:13 . 2012-04-23 13:22 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-16 10:43 . 2011-11-24 19:49 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-23 1537320]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-07-15 4081480]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe
.
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-11 19:21]
.
2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-11 19:21]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1316)
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
.
Celkový čas: 2012-07-10 00:10:57
ComboFix-quarantined-files.txt 2012-07-09 22:10
ComboFix2.txt 2012-07-09 18:27
.
Před spuštěním: Volných bajtů: 171 505 680 384
Po spuštění: Volných bajtů: 171 090 010 112
.
- - End Of File - - 0E7F332E81ED171E419CD444D7565C77

#6 Příspěvek od **Rudy** » 10 črc 2012 19:06

Smazáno. Nastala nějaká změna?

Frazier · #7 Příspěvek od **Frazier** » 10 črc 2012 19:26

Ano, internet uz funguje, DIKY MOC

Muzu se zeptat v cem to bylo? Zamknute klice v registru ovlivnovaly pripojeni?

EDIT: Pouzil jsem USBFix pred chvili, protoze jsem mel podezreni ze moje flashka byla infikovana, a tohle mi to vyhodilo. Je to ok?

############################## | UsbFix 7.059 | [Deletion]

User: Alena (Administrator) # ALENA-PC [LENOVO 20021,2959]
Updated 16/09/2011 by El Desaparecido
Started at 18:48:42 | 10/07/2012
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
CPU 2: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Windows Firewall: Enabled
RAM -> 1790 Mb
C:\ (%systemdrive%) -> Fixed drive # 188 Gb (158 Mb free - 84%) [] # NTFS
D:\ -> Fixed drive # 30 Gb (22 Mb free - 72%) [LENOVO] # NTFS

################## | Files # Infected Folders |

Deleted ! C:\Users\Public\NTUSER.DAT{c6438acb-f918-11de-b776-0c6076ae2f09}.TM.blf
Deleted ! C:\Users\Public\NTUSER.DAT{c6438acb-f918-11de-b776-0c6076ae2f09}.TMContainer00000000000000000001.regtrans-ms
Deleted ! C:\Users\Public\NTUSER.DAT{c6438acb-f918-11de-b776-0c6076ae2f09}.TMContainer00000000000000000002.regtrans-ms
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-638124634-1217744442-1932597102-1003
Deleted ! D:\$RECYCLE.BIN\S-1-5-21-638124634-1217744442-1932597102-1003

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

################## | Listing |

[10/07/2012 - 18:49:52 | SHD ] C:\$RECYCLE.BIN
[20/12/2011 - 22:46:00 | D ] C:\0d2218a7753e9cabac07f8883d33
[28/04/2011 - 07:12:18 | D ] C:\0f8f7b6655d1e514007c726852b19184
[18/07/2011 - 19:29:21 | D ] C:\13495e496498591c557c40fe
[20/01/2011 - 09:43:45 | D ] C:\267087505ede903748bd45eb68b36c
[20/01/2012 - 20:40:19 | D ] C:\26a483c8e54344c1ac5f21f495c719
[27/05/2012 - 17:49:01 | D ] C:\3327ec58aba4c25efc55093c
[07/04/2011 - 06:26:46 | D ] C:\69ebe66d3fb2ee635fa6
[10/07/2012 - 13:00:52 | N | 89] C:\AtmApInit.txt
[16/06/2012 - 17:36:55 | RAD ] C:\Autorun.inf
[12/11/2009 - 17:55:34 | N | 173] C:\Camera.log
[10/07/2012 - 00:10:58 | N | 7616] C:\ComboFix.txt
[10/06/2009 - 23:42:20 | N | 10] C:\config.sys
[14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings
[16/06/2012 - 15:04:36 | D ] C:\Drivers
[12/11/2009 - 18:24:17 | D ] C:\dvmexp
[16/06/2012 - 17:23:50 | N | 177] C:\dvmexp.idx
[10/01/2010 - 21:41:59 | N | 184413] C:\FaceProv.log
[10/07/2012 - 13:00:19 | ASH | 1407995904] C:\hiberfil.sys
[13/12/2009 - 21:06:48 | RD ] C:\MSOCache
[10/07/2012 - 13:00:21 | ASH | 1877327872] C:\pagefile.sys
[14/07/2009 - 04:37:05 | D ] C:\PerfLogs
[10/07/2012 - 13:03:58 | D ] C:\Program Files
[10/07/2012 - 12:38:45 | D ] C:\ProgramData
[10/07/2012 - 00:11:03 | D ] C:\Qoobox
[11/12/2009 - 23:41:56 | D ] C:\Recovery
[12/11/2009 - 17:46:30 | N | 1948] C:\RHDSetup.log
[09/07/2012 - 12:07:54 | D ] C:\rsit
[12/11/2009 - 18:21:33 | N | 64] C:\splash.idx
[16/06/2012 - 14:18:57 | D ] C:\SWTOOLS
[10/07/2012 - 13:08:55 | SHD ] C:\System Volume Information
[10/07/2012 - 18:49:52 | D ] C:\UsbFix
[10/07/2012 - 18:48:46 | A | 3294] C:\UsbFix.txt
[11/12/2009 - 23:42:11 | D ] C:\Users
[26/08/2009 - 17:09:34 | N | 16592] C:\version
[10/07/2012 - 13:01:43 | D ] C:\Windows
[10/07/2012 - 18:49:52 | D ] D:\$RECYCLE.BIN
[16/06/2012 - 17:36:55 | RAD ] D:\Autorun.inf
[12/11/2009 - 18:23:55 | D ] D:\drivers
[23/04/2012 - 15:21:27 | D ] D:\Himym
[24/12/2009 - 21:36:28 | D ] D:\Lenovo
[13/11/2009 - 00:25:53 | SHD ] D:\System Volume Information

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_ALENA-PC.zip
http://eldesaparecido.com/support.php
Thank you for your contribution.

################## | E.O.F |

#8 Příspěvek od **Rudy** » 10 črc 2012 20:00

Co bylo infikováno, USBFix smazal. Nyní by flashdisk měl být bez virů.

Frazier · #9 Příspěvek od **Frazier** » 10 črc 2012 20:41

OK, toto je vypis z notebooku, ale udelal jsem USBfix i na mem PC a tam mi to taky smazalo nejakej polozky a znervoznuje mne to, ze i po vymazani, jsem ho udelal znovu a znovu to smazalo dalsi soubory, jako by se obnovovaly...

############################## | UsbFix 7.059 | [Deletion]

User: Fraz (Administrator) # FRAZ-PC [Gigabyte Technology Co., Ltd. P67X-UD3-B3]
Updated 16/09/2011 by El Desaparecido
Started at 18:40:49 | 10/07/2012
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
CPU 2: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) # Service Pack 1
Internet Explorer 9.0.8112.16421

Windows Firewall: Disabled /!\
RAM -> 8175 Mb
C:\ (%systemdrive%) -> Fixed drive # 119 Gb (44 Mb free - 37%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 466 Gb (326 Mb free - 70%) [] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM

################## | Files # Infected Folders |

Deleted ! C:\$RECYCLE.BIN\S-1-5-21-4075273983-492309484-3061456395-1000
Deleted ! E:\$RECYCLE.BIN\S-1-5-21-4075273983-492309484-3061456395-1000
Not deleted ! F:\Autorun.inf
Not deleted ! F:\autorun.exe

(!) Temporary files deleted.

################## | Registry |

################## | Mountpoints2 |

################## | Listing |

[10/07/2012 - 18:41:39 | SHD ] C:\$RECYCLE.BIN
[10/07/2012 - 12:40:10 | RASHD ] C:\Autorun.inf
[09/06/2012 - 13:40:11 | N | 180] C:\csb.log
[14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings
[10/07/2012 - 18:31:53 | ASH | 6429171712] C:\hiberfil.sys
[09/06/2012 - 13:40:11 | N | 206] C:\Install.log
[24/12/2011 - 22:57:43 | D ] C:\Intel
[26/12/2011 - 11:59:08 | RD ] C:\MSOCache
[24/12/2011 - 23:12:35 | D ] C:\NVIDIA
[10/07/2012 - 18:31:54 | ASH | 8572231680] C:\pagefile.sys
[14/07/2009 - 05:20:08 | D ] C:\PerfLogs
[15/06/2012 - 00:35:26 | D ] C:\Program Files
[10/07/2012 - 13:32:15 | D ] C:\Program Files (x86)
[10/07/2012 - 13:51:14 | D ] C:\ProgramData
[09/06/2012 - 13:40:11 | N | 3383] C:\RHDSetup.log
[10/07/2012 - 13:49:42 | SHD ] C:\System Volume Information
[10/07/2012 - 18:42:09 | D ] C:\UsbFix
[10/07/2012 - 18:40:51 | A | 2037] C:\UsbFix.txt
[10/07/2012 - 12:40:12 | N | 786052] C:\UsbFix_Upload_Me_FRAZ-PC.zip
[02/05/2012 - 16:22:48 | N | 1491] C:\user.js
[08/06/2012 - 18:22:39 | D ] C:\Users
[10/07/2012 - 13:32:15 | D ] C:\Windows
[10/07/2012 - 18:41:39 | SHD ] E:\$RECYCLE.BIN
[10/07/2012 - 12:40:10 | RASHD ] E:\Autorun.inf
[16/06/2012 - 11:48:14 | D ] E:\Movies
[09/05/2012 - 01:19:07 | D ] E:\Music
[09/06/2012 - 11:19:30 | D ] E:\Photos
[15/06/2012 - 14:34:12 | D ] E:\Pictures
[02/06/2012 - 12:29:43 | D ] E:\Series
[15/01/2012 - 00:55:22 | SHD ] E:\System Volume Information
[08/07/2012 - 13:11:47 | D ] E:\WoW
[15/06/2012 - 20:27:33 | D ] E:\XXX
[15/11/2008 - 11:45:09 | RAD ] F:\GTAIV
[15/11/2008 - 11:45:19 | RAD ] F:\RGSC
[15/11/2008 - 11:52:50 | RA | 161088] F:\Autorun.exe
[11/10/2008 - 19:03:48 | RA | 54] F:\Autorun.inf

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

EDIT: pri predchozim USBfixu to smazalo nejake registry a opet C:,E: recycle ... log se ovsem prepsal, coz jsem netusil, takze nemohu ten predchozi uploadnout ... mel bych se dal znervoznovat?

#10 Příspěvek od **Rudy** » 10 črc 2012 20:50

Toto bylo smazáno (při druhém skenu):

Deleted ! C:\$RECYCLE.BIN\S-1-5-21-4075273983-492309484-3061456395-1000
Deleted ! E:\$RECYCLE.BIN\S-1-5-21-4075273983-492309484-3061456395-1000

což je obsah koše. Zbývající soubory:

Not deleted ! F:\Autorun.inf
Not deleted ! F:\autorun.exe

otestujte online na www.virustotal.com .

Frazier · #11 Příspěvek od **Frazier** » 10 črc 2012 20:54

Soubory byly ciste, vse by uz melo byt ok,

Diky moc za pomoc, preji hezky vecer

#12 Příspěvek od **Rudy** » 10 črc 2012 20:59

OK a nemáte zač!

VIRY.CZ

problem s internetem

problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem

Re: problem s internetem