Dobrý den,
prosím o kontrolu logu. Na netbooku (Acer Aspire One D257) mi nešel vůbec spustit internet explorer a později už mi i wi-fi hlásila, že je nefunkční. Též se mi nechce spustit Windows Firewall a hlásí mi to nefunkčnost "System event notification service". Mám Windows 7.
Zde je log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Esklap at 2012-07-17 16:18:26
WIN_7 Service Pack 1
System drive C: has 81 GB (79%) free of 102 GB
Total RAM: 2036 MB (61% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-09-12 1237240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - F:\Java\bin\ssv.dll [2012-04-23 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - F:\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Java\bin\jp2ssv.dll [2012-04-23 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-09-12 1237240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=F:\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-11-02 1210640]
"SpywareTerminator"=F:\Spyware Terminator\SpywareTerminatorShield.exe [2011-09-28 2216960]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-25 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-25 150552]
"KiesTrayAgent"=F:\Samsung\Kies\KiesTrayAgent.exe [2011-12-27 3508624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"SafeQ Client"=C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"avgnt"=F:\Avira\AntiVir Desktop\avgnt.exe [2012-05-02 348624]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-03-27 2786480]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-03-27 3669680]
"TkBellExe"=F:\RealPlayer\Update\realsched.exe [2012-06-10 296056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=F:\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-22 3318784]
"KiesHelper"=F:\Samsung\Kies\KiesHelper.exe [2011-12-27 937360]
"KiesPDLR"=F:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-12-27 21392]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
C:\Users\Esklap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - F:\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-25 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-17 16:18:26 ----D---- C:\rsit
2012-07-17 16:18:26 ----D---- C:\Program Files\trend micro
2012-07-12 18:09:18 ----D---- C:\Users\Esklap\AppData\Roaming\OmegaT
2012-07-12 09:02:23 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-12 09:02:21 ----A---- C:\Windows\system32\iertutil.dll
2012-07-12 09:02:20 ----A---- C:\Windows\system32\ieui.dll
2012-07-12 09:02:18 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-12 09:02:18 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-12 09:02:17 ----A---- C:\Windows\system32\wininet.dll
2012-07-12 09:02:16 ----A---- C:\Windows\system32\jscript.dll
2012-07-12 09:02:15 ----A---- C:\Windows\system32\jscript9.dll
2012-07-12 09:02:14 ----A---- C:\Windows\system32\url.dll
2012-07-12 09:02:11 ----A---- C:\Windows\system32\urlmon.dll
2012-07-12 09:02:07 ----A---- C:\Windows\system32\mshtml.dll
2012-07-12 09:02:04 ----A---- C:\Windows\system32\ieframe.dll
2012-07-12 08:53:57 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 19:15:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 19:15:16 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 19:15:15 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 19:15:15 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 19:15:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 19:15:11 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 19:15:10 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 19:15:10 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 19:15:06 ----A---- C:\Windows\system32\cdosys.dll
2012-07-11 19:14:50 ----A---- C:\Windows\system32\shell32.dll
2012-07-07 23:21:23 ----A---- C:\Windows\system32\browserchoice.exe
2012-06-22 09:43:27 ----A---- C:\Windows\system32\wups2.dll
2012-06-22 09:43:26 ----A---- C:\Windows\system32\wucltux.dll
2012-06-22 09:43:26 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-22 09:43:25 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wups.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wudriver.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wuapi.dll
2012-06-22 09:42:34 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-22 09:42:33 ----A---- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2012-07-17 16:18:26 ----RD---- C:\Program Files
2012-07-17 16:18:24 ----D---- C:\Windows\Temp
2012-07-17 15:51:49 ----D---- C:\Windows\System32
2012-07-17 15:51:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-17 15:51:48 ----D---- C:\Windows\inf
2012-07-17 15:21:57 ----D---- C:\ProgramData\Spyware Terminator
2012-07-17 07:53:47 ----SHD---- C:\System Volume Information
2012-07-17 07:52:01 ----D---- C:\Windows\system32\config
2012-07-14 14:20:32 ----D---- C:\Users\Esklap\AppData\Roaming\Skype
2012-07-14 09:12:06 ----D---- C:\Users\Esklap\AppData\Roaming\Spyware Terminator
2012-07-13 14:21:05 ----D---- C:\Windows\winsxs
2012-07-13 14:18:14 ----D---- C:\Windows\system32\migration
2012-07-13 14:18:14 ----D---- C:\Program Files\Internet Explorer
2012-07-13 14:18:11 ----D---- C:\Windows\system32\drivers
2012-07-12 18:09:14 ----D---- C:\Windows\Prefetch
2012-07-12 09:02:57 ----D---- C:\Windows\system32\catroot
2012-07-12 09:02:56 ----D---- C:\Windows\system32\catroot2
2012-07-12 09:00:51 ----SHD---- C:\Windows\Installer
2012-07-12 09:00:43 ----D---- C:\ProgramData\Microsoft Help
2012-07-12 08:55:17 ----A---- C:\Windows\system32\MRT.exe
2012-07-03 15:18:50 ----D---- C:\Windows\system32\Tasks
2012-07-03 15:18:31 ----D---- C:\Windows\Tasks
2012-07-03 15:18:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-02 10:54:36 ----SD---- C:\Users\Esklap\AppData\Roaming\Microsoft
2012-06-28 14:44:02 ----D---- C:\Windows\rescache
2012-06-26 23:06:37 ----D---- C:\Windows\system32\en-US
2012-06-26 11:43:06 ----D---- C:\Program Files\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-04-27 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-09-28 142592]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-04-25 83392]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-11-09 7430144]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Realtime Protection; F:\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]
R2 AntiVirSchedulerService;Avira Scheduler; F:\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; F:\Intel\WiFi\bin\EvtEng.exe [2010-11-02 936208]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-11-02 477456]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; F:\Spyware Terminator\sp_rsser.exe [2011-09-28 496128]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-03-27 482992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; F:\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; F:\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; F:\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 227600]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-02 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - netbook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - netbook
Stáhněte OTM a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC. Dejte nový log RSIT.:files
C:\PROGRA~1\Crawler
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
:commnads
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - netbook
Zde je nový log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Esklap at 2012-07-18 21:03:11
WIN_7 Service Pack 1
System drive C: has 81 GB (79%) free of 102 GB
Total RAM: 2036 MB (58% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - F:\Java\bin\ssv.dll [2012-04-23 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - F:\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Java\bin\jp2ssv.dll [2012-04-23 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=F:\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-11-02 1210640]
"SpywareTerminator"=F:\Spyware Terminator\SpywareTerminatorShield.exe [2011-09-28 2216960]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-25 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-25 150552]
"KiesTrayAgent"=F:\Samsung\Kies\KiesTrayAgent.exe [2011-12-27 3508624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"SafeQ Client"=C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"avgnt"=F:\Avira\AntiVir Desktop\avgnt.exe [2012-05-02 348624]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-03-27 2786480]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-03-27 3669680]
"TkBellExe"=F:\RealPlayer\Update\realsched.exe [2012-06-10 296056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=F:\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-22 3318784]
"KiesHelper"=F:\Samsung\Kies\KiesHelper.exe [2011-12-27 937360]
"KiesPDLR"=F:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-12-27 21392]
C:\Users\Esklap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - F:\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-25 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-18 20:52:34 ----D---- C:\_OTM
2012-07-17 16:18:26 ----D---- C:\rsit
2012-07-17 16:18:26 ----D---- C:\Program Files\trend micro
2012-07-12 18:09:18 ----D---- C:\Users\Esklap\AppData\Roaming\OmegaT
2012-07-12 09:02:23 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-12 09:02:21 ----A---- C:\Windows\system32\iertutil.dll
2012-07-12 09:02:20 ----A---- C:\Windows\system32\ieui.dll
2012-07-12 09:02:18 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-12 09:02:18 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-12 09:02:17 ----A---- C:\Windows\system32\wininet.dll
2012-07-12 09:02:16 ----A---- C:\Windows\system32\jscript.dll
2012-07-12 09:02:15 ----A---- C:\Windows\system32\jscript9.dll
2012-07-12 09:02:14 ----A---- C:\Windows\system32\url.dll
2012-07-12 09:02:11 ----A---- C:\Windows\system32\urlmon.dll
2012-07-12 09:02:07 ----A---- C:\Windows\system32\mshtml.dll
2012-07-12 09:02:04 ----A---- C:\Windows\system32\ieframe.dll
2012-07-12 08:53:57 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 19:15:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 19:15:16 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 19:15:15 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 19:15:15 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 19:15:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 19:15:11 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 19:15:10 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 19:15:10 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 19:15:06 ----A---- C:\Windows\system32\cdosys.dll
2012-07-11 19:14:50 ----A---- C:\Windows\system32\shell32.dll
2012-07-07 23:21:23 ----A---- C:\Windows\system32\browserchoice.exe
2012-06-22 09:43:27 ----A---- C:\Windows\system32\wups2.dll
2012-06-22 09:43:26 ----A---- C:\Windows\system32\wucltux.dll
2012-06-22 09:43:26 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-22 09:43:25 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wups.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wudriver.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wuapi.dll
2012-06-22 09:42:34 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-22 09:42:33 ----A---- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2012-07-18 21:02:07 ----D---- C:\Windows\Temp
2012-07-18 20:52:58 ----D---- C:\Windows\System32
2012-07-18 20:52:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-18 20:52:57 ----D---- C:\Windows\inf
2012-07-18 20:52:38 ----RD---- C:\Program Files
2012-07-18 20:50:16 ----D---- C:\Users\Esklap\AppData\Roaming\Spyware Terminator
2012-07-17 15:21:57 ----D---- C:\ProgramData\Spyware Terminator
2012-07-17 07:53:47 ----SHD---- C:\System Volume Information
2012-07-17 07:52:01 ----D---- C:\Windows\system32\config
2012-07-14 14:20:32 ----D---- C:\Users\Esklap\AppData\Roaming\Skype
2012-07-13 14:21:05 ----D---- C:\Windows\winsxs
2012-07-13 14:18:14 ----D---- C:\Windows\system32\migration
2012-07-13 14:18:14 ----D---- C:\Program Files\Internet Explorer
2012-07-13 14:18:11 ----D---- C:\Windows\system32\drivers
2012-07-12 18:09:14 ----D---- C:\Windows\Prefetch
2012-07-12 09:02:57 ----D---- C:\Windows\system32\catroot
2012-07-12 09:02:56 ----D---- C:\Windows\system32\catroot2
2012-07-12 09:00:51 ----SHD---- C:\Windows\Installer
2012-07-12 09:00:43 ----D---- C:\ProgramData\Microsoft Help
2012-07-12 08:55:17 ----A---- C:\Windows\system32\MRT.exe
2012-07-03 15:18:50 ----D---- C:\Windows\system32\Tasks
2012-07-03 15:18:31 ----D---- C:\Windows\Tasks
2012-07-03 15:18:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-02 10:54:36 ----SD---- C:\Users\Esklap\AppData\Roaming\Microsoft
2012-06-28 14:44:02 ----D---- C:\Windows\rescache
2012-06-26 23:06:37 ----D---- C:\Windows\system32\en-US
2012-06-26 11:43:06 ----D---- C:\Program Files\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-04-27 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-09-28 142592]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-04-25 83392]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-11-09 7430144]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Realtime Protection; F:\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]
R2 AntiVirSchedulerService;Avira Scheduler; F:\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; F:\Intel\WiFi\bin\EvtEng.exe [2010-11-02 936208]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-11-02 477456]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; F:\Spyware Terminator\sp_rsser.exe [2011-09-28 496128]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-03-27 482992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; F:\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; F:\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; F:\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 227600]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-02 1343400]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Esklap at 2012-07-18 21:03:11
WIN_7 Service Pack 1
System drive C: has 81 GB (79%) free of 102 GB
Total RAM: 2036 MB (58% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - F:\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - F:\Java\bin\ssv.dll [2012-04-23 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - F:\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Java\bin\jp2ssv.dll [2012-04-23 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=F:\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-11-02 1210640]
"SpywareTerminator"=F:\Spyware Terminator\SpywareTerminatorShield.exe [2011-09-28 2216960]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-25 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-25 150552]
"KiesTrayAgent"=F:\Samsung\Kies\KiesTrayAgent.exe [2011-12-27 3508624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"SafeQ Client"=C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"avgnt"=F:\Avira\AntiVir Desktop\avgnt.exe [2012-05-02 348624]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-03-27 2786480]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-03-27 3669680]
"TkBellExe"=F:\RealPlayer\Update\realsched.exe [2012-06-10 296056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=F:\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-22 3318784]
"KiesHelper"=F:\Samsung\Kies\KiesHelper.exe [2011-12-27 937360]
"KiesPDLR"=F:\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-12-27 21392]
C:\Users\Esklap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - F:\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-25 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=F:\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.divxa32"=msaud32_divx.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-18 20:52:34 ----D---- C:\_OTM
2012-07-17 16:18:26 ----D---- C:\rsit
2012-07-17 16:18:26 ----D---- C:\Program Files\trend micro
2012-07-12 18:09:18 ----D---- C:\Users\Esklap\AppData\Roaming\OmegaT
2012-07-12 09:02:23 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-12 09:02:21 ----A---- C:\Windows\system32\iertutil.dll
2012-07-12 09:02:20 ----A---- C:\Windows\system32\ieui.dll
2012-07-12 09:02:18 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-12 09:02:18 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-12 09:02:17 ----A---- C:\Windows\system32\wininet.dll
2012-07-12 09:02:16 ----A---- C:\Windows\system32\jscript.dll
2012-07-12 09:02:15 ----A---- C:\Windows\system32\jscript9.dll
2012-07-12 09:02:14 ----A---- C:\Windows\system32\url.dll
2012-07-12 09:02:11 ----A---- C:\Windows\system32\urlmon.dll
2012-07-12 09:02:07 ----A---- C:\Windows\system32\mshtml.dll
2012-07-12 09:02:04 ----A---- C:\Windows\system32\ieframe.dll
2012-07-12 08:53:57 ----A---- C:\Windows\system32\win32k.sys
2012-07-11 19:15:16 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 19:15:16 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 19:15:15 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 19:15:15 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 19:15:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 19:15:11 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 19:15:10 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 19:15:10 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 19:15:06 ----A---- C:\Windows\system32\cdosys.dll
2012-07-11 19:14:50 ----A---- C:\Windows\system32\shell32.dll
2012-07-07 23:21:23 ----A---- C:\Windows\system32\browserchoice.exe
2012-06-22 09:43:27 ----A---- C:\Windows\system32\wups2.dll
2012-06-22 09:43:26 ----A---- C:\Windows\system32\wucltux.dll
2012-06-22 09:43:26 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-22 09:43:25 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wups.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wudriver.dll
2012-06-22 09:42:56 ----A---- C:\Windows\system32\wuapi.dll
2012-06-22 09:42:34 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-22 09:42:33 ----A---- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2012-07-18 21:02:07 ----D---- C:\Windows\Temp
2012-07-18 20:52:58 ----D---- C:\Windows\System32
2012-07-18 20:52:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-18 20:52:57 ----D---- C:\Windows\inf
2012-07-18 20:52:38 ----RD---- C:\Program Files
2012-07-18 20:50:16 ----D---- C:\Users\Esklap\AppData\Roaming\Spyware Terminator
2012-07-17 15:21:57 ----D---- C:\ProgramData\Spyware Terminator
2012-07-17 07:53:47 ----SHD---- C:\System Volume Information
2012-07-17 07:52:01 ----D---- C:\Windows\system32\config
2012-07-14 14:20:32 ----D---- C:\Users\Esklap\AppData\Roaming\Skype
2012-07-13 14:21:05 ----D---- C:\Windows\winsxs
2012-07-13 14:18:14 ----D---- C:\Windows\system32\migration
2012-07-13 14:18:14 ----D---- C:\Program Files\Internet Explorer
2012-07-13 14:18:11 ----D---- C:\Windows\system32\drivers
2012-07-12 18:09:14 ----D---- C:\Windows\Prefetch
2012-07-12 09:02:57 ----D---- C:\Windows\system32\catroot
2012-07-12 09:02:56 ----D---- C:\Windows\system32\catroot2
2012-07-12 09:00:51 ----SHD---- C:\Windows\Installer
2012-07-12 09:00:43 ----D---- C:\ProgramData\Microsoft Help
2012-07-12 08:55:17 ----A---- C:\Windows\system32\MRT.exe
2012-07-03 15:18:50 ----D---- C:\Windows\system32\Tasks
2012-07-03 15:18:31 ----D---- C:\Windows\Tasks
2012-07-03 15:18:29 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-07-02 10:54:36 ----SD---- C:\Users\Esklap\AppData\Roaming\Microsoft
2012-06-28 14:44:02 ----D---- C:\Windows\rescache
2012-06-26 23:06:37 ----D---- C:\Windows\system32\en-US
2012-06-26 11:43:06 ----D---- C:\Program Files\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-04-27 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-09-28 142592]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-04-25 83392]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-11-09 7430144]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\Windows\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WSDPrintDevice;WSD Print Support via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Realtime Protection; F:\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]
R2 AntiVirSchedulerService;Avira Scheduler; F:\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; F:\Intel\WiFi\bin\EvtEng.exe [2010-11-02 936208]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-11-02 477456]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; F:\Spyware Terminator\sp_rsser.exe [2011-09-28 496128]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-03-27 482992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; F:\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; F:\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; F:\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 227600]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-02 1343400]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - netbook
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - netbook
Nn, pořád to hlásí stejné chyby.
Nejde mi stále zapnout Windows Firewall.
U wi-fi mi to hlasí-> A supported Intel wireless network adapter was not found in this computer. (nevím ale proč, den předem vše normálně běželo)
Ještě k OTM..když jsem ho spustila, tak se mi v pravém okně ve výpisu objevilo u [Emptytemp] [Emptyflash] error...zdálo se mi, že se to celé zaseklo, protože nešlo pohnout se šipkou (posuvníkem), abych mohla celou větu dočíst. Po asi 2 minutách ale vyskočilo okno s hláškou ve smyslu "system reboot" a tlačítko OK. Potvrdila jsem to a počítač se restartoval. Pak jsem znovu udělala ten log RSIT.
Nejde mi stále zapnout Windows Firewall.
U wi-fi mi to hlasí-> A supported Intel wireless network adapter was not found in this computer. (nevím ale proč, den předem vše normálně běželo)
Ještě k OTM..když jsem ho spustila, tak se mi v pravém okně ve výpisu objevilo u [Emptytemp] [Emptyflash] error...zdálo se mi, že se to celé zaseklo, protože nešlo pohnout se šipkou (posuvníkem), abych mohla celou větu dočíst. Po asi 2 minutách ale vyskočilo okno s hláškou ve smyslu "system reboot" a tlačítko OK. Potvrdila jsem to a počítač se restartoval. Pak jsem znovu udělala ten log RSIT.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - netbook
Dejte log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - netbook
ComboFix 12-07-19.02 - Esklap 19.07.2012 16:09:24.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.2036.1268 [GMT 2:00]
Spuštěný z: c:\users\Esklap\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Esklap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{77F789DC-3BA4-4B23-B8E8-EC9916502A6A}.xps
c:\users\Esklap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CF87C6EE-1DF5-4B60-875C-33866938EEA0}.xps
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-19 do 2012-07-19 )))))))))))))))))))))))))))))))
.
.
2012-07-19 14:48 . 2012-07-19 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-19 13:59 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-07-19 13:55 . 2012-07-19 14:00 -------- d-----w- c:\programdata\Spyware Terminator
2012-07-18 18:52 . 2012-07-18 18:52 -------- d-----w- C:\_OTM
2012-07-17 14:18 . 2012-07-17 14:18 -------- d-----w- C:\rsit
2012-07-17 14:18 . 2012-07-17 14:18 -------- d-----w- c:\program files\trend micro
2012-07-17 05:54 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3161580-2D73-4D1E-B244-1C5BA6275D2A}\mpengine.dll
2012-07-12 16:09 . 2012-07-13 20:20 -------- d-----w- c:\users\Esklap\AppData\Roaming\OmegaT
2012-07-12 06:53 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-07 21:21 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-06-22 07:43 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 07:43 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 07:43 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 07:43 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 07:42 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-22 07:42 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 07:42 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 07:42 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 07:42 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 13:18 . 2012-03-28 10:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 13:18 . 2011-10-02 21:12 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-10 15:10 . 2011-12-28 20:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-10 15:10 . 2011-12-28 20:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-06-02 04:40 . 2012-07-11 17:15 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2011-09-28 21:00 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-01 04:44 . 2012-06-13 21:53 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-13 21:51 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-27 08:20 . 2012-06-06 14:54 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-04-26 04:45 . 2012-06-13 21:54 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-13 21:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-13 21:54 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 22:32 . 2012-06-06 14:54 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-04-24 04:36 . 2012-06-13 21:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 21:55 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 21:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 09:25 . 2011-12-28 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="f:\samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="f:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="f:\microsoft office\Office14\BCSSync.exe" [2010-03-13 91520]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1210640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-25 150552]
"KiesTrayAgent"="f:\samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"avgnt"="f:\avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-03-27 2786480]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-03-27 3669680]
"TkBellExe"="f:\realplayer\Update\realsched.exe" [2012-06-10 296056]
.
c:\users\Esklap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - f:\microsoft office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;f:\skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;f:\microsoft office\Office14\GROOVE.EXE [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;f:\intel\WiFi\bin\PanDhcpDns.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;f:\avira\AntiVir Desktop\sched.exe [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [x]
S3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - f:\micros~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - f:\micros~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-CToolbar_UNINSTALL - c:\progra~1\Crawler\Toolbar\CToolbar.exe
AddRemove-01_Simmental - f:\samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - f:\samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - f:\samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - f:\samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - f:\samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - f:\samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - f:\samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - f:\samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - f:\samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - f:\samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - f:\samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - f:\samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - f:\samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - f:\samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - f:\samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - f:\samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - f:\samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - f:\samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - f:\samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
f:\avira\AntiVir Desktop\avguard.exe
f:\intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\wbem\unsecapp.exe
f:\avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2012-07-19 16:58:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-19 14:57
.
Před spuštěním: 85 053 583 360 bytes free
Po spuštění: 85 483 253 760 bytes free
.
- - End Of File - - 4B6E901778B25242341CF91C79F4981F
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.2036.1268 [GMT 2:00]
Spuštěný z: c:\users\Esklap\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Esklap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{77F789DC-3BA4-4B23-B8E8-EC9916502A6A}.xps
c:\users\Esklap\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CF87C6EE-1DF5-4B60-875C-33866938EEA0}.xps
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-19 do 2012-07-19 )))))))))))))))))))))))))))))))
.
.
2012-07-19 14:48 . 2012-07-19 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-19 13:59 . 2011-06-21 09:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-07-19 13:55 . 2012-07-19 14:00 -------- d-----w- c:\programdata\Spyware Terminator
2012-07-18 18:52 . 2012-07-18 18:52 -------- d-----w- C:\_OTM
2012-07-17 14:18 . 2012-07-17 14:18 -------- d-----w- C:\rsit
2012-07-17 14:18 . 2012-07-17 14:18 -------- d-----w- c:\program files\trend micro
2012-07-17 05:54 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D3161580-2D73-4D1E-B244-1C5BA6275D2A}\mpengine.dll
2012-07-12 16:09 . 2012-07-13 20:20 -------- d-----w- c:\users\Esklap\AppData\Roaming\OmegaT
2012-07-12 06:53 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-07 21:21 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-06-22 07:43 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 07:43 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 07:43 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 07:43 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 07:42 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-22 07:42 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 07:42 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 07:42 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 07:42 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 13:18 . 2012-03-28 10:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 13:18 . 2011-10-02 21:12 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-10 15:10 . 2011-12-28 20:29 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-10 15:10 . 2011-12-28 20:29 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-06-02 04:40 . 2012-07-11 17:15 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2011-09-28 21:00 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-01 04:44 . 2012-06-13 21:53 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:17 . 2012-06-13 21:51 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-27 08:20 . 2012-06-06 14:54 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-04-26 04:45 . 2012-06-13 21:54 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 04:45 . 2012-06-13 21:54 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 04:41 . 2012-06-13 21:54 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 22:32 . 2012-06-06 14:54 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-04-24 04:36 . 2012-06-13 21:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 21:55 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 21:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 09:25 . 2011-12-28 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="f:\samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="f:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="f:\microsoft office\Office14\BCSSync.exe" [2010-03-13 91520]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1210640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-25 150552]
"KiesTrayAgent"="f:\samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"avgnt"="f:\avira\AntiVir Desktop\avgnt.exe" [2012-05-01 348624]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-03-27 2786480]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-03-27 3669680]
"TkBellExe"="f:\realplayer\Update\realsched.exe" [2012-06-10 296056]
.
c:\users\Esklap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - f:\microsoft office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;f:\skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;f:\microsoft office\Office14\GROOVE.EXE [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;f:\intel\WiFi\bin\PanDhcpDns.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;f:\avira\AntiVir Desktop\sched.exe [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [x]
S3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - f:\micros~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - f:\micros~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-CToolbar_UNINSTALL - c:\progra~1\Crawler\Toolbar\CToolbar.exe
AddRemove-01_Simmental - f:\samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - f:\samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - f:\samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - f:\samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - f:\samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - f:\samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - f:\samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - f:\samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - f:\samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - f:\samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - f:\samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - f:\samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - f:\samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - f:\samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - f:\samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - f:\samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - f:\samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - f:\samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - f:\samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
f:\avira\AntiVir Desktop\avguard.exe
f:\intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\wbem\unsecapp.exe
f:\avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2012-07-19 16:58:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-19 14:57
.
Před spuštěním: 85 053 583 360 bytes free
Po spuštění: 85 483 253 760 bytes free
.
- - End Of File - - 4B6E901778B25242341CF91C79F4981F
Re: Prosím o kontrolu logu - netbook
Vapadá to, že už mi internet i firewall funguje!...ještě to vše projdu. Můžete mi prosím říct, co způsobilo tento jeden velký error?
Děkuji moc za pomoc!
Děkuji moc za pomoc!
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - netbook
Log již vypadá OK. Odinstalujte ComboFix:
Dále znovu spusťte OTM a klikněte na >Cleanup<. OTM po sobě uklidí. Restartujte PC. Nemáte zač!Startmenu>přík. řádek>(napsat) combofix /uninstall>Enter
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?