Notas byl cca po třech letech pomalý, provedl jsem recovery z hdd, odinstaloval par veci, uz nesel nainstalovat avast, tak jsem dal MS Essential, a dnes jiz nejde instalovat nic, ani firefox, ani chrome, explorer taky nejede, ping funguje.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Mirek at 2013-02-04 17:14:05
Microsoft Windows 7 Home Premium
System drive C: has 93 GB (78%) free of 119 GB
Total RAM: 4095 MB (66% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2b8
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ATKOSD.exe
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"C:\Windows\AsScrPro.exe"
taskeng.exe {FCCF1316-6C38-4BD2-B46C-BD232D0B280E}
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
wmiadap.exe /F /T /R
"C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b425e9c9-b4c5-4f9b-b4b2-f5fc393e3f52 -SystemEventPortName:HostProcess-b6bbbc23-4905-4cef-a856-a9dc68678dd6 -IoCancelEventPortName:HostProcess-af85a433-bb8e-48f1-ad52-2dfde678851d -NonStateChangingEventPortName:HostProcess-5da0cb87-af26-40df-b94c-abe1668902ce -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d8944e66-6cd8-4895-aca5-5a5596fc092a
"F:\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-02-06 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-02-04 17:14:06 ----D---- C:\Program Files\trend micro
2013-02-04 17:14:05 ----D---- C:\rsit
2013-02-03 22:26:08 ----ASH---- C:\pagefile.sys
2013-02-03 22:26:03 ----ASH---- C:\hiberfil.sys
2013-02-03 22:13:14 ----SHD---- C:\System Volume Information
2013-02-03 22:13:05 ----A---- C:\Pass.txt
2013-02-03 18:40:20 ----D---- C:\Program Files (x86)\Pracovní kalendář_203
2013-02-03 17:43:54 ----D---- C:\Users\Mirek\AppData\Roaming\uTorrent
2013-02-03 17:43:52 ----D---- C:\Program Files (x86)\uTorrent
2013-02-03 16:42:11 ----D---- C:\Users\Mirek\AppData\Roaming\GHISLER
2013-02-03 16:42:11 ----D---- C:\Program Files (x86)\totalcmd
2013-02-03 15:13:04 ----N---- C:\Windows\system32\MpSigStub.exe
2013-02-03 15:05:23 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-02-03 15:05:11 ----D---- C:\Program Files\Microsoft Security Client
2013-02-03 14:54:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-02-03 14:53:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-03 14:53:57 ----A---- C:\Windows\system32\drivers\netio.sys
2013-02-03 14:45:40 ----D---- C:\Users\Mirek\AppData\Roaming\Asus WebStorage
2013-02-03 14:41:09 ----A---- C:\Windows\system32\rdpcore.dll
2013-02-03 14:41:08 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-02-03 14:41:08 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-02-03 14:41:08 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-02-03 14:41:06 ----A---- C:\Windows\system32\cabview.dll
2013-02-03 14:41:05 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-02-03 14:39:16 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-03 14:38:30 ----D---- C:\ProgramData\AVAST Software
2013-02-03 14:38:30 ----D---- C:\Program Files\AVAST Software
2013-02-03 14:27:23 ----A---- C:\Windows\system32\wups2.dll
2013-02-03 14:27:23 ----A---- C:\Windows\system32\wucltux.dll
2013-02-03 14:27:23 ----A---- C:\Windows\system32\wuaueng.dll
2013-02-03 14:27:23 ----A---- C:\Windows\system32\wuauclt.exe
2013-02-03 14:26:58 ----D---- C:\Users\Mirek\AppData\Roaming\Adobe
2013-02-03 14:26:52 ----A---- C:\Windows\system32\wups.dll
2013-02-03 14:26:52 ----A---- C:\Windows\system32\wudriver.dll
2013-02-03 14:26:52 ----A---- C:\Windows\system32\wuapi.dll
2013-02-03 14:26:39 ----A---- C:\Windows\system32\wuwebv.dll
2013-02-03 14:26:39 ----A---- C:\Windows\system32\wuapp.exe
2013-02-03 14:14:43 ----D---- C:\Program Files (x86)\MSECache
2013-02-03 14:08:56 ----D---- C:\Program Files (x86)\Microsoft Works
2013-02-03 14:08:27 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2013-02-03 14:08:08 ----D---- C:\Windows\PCHEALTH
2013-02-03 14:08:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-02-03 14:06:04 ----D---- C:\Program Files\Microsoft Office
2013-02-03 14:05:58 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-03 14:04:57 ----RHD---- C:\MSOCache
2013-02-03 13:39:46 ----D---- C:\Users\Mirek\AppData\Roaming\ATI
2013-02-03 13:38:06 ----D---- C:\Users\Mirek\AppData\Roaming\Identities
2013-02-03 13:37:10 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2013-02-03 13:37:09 ----D---- C:\Program Files\Windows Live
2013-02-03 13:36:20 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2013-02-03 13:35:15 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-02-03 13:35:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-02-03 13:33:39 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-03 13:32:51 ----D---- C:\Program Files (x86)\Microsoft
2013-02-03 13:32:31 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2013-02-03 13:32:25 ----D---- C:\Program Files (x86)\Windows Live
2013-02-03 13:30:32 ----HD---- C:\ASUS.DAT
2013-02-03 13:30:08 ----SD---- C:\Users\Mirek\AppData\Roaming\Microsoft
2013-02-03 13:30:08 ----D---- C:\Users\Mirek\AppData\Roaming\Media Center Programs
======List of files/folders modified in the last 1 month======
2013-02-04 17:14:06 ----RD---- C:\Program Files
2013-02-04 17:13:32 ----D---- C:\Windows\Temp
2013-02-04 17:12:11 ----D---- C:\Windows\system32\catroot
2013-02-04 17:12:08 ----D---- C:\Windows\winsxs
2013-02-04 17:12:02 ----D---- C:\Windows\system32\config
2013-02-04 17:09:12 ----D---- C:\Windows\system32\Tasks
2013-02-04 17:06:20 ----D---- C:\Windows\system32\catroot2
2013-02-04 16:39:02 ----D---- C:\Windows\System32
2013-02-04 16:39:02 ----D---- C:\Windows\inf
2013-02-04 16:39:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-04 16:34:25 ----D---- C:\Windows\system32\NDF
2013-02-03 20:39:09 ----D---- C:\Windows\Logs
2013-02-03 20:04:15 ----D---- C:\Windows\system32\LogFiles
2013-02-03 19:47:50 ----SD---- C:\ProgramData\Microsoft
2013-02-03 18:40:41 ----D---- C:\Windows\SysWOW64
2013-02-03 18:40:20 ----RD---- C:\Program Files (x86)
2013-02-03 18:29:06 ----D---- C:\Windows\system32\drivers\etc
2013-02-03 17:25:59 ----D---- C:\Windows\system32\wdi
2013-02-03 15:05:42 ----SHD---- C:\Windows\Installer
2013-02-03 15:05:25 ----D---- C:\Windows\system32\drivers
2013-02-03 15:02:56 ----D---- C:\Windows
2013-02-03 14:55:08 ----HD---- C:\Windows\system32\GroupPolicy
2013-02-03 14:47:49 ----A---- C:\Windows\system32\Defrag.ini
2013-02-03 14:45:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-02-03 14:45:07 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-02-03 14:43:04 ----HD---- C:\ProgramData
2013-02-03 14:42:24 ----D---- C:\Windows\system32\sr-Latn-CS
2013-02-03 14:42:24 ----D---- C:\Windows\system32\sk-SK
2013-02-03 14:42:24 ----D---- C:\Windows\system32\ro-RO
2013-02-03 14:42:24 ----D---- C:\Windows\system32\lv-LV
2013-02-03 14:42:24 ----D---- C:\Windows\system32\lt-LT
2013-02-03 14:42:24 ----D---- C:\Windows\system32\hr-HR
2013-02-03 14:42:24 ----D---- C:\Windows\system32\cs-CZ
2013-02-03 14:42:23 ----D---- C:\Windows\system32\sl-SI
2013-02-03 14:42:23 ----D---- C:\Windows\system32\pl-PL
2013-02-03 14:42:23 ----D---- C:\Windows\system32\hu-HU
2013-02-03 14:42:23 ----D---- C:\Windows\system32\en-US
2013-02-03 14:42:23 ----D---- C:\Windows\system32\bg-BG
2013-02-03 14:42:22 ----D---- C:\Windows\system32\et-EE
2013-02-03 14:41:49 ----D---- C:\Windows\SoftwareDistribution
2013-02-03 14:12:15 ----D---- C:\ProgramData\Microsoft Help
2013-02-03 14:12:09 ----RSD---- C:\Windows\assembly
2013-02-03 14:08:39 ----D---- C:\Program Files (x86)\MSBuild
2013-02-03 14:08:35 ----D---- C:\Program Files (x86)\Microsoft Office
2013-02-03 14:08:27 ----D---- C:\Program Files (x86)\Common Files
2013-02-03 14:08:25 ----D---- C:\Windows\ShellNew
2013-02-03 14:08:14 ----RSD---- C:\Windows\Fonts
2013-02-03 14:07:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-03 14:05:42 ----A---- C:\Windows\win.ini
2013-02-03 14:00:48 ----D---- C:\Windows\Prefetch
2013-02-03 13:59:42 ----D---- C:\Windows\system32\DriverStore
2013-02-03 13:54:45 ----D---- C:\Windows\Microsoft.NET
2013-02-03 13:37:54 ----SHD---- C:\$Recycle.Bin
2013-02-03 13:37:10 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-03 13:30:07 ----RD---- C:\Users
2013-02-03 13:27:50 ----SHD---- C:\Recovery
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385
Run by Mirek at 17:16:59 on 2013-02-04
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2477 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
C:\Windows\AsScrPro.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\alg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.centrum.cz/
uDefault_Page_URL = hxxp://asus.msn.com
uProxyServer = hxxp=89.29.23.110
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Pomocník pro přihlášení ke službě Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [Setwallpaper] c:\programdata\SetWallpaper.cmd
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{856AF894-5DAE-4EFB-85E0-5CA5A315FEB8} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B51F0D33-E95D-43B9-8EF3-3C111C5CF651} : NameServer = 62.129.50.20,85.135.32.100
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
x64-Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
x64-Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2011-4-18 189440]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-2-6 379520]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-12-11 202752]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2010-2-6 14904]
R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [2010-2-6 44312]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2011-4-18 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 84864]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-2-6 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2009-7-9 1222144]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-2-3 61792]
S3 fsssvc;Windows Live Zabezpečení rodiny;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-04 16:14:06 -------- d-----w- C:\Program Files\trend micro
2013-02-03 18:44:06 -------- d-----w- C:\Users\Mirek\AppData\Local\Apps
2013-02-03 17:40:20 -------- d-----w- C:\Program Files (x86)\Pracovní kalendář_203
2013-02-03 16:55:59 -------- d-----w- C:\Users\Mirek\AppData\Local\GHISLER
2013-02-03 16:43:54 -------- d-----w- C:\Users\Mirek\AppData\Roaming\uTorrent
2013-02-03 16:43:52 -------- d-----w- C:\Program Files (x86)\uTorrent
2013-02-03 16:31:19 -------- d-----w- C:\Users\Mirek\AppData\Local\Diagnostics
2013-02-03 16:29:52 -------- d-----w- C:\Users\Mirek\AppData\Local\ElevatedDiagnostics
2013-02-03 15:42:11 -------- d-----w- C:\Users\Mirek\AppData\Roaming\GHISLER
2013-02-03 15:42:11 -------- d-----w- C:\Program Files (x86)\totalcmd
2013-02-03 14:13:26 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4BC83B89-DBE6-46E6-9C66-8B76C50C9425}\gapaengine.dll
2013-02-03 14:13:18 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EB69187B-B362-4714-AAB0-82B5B74F243C}\mpengine.dll
2013-02-03 14:13:04 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-03 14:05:23 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-02-03 14:05:11 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-02-03 13:53:57 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-02-03 13:53:57 1898376 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-03 13:45:40 -------- d-----w- C:\Users\Mirek\AppData\Roaming\Asus WebStorage
2013-02-03 13:41:09 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-02-03 13:41:08 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-02-03 13:41:08 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-02-03 13:41:08 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2013-02-03 13:41:06 139264 ----a-w- C:\Windows\System32\cabview.dll
2013-02-03 13:41:05 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2013-02-03 13:38:30 -------- d-----w- C:\ProgramData\AVAST Software
2013-02-03 13:38:30 -------- d-----w- C:\Program Files\AVAST Software
2013-02-03 13:27:23 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-02-03 13:26:52 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-02-03 13:26:39 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-02-03 13:26:39 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-02-03 13:14:43 -------- d-----w- C:\Program Files (x86)\MSECache
2013-02-03 13:08:08 -------- d-----w- C:\Windows\PCHEALTH
2013-02-03 13:05:58 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-03 13:05:18 -------- d-----w- C:\Users\Mirek\AppData\Local\Microsoft Help
2013-02-03 12:40:39 -------- d-----w- C:\Users\Mirek\AppData\Local\Seven Zip
2013-02-03 12:39:46 -------- d-----w- C:\Users\Mirek\AppData\Local\ATI
2013-02-03 12:38:48 -------- d-----w- C:\Users\Mirek\AppData\Local\SRS Labs
2013-02-03 12:37:10 61792 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2013-02-03 12:35:15 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2013-02-03 12:35:15 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2013-02-03 12:33:39 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-03 12:32:51 -------- d-----w- C:\Program Files (x86)\Microsoft
2013-02-03 12:32:31 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2013-02-03 12:31:44 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6d1d186f1ce020a\DSETUP.dll
2013-02-03 12:31:44 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6d1d186f1ce020a\DXSETUP.exe
2013-02-03 12:31:44 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6d1d186f1ce020a\dsetup32.dll
2013-02-03 12:31:20 132917064 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc3754.tmp
2013-02-03 12:31:09 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
.
==================== Find3M ====================
.
.
============= FINISH: 17:18:03,31 ===============
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
po recovery asus x70a nic nefunguje
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po recovery asus x70a nic nefunguje
Zdravím!
Poprosím log Combofix:
Poprosím log Combofix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: po recovery asus x70a nic nefunguje
ComboFix 13-02-03.03 - Mirek 04.02.2013 20:00:53.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2525 [GMT 1:00]
Spuštěný z: c:\users\Mirek\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\AsDebug.log
c:\windows\msvcr71.dll
c:\windows\msxml4-KB2758694-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-04 do 2013-02-04 )))))))))))))))))))))))))))))))
.
.
2013-02-04 19:12 . 2013-02-04 19:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\SysWow64\Wat
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\system32\Wat
2013-02-04 18:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2013-02-04 18:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2013-02-04 18:08 . 2012-07-26 07:48 2560 ----a-w- c:\windows\system32\drivers\hu-HU\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\pl-PL\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-04 18:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-04 18:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-04 18:05 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-04 17:52 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-04 17:52 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-04 17:52 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-04 17:52 . 2009-10-19 14:10 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-04 17:52 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-04 17:52 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-04 17:49 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-04 17:49 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-04 17:49 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-04 17:49 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-04 17:49 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-04 17:49 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-04 17:49 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-04 17:42 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-04 17:42 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-04 17:42 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-02-04 17:42 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-04 17:42 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-02-04 17:38 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-02-04 17:38 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2013-02-04 17:35 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-02-04 17:35 . 2011-03-03 06:17 356352 ----a-w- c:\windows\system32\dnsapi.dll
2013-02-04 17:35 . 2011-03-03 06:14 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-02-04 17:35 . 2011-03-03 05:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2013-02-04 17:35 . 2010-05-19 19:48 144384 ----a-w- c:\windows\system32\cdd.dll
2013-02-04 17:34 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-02-04 17:34 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-02-04 17:33 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-04 17:33 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-02-04 17:33 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2013-02-04 17:33 . 2010-08-21 05:36 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2013-02-04 17:31 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-04 17:31 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-02-04 17:31 . 2010-11-02 05:12 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-04 17:31 . 2010-11-02 04:35 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-02-04 17:30 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-04 17:30 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2013-02-04 17:30 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-02-04 17:30 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-02-04 17:30 . 2012-11-22 10:32 801280 ----a-w- c:\windows\system32\usp10.dll
2013-02-04 17:30 . 2012-11-22 09:33 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2013-02-04 17:28 . 2011-08-17 05:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2013-02-04 17:28 . 2011-08-17 05:27 288256 ----a-w- c:\windows\system32\MSNP.ax
2013-02-04 17:28 . 2011-08-17 05:27 108032 ----a-w- c:\windows\system32\psisrndr.ax
2013-02-04 17:28 . 2011-08-17 05:27 104960 ----a-w- c:\windows\system32\Mpeg2Data.ax
2013-02-04 17:28 . 2011-08-17 04:26 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2013-02-04 17:28 . 2011-08-17 04:22 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2013-02-04 17:28 . 2011-08-17 04:22 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2013-02-04 17:28 . 2011-08-17 05:27 75776 ----a-w- c:\windows\system32\MSDvbNP.ax
2013-02-04 17:28 . 2011-08-17 04:22 72704 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2013-02-04 17:28 . 2011-08-17 04:22 59904 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2013-02-04 17:28 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-04 17:28 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-04 17:28 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-04 17:27 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-02-04 17:26 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2013-02-04 17:26 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2013-02-04 17:26 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2013-02-04 17:26 . 2011-12-28 03:59 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2013-02-04 17:25 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-02-04 17:25 . 2012-08-11 00:53 714752 ----a-w- c:\windows\system32\kerberos.dll
2013-02-04 17:25 . 2012-08-10 23:54 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2013-02-04 17:25 . 2012-04-07 12:18 3213824 ----a-w- c:\windows\system32\msi.dll
2013-02-04 17:25 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2013-02-04 17:23 . 2013-01-07 20:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-04 17:23 . 2013-01-07 20:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60396DAA-E5C0-4E20-8F26-196A1C1B6FAF}\mpengine.dll
2013-02-04 16:30 . 2012-06-16 05:25 609792 ----a-w- c:\windows\system32\vbscript.dll
2013-02-04 16:30 . 2012-06-16 05:25 850944 ----a-w- c:\windows\system32\jscript.dll
2013-02-04 16:30 . 2012-06-16 04:37 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-02-04 16:30 . 2010-02-18 08:07 14163456 ----a-w- c:\windows\system32\shell32.dll
2013-02-04 16:30 . 2009-12-11 09:24 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2013-02-04 16:30 . 2009-12-11 10:29 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-02-04 16:30 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-02-04 16:30 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-02-04 16:29 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll
2013-02-04 16:29 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-02-04 16:29 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe
2013-02-04 16:29 . 2011-02-05 12:39 518160 ----a-w- c:\windows\system32\winresume.exe
2013-02-04 16:29 . 2011-02-05 12:41 556928 ----a-w- c:\windows\system32\winresume.efi
2013-02-04 16:29 . 2011-02-05 12:41 640896 ----a-w- c:\windows\system32\winload.efi
2013-02-04 16:29 . 2011-02-05 12:41 20352 ----a-w- c:\windows\system32\kdusb.dll
2013-02-04 16:29 . 2011-02-05 12:41 19328 ----a-w- c:\windows\system32\kd1394.dll
2013-02-04 16:29 . 2011-02-05 12:41 17792 ----a-w- c:\windows\system32\kdcom.dll
2013-02-04 16:28 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2013-02-04 16:28 . 2010-08-31 04:32 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2013-02-04 16:28 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2013-02-04 16:28 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2013-02-04 16:27 . 2012-11-23 03:45 3147264 ----a-w- c:\windows\system32\win32k.sys
2013-02-04 16:26 . 2011-05-24 11:21 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-02-04 16:26 . 2011-05-24 10:34 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2013-02-04 16:26 . 2011-05-24 10:32 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2013-02-04 16:26 . 2011-05-24 10:34 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2013-02-04 16:26 . 2011-05-24 10:34 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2013-02-04 16:25 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll
2013-02-04 16:25 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-02-04 16:25 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe
2013-02-04 16:25 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-02-04 16:25 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2013-02-04 16:25 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2013-02-04 16:25 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2013-02-04 16:25 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2013-02-04 16:24 . 2010-09-01 05:21 14627840 ----a-w- c:\windows\system32\wmp.dll
2013-02-04 16:24 . 2010-09-01 05:14 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-02-04 16:24 . 2010-09-01 04:26 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-02-04 16:24 . 2010-09-01 05:12 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-02-04 16:24 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-02-04 16:24 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-02-04 16:24 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2013-02-04 16:23 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
2013-02-04 16:23 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2013-02-04 16:23 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-02-04 16:22 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-30 04:56 . 2013-02-04 17:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2010-01-05 170624]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-2-6 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-2-6 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-04 1255736]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-08 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 202752]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=89.29.23.110
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B51F0D33-E95D-43B9-8EF3-3C111C5CF651}: NameServer = 62.129.50.20,85.135.32.100
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-BrowserChoice - c:\windows\System32\browserchoice.exe
Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
Toolbar-Locked - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-04 20:30:01
ComboFix-quarantined-files.txt 2013-02-04 19:29
.
Před spuštěním: Volných bajtů: 92 526 477 312
Po spuštění: Volných bajtů: 91 967 574 016
.
- - End Of File - - C74C10B0D4B15A3F856F866963B9061F
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2525 [GMT 1:00]
Spuštěný z: c:\users\Mirek\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\AsDebug.log
c:\windows\msvcr71.dll
c:\windows\msxml4-KB2758694-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-04 do 2013-02-04 )))))))))))))))))))))))))))))))
.
.
2013-02-04 19:12 . 2013-02-04 19:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\SysWow64\Wat
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\system32\Wat
2013-02-04 18:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2013-02-04 18:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2013-02-04 18:08 . 2012-07-26 07:48 2560 ----a-w- c:\windows\system32\drivers\hu-HU\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\pl-PL\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-04 18:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-04 18:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-02-04 18:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-04 18:05 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-04 17:52 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-04 17:52 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-04 17:52 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-04 17:52 . 2009-10-19 14:10 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-04 17:52 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-04 17:52 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-04 17:49 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-04 17:49 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-04 17:49 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-04 17:49 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-04 17:49 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-04 17:49 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-04 17:49 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-04 17:42 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-04 17:42 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-04 17:42 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-02-04 17:42 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-04 17:42 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-02-04 17:38 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-02-04 17:38 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2013-02-04 17:35 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-02-04 17:35 . 2011-03-03 06:17 356352 ----a-w- c:\windows\system32\dnsapi.dll
2013-02-04 17:35 . 2011-03-03 06:14 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-02-04 17:35 . 2011-03-03 05:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2013-02-04 17:35 . 2010-05-19 19:48 144384 ----a-w- c:\windows\system32\cdd.dll
2013-02-04 17:34 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-02-04 17:34 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-02-04 17:33 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-04 17:33 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-02-04 17:33 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2013-02-04 17:33 . 2010-08-21 05:36 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2013-02-04 17:31 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-04 17:31 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-02-04 17:31 . 2010-11-02 05:12 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-04 17:31 . 2010-11-02 04:35 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-02-04 17:30 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-04 17:30 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2013-02-04 17:30 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-02-04 17:30 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-02-04 17:30 . 2012-11-22 10:32 801280 ----a-w- c:\windows\system32\usp10.dll
2013-02-04 17:30 . 2012-11-22 09:33 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2013-02-04 17:28 . 2011-08-17 05:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2013-02-04 17:28 . 2011-08-17 05:27 288256 ----a-w- c:\windows\system32\MSNP.ax
2013-02-04 17:28 . 2011-08-17 05:27 108032 ----a-w- c:\windows\system32\psisrndr.ax
2013-02-04 17:28 . 2011-08-17 05:27 104960 ----a-w- c:\windows\system32\Mpeg2Data.ax
2013-02-04 17:28 . 2011-08-17 04:26 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2013-02-04 17:28 . 2011-08-17 04:22 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2013-02-04 17:28 . 2011-08-17 04:22 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2013-02-04 17:28 . 2011-08-17 05:27 75776 ----a-w- c:\windows\system32\MSDvbNP.ax
2013-02-04 17:28 . 2011-08-17 04:22 72704 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2013-02-04 17:28 . 2011-08-17 04:22 59904 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2013-02-04 17:28 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-04 17:28 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-04 17:28 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-04 17:27 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-02-04 17:26 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2013-02-04 17:26 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2013-02-04 17:26 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2013-02-04 17:26 . 2011-12-28 03:59 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2013-02-04 17:25 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-02-04 17:25 . 2012-08-11 00:53 714752 ----a-w- c:\windows\system32\kerberos.dll
2013-02-04 17:25 . 2012-08-10 23:54 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2013-02-04 17:25 . 2012-04-07 12:18 3213824 ----a-w- c:\windows\system32\msi.dll
2013-02-04 17:25 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2013-02-04 17:23 . 2013-01-07 20:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-04 17:23 . 2013-01-07 20:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60396DAA-E5C0-4E20-8F26-196A1C1B6FAF}\mpengine.dll
2013-02-04 16:30 . 2012-06-16 05:25 609792 ----a-w- c:\windows\system32\vbscript.dll
2013-02-04 16:30 . 2012-06-16 05:25 850944 ----a-w- c:\windows\system32\jscript.dll
2013-02-04 16:30 . 2012-06-16 04:37 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-02-04 16:30 . 2010-02-18 08:07 14163456 ----a-w- c:\windows\system32\shell32.dll
2013-02-04 16:30 . 2009-12-11 09:24 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2013-02-04 16:30 . 2009-12-11 10:29 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-02-04 16:30 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-02-04 16:30 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-02-04 16:29 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll
2013-02-04 16:29 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-02-04 16:29 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe
2013-02-04 16:29 . 2011-02-05 12:39 518160 ----a-w- c:\windows\system32\winresume.exe
2013-02-04 16:29 . 2011-02-05 12:41 556928 ----a-w- c:\windows\system32\winresume.efi
2013-02-04 16:29 . 2011-02-05 12:41 640896 ----a-w- c:\windows\system32\winload.efi
2013-02-04 16:29 . 2011-02-05 12:41 20352 ----a-w- c:\windows\system32\kdusb.dll
2013-02-04 16:29 . 2011-02-05 12:41 19328 ----a-w- c:\windows\system32\kd1394.dll
2013-02-04 16:29 . 2011-02-05 12:41 17792 ----a-w- c:\windows\system32\kdcom.dll
2013-02-04 16:28 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2013-02-04 16:28 . 2010-08-31 04:32 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2013-02-04 16:28 . 2011-08-15 05:08 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2013-02-04 16:28 . 2011-08-15 04:25 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2013-02-04 16:27 . 2012-11-23 03:45 3147264 ----a-w- c:\windows\system32\win32k.sys
2013-02-04 16:26 . 2011-05-24 11:21 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-02-04 16:26 . 2011-05-24 10:34 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2013-02-04 16:26 . 2011-05-24 10:32 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2013-02-04 16:26 . 2011-05-24 10:34 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2013-02-04 16:26 . 2011-05-24 10:34 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2013-02-04 16:25 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll
2013-02-04 16:25 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-02-04 16:25 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe
2013-02-04 16:25 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-02-04 16:25 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2013-02-04 16:25 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2013-02-04 16:25 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2013-02-04 16:25 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2013-02-04 16:24 . 2010-09-01 05:21 14627840 ----a-w- c:\windows\system32\wmp.dll
2013-02-04 16:24 . 2010-09-01 05:14 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-02-04 16:24 . 2010-09-01 04:26 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-02-04 16:24 . 2010-09-01 05:12 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-02-04 16:24 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-02-04 16:24 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-02-04 16:24 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2013-02-04 16:23 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
2013-02-04 16:23 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2013-02-04 16:23 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-02-04 16:22 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-30 04:56 . 2013-02-04 17:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2010-01-05 170624]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-2-6 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-2-6 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-04 1255736]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-08 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 202752]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=89.29.23.110
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B51F0D33-E95D-43B9-8EF3-3C111C5CF651}: NameServer = 62.129.50.20,85.135.32.100
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-BrowserChoice - c:\windows\System32\browserchoice.exe
Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
Toolbar-Locked - (no file)
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-04 20:30:01
ComboFix-quarantined-files.txt 2013-02-04 19:29
.
Před spuštěním: Volných bajtů: 92 526 477 312
Po spuštění: Volných bajtů: 91 967 574 016
.
- - End Of File - - C74C10B0D4B15A3F856F866963B9061F
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po recovery asus x70a nic nefunguje
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
Driver::
BBSvc
BBUpdate
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: po recovery asus x70a nic nefunguje
nejnovejsi log
ComboFix 13-02-03.03 - Mirek 05.02.2013 14:51:11.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.1562 [GMT 1:00]
Spuštěný z: c:\users\Mirek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Mirek\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe"
"c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
c:\windows\msxml4-KB2758694-enu.LOG
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-05 do 2013-02-05 )))))))))))))))))))))))))))))))
.
.
2013-02-05 14:03 . 2013-02-05 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-05 12:19 . 2013-02-05 12:19 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-02-04 21:08 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2013-02-04 21:08 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2013-02-04 21:08 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2013-02-04 21:08 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2013-02-04 21:08 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2013-02-04 21:08 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-02-04 21:08 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-02-04 21:08 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2013-02-04 21:08 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2013-02-04 21:08 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-02-04 20:21 . 2013-02-04 20:21 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-02-04 20:14 . 2013-02-04 20:14 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-04 20:14 . 2013-02-04 20:14 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-04 20:13 . 2013-02-04 20:13 -------- d-----w- c:\windows\system32\Macromed
2013-02-04 19:44 . 2013-02-04 19:45 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-02-04 19:39 . 2013-02-04 19:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-02-04 19:38 . 2013-01-07 20:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF688F94-C0D4-4050-9BF9-41CA7C78932E}\mpengine.dll
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\SysWow64\Wat
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\system32\Wat
2013-02-04 18:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2013-02-04 18:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2013-02-04 18:09 . 2012-08-31 18:02 1656688 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-02-04 18:09 . 2011-06-16 05:31 199680 ----a-w- c:\windows\system32\xmllite.dll
2013-02-04 18:07 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2013-02-04 18:07 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2013-02-04 18:07 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2013-02-04 18:07 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-04 18:07 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2013-02-04 18:07 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-02-04 18:07 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-02-04 18:06 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2013-02-04 18:06 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-04 18:06 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-04 18:06 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-02-04 18:06 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-02-04 18:06 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-02-04 18:05 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-02-04 18:05 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2013-02-04 18:05 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-04 18:04 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2013-02-04 18:04 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2013-02-04 18:02 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2013-02-04 18:02 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe
2013-02-04 18:02 . 2012-11-09 05:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-02-04 18:02 . 2012-11-09 04:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-02-04 18:01 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2013-02-04 18:01 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2013-02-04 18:01 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-02-04 18:01 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2013-02-04 18:01 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2013-02-04 18:01 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2013-02-04 18:00 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2013-02-04 18:00 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2013-02-04 17:58 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2013-02-04 17:58 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2013-02-04 17:58 . 2011-10-26 04:28 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-02-04 17:58 . 2011-10-26 05:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-02-04 17:58 . 2012-01-04 09:58 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-02-04 17:58 . 2012-01-04 09:03 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2013-02-04 17:56 . 2011-05-04 05:28 2228224 ----a-w- c:\windows\system32\mssrch.dll
2013-02-04 17:55 . 2011-07-09 02:44 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-02-04 17:55 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-02-04 17:55 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-02-04 17:55 . 2011-11-17 07:12 395776 ----a-w- c:\windows\system32\webio.dll
2013-02-04 17:55 . 2011-11-17 05:39 314368 ----a-w- c:\windows\SysWow64\webio.dll
2013-02-04 17:53 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2013-02-04 17:53 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2013-02-04 17:52 . 2010-08-04 07:07 552960 ----a-w- c:\windows\system32\msdri.dll
2013-02-04 17:52 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-04 17:52 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-04 17:52 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-04 17:52 . 2009-10-19 14:10 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-04 17:52 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-04 17:52 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-04 17:51 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-02-04 17:51 . 2012-01-03 06:24 515584 ----a-w- c:\windows\system32\timedate.cpl
2013-02-04 17:51 . 2012-01-03 05:44 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
2013-02-04 17:50 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-04 17:50 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-02-04 17:49 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-04 17:49 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-04 17:49 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-04 17:49 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-04 17:49 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-04 17:49 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-04 17:49 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-04 17:47 . 2010-08-21 06:31 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-02-04 17:47 . 2010-08-21 05:33 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-02-04 17:45 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2013-02-04 17:45 . 2011-03-11 06:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2013-02-04 17:45 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll
2013-02-04 17:45 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2013-02-04 17:45 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2013-02-04 17:44 . 2012-06-09 05:30 14165504 ----a-w- c:\windows\system32\shell32.dll
2013-02-04 17:43 . 2012-08-02 17:55 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-04 17:43 . 2012-08-02 17:05 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-02-04 17:43 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll
2013-02-04 17:43 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2013-02-04 17:39 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-02-04 17:38 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-02-04 17:38 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2013-02-04 17:38 . 2012-11-02 05:30 2001408 ----a-w- c:\windows\system32\msxml6.dll
2013-02-04 17:38 . 2012-11-02 05:30 1880064 ----a-w- c:\windows\system32\msxml3.dll
2013-02-04 17:38 . 2012-11-02 04:50 1388544 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-02-04 17:38 . 2012-11-02 04:50 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-02-04 17:37 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-02-04 17:37 . 2010-07-29 06:30 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2013-02-04 17:36 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-02-04 17:36 . 2012-05-02 05:32 208896 ----a-w- c:\windows\system32\profsvc.dll
2013-02-04 17:35 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-02-04 17:35 . 2011-03-03 06:17 356352 ----a-w- c:\windows\system32\dnsapi.dll
2013-02-04 17:35 . 2011-03-03 06:14 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-02-04 17:35 . 2011-03-03 05:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2013-02-04 17:34 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-02-04 17:34 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-02-04 17:33 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-04 17:33 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-02-04 17:33 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2013-02-04 17:33 . 2010-08-21 05:36 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2013-02-04 17:30 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-04 17:30 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2013-02-04 17:30 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-02-04 17:30 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-04 20:53 . 2013-02-04 20:53 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-02-04 20:53 . 2013-02-04 20:53 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-30 04:56 . 2013-02-04 17:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2010-01-05 170624]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [N/A]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-04 1255736]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-08 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 202752]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-04 20:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=89.29.23.110
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B51F0D33-E95D-43B9-8EF3-3C111C5CF651}: NameServer = 62.129.50.20,85.135.32.100
FF - ProfilePath - c:\users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\qdpx8a0q.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Celkový čas: 2013-02-05 16:15:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-05 15:15
ComboFix2.txt 2013-02-04 19:30
.
Před spuštěním: Volných bajtů: 87 114 113 024
Po spuštění: Volných bajtů: 86 604 513 280
.
- - End Of File - - 845A87F89F854FB986439C0CFB8AEA4E
ComboFix 13-02-03.03 - Mirek 05.02.2013 14:51:11.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.1562 [GMT 1:00]
Spuštěný z: c:\users\Mirek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Mirek\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe"
"c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
c:\windows\msxml4-KB2758694-enu.LOG
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-05 do 2013-02-05 )))))))))))))))))))))))))))))))
.
.
2013-02-05 14:03 . 2013-02-05 14:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-05 12:19 . 2013-02-05 12:19 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-02-04 21:08 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2013-02-04 21:08 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2013-02-04 21:08 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2013-02-04 21:08 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2013-02-04 21:08 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2013-02-04 21:08 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-02-04 21:08 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-02-04 21:08 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2013-02-04 21:08 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2013-02-04 21:08 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-02-04 20:21 . 2013-02-04 20:21 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-02-04 20:14 . 2013-02-04 20:14 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-04 20:14 . 2013-02-04 20:14 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-04 20:13 . 2013-02-04 20:13 -------- d-----w- c:\windows\system32\Macromed
2013-02-04 19:44 . 2013-02-04 19:45 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-02-04 19:39 . 2013-02-04 19:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-02-04 19:38 . 2013-01-07 20:32 9161176 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF688F94-C0D4-4050-9BF9-41CA7C78932E}\mpengine.dll
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\SysWow64\Wat
2013-02-04 18:47 . 2013-02-04 18:47 -------- d-----w- c:\windows\system32\Wat
2013-02-04 18:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2013-02-04 18:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2013-02-04 18:09 . 2012-08-31 18:02 1656688 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-02-04 18:09 . 2011-06-16 05:31 199680 ----a-w- c:\windows\system32\xmllite.dll
2013-02-04 18:07 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2013-02-04 18:07 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2013-02-04 18:07 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2013-02-04 18:07 . 2012-03-03 06:29 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-04 18:07 . 2012-03-03 06:29 902656 ----a-w- c:\windows\system32\d2d1.dll
2013-02-04 18:07 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-02-04 18:07 . 2012-03-03 05:40 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-02-04 18:06 . 2012-03-03 06:29 1541120 ----a-w- c:\windows\system32\DWrite.dll
2013-02-04 18:06 . 2012-03-03 06:29 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-04 18:06 . 2012-03-03 06:29 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-04 18:06 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-02-04 18:06 . 2012-03-03 05:40 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-02-04 18:06 . 2012-03-03 05:40 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-02-04 18:05 . 2011-10-01 05:28 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-02-04 18:05 . 2011-10-01 04:43 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2013-02-04 18:05 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-04 18:04 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2013-02-04 18:04 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2013-02-04 18:02 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2013-02-04 18:02 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe
2013-02-04 18:02 . 2012-11-09 05:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-02-04 18:02 . 2012-11-09 04:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-02-04 18:01 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2013-02-04 18:01 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2013-02-04 18:01 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-02-04 18:01 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2013-02-04 18:01 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2013-02-04 18:01 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2013-02-04 18:00 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2013-02-04 18:00 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2013-02-04 17:58 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2013-02-04 17:58 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2013-02-04 17:58 . 2011-10-26 04:28 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-02-04 17:58 . 2011-10-26 05:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-02-04 17:58 . 2012-01-04 09:58 509952 ----a-w- c:\windows\system32\ntshrui.dll
2013-02-04 17:58 . 2012-01-04 09:03 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2013-02-04 17:56 . 2011-05-04 05:28 2228224 ----a-w- c:\windows\system32\mssrch.dll
2013-02-04 17:55 . 2011-07-09 02:44 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-02-04 17:55 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-02-04 17:55 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-02-04 17:55 . 2011-11-17 07:12 395776 ----a-w- c:\windows\system32\webio.dll
2013-02-04 17:55 . 2011-11-17 05:39 314368 ----a-w- c:\windows\SysWow64\webio.dll
2013-02-04 17:53 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2013-02-04 17:53 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2013-02-04 17:52 . 2010-08-04 07:07 552960 ----a-w- c:\windows\system32\msdri.dll
2013-02-04 17:52 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-04 17:52 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-04 17:52 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-04 17:52 . 2009-10-19 14:10 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-04 17:52 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-04 17:52 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-04 17:51 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-02-04 17:51 . 2012-01-03 06:24 515584 ----a-w- c:\windows\system32\timedate.cpl
2013-02-04 17:51 . 2012-01-03 05:44 478208 ----a-w- c:\windows\SysWow64\timedate.cpl
2013-02-04 17:50 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-04 17:50 . 2011-02-24 05:32 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-02-04 17:49 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-04 17:49 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-04 17:49 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-04 17:49 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-04 17:49 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-04 17:49 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-04 17:49 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-04 17:47 . 2010-08-21 06:31 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-02-04 17:47 . 2010-08-21 05:33 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-02-04 17:45 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2013-02-04 17:45 . 2011-03-11 06:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2013-02-04 17:45 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll
2013-02-04 17:45 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2013-02-04 17:45 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2013-02-04 17:44 . 2012-06-09 05:30 14165504 ----a-w- c:\windows\system32\shell32.dll
2013-02-04 17:43 . 2012-08-02 17:55 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-04 17:43 . 2012-08-02 17:05 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-02-04 17:43 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll
2013-02-04 17:43 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2013-02-04 17:39 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-02-04 17:38 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-02-04 17:38 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2013-02-04 17:38 . 2012-11-02 05:30 2001408 ----a-w- c:\windows\system32\msxml6.dll
2013-02-04 17:38 . 2012-11-02 05:30 1880064 ----a-w- c:\windows\system32\msxml3.dll
2013-02-04 17:38 . 2012-11-02 04:50 1388544 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-02-04 17:38 . 2012-11-02 04:50 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-02-04 17:37 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-02-04 17:37 . 2010-07-29 06:30 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2013-02-04 17:36 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-02-04 17:36 . 2012-05-02 05:32 208896 ----a-w- c:\windows\system32\profsvc.dll
2013-02-04 17:35 . 2011-03-03 06:17 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2013-02-04 17:35 . 2011-03-03 06:17 356352 ----a-w- c:\windows\system32\dnsapi.dll
2013-02-04 17:35 . 2011-03-03 06:14 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2013-02-04 17:35 . 2011-03-03 05:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2013-02-04 17:34 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-02-04 17:34 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-02-04 17:33 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-04 17:33 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-02-04 17:33 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2013-02-04 17:33 . 2010-08-21 05:36 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2013-02-04 17:30 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-04 17:30 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2013-02-04 17:30 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-02-04 17:30 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-04 20:53 . 2013-02-04 20:53 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-02-04 20:53 . 2013-02-04 20:53 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-30 04:56 . 2013-02-04 17:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-11 98304]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2010-01-05 170624]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [N/A]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-04 1255736]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-08 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-11 202752]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-04 20:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=89.29.23.110
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B51F0D33-E95D-43B9-8EF3-3C111C5CF651}: NameServer = 62.129.50.20,85.135.32.100
FF - ProfilePath - c:\users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\qdpx8a0q.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Celkový čas: 2013-02-05 16:15:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-05 15:15
ComboFix2.txt 2013-02-04 19:30
.
Před spuštěním: Volných bajtů: 87 114 113 024
Po spuštění: Volných bajtů: 86 604 513 280
.
- - End Of File - - 845A87F89F854FB986439C0CFB8AEA4E
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po recovery asus x70a nic nefunguje
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?