Modrá smrt

Zpráva

karlospatmat · #106 Příspěvek od **karlospatmat** » 05 úno 2012 10:08

Bluetooth mi vubec nešlo - to původní a chtěl sem jej přeinstalovat, jenže mi nejde ta cd/dvd ram jak jsem poukazoval na začátku, ale zkusil jsem obsah instalačního cd skopírovat na flash disc a z toho udělat opravu instalace napřed to psalo nějakou chybu v ulžení, ale nakone se to povedlo.

Takže tam mám tu původní verzi co jsem měl, která způsobovala Bsod, ale verze ovladače je 2011, tak snad bude pokoj.

karlospatmat · #107 Příspěvek od **karlospatmat** » 05 úno 2012 10:40

ComboFix 12-02-05.02 - Martin 05.02.2012 10:15:05.4.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.2399 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-05 do 2012-02-05 )))))))))))))))))))))))))))))))
.
.
2012-02-04 23:40 . 2007-05-11 02:12 38160 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-02-04 23:40 . 2007-03-05 04:48 37648 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-02-04 23:40 . 2007-03-05 04:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-02-04 23:40 . 2007-03-05 04:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-02-04 23:40 . 2007-03-05 04:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-02-04 23:40 . 2007-03-05 04:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-02-04 23:40 . 2007-03-05 04:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-02-04 23:40 . 2007-03-05 04:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-02-04 23:40 . 2006-10-08 23:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-02-04 23:29 . 2012-02-04 23:33 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-02-04 22:15 . 2012-02-04 23:39 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-02-04 19:47 . 2012-02-04 19:47 -------- d-----w- c:\program files (x86)\Clear History
2012-02-04 10:01 . 2012-02-04 10:26 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-02-04 10:01 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-02-03 12:15 . 2012-02-03 12:15 -------- d-----w- c:\windows\SysWow64\ivtMobCache
2012-02-03 11:07 . 2012-02-04 17:37 -------- d-----w- C:\Uninstall
2012-02-03 10:08 . 2008-05-07 06:39 66560 ----a-w- c:\windows\system32\nmwcdclsx64.dll
2012-02-03 10:08 . 2008-08-28 11:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\program files (x86)\Nokia
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\program files\DIFX
2012-02-02 20:04 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2012-02-02 20:04 . 2012-02-02 20:04 -------- d-----w- c:\programdata\Installations
2012-02-02 16:42 . 2012-02-02 16:42 -------- d-----w- C:\$AVG
2012-02-02 16:32 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 16:32 . 2012-02-04 23:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 16:32 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-01 16:21 . 2011-10-17 14:55 559384 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-02-01 10:54 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-02-01 10:54 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-31 09:32 . 2012-01-31 09:32 -------- d-----w- c:\program files (x86)\JAM Software
2012-01-30 18:04 . 2012-02-02 23:42 -------- d-----w- c:\windows\system32\appmgmt
2012-01-30 13:10 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\ExpressFiles
2012-01-29 22:11 . 2012-01-29 22:11 -------- d-----w- c:\program files (x86)\Nová složka
2012-01-29 22:04 . 2012-01-30 18:27 -------- d-----w- c:\program files (x86)\Innovative Solutions
2012-01-29 21:40 . 2012-01-29 21:40 -------- d-----w- c:\programdata\Innovative Solutions
2012-01-29 21:28 . 2011-10-13 11:10 90112 ----a-w- c:\windows\system32\igfxCoIn_v2555.dll
2012-01-29 21:28 . 2011-10-13 10:30 208896 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-01-29 21:28 . 2011-10-13 10:30 206336 ----a-w- c:\windows\system32\iglhsip64.dll
2012-01-29 21:28 . 2011-10-13 10:30 188416 ----a-w- c:\windows\system32\iglhcp64.dll
2012-01-29 21:28 . 2011-10-13 10:30 147456 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-01-29 21:23 . 2011-07-27 09:28 42888 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-01-29 21:23 . 2007-05-09 01:00 16144 ----a-w- c:\windows\system32\btinstall.dll
2012-01-29 19:44 . 2012-01-29 19:44 -------- d-----w- c:\windows\system32\Macromed
2012-01-29 19:19 . 2012-01-29 19:45 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-29 18:28 . 2012-01-29 18:28 -------- d-----w- c:\programdata\ASUS
2012-01-29 10:21 . 2012-01-29 10:22 -------- d-----w- C:\MyBootCD
2012-01-28 23:56 . 2012-01-28 23:57 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-01-28 23:56 . 2012-01-29 00:01 -------- d-----w- c:\program files (x86)\Nero
2012-01-28 23:24 . 2012-01-28 23:24 -------- d-----w- c:\programdata\ashampoo
2012-01-28 23:24 . 2012-01-28 23:37 -------- d-----w- c:\program files (x86)\Ashampoo
2012-01-28 23:17 . 2012-01-30 18:30 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-01-28 22:39 . 2012-02-02 17:53 -------- d-----w- c:\program files\trend micro
2012-01-28 22:16 . 2012-01-28 22:16 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-28 17:23 . 2012-01-28 17:32 -------- d-----w- c:\program files (x86)\HWiNFO32
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\programdata\Symantec
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\windows\system32\drivers\NSSx64
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\program files (x86)\Norton Security Scan
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\programdata\Norton
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-01-27 20:46 . 2012-01-30 18:30 -------- d-----w- c:\programdata\McAfee Security Scan
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\programdata\McAfee
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-01-27 20:43 . 2012-01-27 20:43 -------- d-----w- c:\windows\SysWow64\Adobe
2012-01-27 16:20 . 2012-01-27 16:20 -------- d-----w- C:\NVIDIA
2012-01-27 15:39 . 2010-12-14 15:34 550512 ----a-w- c:\windows\system32\VIASysFx.dll
2012-01-27 15:39 . 2010-12-14 15:34 993392 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 86640 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 202864 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2012-01-27 15:39 . 2010-12-14 15:34 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe
2012-01-27 15:39 . 2010-12-14 15:34 1357424 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2012-01-27 15:39 . 2010-12-14 15:34 123504 ----a-w- c:\windows\system32\ViaKaraokeApo.dll
2012-01-27 15:39 . 2010-12-14 15:34 91760 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 116848 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 248944 ----a-w- c:\windows\system32\Dts2APO.dll
2012-01-27 15:39 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-01-27 15:39 . 2012-01-27 15:39 -------- d-----w- c:\program files\CPUID
2012-01-27 15:36 . 2012-01-27 15:37 -------- d-----w- c:\program files (x86)\audio
2012-01-27 15:21 . 2012-01-27 15:21 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2012-01-27 15:19 . 2012-01-30 18:30 -------- d-----w- c:\programdata\FLEXnet
2012-01-27 15:19 . 2010-06-30 11:02 52736 ----a-w- c:\windows\system32\drivers\btmcom.sys
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files\Motorola
2012-01-27 15:18 . 2010-07-28 16:52 476928 ----a-w- c:\windows\system32\drivers\btmusb.sys
2012-01-27 15:18 . 2010-07-15 11:22 323848 ----a-w- c:\windows\system32\btmcls.dll
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-27 15:08 . 2012-01-27 15:08 -------- d-----w- c:\program files (x86)\Driver-Soft
2012-01-25 20:31 . 2012-01-25 20:31 -------- d-----w- c:\program files (x86)\ESET
2012-01-25 16:07 . 2012-01-25 16:07 243 ----a-w- C:\user.js
2012-01-25 16:07 . 2012-01-25 16:07 -------- d-----w- c:\programdata\Babylon
2012-01-25 16:07 . 2012-01-25 16:07 -------- d-----w- c:\program files\Logon Screen
2012-01-22 20:25 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2012-01-22 20:24 . 2008-07-10 10:00 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-01-22 20:19 . 2011-11-02 22:08 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-22 20:19 . 2011-11-02 21:09 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-22 20:18 . 2012-01-22 20:21 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-22 13:31 . 2012-01-22 13:31 -------- d-----w- c:\program files (x86)\FastStone Image Viewer
2012-01-22 13:23 . 2012-01-22 13:23 -------- d-----w- c:\program files (x86)\Lamer
2012-01-22 13:14 . 2011-11-28 13:51 33872 ----a-w- c:\windows\system32\drivers\anvsnddrv.sys
2012-01-22 13:14 . 2011-11-28 13:51 235520 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2012-01-22 13:14 . 2011-11-28 13:51 632832 ----a-w- c:\windows\SysWow64\xvidcore.dll
2012-01-22 13:14 . 2011-11-28 13:51 143872 ----a-w- c:\windows\SysWow64\xvid.ax
2012-01-22 13:11 . 2012-01-22 13:27 -------- d-----w- c:\program files (x86)\AnvSoft
2012-01-22 13:09 . 2012-01-22 13:09 -------- d-----w- c:\program files (x86)\Conduit
2012-01-22 12:55 . 2012-01-22 12:55 -------- d-----w- c:\windows\system32\SPReview
2012-01-22 11:55 . 2012-01-22 11:55 -------- d-----w- c:\windows\system32\EventProviders
2012-01-22 11:52 . 2010-11-20 13:27 2086912 ----a-w- c:\windows\system32\ole32.dll
2012-01-22 11:51 . 2010-11-20 13:27 1246720 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2012-01-22 11:50 . 2010-11-20 13:27 1808384 ----a-w- c:\windows\system32\pnidui.dll
2012-01-22 11:49 . 2010-11-20 13:27 244224 ----a-w- c:\windows\system32\spp.dll
2012-01-22 11:48 . 2010-11-20 13:24 442368 ----a-w- c:\windows\system32\winspool.drv
2012-01-22 11:47 . 2010-11-20 13:28 166784 ----a-w- c:\windows\system32\basecsp.dll
2012-01-22 11:46 . 2010-11-20 13:27 172544 ----a-w- c:\windows\system32\twext.dll
2012-01-22 11:45 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll
2012-01-22 11:44 . 2010-11-20 13:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2012-01-22 11:44 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-01-22 11:44 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-01-22 11:44 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-01-22 11:44 . 2010-11-20 13:43 3584 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbflt.sys.mui
2012-01-22 11:44 . 2010-11-20 13:41 6656 ----a-w- c:\windows\system32\drivers\pl-PL\rdvgkmd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:38 4608 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbhub.sys.mui
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 19:30 . 2012-01-21 19:30 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2012-01-21 19:30 . 2012-01-21 19:30 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-12-06 14:55 . 2010-04-20 04:30 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-12-22 2870896]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-01-21 296056]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-4-20 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R4 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 135664]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-01-21 1564368]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-08 2123584]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-01-28 c:\windows\Tasks\Norton Security Scan for Martin.job
- c:\progra~2\NORTON~2\Engine\370~1.18\Nss.exe [2012-01-28 10:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-12-24 1736704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=100789&babsrc=adbartrp&mntrId=0cdd3cc500000000000000158330973c&q=
FF - prefs.js: network.proxy.http - 58.58.180.122
FF - prefs.js: network.proxy.type - 1
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100789
FF - user.js: extensions.BabylonToolbar_i.babExt - somoto
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.hardId - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15364
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:07
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb5
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-02-05 10:28:20
ComboFix-quarantined-files.txt 2012-02-05 09:28
.
Před spuštěním: Volných bajtů: 407 414 321 152
Po spuštění: Volných bajtů: 407 281 987 584
.
- - End Of File - - 22B3C132F1B21A383C54E48795495D2A

#108 Příspěvek od **Mc_Murphy** » 05 úno 2012 13:25

Odinstaluj MBAM nebo ho alespoň odeber z rezidentní ochrany a ze spouštění po startu systému, jinak Ti bude kolidovat s AVG.

Program TuneUp Utilities bych doporučil svižně odinstalovat. Pokud budeš jeho prostřednictvím něco v systému měnit, jsi na nejlepší cestě poškodit systém. Takové jsou naše zkušenosti.

Vidím tam složky ESET, Norton Security Scan a McAfee - nainstalované je ale AVG - k čemu to tam máš? Je to odinstalované? Měl bys to dát vše pryč.

Pokud jsi tak ještě neučinil, přesuň ComboFix na Plochu.

Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> [Enter]).
Zkopíruj do něj tento script:

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\Babylon
c:\program files (x86)\Conduit

File::
c:\windows\msdownld.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\Norton Security Scan for Martin.job

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"=-
"TkBellExe"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"TkBellExe"=-
"QuickTime Task"=-
"UpdateLBPShortCut"=-
"NBAgent"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-

DDS::
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe

Firefox::
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=100789&ba ... 330973c&q=
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100789
FF - user.js: extensions.BabylonToolbar_i.babExt - somoto
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.hardId - 0cdd3cc500000000000000158330973c
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15364
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1717:07
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb5
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - prefs.js: network.proxy.http - 58.58.180.122
FF - prefs.js: network.proxy.type - 1
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control]

Driver::
McComponentHostService
AdobeARMservice
gupdate
gupdatem
NAUpdate

ClearJavaCache::

Reboot::

Ulož vytvořený TXT jako CFScript.txt
Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.

Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.

karlospatmat · #109 Příspěvek od **karlospatmat** » 05 úno 2012 13:33

ten Eset jsem měl jen na test havěti byla to zkušební verze na daný test ani nevím že to tam je. Hned to odstraním. Akorád nevím jak vypnot ten štít u Malware.

chodnik74 · #110 Příspěvek od **chodnik74** » 05 úno 2012 13:44

Puste si Malwarebytes a v záložce Ochrana

#111 Příspěvek od **Mc_Murphy** » 05 úno 2012 13:46

A máš je tedy oba - ESET i McAfee odinstalovány? Jestli ne, tak odinstaluj.

MBAM - jak píše chodnik74.

karlospatmat · #112 Příspěvek od **karlospatmat** » 05 úno 2012 15:03

ComboFix 12-02-05.02 - Martin 05.02.2012 13:49:22.5.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.1953 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\msdownld.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Norton Security Scan for Martin.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\programdata\Babylon
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_McComponentHostService
-------\Service_NAUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-05 do 2012-02-05 )))))))))))))))))))))))))))))))
.
.
2012-02-05 12:58 . 2012-02-05 12:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-05 12:58 . 2012-02-05 12:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-04 23:40 . 2007-05-11 02:12 38160 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-02-04 23:40 . 2007-03-05 04:48 37648 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-02-04 23:40 . 2007-03-05 04:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-02-04 23:40 . 2007-03-05 04:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-02-04 23:40 . 2007-03-05 04:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-02-04 23:40 . 2007-03-05 04:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-02-04 23:40 . 2007-03-05 04:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-02-04 23:40 . 2007-03-05 04:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-02-04 23:40 . 2006-10-08 23:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-02-04 23:29 . 2012-02-04 23:33 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-02-04 22:15 . 2012-02-04 23:39 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-02-04 19:47 . 2012-02-04 19:47 -------- d-----w- c:\program files (x86)\Clear History
2012-02-04 10:01 . 2012-02-04 10:26 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-02-04 10:01 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-02-03 12:15 . 2012-02-03 12:15 -------- d-----w- c:\windows\SysWow64\ivtMobCache
2012-02-03 11:07 . 2012-02-04 17:37 -------- d-----w- C:\Uninstall
2012-02-03 10:08 . 2008-05-07 06:39 66560 ----a-w- c:\windows\system32\nmwcdclsx64.dll
2012-02-03 10:08 . 2008-08-28 11:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\program files (x86)\Nokia
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\program files\DIFX
2012-02-02 20:04 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2012-02-02 20:04 . 2012-02-02 20:04 -------- d-----w- c:\programdata\Installations
2012-02-02 16:42 . 2012-02-02 16:42 -------- d-----w- C:\$AVG
2012-02-02 16:32 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 16:32 . 2012-02-04 23:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 16:32 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-01 16:21 . 2011-10-17 14:55 559384 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-02-01 10:54 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-02-01 10:54 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-31 09:32 . 2012-01-31 09:32 -------- d-----w- c:\program files (x86)\JAM Software
2012-01-30 18:04 . 2012-02-02 23:42 -------- d-----w- c:\windows\system32\appmgmt
2012-01-30 13:10 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\ExpressFiles
2012-01-29 22:11 . 2012-01-29 22:11 -------- d-----w- c:\program files (x86)\Nová složka
2012-01-29 22:04 . 2012-01-30 18:27 -------- d-----w- c:\program files (x86)\Innovative Solutions
2012-01-29 21:40 . 2012-01-29 21:40 -------- d-----w- c:\programdata\Innovative Solutions
2012-01-29 21:28 . 2011-10-13 11:10 90112 ----a-w- c:\windows\system32\igfxCoIn_v2555.dll
2012-01-29 21:28 . 2011-10-13 10:30 208896 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-01-29 21:28 . 2011-10-13 10:30 206336 ----a-w- c:\windows\system32\iglhsip64.dll
2012-01-29 21:28 . 2011-10-13 10:30 188416 ----a-w- c:\windows\system32\iglhcp64.dll
2012-01-29 21:28 . 2011-10-13 10:30 147456 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-01-29 21:23 . 2011-07-27 09:28 42888 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-01-29 21:23 . 2007-05-09 01:00 16144 ----a-w- c:\windows\system32\btinstall.dll
2012-01-29 19:44 . 2012-01-29 19:44 -------- d-----w- c:\windows\system32\Macromed
2012-01-29 19:19 . 2012-01-29 19:45 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-29 18:28 . 2012-01-29 18:28 -------- d-----w- c:\programdata\ASUS
2012-01-29 10:21 . 2012-01-29 10:22 -------- d-----w- C:\MyBootCD
2012-01-28 23:56 . 2012-01-28 23:57 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-01-28 23:56 . 2012-01-29 00:01 -------- d-----w- c:\program files (x86)\Nero
2012-01-28 23:24 . 2012-01-28 23:24 -------- d-----w- c:\programdata\ashampoo
2012-01-28 23:24 . 2012-01-28 23:37 -------- d-----w- c:\program files (x86)\Ashampoo
2012-01-28 23:17 . 2012-01-30 18:30 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-01-28 22:39 . 2012-02-02 17:53 -------- d-----w- c:\program files\trend micro
2012-01-28 22:16 . 2012-01-28 22:16 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-28 17:23 . 2012-01-28 17:32 -------- d-----w- c:\program files (x86)\HWiNFO32
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\programdata\Symantec
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\windows\system32\drivers\NSSx64
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\program files (x86)\Norton Security Scan
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\programdata\Norton
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-01-27 20:46 . 2012-01-30 18:30 -------- d-----w- c:\programdata\McAfee Security Scan
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\programdata\McAfee
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-01-27 20:43 . 2012-01-27 20:43 -------- d-----w- c:\windows\SysWow64\Adobe
2012-01-27 16:20 . 2012-01-27 16:20 -------- d-----w- C:\NVIDIA
2012-01-27 15:39 . 2010-12-14 15:34 550512 ----a-w- c:\windows\system32\VIASysFx.dll
2012-01-27 15:39 . 2010-12-14 15:34 993392 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 86640 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 202864 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2012-01-27 15:39 . 2010-12-14 15:34 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe
2012-01-27 15:39 . 2010-12-14 15:34 1357424 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2012-01-27 15:39 . 2010-12-14 15:34 123504 ----a-w- c:\windows\system32\ViaKaraokeApo.dll
2012-01-27 15:39 . 2010-12-14 15:34 91760 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 116848 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 248944 ----a-w- c:\windows\system32\Dts2APO.dll
2012-01-27 15:39 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-01-27 15:39 . 2012-01-27 15:39 -------- d-----w- c:\program files\CPUID
2012-01-27 15:36 . 2012-01-27 15:37 -------- d-----w- c:\program files (x86)\audio
2012-01-27 15:21 . 2012-01-27 15:21 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2012-01-27 15:19 . 2012-01-30 18:30 -------- d-----w- c:\programdata\FLEXnet
2012-01-27 15:19 . 2010-06-30 11:02 52736 ----a-w- c:\windows\system32\drivers\btmcom.sys
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files\Motorola
2012-01-27 15:18 . 2010-07-28 16:52 476928 ----a-w- c:\windows\system32\drivers\btmusb.sys
2012-01-27 15:18 . 2010-07-15 11:22 323848 ----a-w- c:\windows\system32\btmcls.dll
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-27 15:08 . 2012-01-27 15:08 -------- d-----w- c:\program files (x86)\Driver-Soft
2012-01-25 16:07 . 2012-01-25 16:07 243 ----a-w- C:\user.js
2012-01-25 16:07 . 2012-01-25 16:07 -------- d-----w- c:\program files\Logon Screen
2012-01-22 20:25 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2012-01-22 20:24 . 2008-07-10 10:00 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-01-22 20:19 . 2011-11-02 22:08 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-22 20:19 . 2011-11-02 21:09 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-22 20:18 . 2012-01-22 20:21 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-22 13:31 . 2012-01-22 13:31 -------- d-----w- c:\program files (x86)\FastStone Image Viewer
2012-01-22 13:23 . 2012-01-22 13:23 -------- d-----w- c:\program files (x86)\Lamer
2012-01-22 13:14 . 2011-11-28 13:51 33872 ----a-w- c:\windows\system32\drivers\anvsnddrv.sys
2012-01-22 13:14 . 2011-11-28 13:51 235520 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2012-01-22 13:14 . 2011-11-28 13:51 632832 ----a-w- c:\windows\SysWow64\xvidcore.dll
2012-01-22 13:14 . 2011-11-28 13:51 143872 ----a-w- c:\windows\SysWow64\xvid.ax
2012-01-22 13:11 . 2012-01-22 13:27 -------- d-----w- c:\program files (x86)\AnvSoft
2012-01-22 12:55 . 2012-01-22 12:55 -------- d-----w- c:\windows\system32\SPReview
2012-01-22 11:55 . 2012-01-22 11:55 -------- d-----w- c:\windows\system32\EventProviders
2012-01-22 11:52 . 2010-11-20 13:27 2086912 ----a-w- c:\windows\system32\ole32.dll
2012-01-22 11:51 . 2010-11-20 13:27 1246720 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2012-01-22 11:50 . 2010-11-20 13:27 1808384 ----a-w- c:\windows\system32\pnidui.dll
2012-01-22 11:49 . 2010-11-20 13:27 244224 ----a-w- c:\windows\system32\spp.dll
2012-01-22 11:48 . 2010-11-20 13:24 442368 ----a-w- c:\windows\system32\winspool.drv
2012-01-22 11:47 . 2010-11-20 13:28 166784 ----a-w- c:\windows\system32\basecsp.dll
2012-01-22 11:46 . 2010-11-20 13:27 172544 ----a-w- c:\windows\system32\twext.dll
2012-01-22 11:45 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll
2012-01-22 11:44 . 2010-11-20 13:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2012-01-22 11:44 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-01-22 11:44 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-01-22 11:44 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-01-22 11:44 . 2010-11-20 13:43 3584 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbflt.sys.mui
2012-01-22 11:44 . 2010-11-20 13:41 6656 ----a-w- c:\windows\system32\drivers\pl-PL\rdvgkmd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:38 4608 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbhub.sys.mui
2012-01-22 11:44 . 2010-11-20 13:45 2560 ----a-w- c:\windows\system32\drivers\pl-PL\rdpwd.sys.mui
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 19:30 . 2012-01-21 19:30 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2012-01-21 19:30 . 2012-01-21 19:30 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-12-06 14:55 . 2010-04-20 04:30 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-05_09.24.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-02-05 13:03 54076 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-21 17:26 . 2012-02-05 13:03 11282 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2228829363-2496496693-1347899441-1001_UserData.bin
+ 2012-02-05 13:00 . 2012-02-05 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-05 08:41 . 2012-02-05 08:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-05 08:41 . 2012-02-05 08:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-05 13:00 . 2012-02-05 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-02-05 00:39 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-05 12:59 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-05 10:09 . 2012-02-05 10:09 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
- 2012-01-21 19:08 . 2012-01-21 19:08 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
+ 2012-01-21 22:46 . 2012-02-05 12:59 4206788 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2228829363-2496496693-1347899441-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-12-22 2870896]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-4-20 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-01-21 1564368]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-08 2123584]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-01-28 c:\windows\Tasks\Norton Security Scan for Martin.job
- c:\progra~2\NORTON~2\Engine\370~1.18\Nss.exe [2012-01-28 10:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-12-24 1736704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"combofix"="c:\combofix\CF21856.3XE" [2010-11-20 345088]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete\Command]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\TuneUp Utilities 2012\\Undelete.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension]
@DACL=(02 0000)
@="{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\LightweightCallHandlers\PNIDUI\OnPrivateNetworkAvailable\WMP_OnPrivateNetworkAvailable]
@DACL=(02 0000)
"ExeName"=expand:"\"%programFiles%\\Windows Media Player\\wmpnscfg.exe\""
"Cardinality"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\Uninstalled\ROOT_*ISATAP_0001\Ndi]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{13D0658B-6A17-4953-B0DA-1AE9539E9C60}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000009
"Name"="Teredo Tunneling Pseudo-Interface"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{2CAA64ED-BAA3-4473-B637-DEC65A14C8AA}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000008
"Name"="Připojení k místní síti* 8"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{30B65BB3-9BAE-4EE3-A0BC-E413C87BF468}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000003
"Name"="Připojení k místní síti* 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070e
"DefaultNameIndex"=dword:00000000
"Name"="Bezdrátové připojení k síti"
"PnpInstanceID"="PCI\\VEN_168C&DEV_002B&SUBSYS_10891A3B&REV_01\\001517FFFF24141200"
"MediaSubType"=dword:00000002
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{43958D57-1C7B-4A7A-BBD7-9FFF6CF46BDD}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000002
"Name"="Připojení k místní síti* 2"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{5BF54C7E-91DA-457D-80BF-333677D7E316}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000007
"Name"="Připojení k místní síti* 7"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{5EAA5506-177E-4700-90D2-11AC0109F05E}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000c
"Name"="isatap.{691BB14B-14BB-40C6-85DA-D4B97CBD56F1}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{636D6038-0200-4937-A55F-2EB1FC74F75D}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070e
"DefaultNameIndex"=dword:00000002
"Name"="Bezdrátové připojení k síti 2"
"PnpInstanceID"="{5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\\VWIFIMP\\5&4240F00&0&01"
"MediaSubType"=dword:00000002
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{71F897D7-EB7C-4D8D-89DB-AC80D9DD2270}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000000
"Name"="Připojení k místní síti*"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{78032B7E-4968-42D3-9F37-287EA86C0AAA}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000a
"Name"="Připojení k místní síti* 10"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{7BAC7853-28B4-4BEE-8AE2-6EF5348FDD78}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000009
"Name"="Připojení k místní síti* 9"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{7CFB3A70-C84F-4431-BF87-1901F690909F}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070b
"DefaultNameIndex"=dword:00000000
"Name"="Připojení k místní síti"
"PnpInstanceID"="PCI\\VEN_1969&DEV_1026&SUBSYS_14F51043&REV_B0\\FF4F5729485B39FF00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{8E301A52-AFFA-4F49-B9CA-C79096A1A056}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000005
"Name"="Připojení k místní síti* 5"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{905AEDC1-6655-4327-9977-AFD92CF3AC9D}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000710
"DefaultNameIndex"=dword:00000000
"Name"="Síťové připojení Bluetooth"
"PnpInstanceID"="BTH\\MS_BTHPAN\\6&1DDDDB23&0&2"
"MediaSubType"=dword:00000007
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{9A399D81-2EAD-4F23-BCDD-637FC13DCD51}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000006
"Name"="Připojení k místní síti* 6"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{9A3F3801-F707-4036-A40F-8208AE961F76}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000c
"Name"="isatap.{7CFB3A70-C84F-4431-BF87-1901F690909F}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{B78AE537-569D-4644-9EE3-920C330A2F01}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000c
"Name"="isatap.{636D6038-0200-4937-A55F-2EB1FC74F75D}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{CF84B042-48BA-48FE-A11B-51023545709B}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070a
"DefaultNameIndex"=dword:00000002
"Name"="Připojení k místní síti 2"
"PnpInstanceID"="ROOT\\NET\\0000"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{D97C2A3A-9593-46CB-8AEE-ADDFBE884477}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000009
"Name"="isatap.Home"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{DF4A9D2C-8742-4EB1-8703-D395C4183F33}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000004
"Name"="Připojení k místní síti* 4"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E43D242B-9EAB-4626-A952-46649FBB939A}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000b
"Name"="Připojení k místní síti* 11"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e973-e325-11ce-bfc1-08002be10318}\{821D3398-F04E-471E-8D8C-27EE3F5EB428}]
@DACL=(02 0000)
"Characteristics"=dword:00000080
"InfPath"="netmscli.inf"
"InfSection"="MSClient.ndi"
"LocDescription"="@netmscli.inf,%msclient_desc%;Client for Microsoft Networks"
"Description"="Client for Microsoft Networks"
"ComponentId"="ms_msclient"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,1f,00,bb,01
"PrintProviderName"="LanMan Print Services"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{0EFE03B2-EA87-44C1-B825-9BBEA54F37B4}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrass.inf"
"InfSection"="Ndi-Steelhead"
"LocDescription"="@netrass.inf,%steelhead-dispname%;Steelhead"
"Description"="Steelhead"
"ComponentId"="ms_steelhead"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2d,00,d2,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{56494156-6C00-4B77-90D7-A4A435088232}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netnb.inf"
"InfSection"="NetBIOS.ndi"
"LocDescription"="@netnb.inf,%netbios_desc%;NetBIOS Interface"
"Description"="NetBIOS Interface"
"ComponentId"="MS_NETBIOS"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,1e,00,01,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{5CBF81BF-5055-47CD-9055-A76B2B4E3698}]
@DACL=(02 0000)
"Characteristics"=dword:00040028
"InfPath"="netvwififlt.inf"
"InfSection"="Install"
"LocDescription"="@netvwififlt.inf,%vwififlt_desc%;Virtual WiFi Filter Driver"
"Description"="Virtual WiFi Filter Driver"
"ComponentId"="ms_vwifi"
"InstallTimeStamp"=hex:d9,07,07,00,03,00,1d,00,05,00,06,00,27,00,8e,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{6B7E8FF8-E9A2-46EB-A4EA-42CCA2D43C96}]
@DACL=(02 0000)
"Characteristics"=dword:00000000
"InfPath"="netserv.inf"
"InfSection"="Install.ndi"
"LocDescription"="@netserv.inf,%msserver_desc%;File and Printer Sharing for Microsoft Networks"
"Description"="File and Printer Sharing for Microsoft Networks"
"ComponentId"="ms_server"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,20,00,e8,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{B5F4D659-7DAA-4565-8E41-BE220ED60542}]
@DACL=(02 0000)
"Characteristics"=dword:00040000
"InfPath"="netpacer.inf"
"InfSection"="Install"
"LocDescription"="@netpacer.inf,%psched_desc%;QoS Packet Scheduler"
"Description"="QoS Packet Scheduler"
"ComponentId"="ms_pacer"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,39,00,9a,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{B70D6460-3635-4D42-B866-B8AB1A24454C}]
@DACL=(02 0000)
"Characteristics"=dword:00040028
"InfPath"="wfplwf.inf"
"InfSection"="Install"
"LocDescription"="@wfplwf.inf,%wfplwf_desc%;WFP Lightweight Filter"
"Description"="WFP Lightweight Filter"
"ComponentId"="MS_WfpLwf"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,30,00,47,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C9548B78-5743-4E64-9BA1-CD4D974A329F}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netrass.inf"
"InfSection"="Ndi-RasSrv"
"LocDescription"="@netrass.inf,%rassrv-dispname%;Dial-Up Server"
"Description"="Dial-Up Server"
"ComponentId"="ms_rassrv"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2d,00,84,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{E475CF9A-60CD-4439-A75F-0079CE0E18A1}]
@DACL=(02 0000)
"Characteristics"=dword:00040028
"InfPath"="netnwifi.inf"
"InfSection"="MS_NWIFI.Install"
"LocDescription"="@netnwifi.inf,%ms_nwifi.displayname%;NativeWiFi Filter"
"Description"="NativeWiFi Filter"
"ComponentId"="MS_NativeWifiP"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,37,00,02,00,58,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{EA24CD6C-D17A-4348-9190-09F0D5BE83DD}]
@DACL=(02 0000)
"Characteristics"=dword:00040038
"InfPath"="ndiscap.inf"
"InfSection"="Install"
"LocDescription"="@ndiscap.inf,%ndiscap_desc%;NDIS Capture LightWeight Filter"
"Description"="NDIS Capture LightWeight Filter"
"ComponentId"="MS_NDISCAP"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,36,00,26,00,f2,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{F5658C39-CD0D-45B5-A342-E2C037714CE4}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrass.inf"
"InfSection"="Ndi-RasMan"
"LocDescription"="@netrass.inf,%rasman-dispname%;Remote Access Connection Manager"
"Description"="Remote Access Connection Manager"
"ComponentId"="ms_rasman"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1e,00,f3,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{FDDDF6A6-9B8C-4545-BFAF-4ADD56257B8B}]
@DACL=(02 0000)
"Characteristics"=dword:00040000
"InfPath"="oem12.inf"
"InfSection"="Avgfwfd.ndi.NTamd64"
"LocDescription"="@oem12.inf,%avgfwfd_desc%;AVG network filter driver"
"Description"="AVG network filter driver"
"ComponentId"="gr_avgfwfd"
"InstallTimeStamp"=hex:dc,07,01,00,06,00,15,00,12,00,01,00,15,00,4e,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{12F2EEA2-EE86-4933-8C0B-346E5E57F332}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-PppoeProtocol"
"LocDescription"="@netrast.inf,%pppoe-dispname%;Point to Point Protocol Over Ethernet"
"Description"="Point to Point Protocol Over Ethernet"
"ComponentId"="ms_pppoe"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,20,00,fd,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{234991D1-04CC-47F5-A4A9-29808D68765F}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="nettcpip.inf"
"InfSection"="MS_WINS.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_wins.displayname%;WINS Client(TCP/IP) Protocol"
"Description"="WINS Client(TCP/IP) Protocol"
"ComponentId"="ms_netbt"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,14,00,dc,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{24AB3BC7-8C0C-4389-A4D4-8B8FD6ADEA7A}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netrast.inf"
"InfSection"="Ndi-PptpProtocol"
"LocDescription"="@netrast.inf,%pptp-dispname%;Point to Point Tunneling Protocol"
"Description"="Point to Point Tunneling Protocol"
"ComponentId"="ms_pptp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1f,00,ba,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{27EE12EA-A6B3-4E15-AF2B-D4B9D989EDFB}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="nettcpip.inf"
"InfSection"="MS_TCPIP.Tunnel.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_tcpip.tunnel.displayname%;Internet Protocol (TCP/IP) - Tunnels"
"Description"="Internet Protocol (TCP/IP) - Tunnels"
"ComponentId"="ms_tcpip_tunnel"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,36,00,28,00,34,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netip6.inf"
"InfSection"="MS_TCPIP6.Tunnel.Install"
"LocDescription"="@netip6.inf,%ms_tcpip6.tunnel.displayname%;Microsoft TCP/IP version 6 - Tunnels"
"Description"="Microsoft TCP/IP version 6 - Tunnels"
"ComponentId"="ms_tcpip6_tunnel"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,36,00,28,00,dc,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B4683A7-F97E-478E-BBD6-34EDF0D9DEA8}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="nettcpip.inf"
"InfSection"="MS_NETBT_SMB.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_netbt_smb.displayname%;Message-oriented TCP/IP Protocol (SMB session)"
"Description"="Message-oriented TCP/IP Protocol (SMB session)"
"ComponentId"="ms_netbt_smb"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,14,00,2a,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2BE5AF45-DD00-422F-8484-8370DD108A53}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="ndisuio.inf"
"InfSection"="Install"
"LocDescription"="@ndisuio.inf,%ndisuio_desc%;NDIS Usermode I/O Protocol"
"Description"="NDIS Usermode I/O Protocol"
"ComponentId"="ms_ndisuio"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,17,00,98,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2FF8F288-20AD-41F8-A181-321D0659CA4D}]
@DACL=(02 0000)
"Characteristics"=dword:00000000
"InfPath"="rspndr.inf"
"InfSection"="Install"
"LocDescription"="@rspndr.inf,%displayname%;Link-Layer Topology Discovery Responder"
"Description"="Link-Layer Topology Discovery Responder"
"ComponentId"="MS_RSPNDR"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2b,00,2a,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{32345029-1B7D-43AF-B504-E71E5660B2F0}]
@DACL=(02 0000)
"Characteristics"=dword:000000a0
"InfPath"="netip6.inf"
"InfSection"="MS_TCPIP6.Install"
"LocDescription"="@netip6.inf,%ms_tcpip6.displayname%;Internet Protocol Version 6 (TCP/IPv6)"
"Description"="Internet Protocol Version 6 (TCP/IPv6)"
"ComponentId"="ms_tcpip6"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,13,00,c1,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{5D9F4D1D-F5B3-48BA-85AD-9B44176DD0C8}]
@DACL=(02 0000)
"Characteristics"=dword:000000a0
"InfPath"="nettcpip.inf"
"InfSection"="MS_TCPIP.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_tcpip.displayname%;Internet Protocol Version 4 (TCP/IPv4)"
"Description"="Internet Protocol Version 4 (TCP/IPv4)"
"ComponentId"="ms_tcpip"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,13,00,de,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{633F880E-FFD2-484F-A4CA-EB724F8BC057}]
@DACL=(02 0000)
"Characteristics"=dword:00000000
"InfPath"="lltdio.inf"
"InfSection"="Install"
"LocDescription"="@lltdio.inf,%displayname%;Link-Layer Topology Discovery Mapper I/O Driver"
"Description"="Link-Layer Topology Discovery Mapper I/O Driver"
"ComponentId"="MS_LLTDIO"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2b,00,3c,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{69E184C5-2F7C-45D0-8C56-85097BA63C11}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-NdisWan"
"LocDescription"="@netrast.inf,%ndiswan-dispname%;Remote Access NDIS WAN Driver"
"Description"="Remote Access NDIS WAN Driver"
"ComponentId"="ms_ndiswan"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1e,00,a5,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6D9E377D-E19D-47CF-BE5F-D2DA5F99318A}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netsstpt.inf"
"InfSection"="Ndi-SstpProtocol"
"LocDescription"="@netsstpt.inf,%sstp-dispname%;SSTP based VPN"
"Description"="SSTP based VPN"
"ComponentId"="ms_sstp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1b,00,59,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{7D857581-4BD0-44AB-B87C-921422A69D39}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-Wanarp"
"LocDescription"="@netrast.inf,%wanarp-dispname%;Remote Access IP ARP Driver"
"Description"="Remote Access IP ARP Driver"
"ComponentId"="MS_wanarp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,15,00,6d,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{92356401-DAAE-49DA-8D29-5B023CCF4CD9}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="nettcpip.inf"
"InfSection"="MS_SMB.Install"
"LocDescription"="@nettcpip.inf,%ms_smb.displayname%;Microsoft NetbiosSmb"
"Description"="Microsoft NetbiosSmb"
"ComponentId"="MS_SMB"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,38,00,86,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{E7AC61F5-4BFE-4254-8889-98A990D174D5}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netrast.inf"
"InfSection"="Ndi-L2tpProtocol"
"LocDescription"="@netrast.inf,%l2tp-dispname%;Layer 2 Tunneling Protocol"
"Description"="Layer 2 Tunneling Protocol"
"ComponentId"="ms_l2tp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1e,00,41,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F27D2AC4-396D-442D-9FD8-05AEF1E98AAB}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-Wanarpv6"
"LocDescription"="@netrast.inf,%wanarpv6-dispname%;Remote Access IPv6 ARP Driver"
"Description"="Remote Access IPv6 ARP Driver"
"ComponentId"="MS_wanarpv6"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,21,00,cf,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F3466C37-54F0-4F42-BD00-818377567D04}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netavpnt.inf"
"InfSection"="Ndi-AgileVpnProtocol"
"LocDescription"="@netavpnt.inf,%agilevpn-dispname%;AgileVpn based VPN"
"Description"="AgileVpn based VPN"
"ComponentId"="ms_agilevpn"
"InstallTimeStamp"=hex:dc,07,01,00,00,00,16,00,10,00,37,00,2a,00,b1,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\ReadyBoot\{2a274310-42d5-4019-b816-e4b8c7abe95c}]
@DACL=(02 0000)
"Enabled"=dword:00000001
"EnableFlags"=dword:00000020
"Status"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\ReadyBoot\{a319d300-015c-48be-acdb-47746e154751}]
@DACL=(02 0000)
"Enabled"=dword:00000001
"Status"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ExpressFiles\EFupdater.exe
c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
.
**************************************************************************
.
Celkový čas: 2012-02-05 14:08:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-05 13:08
ComboFix2.txt 2012-02-05 09:28
.
Před spuštěním: Volných bajtů: 407 433 928 704
Po spuštění: Volných bajtů: 407 161 667 584
.
- - End Of File - - DD28772CA464DF2394B8C081D2E3E6ED

karlospatmat · #113 Příspěvek od **karlospatmat** » 05 úno 2012 15:04

ComboFix 12-02-05.02 - Martin 05.02.2012 13:49:22.5.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4061.1953 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\msdownld.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Norton Security Scan for Martin.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Conduit
c:\program files (x86)\Conduit\Community Alerts\Alert.dll
c:\programdata\Babylon
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_McComponentHostService
-------\Service_NAUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-05 do 2012-02-05 )))))))))))))))))))))))))))))))
.
.
2012-02-05 12:58 . 2012-02-05 12:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-05 12:58 . 2012-02-05 12:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-02-04 23:40 . 2007-05-11 02:12 38160 ----a-w- c:\windows\system32\drivers\blueletaudio.sys
2012-02-04 23:40 . 2007-03-05 04:48 37648 ----a-w- c:\windows\system32\drivers\BlueletSCOAudio.sys
2012-02-04 23:40 . 2007-03-05 04:47 25360 ----a-w- c:\windows\system32\drivers\BtNetDrv.sys
2012-02-04 23:40 . 2007-03-05 04:44 23184 ----a-w- c:\windows\system32\drivers\VHIDMini.sys
2012-02-04 23:40 . 2007-03-05 04:42 49680 ----a-w- c:\windows\system32\drivers\BTHidMgr.sys
2012-02-04 23:40 . 2007-03-05 04:41 24976 ----a-w- c:\windows\system32\drivers\VBTEnum.sys
2012-02-04 23:40 . 2007-03-05 04:39 63248 ----a-w- c:\windows\system32\drivers\VcommMgr.sys
2012-02-04 23:40 . 2007-03-05 04:38 47120 ----a-w- c:\windows\system32\drivers\VComm.sys
2012-02-04 23:40 . 2006-10-08 23:29 32832 ----a-w- c:\windows\system32\drivers\BTNetFilter.sys
2012-02-04 23:29 . 2012-02-04 23:33 -------- d-----w- c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-02-04 22:15 . 2012-02-04 23:39 -------- d-----w- c:\program files (x86)\IVT Corporation
2012-02-04 19:47 . 2012-02-04 19:47 -------- d-----w- c:\program files (x86)\Clear History
2012-02-04 10:01 . 2012-02-04 10:26 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-02-04 10:01 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-02-03 12:15 . 2012-02-03 12:15 -------- d-----w- c:\windows\SysWow64\ivtMobCache
2012-02-03 11:07 . 2012-02-04 17:37 -------- d-----w- C:\Uninstall
2012-02-03 10:08 . 2008-05-07 06:39 66560 ----a-w- c:\windows\system32\nmwcdclsx64.dll
2012-02-03 10:08 . 2008-08-28 11:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\program files (x86)\Nokia
2012-02-02 20:05 . 2012-02-02 20:05 -------- d-----w- c:\program files\DIFX
2012-02-02 20:04 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2012-02-02 20:04 . 2012-02-02 20:04 -------- d-----w- c:\programdata\Installations
2012-02-02 16:42 . 2012-02-02 16:42 -------- d-----w- C:\$AVG
2012-02-02 16:32 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2012-02-02 16:32 . 2012-02-02 16:32 -------- d-----w- c:\programdata\Malwarebytes
2012-02-02 16:32 . 2012-02-04 23:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-02-02 16:32 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-01 16:21 . 2011-10-17 14:55 559384 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-02-01 10:54 . 2012-02-01 10:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-02-01 10:54 . 2012-02-01 10:54 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-01-31 09:32 . 2012-01-31 09:32 -------- d-----w- c:\program files (x86)\JAM Software
2012-01-30 18:04 . 2012-02-02 23:42 -------- d-----w- c:\windows\system32\appmgmt
2012-01-30 13:10 . 2012-02-04 17:37 -------- d-----w- c:\program files (x86)\ExpressFiles
2012-01-29 22:11 . 2012-01-29 22:11 -------- d-----w- c:\program files (x86)\Nová složka
2012-01-29 22:04 . 2012-01-30 18:27 -------- d-----w- c:\program files (x86)\Innovative Solutions
2012-01-29 21:40 . 2012-01-29 21:40 -------- d-----w- c:\programdata\Innovative Solutions
2012-01-29 21:28 . 2011-10-13 11:10 90112 ----a-w- c:\windows\system32\igfxCoIn_v2555.dll
2012-01-29 21:28 . 2011-10-13 10:30 208896 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2012-01-29 21:28 . 2011-10-13 10:30 206336 ----a-w- c:\windows\system32\iglhsip64.dll
2012-01-29 21:28 . 2011-10-13 10:30 188416 ----a-w- c:\windows\system32\iglhcp64.dll
2012-01-29 21:28 . 2011-10-13 10:30 147456 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2012-01-29 21:23 . 2011-07-27 09:28 42888 ----a-w- c:\windows\system32\drivers\btcusb.sys
2012-01-29 21:23 . 2007-05-09 01:00 16144 ----a-w- c:\windows\system32\btinstall.dll
2012-01-29 19:44 . 2012-01-29 19:44 -------- d-----w- c:\windows\system32\Macromed
2012-01-29 19:19 . 2012-01-29 19:45 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-29 18:28 . 2012-01-29 18:28 -------- d-----w- c:\programdata\ASUS
2012-01-29 10:21 . 2012-01-29 10:22 -------- d-----w- C:\MyBootCD
2012-01-28 23:56 . 2012-01-28 23:57 -------- d-----w- c:\program files (x86)\Common Files\Nero
2012-01-28 23:56 . 2012-01-29 00:01 -------- d-----w- c:\program files (x86)\Nero
2012-01-28 23:24 . 2012-01-28 23:24 -------- d-----w- c:\programdata\ashampoo
2012-01-28 23:24 . 2012-01-28 23:37 -------- d-----w- c:\program files (x86)\Ashampoo
2012-01-28 23:17 . 2012-01-30 18:30 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-01-28 22:39 . 2012-02-02 17:53 -------- d-----w- c:\program files\trend micro
2012-01-28 22:16 . 2012-01-28 22:16 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2012-01-28 17:26 . 2012-01-28 17:26 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2012-01-28 17:23 . 2012-01-28 17:32 -------- d-----w- c:\program files (x86)\HWiNFO32
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\programdata\Symantec
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\windows\system32\drivers\NSSx64
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\program files (x86)\Norton Security Scan
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\programdata\Norton
2012-01-28 07:56 . 2012-01-28 07:56 -------- d-----w- c:\program files (x86)\NortonInstaller
2012-01-27 20:46 . 2012-01-30 18:30 -------- d-----w- c:\programdata\McAfee Security Scan
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\programdata\McAfee
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2012-01-27 20:46 . 2012-01-27 20:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-01-27 20:43 . 2012-01-27 20:43 -------- d-----w- c:\windows\SysWow64\Adobe
2012-01-27 16:20 . 2012-01-27 16:20 -------- d-----w- C:\NVIDIA
2012-01-27 15:39 . 2010-12-14 15:34 550512 ----a-w- c:\windows\system32\VIASysFx.dll
2012-01-27 15:39 . 2010-12-14 15:34 993392 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 86640 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 202864 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2012-01-27 15:39 . 2010-12-14 15:34 27760 ----a-w- c:\windows\system32\ViakaraokeSrv.exe
2012-01-27 15:39 . 2010-12-14 15:34 1357424 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2012-01-27 15:39 . 2010-12-14 15:34 123504 ----a-w- c:\windows\system32\ViaKaraokeApo.dll
2012-01-27 15:39 . 2010-12-14 15:34 91760 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 116848 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll
2012-01-27 15:39 . 2010-12-14 15:34 248944 ----a-w- c:\windows\system32\Dts2APO.dll
2012-01-27 15:39 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2012-01-27 15:39 . 2012-01-27 15:39 -------- d-----w- c:\program files\CPUID
2012-01-27 15:36 . 2012-01-27 15:37 -------- d-----w- c:\program files (x86)\audio
2012-01-27 15:21 . 2012-01-27 15:21 -------- d-----w- c:\windows\SysWow64\Atheros_L1e
2012-01-27 15:19 . 2012-01-30 18:30 -------- d-----w- c:\programdata\FLEXnet
2012-01-27 15:19 . 2010-06-30 11:02 52736 ----a-w- c:\windows\system32\drivers\btmcom.sys
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files\Motorola
2012-01-27 15:18 . 2010-07-28 16:52 476928 ----a-w- c:\windows\system32\drivers\btmusb.sys
2012-01-27 15:18 . 2010-07-15 11:22 323848 ----a-w- c:\windows\system32\btmcls.dll
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-01-27 15:18 . 2012-01-30 18:30 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-01-27 15:08 . 2012-01-27 15:08 -------- d-----w- c:\program files (x86)\Driver-Soft
2012-01-25 16:07 . 2012-01-25 16:07 243 ----a-w- C:\user.js
2012-01-25 16:07 . 2012-01-25 16:07 -------- d-----w- c:\program files\Logon Screen
2012-01-22 20:25 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2012-01-22 20:24 . 2008-07-10 10:00 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-01-22 20:19 . 2011-11-02 22:08 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-22 20:19 . 2011-11-02 21:09 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-22 20:18 . 2012-01-22 20:21 -------- d--h--w- c:\windows\msdownld.tmp
2012-01-22 13:31 . 2012-01-22 13:31 -------- d-----w- c:\program files (x86)\FastStone Image Viewer
2012-01-22 13:23 . 2012-01-22 13:23 -------- d-----w- c:\program files (x86)\Lamer
2012-01-22 13:14 . 2011-11-28 13:51 33872 ----a-w- c:\windows\system32\drivers\anvsnddrv.sys
2012-01-22 13:14 . 2011-11-28 13:51 235520 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2012-01-22 13:14 . 2011-11-28 13:51 632832 ----a-w- c:\windows\SysWow64\xvidcore.dll
2012-01-22 13:14 . 2011-11-28 13:51 143872 ----a-w- c:\windows\SysWow64\xvid.ax
2012-01-22 13:11 . 2012-01-22 13:27 -------- d-----w- c:\program files (x86)\AnvSoft
2012-01-22 12:55 . 2012-01-22 12:55 -------- d-----w- c:\windows\system32\SPReview
2012-01-22 11:55 . 2012-01-22 11:55 -------- d-----w- c:\windows\system32\EventProviders
2012-01-22 11:52 . 2010-11-20 13:27 2086912 ----a-w- c:\windows\system32\ole32.dll
2012-01-22 11:51 . 2010-11-20 13:27 1246720 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2012-01-22 11:50 . 2010-11-20 13:27 1808384 ----a-w- c:\windows\system32\pnidui.dll
2012-01-22 11:49 . 2010-11-20 13:27 244224 ----a-w- c:\windows\system32\spp.dll
2012-01-22 11:48 . 2010-11-20 13:24 442368 ----a-w- c:\windows\system32\winspool.drv
2012-01-22 11:47 . 2010-11-20 13:28 166784 ----a-w- c:\windows\system32\basecsp.dll
2012-01-22 11:46 . 2010-11-20 13:27 172544 ----a-w- c:\windows\system32\twext.dll
2012-01-22 11:45 . 2010-11-20 13:27 37376 ----a-w- c:\windows\system32\shimgvw.dll
2012-01-22 11:44 . 2010-11-20 13:33 6656 ----a-w- c:\windows\system32\drivers\cs-CZ\rdvgkmd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:25 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbhub.sys.mui
2012-01-22 11:44 . 2010-11-20 13:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2012-01-22 11:44 . 2010-11-20 13:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-01-22 11:44 . 2010-11-20 13:31 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2012-01-22 11:44 . 2010-11-20 13:43 3584 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbflt.sys.mui
2012-01-22 11:44 . 2010-11-20 13:41 6656 ----a-w- c:\windows\system32\drivers\pl-PL\rdvgkmd.sys.mui
2012-01-22 11:44 . 2010-11-20 13:38 4608 ----a-w- c:\windows\system32\drivers\pl-PL\tsusbhub.sys.mui
2012-01-22 11:44 . 2010-11-20 13:45 2560 ----a-w- c:\windows\system32\drivers\pl-PL\rdpwd.sys.mui
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-22 14:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-01-22 14:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-01-21 19:30 . 2012-01-21 19:30 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2012-01-21 19:30 . 2012-01-21 19:30 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-12-06 14:55 . 2010-04-20 04:30 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-05_09.24.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-02-05 13:03 54076 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-01-21 17:26 . 2012-02-05 13:03 11282 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2228829363-2496496693-1347899441-1001_UserData.bin
+ 2012-02-05 13:00 . 2012-02-05 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-05 08:41 . 2012-02-05 08:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-02-05 08:41 . 2012-02-05 08:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-05 13:00 . 2012-02-05 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-02-05 00:39 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-05 12:59 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-05 10:09 . 2012-02-05 10:09 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
- 2012-01-21 19:08 . 2012-01-21 19:08 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe
+ 2012-01-21 22:46 . 2012-02-05 12:59 4206788 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2228829363-2496496693-1347899441-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-12-22 2870896]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-4-20 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-4-20 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"ExpressFiles"="c:\program files (x86)\ExpressFiles\ExpressFiles.exe" -tray
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-01-28 21712]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-27 1028096]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [2011-12-19 30080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [2012-01-21 1564368]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-08 2123584]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-11-08 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-20 04:11]
.
2012-01-28 c:\windows\Tasks\Norton Security Scan for Martin.job
- c:\progra~2\NORTON~2\Engine\370~1.18\Nss.exe [2012-01-28 10:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-12-24 1736704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"combofix"="c:\combofix\CF21856.3XE" [2010-11-20 345088]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\x22ecfqi.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete\Command]
@DACL=(02 0000)
@="c:\\Program Files (x86)\\TuneUp Utilities 2012\\Undelete.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension]
@DACL=(02 0000)
@="{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\LightweightCallHandlers\PNIDUI\OnPrivateNetworkAvailable\WMP_OnPrivateNetworkAvailable]
@DACL=(02 0000)
"ExeName"=expand:"\"%programFiles%\\Windows Media Player\\wmpnscfg.exe\""
"Cardinality"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\Uninstalled\ROOT_*ISATAP_0001\Ndi]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{13D0658B-6A17-4953-B0DA-1AE9539E9C60}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000009
"Name"="Teredo Tunneling Pseudo-Interface"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{2CAA64ED-BAA3-4473-B637-DEC65A14C8AA}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000008
"Name"="Připojení k místní síti* 8"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{30B65BB3-9BAE-4EE3-A0BC-E413C87BF468}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000003
"Name"="Připojení k místní síti* 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{36ED9489-9C73-4458-A2F2-7E7F192B8C74}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070e
"DefaultNameIndex"=dword:00000000
"Name"="Bezdrátové připojení k síti"
"PnpInstanceID"="PCI\\VEN_168C&DEV_002B&SUBSYS_10891A3B&REV_01\\001517FFFF24141200"
"MediaSubType"=dword:00000002
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{43958D57-1C7B-4A7A-BBD7-9FFF6CF46BDD}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000002
"Name"="Připojení k místní síti* 2"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{5BF54C7E-91DA-457D-80BF-333677D7E316}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000007
"Name"="Připojení k místní síti* 7"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{5EAA5506-177E-4700-90D2-11AC0109F05E}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000c
"Name"="isatap.{691BB14B-14BB-40C6-85DA-D4B97CBD56F1}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{636D6038-0200-4937-A55F-2EB1FC74F75D}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070e
"DefaultNameIndex"=dword:00000002
"Name"="Bezdrátové připojení k síti 2"
"PnpInstanceID"="{5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\\VWIFIMP\\5&4240F00&0&01"
"MediaSubType"=dword:00000002
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{71F897D7-EB7C-4D8D-89DB-AC80D9DD2270}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000000
"Name"="Připojení k místní síti*"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{78032B7E-4968-42D3-9F37-287EA86C0AAA}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000a
"Name"="Připojení k místní síti* 10"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{7BAC7853-28B4-4BEE-8AE2-6EF5348FDD78}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000009
"Name"="Připojení k místní síti* 9"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{7CFB3A70-C84F-4431-BF87-1901F690909F}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070b
"DefaultNameIndex"=dword:00000000
"Name"="Připojení k místní síti"
"PnpInstanceID"="PCI\\VEN_1969&DEV_1026&SUBSYS_14F51043&REV_B0\\FF4F5729485B39FF00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{8E301A52-AFFA-4F49-B9CA-C79096A1A056}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000005
"Name"="Připojení k místní síti* 5"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{905AEDC1-6655-4327-9977-AFD92CF3AC9D}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000710
"DefaultNameIndex"=dword:00000000
"Name"="Síťové připojení Bluetooth"
"PnpInstanceID"="BTH\\MS_BTHPAN\\6&1DDDDB23&0&2"
"MediaSubType"=dword:00000007
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{9A399D81-2EAD-4F23-BCDD-637FC13DCD51}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000006
"Name"="Připojení k místní síti* 6"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{9A3F3801-F707-4036-A40F-8208AE961F76}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000c
"Name"="isatap.{7CFB3A70-C84F-4431-BF87-1901F690909F}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{B78AE537-569D-4644-9EE3-920C330A2F01}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000c
"Name"="isatap.{636D6038-0200-4937-A55F-2EB1FC74F75D}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{CF84B042-48BA-48FE-A11B-51023545709B}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:0000070a
"DefaultNameIndex"=dword:00000002
"Name"="Připojení k místní síti 2"
"PnpInstanceID"="ROOT\\NET\\0000"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{D97C2A3A-9593-46CB-8AEE-ADDFBE884477}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000009
"Name"="isatap.Home"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{DF4A9D2C-8742-4EB1-8703-D395C4183F33}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:00000004
"Name"="Připojení k místní síti* 4"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E43D242B-9EAB-4626-A952-46649FBB939A}\Connection]
@DACL=(02 0000)
"DefaultNameResourceId"=dword:00000709
"DefaultNameIndex"=dword:0000000b
"Name"="Připojení k místní síti* 11"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e973-e325-11ce-bfc1-08002be10318}\{821D3398-F04E-471E-8D8C-27EE3F5EB428}]
@DACL=(02 0000)
"Characteristics"=dword:00000080
"InfPath"="netmscli.inf"
"InfSection"="MSClient.ndi"
"LocDescription"="@netmscli.inf,%msclient_desc%;Client for Microsoft Networks"
"Description"="Client for Microsoft Networks"
"ComponentId"="ms_msclient"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,1f,00,bb,01
"PrintProviderName"="LanMan Print Services"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{0EFE03B2-EA87-44C1-B825-9BBEA54F37B4}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrass.inf"
"InfSection"="Ndi-Steelhead"
"LocDescription"="@netrass.inf,%steelhead-dispname%;Steelhead"
"Description"="Steelhead"
"ComponentId"="ms_steelhead"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2d,00,d2,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{56494156-6C00-4B77-90D7-A4A435088232}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netnb.inf"
"InfSection"="NetBIOS.ndi"
"LocDescription"="@netnb.inf,%netbios_desc%;NetBIOS Interface"
"Description"="NetBIOS Interface"
"ComponentId"="MS_NETBIOS"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,1e,00,01,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{5CBF81BF-5055-47CD-9055-A76B2B4E3698}]
@DACL=(02 0000)
"Characteristics"=dword:00040028
"InfPath"="netvwififlt.inf"
"InfSection"="Install"
"LocDescription"="@netvwififlt.inf,%vwififlt_desc%;Virtual WiFi Filter Driver"
"Description"="Virtual WiFi Filter Driver"
"ComponentId"="ms_vwifi"
"InstallTimeStamp"=hex:d9,07,07,00,03,00,1d,00,05,00,06,00,27,00,8e,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{6B7E8FF8-E9A2-46EB-A4EA-42CCA2D43C96}]
@DACL=(02 0000)
"Characteristics"=dword:00000000
"InfPath"="netserv.inf"
"InfSection"="Install.ndi"
"LocDescription"="@netserv.inf,%msserver_desc%;File and Printer Sharing for Microsoft Networks"
"Description"="File and Printer Sharing for Microsoft Networks"
"ComponentId"="ms_server"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,20,00,e8,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{B5F4D659-7DAA-4565-8E41-BE220ED60542}]
@DACL=(02 0000)
"Characteristics"=dword:00040000
"InfPath"="netpacer.inf"
"InfSection"="Install"
"LocDescription"="@netpacer.inf,%psched_desc%;QoS Packet Scheduler"
"Description"="QoS Packet Scheduler"
"ComponentId"="ms_pacer"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,39,00,9a,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{B70D6460-3635-4D42-B866-B8AB1A24454C}]
@DACL=(02 0000)
"Characteristics"=dword:00040028
"InfPath"="wfplwf.inf"
"InfSection"="Install"
"LocDescription"="@wfplwf.inf,%wfplwf_desc%;WFP Lightweight Filter"
"Description"="WFP Lightweight Filter"
"ComponentId"="MS_WfpLwf"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,30,00,47,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{C9548B78-5743-4E64-9BA1-CD4D974A329F}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netrass.inf"
"InfSection"="Ndi-RasSrv"
"LocDescription"="@netrass.inf,%rassrv-dispname%;Dial-Up Server"
"Description"="Dial-Up Server"
"ComponentId"="ms_rassrv"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2d,00,84,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{E475CF9A-60CD-4439-A75F-0079CE0E18A1}]
@DACL=(02 0000)
"Characteristics"=dword:00040028
"InfPath"="netnwifi.inf"
"InfSection"="MS_NWIFI.Install"
"LocDescription"="@netnwifi.inf,%ms_nwifi.displayname%;NativeWiFi Filter"
"Description"="NativeWiFi Filter"
"ComponentId"="MS_NativeWifiP"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,37,00,02,00,58,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{EA24CD6C-D17A-4348-9190-09F0D5BE83DD}]
@DACL=(02 0000)
"Characteristics"=dword:00040038
"InfPath"="ndiscap.inf"
"InfSection"="Install"
"LocDescription"="@ndiscap.inf,%ndiscap_desc%;NDIS Capture LightWeight Filter"
"Description"="NDIS Capture LightWeight Filter"
"ComponentId"="MS_NDISCAP"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,36,00,26,00,f2,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{F5658C39-CD0D-45B5-A342-E2C037714CE4}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrass.inf"
"InfSection"="Ndi-RasMan"
"LocDescription"="@netrass.inf,%rasman-dispname%;Remote Access Connection Manager"
"Description"="Remote Access Connection Manager"
"ComponentId"="ms_rasman"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1e,00,f3,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e974-e325-11ce-bfc1-08002be10318}\{FDDDF6A6-9B8C-4545-BFAF-4ADD56257B8B}]
@DACL=(02 0000)
"Characteristics"=dword:00040000
"InfPath"="oem12.inf"
"InfSection"="Avgfwfd.ndi.NTamd64"
"LocDescription"="@oem12.inf,%avgfwfd_desc%;AVG network filter driver"
"Description"="AVG network filter driver"
"ComponentId"="gr_avgfwfd"
"InstallTimeStamp"=hex:dc,07,01,00,06,00,15,00,12,00,01,00,15,00,4e,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{12F2EEA2-EE86-4933-8C0B-346E5E57F332}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-PppoeProtocol"
"LocDescription"="@netrast.inf,%pppoe-dispname%;Point to Point Protocol Over Ethernet"
"Description"="Point to Point Protocol Over Ethernet"
"ComponentId"="ms_pppoe"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,20,00,fd,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{234991D1-04CC-47F5-A4A9-29808D68765F}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="nettcpip.inf"
"InfSection"="MS_WINS.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_wins.displayname%;WINS Client(TCP/IP) Protocol"
"Description"="WINS Client(TCP/IP) Protocol"
"ComponentId"="ms_netbt"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,14,00,dc,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{24AB3BC7-8C0C-4389-A4D4-8B8FD6ADEA7A}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netrast.inf"
"InfSection"="Ndi-PptpProtocol"
"LocDescription"="@netrast.inf,%pptp-dispname%;Point to Point Tunneling Protocol"
"Description"="Point to Point Tunneling Protocol"
"ComponentId"="ms_pptp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1f,00,ba,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{27EE12EA-A6B3-4E15-AF2B-D4B9D989EDFB}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="nettcpip.inf"
"InfSection"="MS_TCPIP.Tunnel.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_tcpip.tunnel.displayname%;Internet Protocol (TCP/IP) - Tunnels"
"Description"="Internet Protocol (TCP/IP) - Tunnels"
"ComponentId"="ms_tcpip_tunnel"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,36,00,28,00,34,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netip6.inf"
"InfSection"="MS_TCPIP6.Tunnel.Install"
"LocDescription"="@netip6.inf,%ms_tcpip6.tunnel.displayname%;Microsoft TCP/IP version 6 - Tunnels"
"Description"="Microsoft TCP/IP version 6 - Tunnels"
"ComponentId"="ms_tcpip6_tunnel"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,36,00,28,00,dc,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B4683A7-F97E-478E-BBD6-34EDF0D9DEA8}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="nettcpip.inf"
"InfSection"="MS_NETBT_SMB.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_netbt_smb.displayname%;Message-oriented TCP/IP Protocol (SMB session)"
"Description"="Message-oriented TCP/IP Protocol (SMB session)"
"ComponentId"="ms_netbt_smb"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,14,00,2a,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2BE5AF45-DD00-422F-8484-8370DD108A53}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="ndisuio.inf"
"InfSection"="Install"
"LocDescription"="@ndisuio.inf,%ndisuio_desc%;NDIS Usermode I/O Protocol"
"Description"="NDIS Usermode I/O Protocol"
"ComponentId"="ms_ndisuio"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,17,00,98,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2FF8F288-20AD-41F8-A181-321D0659CA4D}]
@DACL=(02 0000)
"Characteristics"=dword:00000000
"InfPath"="rspndr.inf"
"InfSection"="Install"
"LocDescription"="@rspndr.inf,%displayname%;Link-Layer Topology Discovery Responder"
"Description"="Link-Layer Topology Discovery Responder"
"ComponentId"="MS_RSPNDR"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2b,00,2a,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{32345029-1B7D-43AF-B504-E71E5660B2F0}]
@DACL=(02 0000)
"Characteristics"=dword:000000a0
"InfPath"="netip6.inf"
"InfSection"="MS_TCPIP6.Install"
"LocDescription"="@netip6.inf,%ms_tcpip6.displayname%;Internet Protocol Version 6 (TCP/IPv6)"
"Description"="Internet Protocol Version 6 (TCP/IPv6)"
"ComponentId"="ms_tcpip6"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,13,00,c1,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{5D9F4D1D-F5B3-48BA-85AD-9B44176DD0C8}]
@DACL=(02 0000)
"Characteristics"=dword:000000a0
"InfPath"="nettcpip.inf"
"InfSection"="MS_TCPIP.PrimaryInstall"
"LocDescription"="@nettcpip.inf,%ms_tcpip.displayname%;Internet Protocol Version 4 (TCP/IPv4)"
"Description"="Internet Protocol Version 4 (TCP/IPv4)"
"ComponentId"="ms_tcpip"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,13,00,de,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{633F880E-FFD2-484F-A4CA-EB724F8BC057}]
@DACL=(02 0000)
"Characteristics"=dword:00000000
"InfPath"="lltdio.inf"
"InfSection"="Install"
"LocDescription"="@lltdio.inf,%displayname%;Link-Layer Topology Discovery Mapper I/O Driver"
"Description"="Link-Layer Topology Discovery Mapper I/O Driver"
"ComponentId"="MS_LLTDIO"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,2b,00,3c,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{69E184C5-2F7C-45D0-8C56-85097BA63C11}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-NdisWan"
"LocDescription"="@netrast.inf,%ndiswan-dispname%;Remote Access NDIS WAN Driver"
"Description"="Remote Access NDIS WAN Driver"
"ComponentId"="ms_ndiswan"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1e,00,a5,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{6D9E377D-E19D-47CF-BE5F-D2DA5F99318A}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netsstpt.inf"
"InfSection"="Ndi-SstpProtocol"
"LocDescription"="@netsstpt.inf,%sstp-dispname%;SSTP based VPN"
"Description"="SSTP based VPN"
"ComponentId"="ms_sstp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1b,00,59,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{7D857581-4BD0-44AB-B87C-921422A69D39}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-Wanarp"
"LocDescription"="@netrast.inf,%wanarp-dispname%;Remote Access IP ARP Driver"
"Description"="Remote Access IP ARP Driver"
"ComponentId"="MS_wanarp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,15,00,6d,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{92356401-DAAE-49DA-8D29-5B023CCF4CD9}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="nettcpip.inf"
"InfSection"="MS_SMB.Install"
"LocDescription"="@nettcpip.inf,%ms_smb.displayname%;Microsoft NetbiosSmb"
"Description"="Microsoft NetbiosSmb"
"ComponentId"="MS_SMB"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,35,00,38,00,86,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{E7AC61F5-4BFE-4254-8889-98A990D174D5}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netrast.inf"
"InfSection"="Ndi-L2tpProtocol"
"LocDescription"="@netrast.inf,%l2tp-dispname%;Layer 2 Tunneling Protocol"
"Description"="Layer 2 Tunneling Protocol"
"ComponentId"="ms_l2tp"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,1e,00,41,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F27D2AC4-396D-442D-9FD8-05AEF1E98AAB}]
@DACL=(02 0000)
"Characteristics"=dword:00000028
"InfPath"="netrast.inf"
"InfSection"="Ndi-Wanarpv6"
"LocDescription"="@netrast.inf,%wanarpv6-dispname%;Remote Access IPv6 ARP Driver"
"Description"="Remote Access IPv6 ARP Driver"
"ComponentId"="MS_wanarpv6"
"InstallTimeStamp"=hex:d9,07,07,00,02,00,0e,00,04,00,31,00,21,00,cf,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{F3466C37-54F0-4F42-BD00-818377567D04}]
@DACL=(02 0000)
"Characteristics"=dword:00000038
"InfPath"="netavpnt.inf"
"InfSection"="Ndi-AgileVpnProtocol"
"LocDescription"="@netavpnt.inf,%agilevpn-dispname%;AgileVpn based VPN"
"Description"="AgileVpn based VPN"
"ComponentId"="ms_agilevpn"
"InstallTimeStamp"=hex:dc,07,01,00,00,00,16,00,10,00,37,00,2a,00,b1,03
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\ReadyBoot\{2a274310-42d5-4019-b816-e4b8c7abe95c}]
@DACL=(02 0000)
"Enabled"=dword:00000001
"EnableFlags"=dword:00000020
"Status"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\ReadyBoot\{a319d300-015c-48be-acdb-47746e154751}]
@DACL=(02 0000)
"Enabled"=dword:00000001
"Status"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ExpressFiles\EFupdater.exe
c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
.
**************************************************************************
.
Celkový čas: 2012-02-05 14:08:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-05 13:08
ComboFix2.txt 2012-02-05 09:28
.
Před spuštěním: Volných bajtů: 407 433 928 704
Po spuštění: Volných bajtů: 407 161 667 584
.
- - End Of File - - DD28772CA464DF2394B8C081D2E3E6ED

karlospatmat · #114 Příspěvek od **karlospatmat** » 05 úno 2012 15:07

Eset byl smazán ten druhý ne ale byl vyřazen ze spuštění. Jinak nastal menší problém. Po dokonšení procesu a opětovného spuštění win se nemohu zaboha připojit k netu ani přez vifi a ni přez kabel???

karlospatmat · #115 Příspěvek od **karlospatmat** » 05 úno 2012 15:41

http://leteckaposta.cz/383244684

karlospatmat · #116 Příspěvek od **karlospatmat** » 05 úno 2012 16:20

Tuneup jsem na dopručení smáznul taky. Akorád se chci jěště zeptat jestli jsem neudělal chybu, protože jsem dal obnovu sys kvůli připojení k netu a domnívám se že vše co udělal combofix je v pr... Nebo ne?

chodnik74 · #117 Příspěvek od **chodnik74** » 05 úno 2012 16:35

BSOD způsobuje opět ovladač VcommMgr.sys, protože jste ho vrátil, když nebyl, tak problémy nebyly

#118 Příspěvek od **Mc_Murphy** » 05 úno 2012 16:39

karlospatmat píše:Tuneup jsem na dopručení smáznul taky. Akorád se chci jěště zeptat jestli jsem neudělal chybu, protože jsem dal obnovu sys kvůli připojení k netu a domnívám se že vše co udělal combofix je v pr... Nebo ne?

Ano, to je. Každý zbrklý krok, který uděláš v průběhu našich postupů je na nic. Nebo si během vrtání zubu odskakuješ na sváču a divíš se, že to zubaři vadí?! Takhle se nespolupracuje...

karlospatmat · #119 Příspěvek od **karlospatmat** » 05 úno 2012 16:57

Celou dobu nic. Jenže já jsem stím ovladačem neměl doposud nejmenčí problém. Dostal jsem Bluetooth společně s zakoupeným notebookem což je cca 1,5 roku nazpět. Pc jsem za tu dobu cca 4krát reinstaloval a vždy šlo vše ok a nebyla žádná bsod.
Až napososedy před cca10 dny při poslední reinstal to začalo zlobit

karlospatmat · #120 Příspěvek od **karlospatmat** » 05 úno 2012 17:00

No zaskočlilo mě to připojení k netu a nešlo to odstranit. Mám se tedy vrátit k předchozímu kroku? a znovu stáhnout combofix?

VIRY.CZ

Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt