Re: hledání problému - nefunkční síťovka HP pavilion dv9660e
Napsal: 16 led 2012 11:34
tak zde je výpis
ComboFix 12-01-16.01 - Zdeněk 16.01.2012 11:14:00.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1069 [GMT 1:00]
Spuštěný z: c:\users\Zdenýk\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
c:\windows\system32\oem50.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-16 do 2012-01-16 )))))))))))))))))))))))))))))))
.
.
2012-01-16 10:21 . 2012-01-16 10:21 -------- d-----w- c:\users\Laptop\AppData\Local\temp
2012-01-16 10:21 . 2012-01-16 10:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-16 09:00 . 2012-01-16 09:00 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3455BBF8-F13B-4EDF-88BF-2CC693741959}\MpKsl1ba6cc82.sys
2012-01-16 09:00 . 2012-01-16 09:00 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3455BBF8-F13B-4EDF-88BF-2CC693741959}\offreg.dll
2012-01-15 18:49 . 2012-01-15 18:49 -------- d-----w- c:\program files\CBS Software
2012-01-15 14:20 . 2011-11-21 01:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3455BBF8-F13B-4EDF-88BF-2CC693741959}\mpengine.dll
2012-01-13 11:08 . 2012-01-13 11:09 -------- d-----w- c:\program files\trend micro
2012-01-13 11:08 . 2012-01-13 11:09 -------- d-----w- C:\rsit
2012-01-13 02:10 . 2012-01-13 02:11 -------- d-----w- c:\users\Zdeněk
2012-01-12 02:10 . 2012-01-12 02:18 -------- d-----w- c:\program files\Dr. Hardware 2009 english
2012-01-12 01:36 . 2012-01-12 12:46 -------- d-----w- c:\program files\Anti Trojan Elite
2012-01-12 01:02 . 2012-01-12 01:02 -------- d-----w- c:\program files\XP TCPIP Repair
2012-01-12 00:31 . 2012-01-12 00:31 -------- d-----w- c:\program files\CCleaner
2012-01-11 22:53 . 2007-01-04 03:20 1732 ----a-w- c:\windows\system32\drivers\nvphy.bin
2012-01-11 19:02 . 2012-01-11 19:49 -------- d-----w- C:\6a2af3c2b94283edd902f8
2012-01-11 17:24 . 2012-01-11 17:24 -------- d-----w- c:\windows\cs
2012-01-11 17:06 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2012-01-11 17:06 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2012-01-11 17:06 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-01-11 17:04 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-01-11 13:35 . 2012-01-11 13:35 -------- d-----w- c:\users\Laptop\AppData\Roaming\TuneUp Software
2012-01-11 13:33 . 2012-01-11 13:33 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-11 13:32 . 2012-01-11 13:37 -------- d-----w- c:\programdata\TuneUp Software
2012-01-10 22:25 . 2012-01-10 22:25 -------- d-----w- c:\users\Laptop\AppData\Local\IsolatedStorage
2012-01-09 12:22 . 2012-01-09 12:22 -------- d-----w- c:\program files\Lavalys
2012-01-08 11:12 . 2002-12-05 13:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-01-08 11:12 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-01-08 11:12 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-01-08 11:12 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-01-08 11:12 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-01-08 11:12 . 2012-01-08 11:12 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-01-08 11:12 . 2012-01-08 11:12 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-01-08 01:38 . 2012-01-08 01:38 -------- d-----w- c:\users\Laptop\AppData\Local\Hewlett-Packard
2012-01-08 01:30 . 2012-01-08 01:30 -------- d-----w- c:\programdata\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2012-01-08 01:16 . 2012-01-08 01:16 -------- d-----w- c:\windows\system32\nn-NO
2012-01-08 01:16 . 2008-04-22 04:13 376832 ----a-w- c:\windows\system32\S64CPA.exe
2012-01-08 01:16 . 2008-04-22 04:13 53248 ----a-w- c:\windows\system32\athihvui.dll
2012-01-08 01:16 . 2008-04-22 04:12 393216 ----a-w- c:\windows\system32\athihvs.dll
2012-01-08 01:15 . 2012-01-08 01:16 -------- d-----w- c:\program files\Atheros
2012-01-08 01:15 . 2012-01-08 01:15 -------- d-----w- c:\program files\Cisco
2012-01-08 01:14 . 2012-01-08 01:16 -------- d-----w- c:\programdata\Atheros
2012-01-08 00:46 . 2012-01-08 01:39 -------- d-----w- c:\users\Laptop\AppData\Roaming\hpqLog
2012-01-07 22:36 . 2012-01-07 22:36 -------- d-----w- c:\windows\system32\no-NO
2012-01-07 22:36 . 2012-01-07 22:36 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-01-07 22:36 . 2012-01-07 22:36 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-01-07 22:36 . 2012-01-07 22:36 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll
2012-01-07 22:36 . 2012-01-07 22:36 3502080 ----a-w- c:\windows\system32\bcmihvui.dll
2012-01-07 22:36 . 2012-01-07 22:36 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2012-01-07 22:36 . 2012-01-07 22:36 -------- d-----w- c:\program files\Broadcom
2012-01-07 22:28 . 2007-02-14 08:55 356352 ----a-w- c:\windows\system32\nvusmu.exe
2012-01-07 22:28 . 2006-11-08 23:48 356352 ----a-w- c:\windows\system32\nvusmb.exe
2011-12-31 22:41 . 2011-12-31 22:41 -------- d-----w- c:\users\Laptop\AppData\Local\DDMSettings
2011-12-19 09:31 . 2011-12-19 09:31 515856 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-14 17:35 . 2011-06-03 08:22 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-30 23:28 . 2011-11-30 23:29 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E638AB5-1E96-4251-89CE-140E989085CE}\gapaengine.dll
2011-11-23 13:37 . 2011-12-16 19:06 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 01:47 . 2010-07-17 01:16 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-16 16:23 . 2012-01-10 23:35 278528 ----a-w- c:\windows\system32\schannel.dll
2011-11-08 14:42 . 2011-12-16 19:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-16 19:14 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-16 19:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-16 19:14 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-16 19:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01 . 2011-12-16 19:05 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01 . 2011-12-16 19:05 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56 . 2011-12-16 19:05 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 14:54 175912 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2011-03-10 183808]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
"{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}"= "c:\program files\Seznam.cz\listicka.dll" [2011-03-15 2201600]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{34ab3c4c-da1a-4067-96f4-31452c7cfe65}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-24 176128]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
.
c:\users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DetectTray.lnk - c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2009-7-20 131072]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-05-27 20:31 1721640 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-06-22 11:10 273544 ----a-w- c:\program files\real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-18 21:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL1BA6CC82
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
rsmsvcs REG_MULTI_SZ ntmssvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 20:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 19:41]
.
2012-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 19:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mWindow Title = Microsoft Internet Explorer
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-Anti Trojan Elite - c:\program files\Anti Trojan Elite\TJEnder.exe
MSConfigStartUp-avast5 - c:\progra~1\ALWILS~1\Avast5\avastUI.exe
MSConfigStartUp-NapsterShell - c:\program files\Napster\napster.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-16 11:23
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2012-01-16 11:25:15
ComboFix-quarantined-files.txt 2012-01-16 10:25
.
Před spuštěním: 9 850 601 472
Po spuštění: 9 963 347 968
.
- - End Of File - - 843828C04C2F339533A124B08AABDB52
ComboFix 12-01-16.01 - Zdeněk 16.01.2012 11:14:00.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1069 [GMT 1:00]
Spuštěný z: c:\users\Zdenýk\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
c:\windows\system32\oem50.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-16 do 2012-01-16 )))))))))))))))))))))))))))))))
.
.
2012-01-16 10:21 . 2012-01-16 10:21 -------- d-----w- c:\users\Laptop\AppData\Local\temp
2012-01-16 10:21 . 2012-01-16 10:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-16 09:00 . 2012-01-16 09:00 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3455BBF8-F13B-4EDF-88BF-2CC693741959}\MpKsl1ba6cc82.sys
2012-01-16 09:00 . 2012-01-16 09:00 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3455BBF8-F13B-4EDF-88BF-2CC693741959}\offreg.dll
2012-01-15 18:49 . 2012-01-15 18:49 -------- d-----w- c:\program files\CBS Software
2012-01-15 14:20 . 2011-11-21 01:47 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3455BBF8-F13B-4EDF-88BF-2CC693741959}\mpengine.dll
2012-01-13 11:08 . 2012-01-13 11:09 -------- d-----w- c:\program files\trend micro
2012-01-13 11:08 . 2012-01-13 11:09 -------- d-----w- C:\rsit
2012-01-13 02:10 . 2012-01-13 02:11 -------- d-----w- c:\users\Zdeněk
2012-01-12 02:10 . 2012-01-12 02:18 -------- d-----w- c:\program files\Dr. Hardware 2009 english
2012-01-12 01:36 . 2012-01-12 12:46 -------- d-----w- c:\program files\Anti Trojan Elite
2012-01-12 01:02 . 2012-01-12 01:02 -------- d-----w- c:\program files\XP TCPIP Repair
2012-01-12 00:31 . 2012-01-12 00:31 -------- d-----w- c:\program files\CCleaner
2012-01-11 22:53 . 2007-01-04 03:20 1732 ----a-w- c:\windows\system32\drivers\nvphy.bin
2012-01-11 19:02 . 2012-01-11 19:49 -------- d-----w- C:\6a2af3c2b94283edd902f8
2012-01-11 17:24 . 2012-01-11 17:24 -------- d-----w- c:\windows\cs
2012-01-11 17:06 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2012-01-11 17:06 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2012-01-11 17:06 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-01-11 17:04 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-01-11 13:35 . 2012-01-11 13:35 -------- d-----w- c:\users\Laptop\AppData\Roaming\TuneUp Software
2012-01-11 13:33 . 2012-01-11 13:33 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-01-11 13:32 . 2012-01-11 13:37 -------- d-----w- c:\programdata\TuneUp Software
2012-01-10 22:25 . 2012-01-10 22:25 -------- d-----w- c:\users\Laptop\AppData\Local\IsolatedStorage
2012-01-09 12:22 . 2012-01-09 12:22 -------- d-----w- c:\program files\Lavalys
2012-01-08 11:12 . 2002-12-05 13:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-01-08 11:12 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-01-08 11:12 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-01-08 11:12 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-01-08 11:12 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-01-08 11:12 . 2012-01-08 11:12 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-01-08 11:12 . 2012-01-08 11:12 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-01-08 01:38 . 2012-01-08 01:38 -------- d-----w- c:\users\Laptop\AppData\Local\Hewlett-Packard
2012-01-08 01:30 . 2012-01-08 01:30 -------- d-----w- c:\programdata\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2012-01-08 01:16 . 2012-01-08 01:16 -------- d-----w- c:\windows\system32\nn-NO
2012-01-08 01:16 . 2008-04-22 04:13 376832 ----a-w- c:\windows\system32\S64CPA.exe
2012-01-08 01:16 . 2008-04-22 04:13 53248 ----a-w- c:\windows\system32\athihvui.dll
2012-01-08 01:16 . 2008-04-22 04:12 393216 ----a-w- c:\windows\system32\athihvs.dll
2012-01-08 01:15 . 2012-01-08 01:16 -------- d-----w- c:\program files\Atheros
2012-01-08 01:15 . 2012-01-08 01:15 -------- d-----w- c:\program files\Cisco
2012-01-08 01:14 . 2012-01-08 01:16 -------- d-----w- c:\programdata\Atheros
2012-01-08 00:46 . 2012-01-08 01:39 -------- d-----w- c:\users\Laptop\AppData\Roaming\hpqLog
2012-01-07 22:36 . 2012-01-07 22:36 -------- d-----w- c:\windows\system32\no-NO
2012-01-07 22:36 . 2012-01-07 22:36 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-01-07 22:36 . 2012-01-07 22:36 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-01-07 22:36 . 2012-01-07 22:36 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll
2012-01-07 22:36 . 2012-01-07 22:36 3502080 ----a-w- c:\windows\system32\bcmihvui.dll
2012-01-07 22:36 . 2012-01-07 22:36 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2012-01-07 22:36 . 2012-01-07 22:36 -------- d-----w- c:\program files\Broadcom
2012-01-07 22:28 . 2007-02-14 08:55 356352 ----a-w- c:\windows\system32\nvusmu.exe
2012-01-07 22:28 . 2006-11-08 23:48 356352 ----a-w- c:\windows\system32\nvusmb.exe
2011-12-31 22:41 . 2011-12-31 22:41 -------- d-----w- c:\users\Laptop\AppData\Local\DDMSettings
2011-12-19 09:31 . 2011-12-19 09:31 515856 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-14 17:35 . 2011-06-03 08:22 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-30 23:28 . 2011-11-30 23:29 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E638AB5-1E96-4251-89CE-140E989085CE}\gapaengine.dll
2011-11-23 13:37 . 2011-12-16 19:06 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 01:47 . 2010-07-17 01:16 6823496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-16 16:23 . 2012-01-10 23:35 278528 ----a-w- c:\windows\system32\schannel.dll
2011-11-08 14:42 . 2011-12-16 19:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-16 19:14 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-16 19:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-16 19:14 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-16 19:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01 . 2011-12-16 19:05 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01 . 2011-12-16 19:05 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 15:56 . 2011-12-16 19:05 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 14:54 175912 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2011-03-10 183808]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
"{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}"= "c:\program files\Seznam.cz\listicka.dll" [2011-03-15 2201600]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CLASSES_ROOT\clsid\{34ab3c4c-da1a-4067-96f4-31452c7cfe65}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-24 176128]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-27 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
.
c:\users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DetectTray.lnk - c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2009-7-20 131072]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-05-27 20:31 1721640 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-06-22 11:10 273544 ----a-w- c:\program files\real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-18 21:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL1BA6CC82
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
rsmsvcs REG_MULTI_SZ ntmssvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 20:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 19:41]
.
2012-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-16 19:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mWindow Title = Microsoft Internet Explorer
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-Anti Trojan Elite - c:\program files\Anti Trojan Elite\TJEnder.exe
MSConfigStartUp-avast5 - c:\progra~1\ALWILS~1\Avast5\avastUI.exe
MSConfigStartUp-NapsterShell - c:\program files\Napster\napster.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-16 11:23
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2012-01-16 11:25:15
ComboFix-quarantined-files.txt 2012-01-16 10:25
.
Před spuštěním: 9 850 601 472
Po spuštění: 9 963 347 968
.
- - End Of File - - 843828C04C2F339533A124B08AABDB52
3f96%8(Preferované)
2c9e:f5ff:fffb(Prefe