VIRY.CZ

Zdravím, mám problém...po napadení viru se mě zablokoval NOD 5,0 , zkoušel jsem ho odinstalovat a znovu nainstalovat , ale nejde a spadně mě pc do modré obrazovky.Zkoušel jsem to odinstalovat esetuniinstaleter,odstarnit i registr kde byl, ale stále běží rezidenční štíty -podle hlášení combofixu. Můžete mě poradit, nechci pc přeinstalovávat, to by byla až ta krajní verze.

ComboFix 11-11-26.04 - Pavel 30.11.2011 10:13:01.5.2 - x86 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3326.2265 [GMT 1:00]
Spuštěný z: h:\combo\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-28 do 2011-11-30 )))))))))))))))))))))))))))))))
.
.
2011-11-30 09:18 . 2011-11-30 09:19 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2011-11-30 09:18 . 2011-11-30 09:18 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2011-11-30 09:18 . 2011-11-30 09:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-28 14:12 . 2011-11-28 14:12 -------- d-----w- c:\users\Pavel\AppData\Roaming\AVG2012
2011-11-28 14:11 . 2011-11-30 08:16 -------- d-----w- c:\windows\system32\drivers\AVG
2011-11-27 22:41 . 2011-11-27 22:41 234752 ----a-w- c:\windows\system32\drivers\afcdp.sys
2011-11-27 22:41 . 2011-11-27 22:41 766208 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2011-11-27 22:41 . 2011-11-27 22:41 609760 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-11-27 22:40 . 2011-11-27 22:40 126112 ----a-w- c:\windows\system32\drivers\vididr.sys
2011-11-27 22:40 . 2011-11-27 22:40 84512 ----a-w- c:\windows\system32\drivers\vsflt58.sys
2011-11-27 22:40 . 2011-11-27 22:40 170496 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-11-27 22:40 . 2011-11-27 22:40 76768 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2011-11-27 22:40 . 2011-11-27 22:41 -------- d-----w- c:\program files\Common Files\Acronis
2011-11-27 22:40 . 2011-11-27 22:40 -------- d-----w- c:\program files\Acronis
2011-11-26 21:35 . 2011-11-26 21:35 -------- d-----w- C:\$AVG
2011-11-26 21:29 . 2011-11-27 00:15 -------- d-----w- c:\users\Pavel\AppData\Roaming\QuickStoresToolbar
2011-11-26 21:29 . 2011-11-27 00:15 -------- d-----w- c:\program files\Unlocker
2011-11-26 21:20 . 2011-11-26 21:20 -------- d-----w- c:\programdata\Ashampoo
2011-11-26 21:19 . 2011-11-27 00:15 -------- d-----w- c:\program files\ConduitEngine
2011-11-26 21:19 . 2011-11-27 00:15 -------- d-----w- c:\program files\MyAshampoo
2011-11-26 20:57 . 2011-11-28 14:20 -------- d-----w- c:\programdata\AVG2012
2011-11-26 20:57 . 2011-11-27 00:13 -------- d-----w- c:\program files\AVG
2011-11-26 20:55 . 2011-11-26 20:55 -------- d--h--w- c:\programdata\Common Files
2011-11-26 20:55 . 2011-11-30 08:26 -------- d-----w- c:\programdata\MFAData
2011-11-26 18:44 . 2011-11-27 00:14 -------- d-----w- c:\users\Pavel\AppData\Local\VS Revo Group
2011-11-26 18:44 . 2009-12-30 10:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-11-26 18:44 . 2011-11-27 00:14 -------- d-----w- c:\program files\VS Revo Group
2011-11-26 18:04 . 2009-07-13 23:11 80896 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-11-25 13:47 . 2011-11-25 13:47 -------- d-----w- c:\users\Pavel\AppData\Local\Incomedia
2011-11-25 13:47 . 2011-11-26 16:41 -------- d-----w- c:\program files\WebSite X5 v9 - Evolution Demo
2011-11-25 13:24 . 2011-11-26 18:14 -------- d-sh--w- c:\users\Pavel\AppData\Local\996758fe
2011-11-17 11:08 . 2011-11-27 00:13 -------- d-----w- c:\program files\Intel Desktop Board
2011-11-17 11:05 . 2011-11-17 11:05 -------- d-----w- c:\users\Pavel\SystemRequirementsLab
2011-11-16 18:35 . 2011-11-16 18:35 -------- d-----w- c:\users\Pavel\AppData\Local\Garmin
2011-11-16 18:35 . 2011-11-27 00:14 -------- d-----w- c:\users\Pavel\AppData\Local\GARMIN_Corp
2011-11-16 16:17 . 2011-11-27 00:13 -------- d-----w- c:\program files\AMD APP
2011-11-16 16:07 . 2011-11-16 16:07 -------- d-----w- c:\programdata\ATI
2011-11-10 22:57 . 2011-11-27 00:13 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-11-09 12:16 . 2011-11-04 12:42 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2011-11-09 12:16 . 2011-11-04 12:42 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2011-11-09 05:53 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 05:53 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 05:53 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-08 10:03 . 2011-11-27 00:13 -------- d-----w- c:\program files\Common Files\Java
2011-11-06 14:42 . 2011-11-06 14:42 -------- d-----w- c:\programdata\Zoner
2011-11-04 12:42 . 2011-11-04 12:42 82736 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
2011-11-04 12:42 . 2011-11-04 12:42 116016 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2011-11-04 12:42 . 2011-11-04 12:42 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2011-11-04 12:42 . 2011-11-04 12:42 135472 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2011-11-01 16:29 . 2011-11-01 16:29 -------- d-----w- c:\users\Pavel\AppData\Roaming\ArcSoft
2011-11-01 11:48 . 2011-11-01 11:48 -------- d-----w- c:\users\Pavel\AppData\Local\ArcSoft
2011-11-01 11:48 . 2011-11-27 00:14 -------- d-----w- c:\programdata\ArcSoft
2011-11-01 11:48 . 2011-11-27 00:13 -------- d-----w- c:\program files\Common Files\ArcSoft
2011-11-01 11:48 . 2011-11-27 00:14 -------- d-----w- c:\windows\system32\Codec
2011-10-31 15:20 . 2011-10-31 15:20 -------- d-----w- c:\users\Pavel\AppData\Roaming\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-27 01:37 . 2011-10-26 02:01 415160 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-16 15:06 . 2011-05-16 18:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-07 22:20 . 2011-10-13 13:29 392770 ----a-w- c:\users\Pavel\AppData\Roaming\mdbu.bin
2011-10-26 03:03 . 2011-10-26 03:03 8853504 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-26 02:06 . 2011-10-26 02:06 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-26 02:05 . 2010-03-03 04:16 748544 ----a-w- c:\windows\system32\aticfx32.dll
2011-10-26 02:01 . 2011-05-25 03:04 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-26 02:00 . 2011-10-26 02:00 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-26 01:59 . 2011-10-26 01:59 18757120 ----a-w- c:\windows\system32\atioglxx.dll
2011-10-26 01:59 . 2011-10-26 01:59 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-10-26 01:59 . 2011-10-26 01:59 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-10-26 01:58 . 2011-10-26 01:58 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-26 01:58 . 2011-10-26 01:58 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-10-26 01:55 . 2010-03-03 04:06 4292096 ----a-w- c:\windows\system32\atidxx32.dll
2011-10-26 01:43 . 2011-10-26 01:43 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-10-26 01:38 . 2011-10-26 01:38 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-10-26 01:38 . 2011-10-26 01:38 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-10-26 01:35 . 2010-03-03 03:46 4353536 ----a-w- c:\windows\system32\atiumdag.dll
2011-10-26 01:34 . 2011-10-26 01:34 8449024 ----a-w- c:\windows\system32\aticaldd.dll
2011-10-26 01:32 . 2010-03-03 03:24 4189184 ----a-w- c:\windows\system32\atiumdva.dll
2011-10-26 01:29 . 2010-08-08 21:16 52736 ----a-w- c:\windows\system32\coinst.dll
2011-10-26 01:22 . 2011-05-25 02:26 339968 ----a-w- c:\windows\system32\atiadlxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-10-26 01:21 . 2011-10-26 01:21 264192 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-10-26 01:21 . 2010-03-03 03:06 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-10-26 01:20 . 2010-03-03 03:06 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-10-26 01:20 . 2011-10-26 01:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-10-26 01:15 . 2011-10-26 01:15 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\system32\OpenVideo.dll
2011-10-25 20:21 . 2011-10-25 20:21 56832 ----a-w- c:\windows\system32\OVDecoder.dll
2011-10-25 20:20 . 2011-10-25 20:20 13950464 ----a-w- c:\windows\system32\amdocl.dll
2011-10-03 04:06 . 2010-08-10 08:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-30 11:38 . 2011-09-30 11:38 876032 ----a-w- c:\windows\system32\VFP6RENU.DLL
2011-09-30 11:38 . 2011-09-30 11:38 3370256 ----a-w- c:\windows\system32\VFP6R.DLL
2011-09-30 11:38 . 2011-09-30 11:38 24990 ----a-w- c:\windows\system32\VFP6RUN.EXE
2011-09-14 09:47 . 2011-09-14 09:47 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-09-14 09:38 . 2011-09-14 09:38 37376 ----a-w- c:\windows\system32\amdoclcl.dll
2011-11-09 12:13 . 2011-08-07 08:59 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-08-19 2387296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
backup=c:\windows\pss\AVer HID Receiver.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
backup=c:\windows\pss\AVerQuick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^forteManager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
backup=c:\windows\pss\forteManager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBooster.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ImageBooster.lnk
backup=c:\windows\pss\ImageBooster.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 21:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2011-06-14 23:47 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-03-13 10:58 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-08-21 17:57 136176 ----atw- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2009-09-03 09:30 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-04-17 10:41 196608 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-11 14:30 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LG LinkAir]
2011-05-03 10:19 2449768 ----a-w- c:\program files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl11]
2011-08-24 01:13 230696 ----a-w- c:\program files\CyberLink\PowerDVD11\PDVD11Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-06-27 03:42 6295552 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
2011-09-23 11:23 403504 ----a-w- c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2011-09-23 11:21 5957032 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"B2C_AGENT"=c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe"
.
R1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-07-11 229840]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-04 158512]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-11-04 91440]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/23 23:02];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-06-28 20:50 87536]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/09/22 11:17];c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-09-01 20:51 77296]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 185472]
R2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-11-27 3409880]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 176128]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-28 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2011-08-19 2399560]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-08-16 5264736]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [2011-08-24 71664]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2011-09-23 5735152]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1477632]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-11-27 234752]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-26 8853504]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-26 264192]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 AVerBDA6x;AVerBDA6x service;c:\windows\system32\DRIVERS\AVerBDA716x.sys [2009-06-05 1151104]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-11 16720]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 dvblinkcap;DVBLink Capture EB4DDE4672750DFDEAD2F59E9BB24C57C500DBFF;c:\windows\system32\DRIVERS\dvblinkcap.sys [2010-07-07 17456]
R3 dvblinkcap2;DVBLink Capture D63E96189B8A92B4E5AAA58BFFF5622D5BE98AB2C81FBCF57F973D15;c:\windows\system32\DRIVERS\dvblinkcap2.sys [2010-07-07 17456]
R3 dvblinkcap3;DVBLink Capture 35539529D5C6BA09791E7FFF89B65BC77055E284398B311220BE424B7860B6A2;c:\windows\system32\DRIVERS\dvblinkcap3.sys [2010-07-07 17456]
R3 dvblinkcap4;DVBLink Capture F3679C15028448029B41C19824DE648C07B48B9D61A54B5D44BE42D9776B4592DD303137B5B890E8F02DE33D05498F2F;c:\windows\system32\DRIVERS\dvblinkcap4.sys [2010-07-07 17456]
R3 dvblinktun;DVBLink Tuner 1ACC3F977290635E3CD97CE957EE33D6B7C73A50;c:\windows\system32\DRIVERS\dvblinktun.sys [2010-07-07 17584]
R3 dvblinktun2;DVBLink Tuner 1CF8A6AC8078CC6F5CB49AEF7AB147AFFF6EE93E7F9BBF6A7DB6F3D2;c:\windows\system32\DRIVERS\dvblinktun2.sys [2010-07-07 17584]
R3 dvblinktun3;DVBLink Tuner 6D0B503370A5F484610DF439C0CDF4C7F89D2FEC88DC61835F0DEE6A00036097;c:\windows\system32\DRIVERS\dvblinktun3.sys [2010-07-07 17584]
R3 dvblinktun4;DVBLink Tuner 8A71F2178665F5B6867F2954B61B1178EEAAA0F979F8A05A745FFA8E6978D5462644DF46E4992C68A50578508BE4B4AC;c:\windows\system32\DRIVERS\dvblinktun4.sys [2010-07-07 17584]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\stahované programy\Everets\EVEREST Ultimate Edition v5.50.2242 BETA\kerneld.wnt [2010-07-30 28272]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-04-06 13224]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 mirror;mirror;c:\windows\system32\DRIVERS\LGMirror.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-13 30576]
R3 MTSBDA;TechniSat Mantis BDA Driver;c:\windows\system32\Drivers\MtsBda.sys [2008-02-18 253968]
R3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys [2009-07-13 23568]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-08-22 47360]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-08-23 414824]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-11-04 104752]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-11-04 116016]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-11-04 82736]
R3 VMLiteUSB;VMLite USB;c:\windows\system32\Drivers\VMLiteUSB.sys [2010-08-18 135272]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-09 1343400]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2009-12-04 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2009-12-04 25704]
R4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 77824]
R4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 69632]
R4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
R4 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2352640]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-07-11 32464]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2011-11-27 76768]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2011-11-27 126112]
S0 vidsflt58;Acronis Disk Storage Filter (58);c:\windows\system32\DRIVERS\vsflt58.sys [2011-11-27 84512]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-911584688-1436315649-3368791284-1001Core.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-21 17:57]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-911584688-1436315649-3368791284-1001UA.job
- c:\users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-21 17:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\do7koi7u.default\
FF - prefs.js: browser.startup.homepage - http://www.seznam.cz
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\d:\stahované programy\Everets\EVEREST Ultimate Edition v5.50.2242 BETA\kerneld.wnt"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-911584688-1436315649-3368791284-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DC9F0E17-DF2C-2024-93FC-FE478F6FE0F2}*]
"palafndffocbbnookmjijjhnbcilhoie"=hex:61,62,69,6f,65,66,63,6e,68,62,63,68,62,
63,61,68,69,6b,6a,63,61,70,6b,67,6e,62,69,67,6a,63,70,6c,66,64,00,77
"palpojogakigodkmnjjffbgoglbgiiif"=hex:61,62,69,6f,65,66,63,6e,68,62,63,68,62,
63,61,68,69,6b,6a,63,61,70,6b,67,6f,65,69,6f,68,6d,64,65,6f,6d,00,77
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="AAFCC9E93C9C706BE41D144FFDDC18C2CFDF2277164A018D8B4CBAF4A1108FEE4600F6ADD1F9D7C29344774C98547899033DDABC33E0C4388B249CBD7D58BA33CB0D2879937B4913944752BB4939EF0C454392AAED5CA0C17A111C98DFD2FBA2056737DEEFFBD6C83EC0F4509C8F14F71D042DB40C0ACF98A83FD2DAEAB5545C317313B287BA63575B6FC17ECD3ECD4002B6A211899961325C806D9BF61B1784013D3C8D2D58A8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6A0AC4980AC7933A2D97226D213B555C893F886479A3092460A84534554A570E5109DA34734AFD4BF4F4F24565BA01ABD9CFD0645A6E9D56B70735E8B946B605D32F455B277552C2BD7F42757F91EEC73CFC578B8750292723FEB6ED21698122A0EEFA8904E737996C051FB0999525FF32AFA81CE96E7151963D07F4CE6A8B35A9AC80F3462ADF000AE18A400222DCA509C685DFD4E71FCA0B9A79E6EC5F84C00445F0A34920D1DEC3A21BA132DFBDD1C8B7F567C1358BCCB951AEE70284C332F6835B1E9EE7ADBE1ED686ADC09759CECD156CE4890399EE33AF525D1364996035A72B0733DC75E69CB0EF23D3930DCE1BAA3BCA02696BB36E3AE0ED14DF976186260C733F7272A924556AA56F2AAC8180747280AE7D5859341D785F5FCCC27903AEFC74F4BAE1BEFC4A7778FA1C3DFB4EDBFAFCB9DBEBF4F712CFE080B94519190339A31995C5C19A5105795E33FF4DD963283F1420080C38D0B01156D8873C50AE0B988778EF0A7B6BC5A560CC7AF401EE869CE05AA35CC9E74266D5440DCDABBD2B447AF08AEBABD84A4042068890B96CF3B73C9359ECA218F9BA71DBD3201B30AAF223FF03EF472DCEC975A915272037765BA29F64E2209A5231BDDDF6D6E6D28609458D39FFBFE6381CB2B972B2D5F9568BF6C2FAB3C3CA494E6DDEFDA5EDD7494DBDF21A2FB8557429E33330CF71603DBE115FE7506139DD9E91C161B0CEB59A87A6EABEDA2199C23D3CA81BF920ABB6746D66AB8EE5D48F0CB46E222BBF26712B6D22BFA23C23B2DF37A01E4BF0F614855965C5B6C5C7DEB74C2473931BF4F571B8E3B17347DDE7BC80217EEC7ED3A503A72A113F6C63BF0902A1AFDB518689374565AE5103957BEE0D28CA275652CE3E5B8EBEC8BC4A33C914794E018B22EF5D614EBDAF5D9983B90150E9C1925C57E0C6E50C72B777C19AC9C57A6AAB8C0C19766394127B83B49ED222A4B86D2B8AA25494859D86D30EB5C5D636741CA60CECF1D6B36EB21F9D55588D7711506D78B6DB531A61EAF4B29DCF2A010B67C76885F3E932C8D53B660660C6D26214D1ED564524C8D8836805D2E7857E1E7528BEDE68424E75C02F2FC02A1A8D288AA27D14EF33F3DA7"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-11-30 10:21:07
ComboFix-quarantined-files.txt 2011-11-30 09:21
.
Před spuštěním: Volných bajtů: 10 478 534 656
Po spuštění: Volných bajtů: 10 482 176 000
.
- - End Of File - - 7B570197E0EC9A32354BC3A46759F3A5

ahoj,
vidim,ze Ty budes nejaky saamoliecitel ComboFix sa ma pouzit az na doporucenie radcu/moda
1. skus obnovu systemu k datumu pre zavirenim a potom vloz log RSIT
2. ak by bol nejaky problem s obnovou zacneme s odinstalaciou AVG http://www.viry.cz/forum/viewtopic.php?f=29&t=42886

Tak se nakonec povedlo vše vrátit obnovením systému, když jsem tam měl vir tak to nešlo, akorát mě zarazilo, že nešel taky odinstalovat antivir. Dík

nemas zac doporucujem dat log RSIT do sekcie preventivky