VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nefunguje net, firewall ani navázané služby - Vista

https://forum.viry.cz:443/viewtopic.php?t=130213

Stránka 1 z 2

nefunguje net, firewall ani navázané služby - Vista

Napsal: 12 kvě 2013 19:18
od Vlkus
Zdravím, kamarád mi přinesl NB s Vistama, nejede internet, firewall je vypnutý a nelze zapnout z důvodu nefunkčnosti navázaných služeb. Při ručním spouštění píše o nedostatečných právech pro spuštění přesto, že jsem přihlášen jako správce. Z protokolů jsem zjistil, že se Winy několikrát neúspěšně pokoušely instalovat aktualizaci Microsoft security, pak se objevuje hláška o porušených registrech a harddiskvolume.
Už nevím co s tím. Při přesouvání fotek mezi adresáři se navíc několik desítek souborů poškodilo, napadlo mě proto, jestli na vině nemůže být vadný HDD. Pomožte, prosím. Díky.

Log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Francimor at 2013-05-12 19:38:27
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 125 GB (55%) free of 227 GB
Total RAM: 1975 MB (56% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Francimor\AppData\Roaming\Mozilla\Firefox\Profiles\sc3sta2w.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, engine@conduit.com:3.3.3.2, {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid={C755 ... 2012-06-05 21:46:05&pid=avg&sg=&v=14.0.2.14&sap=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsjsrealplayerplugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Francimor\AppData\Roaming\Mozilla\Firefox\Profiles\sc3sta2w.default\extensions\
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}

C:\Users\Francimor\AppData\Roaming\Mozilla\Firefox\Profiles\sc3sta2w.default\searchplugins\
askcom.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-29 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-07-14 329520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-19 1929392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04 1519272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-07-14 59184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-19 1929392]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04 1519272]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-10 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-01-16 3866624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-03-09 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-03-09 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-03-09 154136]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-01-08 186904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2011-10-29 273528]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-02-19 1151152]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-05-04 1561768]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-12-21 1090040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
C:\Program Files\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Francimor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-06-02 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Francimor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-10-28 221184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-05-12 19:38:27 ----D---- C:\rsit
2013-05-12 19:38:27 ----D---- C:\Program Files\trend micro
2013-05-08 00:40:16 ----ASH---- C:\hiberfil.sys
2013-05-08 00:19:46 ----A---- C:\Windows\system32\drivers\eRootDrv.sys
2013-05-08 00:17:39 ----A---- C:\Windows\ntbtlog.txt
2013-05-07 23:59:36 ----D---- C:\Windows\pss
2013-05-07 22:02:59 ----AD---- C:\Windows\VDLL.DLL
2013-05-07 22:02:59 ----AD---- C:\Windows\system32\runouce.exe
2013-05-07 22:02:59 ----AD---- C:\Windows\RUNDL132.EXE
2013-05-07 22:02:59 ----AD---- C:\Windows\logo_1.exe
2013-05-07 21:50:08 ----A---- C:\Windows\system32\msvcr80.dll
2013-05-07 21:50:07 ----A---- C:\Windows\system32\msvcp80.dll
2013-05-07 21:50:06 ----A---- C:\Windows\system32\msvcp90.dll
2013-05-07 21:50:05 ----A---- C:\Windows\system32\msvcr90.dll
2013-05-07 21:50:03 ----A---- C:\Windows\system32\eEmpty.exe
2013-05-07 21:49:59 ----D---- C:\Program Files\Common Files\MicroWorld
2013-05-07 21:48:48 ----D---- C:\ProgramData\MicroWorld
2013-05-06 06:09:34 ----D---- C:\Windows\Temp65B11800-8EFE-75B7-0A99-AD02E592F8CA-Signatures
2013-05-05 16:27:42 ----D---- C:\Windows\TempC70BAC86-5370-5924-9479-FE9926B5220A-Signatures
2013-05-05 07:06:02 ----D---- C:\cf947b0bb5db6fa0fffc946099afd833
2013-05-05 06:58:42 ----D---- C:\Windows\TempA3C20675-9265-E321-BB71-B6E88DE21270-Signatures
2013-05-04 17:51:57 ----D---- C:\Windows\Temp547A3239-FAA4-4D9A-8C27-2027ADE870A8-Signatures
2013-05-04 17:04:07 ----D---- C:\Windows\Temp8F75B8CB-B5EF-EBB8-28F1-3C5A2E7CF64F-Signatures
2013-05-04 16:01:14 ----D---- C:\Windows\Temp4DC5F4A7-F387-C020-CF0C-4D9372FC6203-Signatures
2013-05-04 11:33:07 ----D---- C:\Windows\Temp682260EE-9BAD-F854-D6B3-FF2E7ADA1A30-Signatures
2013-05-03 17:59:24 ----D---- C:\Windows\Temp95397AA3-2DAD-7272-3DF9-A01993EFD3A4-Signatures
2013-05-03 12:16:43 ----D---- C:\Windows\TempB007CA50-E7F9-73C4-D2DA-DEEFE0BD1675-Signatures
2013-05-03 09:59:43 ----D---- C:\Windows\TempCD61E823-13C8-ADED-544C-D8CD7AA2367F-Signatures
2013-05-03 09:13:26 ----D---- C:\Windows\TempD7D441D7-58B1-8795-D40B-8B8071891F0F-Signatures
2013-05-02 21:02:12 ----D---- C:\Windows\TempB3B0801E-8EF5-D724-B9E7-45C90C8A4937-Signatures
2013-05-02 15:32:17 ----D---- C:\Windows\Temp816D6177-D631-3DDA-2797-362FB5CDB00B-Signatures
2013-05-02 11:30:19 ----D---- C:\Windows\Temp7EF0446B-276B-05F4-9F34-E0788007D03A-Signatures
2013-05-02 08:52:32 ----D---- C:\Windows\Temp0754AE47-4FD9-C64D-143A-4AB460FC8751-Signatures
2013-05-02 08:14:57 ----D---- C:\Windows\TempE0C12586-5CE6-AECC-AA96-DCE54E485B13-Signatures
2013-05-02 08:09:37 ----D---- C:\Windows\Temp5CF52C91-F058-82A6-E798-4DA735A42780-Signatures
2013-05-01 18:36:57 ----D---- C:\Windows\Temp1012EA30-8C38-E275-ABC9-7A307623A464-Signatures
2013-05-01 09:42:22 ----D---- C:\Windows\Temp01B1F94D-8EEF-7CA2-E544-0E89227291EC-Signatures
2013-05-01 08:28:09 ----D---- C:\Windows\Temp6839B559-E8A4-FE88-0DF1-927505E88094-Signatures
2013-05-01 07:59:07 ----D---- C:\Windows\TempF258F48F-D2B9-B65A-1497-A39101690459-Signatures
2013-04-30 18:58:43 ----D---- C:\fbb8b2e69b4cc86bb529ba36
2013-04-29 19:37:47 ----D---- C:\Windows\TempD45F01EF-8E7B-3FB3-017F-544E468E19BC-Signatures
2013-04-29 10:39:28 ----D---- C:\Windows\Temp4EABCEA8-2605-714F-5933-6841ED411FF8-Signatures
2013-04-28 10:54:48 ----D---- C:\Windows\Temp4AA7AC37-CC03-394B-7FA8-F70C5428DB4A-Signatures
2013-04-28 08:08:10 ----D---- C:\Windows\Temp0957163E-A0B2-C9F4-FCF8-F0CE35275D5F-Signatures
2013-04-28 07:37:27 ----D---- C:\Windows\Temp63BD86F3-BD77-D6D3-DEE6-B1CB9BA4D965-Signatures
2013-04-28 03:01:08 ----D---- C:\09ad334adefd0eaa18fa
2013-04-27 10:31:25 ----D---- C:\Windows\Temp3CABB058-A1BD-2FD8-F71B-D5BA4AD79948-Signatures
2013-04-27 09:54:49 ----D---- C:\Windows\TempC3DD3C18-0E0A-FC65-A1E0-C88BA6CA19E1-Signatures
2013-04-27 08:23:09 ----D---- C:\Windows\TempDF83EA8C-F604-654C-2A2E-AD226364F041-Signatures
2013-04-26 19:45:25 ----D---- C:\Windows\Temp5DFB2CF5-6C0D-6B97-899D-7ACD4A84D4C2-Signatures
2013-04-26 19:15:12 ----D---- C:\Windows\Temp0933CBA0-FC17-8B0E-7C78-B05C6C299CD3-Signatures
2013-04-26 12:50:36 ----D---- C:\Windows\Temp0374E2E3-5203-1381-778F-5B5731722FF7-Signatures
2013-04-26 11:20:42 ----D---- C:\Windows\Temp173AA36E-350E-C969-DD37-CB81BAEFE200-Signatures
2013-04-26 09:02:35 ----D---- C:\Windows\Temp04935E65-01FA-2D8C-D608-AABFAEB8AF82-Signatures
2013-04-26 07:35:38 ----D---- C:\Windows\Temp0FCB1FD2-D2A6-8C14-8957-84488D4E7048-Signatures
2013-04-25 20:54:06 ----D---- C:\Windows\Temp43A33A63-9A99-2C38-E62D-3D1A51CE376A-Signatures
2013-04-25 15:57:52 ----D---- C:\Windows\Temp6857E97E-B393-5E7F-7C50-E8BC795B9D57-Signatures
2013-04-25 15:46:32 ----D---- C:\Windows\TempEE531F8D-8E15-245B-5557-B72C87F6E655-Signatures
2013-04-24 18:05:41 ----D---- C:\Windows\Temp3F734CE1-907C-DECC-9795-229F52917A2F-Signatures
2013-04-24 08:46:36 ----D---- C:\Windows\TempC0A91223-5461-057A-ED44-12B886D8F527-Signatures
2013-04-24 08:28:30 ----D---- C:\Program Files\Common Files\Skype
2013-04-24 07:30:23 ----D---- C:\Windows\TempFD590DD3-CF77-5D2A-9BC1-9997AEF467DD-Signatures
2013-04-23 20:08:56 ----D---- C:\Windows\Temp52B17CC0-5007-9E8D-57CD-8F92B38A1E04-Signatures
2013-04-22 19:43:10 ----D---- C:\Windows\Temp1650B280-F250-9866-E3C6-A3F3EA74B377-Signatures
2013-04-22 15:06:18 ----D---- C:\Windows\Temp5F1908F2-7325-81A3-1944-F79C2B2B2CA0-Signatures
2013-04-21 17:01:54 ----D---- C:\Windows\TempAF3FE3CB-160F-AE07-D011-F38FBBA0ECFA-Signatures
2013-04-21 11:32:48 ----D---- C:\Windows\Temp397DF987-673F-CF6D-C8F1-1F9E568F699B-Signatures
2013-04-21 06:58:08 ----D---- C:\Windows\Temp65C9515B-DDF6-C35B-24B5-4D0320B46E0F-Signatures
2013-04-20 22:22:41 ----D---- C:\Windows\TempF54969B8-8157-2E37-4C3A-49504BED1E07-Signatures
2013-04-20 21:53:27 ----D---- C:\Windows\Temp88A97FCD-AF22-D5E3-C4C2-5D09A3EF63B7-Signatures
2013-04-20 13:25:08 ----D---- C:\Windows\TempFAE6706A-A9A8-3D79-957C-1E27593CBD80-Signatures
2013-04-20 12:27:15 ----D---- C:\Windows\TempFE7AA0D3-DB73-A137-B27F-CFB5D45CC39B-Signatures
2013-04-20 11:37:58 ----D---- C:\Windows\TempC2BA5E60-4CA0-4EC9-337B-2E4B039B6A9E-Signatures
2013-04-19 15:41:15 ----D---- C:\Windows\Temp4FE5E506-226A-C7DE-D2FC-9762C45B26F6-Signatures
2013-04-16 03:02:57 ----D---- C:\Windows\TempDFFAE73A-DAEA-B8EE-62A8-D141E9239B20-Signatures
2013-04-15 20:19:17 ----D---- C:\Windows\Temp3B3200B3-5234-469E-7EEF-41F7245DF633-Signatures
2013-04-15 12:42:26 ----D---- C:\a72576cb8f14060a3b1ffe4ae8360ad8
2013-04-15 08:59:16 ----D---- C:\Windows\Temp774E8E1C-8ED7-9B82-3CCC-D88F159D6799-Signatures
2013-04-15 08:29:02 ----D---- C:\Windows\TempB3385A14-3A8D-609D-E338-FF4FB6F34779-Signatures
2013-04-14 19:41:09 ----D---- C:\Windows\TempFDCBF3CC-2760-F0CB-8968-B4C47DC1C364-Signatures
2013-04-14 07:47:07 ----D---- C:\Windows\Temp77FFF178-B89D-E02F-413E-791793AB824A-Signatures
2013-04-13 20:37:20 ----D---- C:\Windows\TempE69CAC48-DF1A-8841-2024-011F54584D04-Signatures
2013-04-13 20:02:54 ----D---- C:\Windows\Temp6068B029-A8E1-68BE-A197-55D08E41A51B-Signatures
2013-04-13 15:54:30 ----D---- C:\Windows\TempF378541C-44BA-D150-8A65-B423BAEF5455-Signatures
2013-04-13 11:11:46 ----D---- C:\Windows\Temp5AC480EF-1668-3178-F09A-723A8F7B7610-Signatures
2013-04-13 09:52:11 ----D---- C:\Windows\Temp7C270A4A-33CA-BF3A-95F4-FCB9E4945D8E-Signatures
2013-04-13 08:41:09 ----D---- C:\Windows\Temp82B4FEFB-B0EF-306F-574D-8F75C686BE82-Signatures

======List of files/folders modified in the last 1 month======

2013-05-12 19:38:27 ----RD---- C:\Program Files
2013-05-12 19:38:25 ----D---- C:\Windows\Temp
2013-05-08 01:55:44 ----D---- C:\Windows\system32\catroot2
2013-05-08 00:51:12 ----SD---- C:\Users\Francimor\AppData\Roaming\Microsoft
2013-05-08 00:51:11 ----SD---- C:\ProgramData\Microsoft
2013-05-08 00:19:46 ----D---- C:\Windows\system32\drivers
2013-05-08 00:19:20 ----D---- C:\Windows
2013-05-08 00:03:29 ----SHD---- C:\System Volume Information
2013-05-07 22:02:59 ----D---- C:\Windows\System32
2013-05-07 21:49:59 ----D---- C:\Program Files\Common Files
2013-05-07 21:48:54 ----A---- C:\Windows\win.ini
2013-05-07 21:48:48 ----HD---- C:\ProgramData
2013-05-07 21:30:04 ----D---- C:\Users\Francimor\AppData\Roaming\Spyware Terminator
2013-05-07 21:25:54 ----D---- C:\Users\Francimor\AppData\Roaming\Skype
2013-05-06 08:07:21 ----D---- C:\Windows\Logs
2013-05-06 06:10:14 ----SHD---- C:\Windows\Installer
2013-05-06 06:10:14 ----SHD---- C:\Config.Msi
2013-05-05 12:04:49 ----D---- C:\Program Files\Google
2013-05-05 11:52:08 ----D---- C:\Windows\Prefetch
2013-05-04 17:52:10 ----D---- C:\Windows\system32\drivers\AVG
2013-05-02 17:28:50 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-24 15:16:10 ----D---- C:\Program Files\Mozilla Firefox
2013-04-24 08:29:44 ----D---- C:\Windows\inf
2013-04-24 08:29:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-24 08:28:38 ----D---- C:\ProgramData\Skype
2013-04-24 08:28:31 ----RD---- C:\Program Files\Skype
2013-04-23 20:10:04 ----D---- C:\Windows\winsxs
2013-04-23 20:01:00 ----D---- C:\Windows\system32\catroot
2013-04-20 09:22:51 ----D---- C:\ProgramData\MFAData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-08 331288]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-02-19 33112]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-10-16 142592]
R3 5U876UVC;HP Webcam [2 MP series]; C:\Windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-06-02 2707448]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 15872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-10-28 2476544]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 99272]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-11-09 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-11-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-11-09 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-11-09 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2009-06-04 312832]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-10-16 488960]
R2 yksvc;Marvell Yukon Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-02 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-19 968880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-02 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-26 129976]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 287824]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 12 kvě 2013 19:39
od Rudy
Zdravím!
Zkuste obnovu systému k datu, kdy korektně fungoval.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 12 kvě 2013 22:49
od Vlkus
Zapomněl jsem připsat, že obnova systému nefunguje taky, nástroj se sice spustí, PC se restartuje, ale pak to napíše, že se nepodařilo obnovu provést a žádné registry ani soubory nebyly obnoveny.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 13 kvě 2013 16:49
od Rudy
Otestujeme HDD. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 13 kvě 2013 19:41
od Vlkus
Zdravím, tady je log z Crystal disk info. A můžu se zeptat, dá se podle RSIT logu říct, že v tom noťasu není žádná havěť?

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2013/05/13 20:26:11

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- ST9250410AS
- hp DVD RW AD-7561S
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST9250410AS : 250,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9250410AS
----------------------------------------------------------------------------
Model : ST9250410AS
Firmware : 0006HPM1
Serial Number : 5VG485SY
Disk Size : 250,0 GB (8,4/137,4/250,0/250,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 1790 hod.
Power On Count : 5061 krát
Temparature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 000009D82660 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _96 _96 __0 0000000013CC Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _69 _60 _30 000C06128F5A Počet chybných hledání
09 _98 _98 __0 0000000006FE Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _37 _20 0000000013C5 Počet cyklů zapnutí zařízení
B7 100 253 __0 000000000000 Neznámý
B8 100 100 _97 000000000000 Ukončovacích chyb
BB _91 _91 __0 000000000009 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _73 _55 _45 00001B16001B Teplota toku vzduchu
BF 100 100 __0 000000000119 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000039 Počet vypnutí disku
C1 _90 _90 __0 000000005467 Počet cyklů načítání/vymazání
C2 _27 _45 __0 00080000001B Teplota
C3 _50 _39 __0 000009D82660 Počet oprav chybného čtení
C4 100 100 _36 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3556 4734 3835 5359 2020 2020 2020 2020 2020 2020
020: 0000 8000 0004 3030 3036 4850 4D31 5354 3932 3530
030: 3431 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 004C
080: 01F8 0029 306B 7C09 6123 3069 BC09 6123 203F 001A
090: 001A 8080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 5000 C500
110: 2442 E69E 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 5970
130: 1D1C 5970 1D1C 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 0000 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3E00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 23A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 63 60 26 D8 09 00 00 00 03 02
010: 00 63 63 00 00 00 00 00 00 00 04 33 00 60 60 CC
020: 13 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 45 3C 5A 8F 12 06 0C 00 00 09 32
040: 00 62 62 FE 06 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 33 00 60 25 C5 13 00 00 00
060: 00 00 B7 32 00 64 FD 00 00 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 5B 5B 09
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 49 37 1B 00 16 1B 00 00 00 BF 32 00 64 64 19
0B0: 01 00 00 00 00 00 C0 32 00 64 64 39 00 00 00 00
0C0: 00 00 C1 32 00 5A 5A 67 54 00 00 00 00 00 C2 22
0D0: 00 1B 2D 1B 00 00 00 08 00 00 C3 1A 00 32 27 60
0E0: 26 D8 09 00 00 00 C4 33 00 64 64 00 00 00 00 00
0F0: 00 00 C5 12 00 64 64 00 00 00 00 00 00 00 C6 10
100: 00 64 64 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
110: 00 00 00 00 00 00 FE 32 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53
170: 03 00 01 00 02 36 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 F7 0A 00 00 05 01 01 01 01 01 01 01
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 19 01 00 00 C8 3B B1 15 DE 05 00 00
1B0: 00 00 00 00 01 00 6B 02 6A FD 2A 72 1B D7 02 00
1C0: EC 81 CC 6F 05 99 16 00 00 00 00 00 77 33 59 00
1D0: 01 00 00 00 00 00 00 00 7E 04 00 00 79 00 01 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0E0: 00 00 00 00 00 00 C4 24 00 00 00 00 00 00 00 00
0F0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
100: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
110: 00 00 00 00 00 00 FE 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 13 kvě 2013 20:10
od Rudy
Disk je OK. Všechny šmejdy z logu RSIT poznat nelze. Je to kontrola na to, co tam běží, abychom mohli zvolit další postup. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 13 kvě 2013 21:41
od Vlkus
Tady je log z Combofix:

ComboFix 13-05-13.01 - Francimor 13.05.2013 22:22:20.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1975.1169 [GMT 2:00]
Spuštěný z: c:\users\Francimor\Desktop\KPZ\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-13 do 2013-05-13 )))))))))))))))))))))))))))))))
.
.
2013-05-13 20:30 . 2013-05-13 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-13 18:23 . 2013-05-13 18:24 -------- d-----w- c:\program files\CrystalDiskInfo
2013-05-12 17:38 . 2013-05-12 17:38 -------- d-----w- C:\rsit
2013-05-12 17:38 . 2013-05-12 17:38 -------- d-----w- c:\program files\trend micro
2013-05-07 22:19 . 2013-05-07 19:52 27688 ----a-w- c:\windows\system32\drivers\eRootDrv.sys
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\VDLL.DLL
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\system32\runouce.exe
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\logo_1.exe
2013-05-07 19:50 . 2013-05-07 19:50 632064 ----a-w- c:\windows\system32\msvcr80.dll
2013-05-07 19:50 . 2013-05-07 19:50 554240 ----a-w- c:\windows\system32\msvcp80.dll
2013-05-07 19:50 . 2013-05-07 19:50 572928 ----a-w- c:\windows\system32\msvcp90.dll
2013-05-07 19:50 . 2013-05-07 19:50 655872 ----a-w- c:\windows\system32\msvcr90.dll
2013-05-07 19:50 . 2013-05-07 19:50 34048 ----a-w- c:\windows\system32\eEmpty.exe
2013-05-07 19:49 . 2013-05-07 19:49 -------- d-----w- c:\program files\Common Files\MicroWorld
2013-05-07 19:48 . 2013-05-07 19:49 -------- d-----w- c:\programdata\MicroWorld
2013-05-06 04:09 . 2013-05-06 04:09 -------- d-----w- c:\windows\Temp65B11800-8EFE-75B7-0A99-AD02E592F8CA-Signatures
2013-05-05 14:27 . 2013-05-05 14:27 -------- d-----w- c:\windows\TempC70BAC86-5370-5924-9479-FE9926B5220A-Signatures
2013-05-05 05:06 . 2013-05-05 05:06 -------- d-----w- C:\cf947b0bb5db6fa0fffc946099afd833
2013-05-05 04:58 . 2013-05-05 04:58 -------- d-----w- c:\windows\TempA3C20675-9265-E321-BB71-B6E88DE21270-Signatures
2013-05-04 15:51 . 2013-05-04 15:51 -------- d-----w- c:\windows\Temp547A3239-FAA4-4D9A-8C27-2027ADE870A8-Signatures
2013-05-04 15:04 . 2013-05-04 15:04 -------- d-----w- c:\windows\Temp8F75B8CB-B5EF-EBB8-28F1-3C5A2E7CF64F-Signatures
2013-05-04 14:01 . 2013-05-04 14:01 -------- d-----w- c:\windows\Temp4DC5F4A7-F387-C020-CF0C-4D9372FC6203-Signatures
2013-05-04 10:31 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C632C02D-460E-4D18-9CB6-FB3DF4F19216}\mpengine.dll
2013-05-04 09:33 . 2013-05-04 09:33 -------- d-----w- c:\windows\Temp682260EE-9BAD-F854-D6B3-FF2E7ADA1A30-Signatures
2013-05-03 15:59 . 2013-05-03 15:59 -------- d-----w- c:\windows\Temp95397AA3-2DAD-7272-3DF9-A01993EFD3A4-Signatures
2013-05-03 10:16 . 2013-05-03 10:16 -------- d-----w- c:\windows\TempB007CA50-E7F9-73C4-D2DA-DEEFE0BD1675-Signatures
2013-05-03 07:59 . 2013-05-03 07:59 -------- d-----w- c:\windows\TempCD61E823-13C8-ADED-544C-D8CD7AA2367F-Signatures
2013-05-03 07:13 . 2013-05-03 07:13 -------- d-----w- c:\windows\TempD7D441D7-58B1-8795-D40B-8B8071891F0F-Signatures
2013-05-03 06:26 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-02 19:02 . 2013-05-02 19:02 -------- d-----w- c:\windows\TempB3B0801E-8EF5-D724-B9E7-45C90C8A4937-Signatures
2013-05-02 13:32 . 2013-05-02 13:32 -------- d-----w- c:\windows\Temp816D6177-D631-3DDA-2797-362FB5CDB00B-Signatures
2013-05-02 09:30 . 2013-05-02 09:30 -------- d-----w- c:\windows\Temp7EF0446B-276B-05F4-9F34-E0788007D03A-Signatures
2013-05-02 06:52 . 2013-05-02 06:52 -------- d-----w- c:\windows\Temp0754AE47-4FD9-C64D-143A-4AB460FC8751-Signatures
2013-05-02 06:14 . 2013-05-02 06:15 -------- d-----w- c:\windows\TempE0C12586-5CE6-AECC-AA96-DCE54E485B13-Signatures
2013-05-02 06:09 . 2013-05-02 06:09 -------- d-----w- c:\windows\Temp5CF52C91-F058-82A6-E798-4DA735A42780-Signatures
2013-05-01 16:36 . 2013-05-01 16:36 -------- d-----w- c:\windows\Temp1012EA30-8C38-E275-ABC9-7A307623A464-Signatures
2013-05-01 07:42 . 2013-05-01 07:42 -------- d-----w- c:\windows\Temp01B1F94D-8EEF-7CA2-E544-0E89227291EC-Signatures
2013-05-01 06:28 . 2013-05-01 06:28 -------- d-----w- c:\windows\Temp6839B559-E8A4-FE88-0DF1-927505E88094-Signatures
2013-05-01 05:59 . 2013-05-01 05:59 -------- d-----w- c:\windows\TempF258F48F-D2B9-B65A-1497-A39101690459-Signatures
2013-04-30 16:58 . 2013-04-30 16:58 -------- d-----w- C:\fbb8b2e69b4cc86bb529ba36
2013-04-29 17:37 . 2013-04-29 17:37 -------- d-----w- c:\windows\TempD45F01EF-8E7B-3FB3-017F-544E468E19BC-Signatures
2013-04-29 08:39 . 2013-04-29 08:39 -------- d-----w- c:\windows\Temp4EABCEA8-2605-714F-5933-6841ED411FF8-Signatures
2013-04-28 08:54 . 2013-04-28 08:54 -------- d-----w- c:\windows\Temp4AA7AC37-CC03-394B-7FA8-F70C5428DB4A-Signatures
2013-04-28 06:08 . 2013-04-28 06:08 -------- d-----w- c:\windows\Temp0957163E-A0B2-C9F4-FCF8-F0CE35275D5F-Signatures
2013-04-28 05:37 . 2013-04-28 05:37 -------- d-----w- c:\windows\Temp63BD86F3-BD77-D6D3-DEE6-B1CB9BA4D965-Signatures
2013-04-28 01:01 . 2013-04-28 01:01 -------- d-----w- C:\09ad334adefd0eaa18fa
2013-04-27 08:31 . 2013-04-27 08:31 -------- d-----w- c:\windows\Temp3CABB058-A1BD-2FD8-F71B-D5BA4AD79948-Signatures
2013-04-27 07:54 . 2013-04-27 07:54 -------- d-----w- c:\windows\TempC3DD3C18-0E0A-FC65-A1E0-C88BA6CA19E1-Signatures
2013-04-27 06:23 . 2013-04-27 06:23 -------- d-----w- c:\windows\TempDF83EA8C-F604-654C-2A2E-AD226364F041-Signatures
2013-04-26 17:45 . 2013-04-26 17:45 -------- d-----w- c:\windows\Temp5DFB2CF5-6C0D-6B97-899D-7ACD4A84D4C2-Signatures
2013-04-26 17:15 . 2013-04-26 17:15 -------- d-----w- c:\windows\Temp0933CBA0-FC17-8B0E-7C78-B05C6C299CD3-Signatures
2013-04-26 10:50 . 2013-04-26 10:50 -------- d-----w- c:\windows\Temp0374E2E3-5203-1381-778F-5B5731722FF7-Signatures
2013-04-26 09:20 . 2013-04-26 09:20 -------- d-----w- c:\windows\Temp173AA36E-350E-C969-DD37-CB81BAEFE200-Signatures
2013-04-26 07:02 . 2013-04-26 07:02 -------- d-----w- c:\windows\Temp04935E65-01FA-2D8C-D608-AABFAEB8AF82-Signatures
2013-04-26 05:35 . 2013-04-26 05:35 -------- d-----w- c:\windows\Temp0FCB1FD2-D2A6-8C14-8957-84488D4E7048-Signatures
2013-04-25 18:54 . 2013-04-25 18:54 -------- d-----w- c:\windows\Temp43A33A63-9A99-2C38-E62D-3D1A51CE376A-Signatures
2013-04-25 13:57 . 2013-04-25 13:57 -------- d-----w- c:\windows\Temp6857E97E-B393-5E7F-7C50-E8BC795B9D57-Signatures
2013-04-25 13:46 . 2013-04-25 13:46 -------- d-----w- c:\windows\TempEE531F8D-8E15-245B-5557-B72C87F6E655-Signatures
2013-04-24 16:05 . 2013-04-24 16:05 -------- d-----w- c:\windows\Temp3F734CE1-907C-DECC-9795-229F52917A2F-Signatures
2013-04-24 06:46 . 2013-04-24 06:46 -------- d-----w- c:\windows\TempC0A91223-5461-057A-ED44-12B886D8F527-Signatures
2013-04-24 06:28 . 2013-04-24 06:28 -------- d-----w- c:\program files\Common Files\Skype
2013-04-24 05:30 . 2013-04-24 05:30 -------- d-----w- c:\windows\TempFD590DD3-CF77-5D2A-9BC1-9997AEF467DD-Signatures
2013-04-23 18:08 . 2013-04-23 18:09 -------- d-----w- c:\windows\Temp52B17CC0-5007-9E8D-57CD-8F92B38A1E04-Signatures
2013-04-23 18:03 . 2013-04-23 18:01 706640 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD5B5C84-A67C-424F-87CA-487A8681C35A}\gapaengine.dll
2013-04-22 17:43 . 2013-04-22 17:43 -------- d-----w- c:\windows\Temp1650B280-F250-9866-E3C6-A3F3EA74B377-Signatures
2013-04-22 13:06 . 2013-04-22 13:06 -------- d-----w- c:\windows\Temp5F1908F2-7325-81A3-1944-F79C2B2B2CA0-Signatures
2013-04-21 15:01 . 2013-04-21 15:02 -------- d-----w- c:\windows\TempAF3FE3CB-160F-AE07-D011-F38FBBA0ECFA-Signatures
2013-04-21 09:32 . 2013-04-21 09:32 -------- d-----w- c:\windows\Temp397DF987-673F-CF6D-C8F1-1F9E568F699B-Signatures
2013-04-21 04:58 . 2013-04-21 04:58 -------- d-----w- c:\windows\Temp65C9515B-DDF6-C35B-24B5-4D0320B46E0F-Signatures
2013-04-20 20:22 . 2013-04-20 20:22 -------- d-----w- c:\windows\TempF54969B8-8157-2E37-4C3A-49504BED1E07-Signatures
2013-04-20 19:53 . 2013-04-20 19:53 -------- d-----w- c:\windows\Temp88A97FCD-AF22-D5E3-C4C2-5D09A3EF63B7-Signatures
2013-04-20 11:25 . 2013-04-20 11:25 -------- d-----w- c:\windows\TempFAE6706A-A9A8-3D79-957C-1E27593CBD80-Signatures
2013-04-20 10:27 . 2013-04-20 10:27 -------- d-----w- c:\windows\TempFE7AA0D3-DB73-A137-B27F-CFB5D45CC39B-Signatures
2013-04-20 09:37 . 2013-04-20 09:38 -------- d-----w- c:\windows\TempC2BA5E60-4CA0-4EC9-337B-2E4B039B6A9E-Signatures
2013-04-19 13:41 . 2013-04-19 13:41 -------- d-----w- c:\windows\Temp4FE5E506-226A-C7DE-D2FC-9762C45B26F6-Signatures
2013-04-16 01:02 . 2013-04-16 01:02 -------- d-----w- c:\windows\TempDFFAE73A-DAEA-B8EE-62A8-D141E9239B20-Signatures
2013-04-15 18:19 . 2013-04-15 18:19 -------- d-----w- c:\windows\Temp3B3200B3-5234-469E-7EEF-41F7245DF633-Signatures
2013-04-15 10:42 . 2013-04-15 10:42 -------- d-----w- C:\a72576cb8f14060a3b1ffe4ae8360ad8
2013-04-15 06:59 . 2013-04-15 06:59 -------- d-----w- c:\windows\Temp774E8E1C-8ED7-9B82-3CCC-D88F159D6799-Signatures
2013-04-15 06:29 . 2013-04-15 06:29 -------- d-----w- c:\windows\TempB3385A14-3A8D-609D-E338-FF4FB6F34779-Signatures
2013-04-14 17:41 . 2013-04-14 17:41 -------- d-----w- c:\windows\TempFDCBF3CC-2760-F0CB-8968-B4C47DC1C364-Signatures
2013-04-14 05:47 . 2013-04-14 05:47 -------- d-----w- c:\windows\Temp77FFF178-B89D-E02F-413E-791793AB824A-Signatures
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 15:28 . 2010-06-02 20:18 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-03-13 16:51 . 2012-05-01 04:51 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 16:51 . 2011-05-14 04:02 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 13:25 . 2013-04-10 15:44 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-11 13:25 . 2013-04-10 15:44 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-09 03:45 . 2013-04-10 15:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-09 01:28 . 2013-04-10 15:44 64000 ----a-w- c:\windows\system32\smss.exe
2013-03-08 03:53 . 2013-04-10 15:43 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-03-08 03:52 . 2013-04-10 15:43 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-03-05 01:40 . 2013-04-10 15:43 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-03-03 19:07 . 2013-04-10 15:44 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-02-22 03:46 . 2013-04-10 15:55 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-22 03:38 . 2013-04-10 15:55 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-22 03:37 . 2013-04-10 15:55 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-22 03:34 . 2013-04-10 15:55 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-22 03:34 . 2013-04-10 15:55 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-22 03:31 . 2013-04-10 15:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-19 09:42 . 2012-09-03 16:42 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-05-26 14:19 . 2011-05-09 16:43 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-19 09:42 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-19 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-09 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-09 154136]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-10-29 273528]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-19 1151152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-05-04 1561768]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Francimor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Francimor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2012-11-19 16:25 2598520 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 05:07 138096 ----atw- c:\users\Francimor\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-10 21:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-06-02 20:05 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
yksvcs REG_MULTI_SZ yksvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 16:51]
.
2013-05-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000Core.job
- c:\users\Francimor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-21 05:07]
.
2013-05-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000UA.job
- c:\users\Francimor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-21 05:07]
.
2013-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-02 20:05]
.
2013-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-02 20:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.2 192.168.100.252
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Francimor\AppData\Roaming\Mozilla\Firefox\Profiles\sc3sta2w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid={C7557620-64D2-4284-9006-822EEA601C61}&mid=5468c3e720df47d1913fd16e557aeef9-f9c4709d0108c3401e7dc010807d0f4e8fc774ba&lang=cs&ds=AVG&pr=fr&d=2012-06-05 21:46&pid=avg&sg=&v=14.0.2.14&sap=ku&q=
FF - ExtSQL: !HIDDEN! 2010-06-20 13:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-13 22:32
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Hpservice.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\AVG\AVG2012\avgwdsvc.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2013-05-13 22:37:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-13 20:37
.
Před spuštěním: Volných bajtů: 131 170 627 584
Po spuštění: Volných bajtů: 137 590 906 880
.
- - End Of File - - 5A9AFD8A04D6DD05E84AAE1E7441C862

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 13 kvě 2013 21:51
od Rudy
Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Folder::
c:\program files\Ask.com
c:\users\Francimor\AppData\Local\Facebook\Update
c:\program files\Google\GoogleToolbarNotifier
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job


Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"ApnUpdater"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

Firefox::
FF - ProfilePath - c:\users\Francimor\AppData\Roaming\Mozilla\Firefox\Profiles\sc3sta2w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 13 kvě 2013 22:56
od Vlkus
Hotovo, tady je výsledek:

ComboFix 13-05-13.01 - Francimor 13.05.2013 23:24:15.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1975.1008 [GMT 2:00]
Spuštěný z: c:\users\Francimor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Francimor\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\Google\GoogleToolbarNotifier
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\gth.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\Readme.url
c:\program files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\users\Francimor\AppData\Local\Facebook\Update
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Francimor\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Francimor\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4016428565-1571195202-236556973-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-13 do 2013-05-13 )))))))))))))))))))))))))))))))
.
.
2013-05-13 21:40 . 2013-05-13 21:42 -------- d-----w- c:\users\Francimor\AppData\Local\temp
2013-05-13 21:40 . 2013-05-13 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-13 18:23 . 2013-05-13 18:24 -------- d-----w- c:\program files\CrystalDiskInfo
2013-05-12 17:38 . 2013-05-12 17:38 -------- d-----w- C:\rsit
2013-05-12 17:38 . 2013-05-12 17:38 -------- d-----w- c:\program files\trend micro
2013-05-07 22:19 . 2013-05-07 19:52 27688 ----a-w- c:\windows\system32\drivers\eRootDrv.sys
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\VDLL.DLL
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\system32\runouce.exe
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\RUNDL132.EXE
2013-05-07 20:02 . 2013-05-07 20:02 -------- d---a-w- c:\windows\logo_1.exe
2013-05-07 19:50 . 2013-05-07 19:50 632064 ----a-w- c:\windows\system32\msvcr80.dll
2013-05-07 19:50 . 2013-05-07 19:50 554240 ----a-w- c:\windows\system32\msvcp80.dll
2013-05-07 19:50 . 2013-05-07 19:50 572928 ----a-w- c:\windows\system32\msvcp90.dll
2013-05-07 19:50 . 2013-05-07 19:50 655872 ----a-w- c:\windows\system32\msvcr90.dll
2013-05-07 19:50 . 2013-05-07 19:50 34048 ----a-w- c:\windows\system32\eEmpty.exe
2013-05-07 19:49 . 2013-05-07 19:49 -------- d-----w- c:\program files\Common Files\MicroWorld
2013-05-07 19:48 . 2013-05-07 19:49 -------- d-----w- c:\programdata\MicroWorld
2013-05-06 04:09 . 2013-05-06 04:09 -------- d-----w- c:\windows\Temp65B11800-8EFE-75B7-0A99-AD02E592F8CA-Signatures
2013-05-05 14:27 . 2013-05-05 14:27 -------- d-----w- c:\windows\TempC70BAC86-5370-5924-9479-FE9926B5220A-Signatures
2013-05-05 05:06 . 2013-05-05 05:06 -------- d-----w- C:\cf947b0bb5db6fa0fffc946099afd833
2013-05-05 04:58 . 2013-05-05 04:58 -------- d-----w- c:\windows\TempA3C20675-9265-E321-BB71-B6E88DE21270-Signatures
2013-05-04 15:51 . 2013-05-04 15:51 -------- d-----w- c:\windows\Temp547A3239-FAA4-4D9A-8C27-2027ADE870A8-Signatures
2013-05-04 15:04 . 2013-05-04 15:04 -------- d-----w- c:\windows\Temp8F75B8CB-B5EF-EBB8-28F1-3C5A2E7CF64F-Signatures
2013-05-04 14:01 . 2013-05-04 14:01 -------- d-----w- c:\windows\Temp4DC5F4A7-F387-C020-CF0C-4D9372FC6203-Signatures
2013-05-04 10:31 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C632C02D-460E-4D18-9CB6-FB3DF4F19216}\mpengine.dll
2013-05-04 09:33 . 2013-05-04 09:33 -------- d-----w- c:\windows\Temp682260EE-9BAD-F854-D6B3-FF2E7ADA1A30-Signatures
2013-05-03 15:59 . 2013-05-03 15:59 -------- d-----w- c:\windows\Temp95397AA3-2DAD-7272-3DF9-A01993EFD3A4-Signatures
2013-05-03 10:16 . 2013-05-03 10:16 -------- d-----w- c:\windows\TempB007CA50-E7F9-73C4-D2DA-DEEFE0BD1675-Signatures
2013-05-03 07:59 . 2013-05-03 07:59 -------- d-----w- c:\windows\TempCD61E823-13C8-ADED-544C-D8CD7AA2367F-Signatures
2013-05-03 07:13 . 2013-05-03 07:13 -------- d-----w- c:\windows\TempD7D441D7-58B1-8795-D40B-8B8071891F0F-Signatures
2013-05-03 06:26 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-02 19:02 . 2013-05-02 19:02 -------- d-----w- c:\windows\TempB3B0801E-8EF5-D724-B9E7-45C90C8A4937-Signatures
2013-05-02 13:32 . 2013-05-02 13:32 -------- d-----w- c:\windows\Temp816D6177-D631-3DDA-2797-362FB5CDB00B-Signatures
2013-05-02 09:30 . 2013-05-02 09:30 -------- d-----w- c:\windows\Temp7EF0446B-276B-05F4-9F34-E0788007D03A-Signatures
2013-05-02 06:52 . 2013-05-02 06:52 -------- d-----w- c:\windows\Temp0754AE47-4FD9-C64D-143A-4AB460FC8751-Signatures
2013-05-02 06:14 . 2013-05-02 06:15 -------- d-----w- c:\windows\TempE0C12586-5CE6-AECC-AA96-DCE54E485B13-Signatures
2013-05-02 06:09 . 2013-05-02 06:09 -------- d-----w- c:\windows\Temp5CF52C91-F058-82A6-E798-4DA735A42780-Signatures
2013-05-01 16:36 . 2013-05-01 16:36 -------- d-----w- c:\windows\Temp1012EA30-8C38-E275-ABC9-7A307623A464-Signatures
2013-05-01 07:42 . 2013-05-01 07:42 -------- d-----w- c:\windows\Temp01B1F94D-8EEF-7CA2-E544-0E89227291EC-Signatures
2013-05-01 06:28 . 2013-05-01 06:28 -------- d-----w- c:\windows\Temp6839B559-E8A4-FE88-0DF1-927505E88094-Signatures
2013-05-01 05:59 . 2013-05-01 05:59 -------- d-----w- c:\windows\TempF258F48F-D2B9-B65A-1497-A39101690459-Signatures
2013-04-30 16:58 . 2013-04-30 16:58 -------- d-----w- C:\fbb8b2e69b4cc86bb529ba36
2013-04-29 17:37 . 2013-04-29 17:37 -------- d-----w- c:\windows\TempD45F01EF-8E7B-3FB3-017F-544E468E19BC-Signatures
2013-04-29 08:39 . 2013-04-29 08:39 -------- d-----w- c:\windows\Temp4EABCEA8-2605-714F-5933-6841ED411FF8-Signatures
2013-04-28 08:54 . 2013-04-28 08:54 -------- d-----w- c:\windows\Temp4AA7AC37-CC03-394B-7FA8-F70C5428DB4A-Signatures
2013-04-28 06:08 . 2013-04-28 06:08 -------- d-----w- c:\windows\Temp0957163E-A0B2-C9F4-FCF8-F0CE35275D5F-Signatures
2013-04-28 05:37 . 2013-04-28 05:37 -------- d-----w- c:\windows\Temp63BD86F3-BD77-D6D3-DEE6-B1CB9BA4D965-Signatures
2013-04-28 01:01 . 2013-04-28 01:01 -------- d-----w- C:\09ad334adefd0eaa18fa
2013-04-27 08:31 . 2013-04-27 08:31 -------- d-----w- c:\windows\Temp3CABB058-A1BD-2FD8-F71B-D5BA4AD79948-Signatures
2013-04-27 07:54 . 2013-04-27 07:54 -------- d-----w- c:\windows\TempC3DD3C18-0E0A-FC65-A1E0-C88BA6CA19E1-Signatures
2013-04-27 06:23 . 2013-04-27 06:23 -------- d-----w- c:\windows\TempDF83EA8C-F604-654C-2A2E-AD226364F041-Signatures
2013-04-26 17:45 . 2013-04-26 17:45 -------- d-----w- c:\windows\Temp5DFB2CF5-6C0D-6B97-899D-7ACD4A84D4C2-Signatures
2013-04-26 17:15 . 2013-04-26 17:15 -------- d-----w- c:\windows\Temp0933CBA0-FC17-8B0E-7C78-B05C6C299CD3-Signatures
2013-04-26 10:50 . 2013-04-26 10:50 -------- d-----w- c:\windows\Temp0374E2E3-5203-1381-778F-5B5731722FF7-Signatures
2013-04-26 09:20 . 2013-04-26 09:20 -------- d-----w- c:\windows\Temp173AA36E-350E-C969-DD37-CB81BAEFE200-Signatures
2013-04-26 07:02 . 2013-04-26 07:02 -------- d-----w- c:\windows\Temp04935E65-01FA-2D8C-D608-AABFAEB8AF82-Signatures
2013-04-26 05:35 . 2013-04-26 05:35 -------- d-----w- c:\windows\Temp0FCB1FD2-D2A6-8C14-8957-84488D4E7048-Signatures
2013-04-25 18:54 . 2013-04-25 18:54 -------- d-----w- c:\windows\Temp43A33A63-9A99-2C38-E62D-3D1A51CE376A-Signatures
2013-04-25 13:57 . 2013-04-25 13:57 -------- d-----w- c:\windows\Temp6857E97E-B393-5E7F-7C50-E8BC795B9D57-Signatures
2013-04-25 13:46 . 2013-04-25 13:46 -------- d-----w- c:\windows\TempEE531F8D-8E15-245B-5557-B72C87F6E655-Signatures
2013-04-24 16:05 . 2013-04-24 16:05 -------- d-----w- c:\windows\Temp3F734CE1-907C-DECC-9795-229F52917A2F-Signatures
2013-04-24 06:46 . 2013-04-24 06:46 -------- d-----w- c:\windows\TempC0A91223-5461-057A-ED44-12B886D8F527-Signatures
2013-04-24 06:28 . 2013-04-24 06:28 -------- d-----w- c:\program files\Common Files\Skype
2013-04-24 05:30 . 2013-04-24 05:30 -------- d-----w- c:\windows\TempFD590DD3-CF77-5D2A-9BC1-9997AEF467DD-Signatures
2013-04-23 18:08 . 2013-04-23 18:09 -------- d-----w- c:\windows\Temp52B17CC0-5007-9E8D-57CD-8F92B38A1E04-Signatures
2013-04-23 18:03 . 2013-04-23 18:01 706640 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD5B5C84-A67C-424F-87CA-487A8681C35A}\gapaengine.dll
2013-04-22 17:43 . 2013-04-22 17:43 -------- d-----w- c:\windows\Temp1650B280-F250-9866-E3C6-A3F3EA74B377-Signatures
2013-04-22 13:06 . 2013-04-22 13:06 -------- d-----w- c:\windows\Temp5F1908F2-7325-81A3-1944-F79C2B2B2CA0-Signatures
2013-04-21 15:01 . 2013-04-21 15:02 -------- d-----w- c:\windows\TempAF3FE3CB-160F-AE07-D011-F38FBBA0ECFA-Signatures
2013-04-21 09:32 . 2013-04-21 09:32 -------- d-----w- c:\windows\Temp397DF987-673F-CF6D-C8F1-1F9E568F699B-Signatures
2013-04-21 04:58 . 2013-04-21 04:58 -------- d-----w- c:\windows\Temp65C9515B-DDF6-C35B-24B5-4D0320B46E0F-Signatures
2013-04-20 20:22 . 2013-04-20 20:22 -------- d-----w- c:\windows\TempF54969B8-8157-2E37-4C3A-49504BED1E07-Signatures
2013-04-20 19:53 . 2013-04-20 19:53 -------- d-----w- c:\windows\Temp88A97FCD-AF22-D5E3-C4C2-5D09A3EF63B7-Signatures
2013-04-20 11:25 . 2013-04-20 11:25 -------- d-----w- c:\windows\TempFAE6706A-A9A8-3D79-957C-1E27593CBD80-Signatures
2013-04-20 10:27 . 2013-04-20 10:27 -------- d-----w- c:\windows\TempFE7AA0D3-DB73-A137-B27F-CFB5D45CC39B-Signatures
2013-04-20 09:37 . 2013-04-20 09:38 -------- d-----w- c:\windows\TempC2BA5E60-4CA0-4EC9-337B-2E4B039B6A9E-Signatures
2013-04-19 13:41 . 2013-04-19 13:41 -------- d-----w- c:\windows\Temp4FE5E506-226A-C7DE-D2FC-9762C45B26F6-Signatures
2013-04-16 01:02 . 2013-04-16 01:02 -------- d-----w- c:\windows\TempDFFAE73A-DAEA-B8EE-62A8-D141E9239B20-Signatures
2013-04-15 18:19 . 2013-04-15 18:19 -------- d-----w- c:\windows\Temp3B3200B3-5234-469E-7EEF-41F7245DF633-Signatures
2013-04-15 10:42 . 2013-04-15 10:42 -------- d-----w- C:\a72576cb8f14060a3b1ffe4ae8360ad8
2013-04-15 06:59 . 2013-04-15 06:59 -------- d-----w- c:\windows\Temp774E8E1C-8ED7-9B82-3CCC-D88F159D6799-Signatures
2013-04-15 06:29 . 2013-04-15 06:29 -------- d-----w- c:\windows\TempB3385A14-3A8D-609D-E338-FF4FB6F34779-Signatures
2013-04-14 17:41 . 2013-04-14 17:41 -------- d-----w- c:\windows\TempFDCBF3CC-2760-F0CB-8968-B4C47DC1C364-Signatures
2013-04-14 05:47 . 2013-04-14 05:47 -------- d-----w- c:\windows\Temp77FFF178-B89D-E02F-413E-791793AB824A-Signatures
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-02 15:28 . 2010-06-02 20:18 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-03-13 16:51 . 2012-05-01 04:51 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 16:51 . 2011-05-14 04:02 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 13:25 . 2013-04-10 15:44 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-11 13:25 . 2013-04-10 15:44 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-09 03:45 . 2013-04-10 15:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-09 01:28 . 2013-04-10 15:44 64000 ----a-w- c:\windows\system32\smss.exe
2013-03-08 03:53 . 2013-04-10 15:43 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-03-08 03:52 . 2013-04-10 15:43 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-03-05 01:40 . 2013-04-10 15:43 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-03-03 19:07 . 2013-04-10 15:44 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-02-22 03:46 . 2013-04-10 15:55 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-22 03:38 . 2013-04-10 15:55 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-22 03:37 . 2013-04-10 15:55 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-22 03:34 . 2013-04-10 15:55 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-22 03:34 . 2013-04-10 15:55 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-22 03:31 . 2013-04-10 15:55 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-19 09:42 . 2012-09-03 16:42 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-05-26 14:19 . 2011-05-09 16:43 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-19 09:42 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-19 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-09 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-09 154136]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-10-29 273528]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-19 1151152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Francimor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\users\Francimor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2012-11-19 16:25 2598520 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-10 21:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
yksvcs REG_MULTI_SZ yksvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 16:51]
.
2013-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-02 20:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.2 192.168.100.252
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Francimor\AppData\Roaming\Mozilla\Firefox\Profiles\sc3sta2w.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid={C7557620-64D2-4284-9006-822EEA601C61}&mid=5468c3e720df47d1913fd16e557aeef9-f9c4709d0108c3401e7dc010807d0f4e8fc774ba&lang=cs&ds=AVG&pr=fr&d=2012-06-05 21:46&pid=avg&sg=&v=14.0.2.14&sap=ku&q=
FF - ExtSQL: !HIDDEN! 2010-06-20 13:15; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files\Ask.com\Updater\Updater.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-13 23:41
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Hpservice.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\AVG\AVG2012\avgwdsvc.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2013-05-13 23:49:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-13 21:49
ComboFix2.txt 2013-05-13 21:10
ComboFix3.txt 2013-05-13 20:37
.
Před spuštěním: Volných bajtů: 137 116 811 264
Po spuštění: Volných bajtů: 136 944 594 944
.
- - End Of File - - D19FBFBD4D79809499AA1337BA9F331E

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 14 kvě 2013 17:53
od Rudy
Smazáno. Nastala nějaká změna?

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 14 kvě 2013 18:27
od Vlkus
Včera po 1. restartu změna žádná, dnes po zapnutí počítače najel Firewall, ale stále nefunguje připojení k netu. Vyhledávání sítí je vypnuté a při pokusu ho zapnout píše, že se nepodařilo připojit závislou službu nebo skupinu.

Nemůžu spustit ani diagnostiku problému s připojením, při pokusu spustit službu Zásady diagnostiky (DPS) hlásí chybu 1079 - účet je uvedený pro tuto službu je jiný, než účet uvedený dalšími službami běžícími v tomto procesu.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 14 kvě 2013 19:04
od Rudy
Zkuste přeinstalovat ovladač WiFi karty.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 14 kvě 2013 19:33
od Vlkus
Zkusil jsem PC projet MWAVem (na začátku MWAV ani AVG žádnou havěť nenašli) a v registrech objevil 2x trojana "Backdoor" a nějaký "Antispyware Pro XP Corrupted Adware/Spyware", vše odstranil a hned nato se objevila výstraha systému o nedostatečné ochraně proti malwaru spojené s neaktuálními programy a vypnutým Defenderem. Před tím žádná hláška nevyskakovala, MSSecurity se zobrazoval jako plně funkční a aktuální. Takže posun.

Nicméně net stále nejde. V ovladačích jsou skoro všechny síťové i Bluetoothové položky uvedené s chybou, při pokusu aktualizovat ovladače u WAN Miniportů narážím na nenalezení příslušných souborů v počítači. Instalační CD k Vistám nemáme, neboť kamarádovi Winy údajně instaloval nějaký známý z multilicence. Dají se ty ovladače někde stáhnout?

PS: Na googlu jsem našel info, že snad některé (všechny?) miniporty jsou z Esetu, ale ten v tom noťasu není nainstalovaný.

EDIT: Widows Defender se mi nepodařilo zapnout, při spuštění vyhazuje chybovou hlášku o nemožnosti spuštění služby. Teď to ještě zkouším projet MWAVem a AVG v nouzovém režimu.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 14 kvě 2013 20:32
od Rudy
Takže defacto nelegální OS. V tom případě vám, bohužel, musím podle pravidel další pomoc odmítnout.

Re: nefunguje net, firewall ani navázané služby - Vista

Napsal: 14 kvě 2013 20:39
od Vlkus
Jak to nelegální, když je to instalované z originálního koupeného cd? Multilicence je přece určená k instalaci na více PC, nebo se pletu?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz