VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

combofix odinstalace

https://forum.viry.cz:443/viewtopic.php?t=133525

Stránka 1 z 1

combofix odinstalace

Napsal: 20 říj 2013 20:03
od volodja23
Bez názvu1.rar
(956.99 KiB) Staženo 85 x
pri odinstalaci combofixu ,combofix nahlasil vyskit rootkitu
viz obrazek v

Re: combofix odinstalace

Napsal: 22 říj 2013 17:41
od volodja23
ten prvni se mi neodinstaloval asi, zustala ikona na ploše

Re: combofix odinstalace

Napsal: 23 říj 2013 19:58
od volodja23
ComboFix 13-10-21.01 - Vladimir 22.10.2013 21:00:20.12.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3583.2449 [GMT 2:00]
Spuštěný z: c:\users\Vladimir\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\host32.exe
c:\windows\localsys64.exe
c:\windows\system32\64dlls.exe
c:\windows\system32\intel64.exe
c:\windows\system32\lsjdfh.exe
c:\windows\system32\ntos.exe
c:\windows\system32\oembios.exe
c:\windows\system32\sdra64.exe
c:\windows\system32\sdra73.exe
c:\windows\system32\swin32.exe
c:\windows\system32\twex.exe
c:\windows\system32\twext.exe
c:\windows\system32\win32avs.exe
c:\windows\system32\wsnpoema.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-22 do 2013-10-22 )))))))))))))))))))))))))))))))
.
.
2013-10-22 19:21 . 2013-10-22 19:21 -------- d-----w- c:\users\Vladimir\AppData\Local\temp
2013-10-22 19:21 . 2013-10-22 19:21 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-22 19:21 . 2013-10-22 19:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-19 12:33 . 2013-10-22 16:52 -------- d-----w- c:\program files\World_of_Tanks
2013-10-19 11:55 . 2013-10-19 11:55 -------- d-----w- c:\program files\Common Files\COMODO
2013-10-19 11:33 . 2013-10-19 11:35 -------- d-s---w- c:\programdata\Shared Space
2013-10-19 11:33 . 2013-10-20 09:20 -------- d-----w- c:\programdata\COMODO
2013-10-19 11:32 . 2013-10-19 11:32 -------- d-----w- c:\users\Vladimir\AppData\Local\Comodo
2013-10-19 11:32 . 2013-10-19 11:35 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-10-19 11:32 . 2013-10-19 11:34 -------- d-----w- c:\program files\Comodo
2013-10-19 11:32 . 2013-10-19 11:32 -------- d-----w- c:\programdata\Comodo Downloader
2013-10-18 11:53 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-18 10:25 . 2013-10-18 10:25 -------- d-----w- c:\users\Vladimir\AppData\Roaming\AVAST Software
2013-10-16 10:36 . 2013-10-16 10:36 -------- d-----w- c:\program files\FreeRapid-0.9u3
2013-10-11 16:35 . 2013-10-11 16:36 -------- d-----w- c:\program files\LibreOffice 4
2013-10-11 16:20 . 2013-10-11 16:21 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-10-09 16:37 . 2013-06-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-10-09 16:37 . 2013-06-06 03:01 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-10-09 16:37 . 2013-06-06 04:52 26112 ----a-w- c:\windows\system32\lpk.dll
2013-10-09 16:37 . 2013-06-06 04:51 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-10-09 16:37 . 2013-06-06 03:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-09 16:37 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-09 16:37 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-09 16:37 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-09 16:35 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 16:35 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 16:35 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 16:34 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-09 16:34 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-06 08:33 . 2013-10-06 08:38 -------- d-----w- c:\users\Vladimir\AppData\Roaming\Skype
2013-10-06 08:33 . 2013-10-06 08:33 -------- d-----w- c:\program files\Common Files\Skype
2013-10-06 08:33 . 2013-10-06 08:33 -------- d-----r- c:\program files\Skype
2013-10-06 08:33 . 2013-10-06 08:33 -------- d-----w- c:\programdata\Skype
2013-10-06 08:13 . 2013-10-06 21:08 -------- d-----w- c:\program files\SpeedFan
2013-10-05 13:10 . 2013-10-05 13:10 -------- d-----w- c:\programdata\Kaspersky Lab
2013-10-04 08:15 . 2013-10-04 08:15 15400 ----a-w- c:\windows\system32\drivers\hmd.sys
2013-10-01 21:39 . 2013-10-01 21:39 -------- d-----w- C:\GvTemp
2013-10-01 21:38 . 2013-10-09 16:49 -------- d-----w- c:\program files\GIGABYTE
2013-10-01 21:27 . 2013-10-01 21:27 -------- d-----w- c:\program files\Common Files\Java
2013-10-01 07:19 . 2013-10-19 11:35 -------- d-----w- c:\users\UpdatusUser
2013-10-01 07:16 . 2013-08-20 13:33 33568 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2013-09-29 20:22 . 2013-09-29 20:35 -------- d-----w- c:\users\Vladimir\AppData\Roaming\Nokia Suite
2013-09-29 18:37 . 2013-09-29 18:38 -------- d-----w- c:\users\Vladimir\AppData\Local\Nokia
2013-09-29 18:37 . 2013-09-29 18:42 -------- d-----w- c:\programdata\PC Suite
2013-09-29 18:35 . 2013-09-29 18:37 -------- d-----w- c:\programdata\Nokia
2013-09-29 18:35 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-09-29 18:33 . 2013-09-29 18:35 -------- d-----w- c:\program files\Nokia
2013-09-27 17:19 . 2013-09-27 17:19 24 --sha-w- c:\users\Vladimir\AppData\Roaming\1D959CA221C7573.sys
2013-09-27 17:19 . 2013-10-17 07:02 -------- d-----w- c:\program files\jv16 PowerTools 2014
2013-09-27 16:11 . 2013-09-27 16:41 -------- d-----w- c:\users\Vladimir\AppData\Roaming\Comodo
2013-09-26 18:00 . 2013-09-26 18:00 208760 ----a-w- c:\program files\Mozilla Firefox\Plugins\nppdf32.dll
2013-09-26 18:00 . 2013-09-26 18:00 208760 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-24 09:54 . 2013-09-24 09:54 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 09:54 . 2013-09-24 09:54 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 09:54 . 2013-09-24 09:54 44752 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 09:54 . 2013-09-24 09:54 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 09:53 . 2013-09-24 09:53 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 09:53 . 2013-09-24 09:53 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 09:53 . 2013-09-24 09:53 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-09-24 09:53 . 2013-09-24 09:53 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-18 10:17 . 2013-03-01 15:44 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-18 10:17 . 2013-03-01 15:44 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-18 10:17 . 2013-01-22 10:19 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-18 10:17 . 2013-01-22 10:19 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-18 10:17 . 2013-01-22 10:19 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-18 10:17 . 2013-01-22 10:19 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-18 10:17 . 2013-01-22 10:19 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-18 10:17 . 2013-01-22 10:19 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-18 10:17 . 2013-01-22 10:18 43152 ----a-w- c:\windows\avastSS.scr
2013-10-18 10:17 . 2013-01-22 10:18 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-14 07:06 . 2012-03-29 17:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-14 07:06 . 2011-10-28 15:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 12:42 . 2013-09-15 07:05 36664 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-08 12:42 . 2013-09-15 07:07 25400 ----a-w- c:\windows\system32\authuitu.dll
2013-10-08 12:42 . 2013-09-15 07:07 36152 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-04 08:15 . 2013-10-04 08:15 15400 ----a-w- c:\windows\inf\HMD\hmd.sys
2013-09-17 20:23 . 2013-09-17 20:23 13628208 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-09-17 20:23 . 2013-09-17 20:23 9253664 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-09-17 20:23 . 2013-09-17 20:23 6329552 ----a-w- c:\windows\system32\nvopencl.dll
2013-09-17 20:23 . 2013-09-17 20:23 22102304 ----a-w- c:\windows\system32\nvoglv32.dll
2013-09-17 20:23 . 2013-09-17 20:23 515360 ----a-w- c:\windows\system32\NvIFR.dll
2013-09-17 20:23 . 2013-09-17 20:23 893728 ----a-w- c:\windows\system32\nvdispgenco3232723.dll
2013-09-17 20:23 . 2013-09-17 20:23 586016 ----a-w- c:\windows\system32\NvFBC.dll
2013-09-17 20:23 . 2013-09-17 20:23 12947360 ----a-w- c:\windows\system32\nvd3dum.dll
2013-09-17 20:23 . 2013-09-17 20:23 1049376 ----a-w- c:\windows\system32\nvdispco3232723.dll
2013-09-17 20:23 . 2013-09-17 20:23 7720576 ----a-w- c:\windows\system32\nvcuda.dll
2013-09-17 20:23 . 2013-09-17 20:23 2789152 ----a-w- c:\windows\system32\nvcuvid.dll
2013-09-17 20:23 . 2013-09-17 20:23 2007328 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-09-17 20:23 . 2013-09-17 20:23 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-09-17 20:23 . 2011-10-28 15:20 2630304 ----a-w- c:\windows\system32\nvapi.dll
2013-09-12 06:28 . 2011-10-28 15:21 4265760 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 06:28 . 2011-10-28 15:21 3006240 ----a-w- c:\windows\system32\nvsvc.dll
2013-09-12 06:28 . 2011-10-28 15:21 662816 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 06:28 . 2011-10-28 15:21 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 06:28 . 2011-10-28 15:21 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\system32\nvStreaming.exe
2013-09-05 09:35 . 2013-09-05 09:35 55504 ----a-w- c:\windows\system32\offreg.dll
2013-08-20 13:32 . 2013-08-05 20:11 28448 ----a-w- c:\windows\system32\nvaudcap32v.dll
2013-08-09 06:11 . 2013-08-09 06:11 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-05 01:56 . 2013-09-12 03:39 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-12 03:39 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-12 03:39 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 03:39 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-12 03:39 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-12 03:39 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 03:39 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-25 08:57 . 2013-08-14 06:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-18 10:17 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996368]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-18 3567800]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-10-20 1576152]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2013-10-11 2327248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-10-11 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
backup=c:\windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-02-15 12:08 1597864 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R0 ycsgvj;ycsgvj; [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 GPCIDrv;GPCIDrv;c:\program files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [2010-02-04 14504]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-12-04 27632]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-08-20 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-29 1343400]
R4 CLPSLauncher;COMODO LPS Launcher;c:\program files\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R4 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R4 IObitUnlocker;IObitUnlocker;c:\program files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2011-07-27 20872]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-09-11 76768]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2000-01-01 24680]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-18 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-18 403440]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2013-05-07 35064]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 20072]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-09-24 582936]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 44752]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-09 243128]
S1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys [2013-10-04 15400]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-07 119024]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-18 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-18 70384]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2013-10-09 2104968]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-29 238952]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14573856]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-11 414496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2013-10-08 1739576]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2011-11-28 32896]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-08-20 33568]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [2013-08-21 12320]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 07:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d87wm0ku.default-1379597773052\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-09-04 07:38; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-09-19 15:49; {1018e4d6-728f-4b20-ad56-37578a4de76b}; c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d87wm0ku.default-1379597773052\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - ExtSQL: 2013-09-21 10:13; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d87wm0ku.default-1379597773052\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(688)
c:\windows\system32\guard32.dll
.
Celkový čas: 2013-10-22 21:24:17
ComboFix-quarantined-files.txt 2013-10-22 19:24
ComboFix2.txt 2013-10-20 10:47
ComboFix3.txt 2013-10-19 21:15
.
Před spuštěním: Volných bajtů: 27 632 984 064
Po spuštění: Volných bajtů: 27 466 416 128
.
- - End Of File - - DD1CC8DD35A47CD641AAB5F849923FFB
D1AD4C53EADD115593E05FA56D6B9DEA

Re: combofix odinstalace

Napsal: 24 říj 2013 20:21
od volodja23
ComboFix 13-10-24.01 - Vladimir 24.10.2013 20:48:36.13.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3583.2512 [GMT 2:00]
Spuštěný z: c:\users\Vladimir\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vladimir\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\SETD5FF.tmp
c:\windows\system32\SETF07B.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_YCSGVJ
-------\Service_ycsgvj
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-24 do 2013-10-24 )))))))))))))))))))))))))))))))
.
.
2013-10-24 19:05 . 2013-10-24 19:11 -------- d-----w- c:\users\Vladimir\AppData\Local\temp
2013-10-24 19:05 . 2013-10-24 19:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-24 19:05 . 2013-10-24 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-24 17:39 . 2013-10-24 17:40 -------- d-----w- c:\users\UpdatusUser
2013-10-24 17:37 . 2013-10-16 00:41 9516872 ----a-w- c:\windows\system32\nvcuda.dll
2013-10-24 17:37 . 2013-10-16 00:41 9472600 ----a-w- c:\windows\system32\nvopencl.dll
2013-10-24 17:37 . 2013-10-16 00:41 893728 ----a-w- c:\windows\system32\nvdispgenco3233158.dll
2013-10-24 17:37 . 2013-10-16 00:41 599840 ----a-w- c:\windows\system32\NvFBC.dll
2013-10-24 17:37 . 2013-10-16 00:41 560416 ----a-w- c:\windows\system32\NvIFR.dll
2013-10-24 17:37 . 2013-10-16 00:41 2946848 ----a-w- c:\windows\system32\nvcuvid.dll
2013-10-24 17:37 . 2013-10-16 00:41 2747168 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-10-24 17:37 . 2013-10-16 00:41 22933280 ----a-w- c:\windows\system32\nvoglv32.dll
2013-10-24 17:37 . 2013-10-16 00:41 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-10-24 17:37 . 2013-10-16 00:41 15244272 ----a-w- c:\windows\system32\nvd3dum.dll
2013-10-24 17:37 . 2013-10-16 00:41 1049888 ----a-w- c:\windows\system32\nvdispco3233158.dll
2013-10-24 17:37 . 2013-10-16 00:41 10378528 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-10-19 12:33 . 2013-10-24 18:00 -------- d-----w- c:\program files\World_of_Tanks
2013-10-19 11:55 . 2013-10-19 11:55 -------- d-----w- c:\program files\Common Files\COMODO
2013-10-19 11:33 . 2013-10-19 11:35 -------- d-s---w- c:\programdata\Shared Space
2013-10-19 11:33 . 2013-10-20 09:20 -------- d-----w- c:\programdata\COMODO
2013-10-19 11:32 . 2013-10-19 11:32 -------- d-----w- c:\users\Vladimir\AppData\Local\Comodo
2013-10-19 11:32 . 2013-10-19 11:35 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-10-19 11:32 . 2013-10-19 11:34 -------- d-----w- c:\program files\Comodo
2013-10-19 11:32 . 2013-10-19 11:32 -------- d-----w- c:\programdata\Comodo Downloader
2013-10-18 11:53 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-18 10:25 . 2013-10-18 10:25 -------- d-----w- c:\users\Vladimir\AppData\Roaming\AVAST Software
2013-10-16 10:36 . 2013-10-16 10:36 -------- d-----w- c:\program files\FreeRapid-0.9u3
2013-10-15 14:54 . 2013-10-15 14:54 589600 ----a-w- c:\windows\system32\nvStreaming.exe
2013-10-11 16:35 . 2013-10-11 16:36 -------- d-----w- c:\program files\LibreOffice 4
2013-10-11 16:20 . 2013-10-11 16:21 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-10-09 16:37 . 2013-06-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-10-09 16:37 . 2013-06-06 03:01 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-10-09 16:37 . 2013-06-06 04:52 26112 ----a-w- c:\windows\system32\lpk.dll
2013-10-09 16:37 . 2013-06-06 04:51 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-10-09 16:37 . 2013-06-06 03:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-10-09 16:37 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-09 16:37 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-09 16:37 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-09 16:35 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 16:35 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 16:35 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 16:34 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-09 16:34 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-06 08:33 . 2013-10-06 08:38 -------- d-----w- c:\users\Vladimir\AppData\Roaming\Skype
2013-10-06 08:33 . 2013-10-06 08:33 -------- d-----w- c:\program files\Common Files\Skype
2013-10-06 08:33 . 2013-10-06 08:33 -------- d-----r- c:\program files\Skype
2013-10-06 08:33 . 2013-10-06 08:33 -------- d-----w- c:\programdata\Skype
2013-10-06 08:13 . 2013-10-06 21:08 -------- d-----w- c:\program files\SpeedFan
2013-10-05 13:10 . 2013-10-05 13:10 -------- d-----w- c:\programdata\Kaspersky Lab
2013-10-04 08:15 . 2013-10-04 08:15 15400 ----a-w- c:\windows\system32\drivers\hmd.sys
2013-10-01 21:39 . 2013-10-01 21:39 -------- d-----w- C:\GvTemp
2013-10-01 21:38 . 2013-10-09 16:49 -------- d-----w- c:\program files\GIGABYTE
2013-10-01 21:27 . 2013-10-01 21:27 -------- d-----w- c:\program files\Common Files\Java
2013-10-01 07:16 . 2013-08-20 13:33 33568 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2013-09-29 20:22 . 2013-09-29 20:35 -------- d-----w- c:\users\Vladimir\AppData\Roaming\Nokia Suite
2013-09-29 18:37 . 2013-09-29 18:38 -------- d-----w- c:\users\Vladimir\AppData\Local\Nokia
2013-09-29 18:37 . 2013-09-29 18:42 -------- d-----w- c:\programdata\PC Suite
2013-09-29 18:35 . 2013-09-29 18:37 -------- d-----w- c:\programdata\Nokia
2013-09-29 18:35 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-09-29 18:33 . 2013-09-29 18:35 -------- d-----w- c:\program files\Nokia
2013-09-27 17:19 . 2013-09-27 17:19 24 --sha-w- c:\users\Vladimir\AppData\Roaming\1D959CA221C7573.sys
2013-09-27 17:19 . 2013-10-17 07:02 -------- d-----w- c:\program files\jv16 PowerTools 2014
2013-09-27 16:11 . 2013-09-27 16:41 -------- d-----w- c:\users\Vladimir\AppData\Roaming\Comodo
2013-09-26 18:00 . 2013-09-26 18:00 208760 ----a-w- c:\program files\Mozilla Firefox\Plugins\nppdf32.dll
2013-09-26 18:00 . 2013-09-26 18:00 208760 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-18 10:17 . 2013-03-01 15:44 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-18 10:17 . 2013-03-01 15:44 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-18 10:17 . 2013-01-22 10:19 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-18 10:17 . 2013-01-22 10:19 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-18 10:17 . 2013-01-22 10:19 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-18 10:17 . 2013-01-22 10:19 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-18 10:17 . 2013-01-22 10:19 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-18 10:17 . 2013-01-22 10:19 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-18 10:17 . 2013-01-22 10:18 43152 ----a-w- c:\windows\avastSS.scr
2013-10-18 10:17 . 2013-01-22 10:18 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-16 00:41 . 2013-09-17 20:23 15858664 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-10-16 00:41 . 2011-10-28 15:20 2694664 ----a-w- c:\windows\system32\nvapi.dll
2013-10-15 21:57 . 2011-10-28 15:21 4314912 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-15 21:57 . 2011-10-28 15:21 3036448 ----a-w- c:\windows\system32\nvsvc.dll
2013-10-15 21:57 . 2011-10-28 15:21 664352 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-15 21:57 . 2011-10-28 15:21 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-10-15 21:57 . 2011-10-28 15:21 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-15 21:57 . 2011-10-28 15:21 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-14 07:06 . 2012-03-29 17:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-14 07:06 . 2011-10-28 15:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-08 12:42 . 2013-09-15 07:05 36664 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-08 12:42 . 2013-09-15 07:07 25400 ----a-w- c:\windows\system32\authuitu.dll
2013-10-08 12:42 . 2013-09-15 07:07 36152 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-04 08:15 . 2013-10-04 08:15 15400 ----a-w- c:\windows\inf\HMD\hmd.sys
2013-09-24 09:54 . 2013-09-24 09:54 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 09:54 . 2013-09-24 09:54 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 09:54 . 2013-09-24 09:54 44752 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 09:54 . 2013-09-24 09:54 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 09:53 . 2013-09-24 09:53 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 09:53 . 2013-09-24 09:53 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 09:53 . 2013-09-24 09:53 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-09-24 09:53 . 2013-09-24 09:53 280792 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-09-17 20:23 . 2013-09-17 20:23 893728 ----a-w- c:\windows\system32\nvdispgenco3232723.dll
2013-09-17 20:23 . 2013-09-17 20:23 1049376 ----a-w- c:\windows\system32\nvdispco3232723.dll
2013-09-05 09:35 . 2013-09-05 09:35 55504 ----a-w- c:\windows\system32\offreg.dll
2013-08-20 13:32 . 2013-08-05 20:11 28448 ----a-w- c:\windows\system32\nvaudcap32v.dll
2013-08-09 06:11 . 2013-08-09 06:11 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-05 01:56 . 2013-09-12 03:39 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-12 03:39 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-12 03:39 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-12 03:39 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-12 03:39 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-12 03:39 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 03:39 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 03:39 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-12 03:39 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-18 10:17 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996368]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-18 3567800]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-10-20 1576152]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2013-10-11 2327248]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-09-19 1028896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-10-11 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
backup=c:\windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-02-15 12:08 1597864 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
R3 GPCIDrv;GPCIDrv;c:\program files\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv.sys [2010-02-04 14504]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-12-04 27632]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-08-20 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-29 1343400]
R4 CLPSLauncher;COMODO LPS Launcher;c:\program files\Common Files\COMODO\launcher_service.exe [2013-10-11 70352]
R4 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\Common Files\COMODO\GeekBuddyRSP.exe [2013-10-11 2327248]
R4 IObitUnlocker;IObitUnlocker;c:\program files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2011-07-27 20872]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-09-11 76768]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2000-01-01 24680]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-18 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-18 403440]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2013-05-07 35064]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-09-24 20072]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-09-24 582936]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-09-24 44752]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-09 243128]
S1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys [2013-10-04 15400]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-07 119024]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-18 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-18 70384]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [2013-10-09 2104968]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-29 238952]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-09-19 14574368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-15 414496]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2013-10-08 1739576]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2011-11-28 32896]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-08-20 33568]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [2013-08-21 12320]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 07:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d87wm0ku.default-1379597773052\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-09-04 07:38; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-09-19 15:49; {1018e4d6-728f-4b20-ad56-37578a4de76b}; c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d87wm0ku.default-1379597773052\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - ExtSQL: 2013-09-21 10:13; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d87wm0ku.default-1379597773052\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(692)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(5232)
c:\windows\system32\guard32.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\windows\system32\conhost.exe
c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2013-10-24 21:16:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-24 19:16
ComboFix2.txt 2013-10-22 19:24
ComboFix3.txt 2013-10-20 10:47
ComboFix4.txt 2013-10-19 21:15
.
Před spuštěním: Volných bajtů: 27 730 849 792
Po spuštění: Volných bajtů: 27 654 873 088
.
- - End Of File - - 13AE448DE574825E9152CC4D106B0060
D1AD4C53EADD115593E05FA56D6B9DEA

Re: combofix odinstalace

Napsal: 26 říj 2013 18:13
od volodja23
děkuji Vám mnohokrát
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz