Dobrý den,
v poslední době mám problémy s pomalým startem a občasným zamrzáním počítače při startu - přikládám log.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2013-11-26 11:56:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 86 GB (36%) free of 238 GB
Total RAM: 2047 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:56, on 26.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Martin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.loveme.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKUS\S-1-5-21-1719993599-3695932510-4238446904-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1719993599-3695932510-4238446904-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7128 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2440
"taskhost.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2160
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c3e1da9d-054e-4b91-a974-ad86b5b74090 -SystemEventPortName:HostProcess-69704870-aa29-4910-b131-59bce3b17dd7 -IoCancelEventPortName:HostProcess-844c16e8-3aae-43f8-8e35-26b17e1900be -NonStateChangingEventPortName:HostProcess-df0f88a8-dc11-4b2c-9820-738fb250aa32 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:40714c1c-5c2c-45f5-ae8e-9af32f3638b2 -DeviceGroupId:WpdFsGroup
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe" /command_id=535b5a7d-56b2-4e6e-b09e-026f9b659818 /client_id=a265771c-5627-4a63-9e47-5b7fb286e42e
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\explorer.exe
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=c1033305-9b37-4b3f-81d7-a56719836201 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\9d597d3f-b3cc-4024-8edc-85163ca35575-8d4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=68f36329-d275-4642-a285-e41c92b32569 /coreSdkOptions=4126 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\541a777d-6955-443f-b93f-4641aba8af63-fc0-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6944 CREDAT:275457 /prefetch:2
"C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\80L5SSJF\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-21 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-21 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-09-23 4411952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2013-11-26 11:56:48 ----D---- C:\Program Files\trend micro
2013-11-26 11:56:47 ----D---- C:\rsit
2013-11-26 08:27:09 ----SHD---- C:\$RECYCLE.BIN
2013-11-26 08:27:05 ----D---- C:\Windows\temp
2013-11-26 08:27:03 ----A---- C:\ComboFix.txt
2013-11-24 15:12:10 ----D---- C:\ProgramData\Bitdefender
2013-11-24 15:12:04 ----D---- C:\Program Files\Bitdefender
2013-11-19 17:45:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-19 17:45:20 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-19 17:45:20 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-11-19 17:45:19 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-11-19 17:45:19 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-11-19 17:45:18 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-11-19 17:45:18 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-11-19 17:45:18 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-11-19 17:45:18 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-11-19 17:45:18 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-11-19 17:45:18 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\wksprtPS.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\wksprt.exe
2013-11-19 17:45:18 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-11-19 17:45:18 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\tsgqec.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\rdpudd.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\rdpcorets.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\mstsc.exe
2013-11-19 17:45:18 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-11-19 17:45:18 ----A---- C:\Windows\system32\aaclient.dll
2013-11-19 17:45:17 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-11-19 17:45:17 ----A---- C:\Windows\system32\mstscax.dll
2013-11-19 17:35:18 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-11-19 17:35:18 ----A---- C:\Windows\system32\qdvd.dll
2013-11-19 12:27:30 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-19 12:22:16 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-19 12:22:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-19 12:22:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-19 12:22:12 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-19 12:22:12 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-19 12:22:12 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-19 12:22:12 ----A---- C:\Windows\system32\elshyph.dll
2013-11-19 12:22:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-19 12:22:11 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-19 12:22:11 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-19 12:22:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-19 12:22:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-19 12:22:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-19 12:22:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-19 12:22:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-11-19 12:22:09 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-19 12:22:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-19 12:22:08 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-19 12:22:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-19 12:22:08 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-19 12:22:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-19 12:22:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-19 12:22:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-19 12:22:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-19 12:22:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-19 12:22:06 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-19 12:22:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-19 12:22:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-19 12:22:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-19 12:22:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-19 12:22:06 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-19 12:22:05 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-19 12:22:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-19 12:22:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-19 12:22:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-19 12:22:03 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-19 12:22:03 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-19 12:22:03 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-19 12:22:03 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-19 12:22:03 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-19 12:22:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-11-19 12:22:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-19 12:22:02 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-19 12:22:02 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-19 12:22:01 ----A---- C:\Windows\system32\wininet.dll
2013-11-19 12:22:01 ----A---- C:\Windows\system32\urlmon.dll
2013-11-19 12:22:01 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-19 12:22:01 ----A---- C:\Windows\system32\msls31.dll
2013-11-19 12:22:00 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-19 12:22:00 ----A---- C:\Windows\system32\iertutil.dll
2013-11-19 12:21:59 ----A---- C:\Windows\system32\msrating.dll
2013-11-19 12:21:59 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-19 12:21:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-19 12:21:58 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-19 12:21:57 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-19 12:21:57 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-19 12:21:57 ----A---- C:\Windows\system32\jscript9diag.dll
2013-11-19 12:21:57 ----A---- C:\Windows\system32\jscript9.dll
2013-11-19 12:21:57 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-19 12:21:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 12:21:56 ----A---- C:\Windows\system32\ieui.dll
2013-11-19 12:21:56 ----A---- C:\Windows\system32\ieframe.dll
2013-11-19 12:21:55 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-19 12:21:55 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-19 12:21:54 ----A---- C:\Windows\system32\iernonce.dll
2013-11-19 12:21:54 ----A---- C:\Windows\system32\ieapfltr.dll
2013-11-19 12:21:54 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-19 12:21:54 ----A---- C:\Windows\system32\icardie.dll
2013-11-19 12:21:53 ----A---- C:\Windows\system32\url.dll
2013-11-19 12:21:53 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-19 12:21:53 ----A---- C:\Windows\system32\iesetup.dll
2013-11-19 12:21:53 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-19 12:21:52 ----A---- C:\Windows\system32\webcheck.dll
2013-11-19 12:21:52 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-19 12:21:52 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-19 12:21:52 ----A---- C:\Windows\system32\inseng.dll
2013-11-19 12:21:51 ----A---- C:\Windows\system32\wextract.exe
2013-11-19 12:21:51 ----A---- C:\Windows\system32\vbscript.dll
2013-11-19 12:21:51 ----A---- C:\Windows\system32\mshtml.dll
2013-11-19 12:21:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-19 12:21:51 ----A---- C:\Windows\system32\iexpress.exe
2013-11-19 12:21:50 ----A---- C:\Windows\system32\occache.dll
2013-11-19 12:21:50 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-19 12:21:49 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-19 12:21:49 ----A---- C:\Windows\system32\mshta.exe
2013-11-19 12:21:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-11-19 12:21:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-11-19 12:21:48 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-19 12:21:48 ----A---- C:\Windows\system32\jscript.dll
2013-11-19 12:21:48 ----A---- C:\Windows\system32\imgutil.dll
2013-11-19 12:21:48 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-11-19 12:21:47 ----A---- C:\Windows\system32\iepeers.dll
2013-11-18 13:00:40 ----D---- C:\ProgramData\Norton
2013-11-13 22:11:05 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 22:11:04 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-13 22:10:58 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-13 22:10:49 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-13 22:10:49 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-13 22:10:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-13 22:10:49 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 22:10:49 ----A---- C:\Windows\system32\credui.dll
2013-11-13 22:10:49 ----A---- C:\Windows\system32\authui.dll
2013-11-13 22:10:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-13 22:10:42 ----A---- C:\Windows\system32\schannel.dll
2013-11-13 22:10:42 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-13 22:10:41 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-13 22:10:41 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-13 22:10:41 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-13 22:10:41 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-13 22:10:41 ----A---- C:\Windows\system32\sspicli.dll
2013-11-13 22:10:41 ----A---- C:\Windows\system32\secur32.dll
2013-11-13 22:10:41 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-13 22:10:41 ----A---- C:\Windows\system32\lsass.exe
2013-11-13 22:10:41 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-13 22:10:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-13 22:10:41 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-13 22:10:39 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-13 22:10:39 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 22:10:38 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 22:10:37 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-13 22:10:37 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-13 22:10:37 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-13 22:10:37 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-08 07:48:28 ----D---- C:\Program Files\iPod
2013-11-08 07:48:27 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 07:48:27 ----D---- C:\Program Files\iTunes
2013-11-08 07:48:27 ----D---- C:\Program Files (x86)\iTunes
2013-10-31 09:04:12 ----D---- C:\Users\Martin\AppData\Roaming\KB-ext
2013-10-27 09:12:48 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2013-10-27 09:12:48 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-27 09:12:46 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2013-10-27 09:12:46 ----A---- C:\Windows\system32\nvoglv64.dll
2013-10-27 09:12:44 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2013-10-27 09:12:44 ----A---- C:\Windows\system32\NvIFR64.dll
2013-10-27 09:12:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-27 09:12:42 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2013-10-27 09:12:42 ----A---- C:\Windows\system32\NvFBC64.dll
2013-10-27 09:12:42 ----A---- C:\Windows\system32\nvdispgenco6433165.dll
2013-10-27 09:12:42 ----A---- C:\Windows\system32\nvdispco6433165.dll
2013-10-27 09:12:42 ----A---- C:\Windows\system32\nvd3dumx.dll
2013-10-27 09:12:40 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2013-10-27 09:12:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2013-10-27 09:12:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2013-10-27 09:12:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2013-10-27 09:12:40 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-27 09:12:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-27 09:12:40 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-27 09:12:28 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2013-10-27 09:12:28 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2013-10-27 09:12:28 ----A---- C:\Windows\system32\nvcompiler.dll
======List of files/folders modified in the last 1 months======
2013-11-26 11:56:48 ----RD---- C:\Program Files
2013-11-26 11:19:30 ----D---- C:\Windows\System32
2013-11-26 11:19:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-26 11:19:29 ----D---- C:\Windows\inf
2013-11-26 11:17:22 ----D---- C:\ProgramData\MFAData
2013-11-26 08:39:40 ----D---- C:\Windows\system32\config
2013-11-26 08:27:06 ----D---- C:\Qoobox
2013-11-26 08:27:05 ----D---- C:\Windows
2013-11-26 08:23:19 ----A---- C:\Windows\system.ini
2013-11-26 08:20:24 ----D---- C:\Windows\SysWOW64
2013-11-26 08:20:23 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-26 08:20:23 ----D---- C:\Windows\AppPatch
2013-11-26 08:20:23 ----D---- C:\Program Files (x86)\Common Files
2013-11-26 08:11:33 ----D---- C:\Windows\Prefetch
2013-11-26 08:11:30 ----D---- C:\Windows\system32\drivers
2013-11-26 08:10:04 ----D---- C:\ProgramData\NVIDIA
2013-11-25 21:03:25 ----D---- C:\Windows\system32\drivers\etc
2013-11-25 21:02:56 ----D---- C:\ProgramData
2013-11-25 20:52:37 ----SHD---- C:\System Volume Information
2013-11-25 20:48:39 ----D---- C:\Windows\Minidump
2013-11-25 19:18:03 ----D---- C:\Windows\system32\appmgmt
2013-11-25 19:18:02 ----SHD---- C:\Windows\Installer
2013-11-23 13:39:37 ----D---- C:\Windows\system32\NDF
2013-11-23 10:42:10 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2013-11-19 20:41:06 ----D---- C:\Windows\rescache
2013-11-19 17:49:40 ----D---- C:\Windows\winsxs
2013-11-19 17:46:35 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-19 17:46:35 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-19 17:46:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-19 17:46:35 ----D---- C:\Windows\system32\wbem
2013-11-19 17:46:35 ----D---- C:\Windows\system32\en-US
2013-11-19 17:46:35 ----D---- C:\Windows\system32\drivers\en-US
2013-11-19 17:46:35 ----D---- C:\Windows\system32\cs-CZ
2013-11-19 17:46:35 ----D---- C:\Windows\PolicyDefinitions
2013-11-19 17:46:34 ----D---- C:\Windows\system32\DriverStore
2013-11-19 17:45:31 ----D---- C:\Windows\system32\catroot2
2013-11-19 17:45:31 ----D---- C:\Windows\system32\catroot
2013-11-19 17:44:19 ----D---- C:\ProgramData\NVIDIA Corporation
2013-11-19 17:43:59 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2013-11-19 17:21:03 ----D---- C:\Program Files\Internet Explorer
2013-11-19 17:21:03 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-19 17:21:01 ----D---- C:\Windows\SYSWOW64\migration
2013-11-19 17:20:58 ----D---- C:\Windows\system32\migration
2013-11-19 12:27:30 ----D---- C:\Windows\Logs
2013-11-19 06:29:41 ----D---- C:\Windows\erdnt
2013-11-18 13:04:13 ----D---- C:\Windows\system32\wdi
2013-11-13 23:18:08 ----D---- C:\Windows\system32\MRT
2013-11-13 23:16:24 ----A---- C:\Windows\system32\MRT.exe
2013-11-11 08:02:54 ----D---- C:\Windows\SoftwareDistribution
2013-11-08 08:03:27 ----D---- C:\Program Files (x86)\TomTom HOME 2
2013-11-08 07:48:27 ----RD---- C:\Program Files (x86)
2013-10-30 11:27:10 ----A---- C:\Windows\system32\TURegOpt.exe
2013-10-30 11:27:00 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2013-10-30 11:27:00 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-10-30 11:27:00 ----A---- C:\Windows\system32\uxtuneup.dll
2013-10-30 11:27:00 ----A---- C:\Windows\system32\authuitu.dll
2013-10-27 09:12:54 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2013-10-27 09:12:54 ----A---- C:\Windows\system32\OpenCL.dll
2013-10-27 09:12:52 ----A---- C:\Windows\system32\nvwgf2umx.dll
2013-10-27 09:12:50 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2013-10-27 09:12:28 ----A---- C:\Windows\system32\nvapi64.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1529856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]
S2 ALIWEHCD;MFP Server Enhanced Controller; C:\Windows\System32\Drivers\mfpec.sys [2009-12-15 39552]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2011-02-08 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2011-02-08 69120]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WUSBVBus;MFP Server Detector; C:\Windows\system32\DRIVERS\mfpvbus.sys [2009-12-15 12416]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-09-04 1432080]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-19 111616]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Proč spouštítte ComboFix, utilitu určenou pouze profesionálům? Chcete si nabořit systém, nebo aplikace? Tento log je mi k ničemu, neboť pokud tam byl nějaký šmejd, CF jeho stopy smazal. Otevřte soubor c:\combofix.txt a jeho obsah sem zkopírujte.
Proč spouštítte ComboFix, utilitu určenou pouze profesionálům? Chcete si nabořit systém, nebo aplikace? Tento log je mi k ničemu, neboť pokud tam byl nějaký šmejd, CF jeho stopy smazal. Otevřte soubor c:\combofix.txt a jeho obsah sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Přikládám log z ComboFixu:
ComboFix 13-11-23.02 - Martin 26.11.2013 17:24:11.27.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.1180 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-26 16:35 . 2013-11-26 16:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-26 16:35 . 2013-11-26 16:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-26 16:35 . 2013-11-26 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- c:\program files\trend micro
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- C:\rsit
2013-11-24 14:12 . 2013-11-26 07:30 -------- d-----w- c:\users\Martin\AppData\Local\CrashDumps
2013-11-24 14:12 . 2013-11-24 14:12 49805 ----a-w- c:\programdata\1385302309.bdinstall.bin
2013-11-24 14:12 . 2013-11-24 14:12 -------- d-----w- c:\programdata\Bitdefender
2013-11-24 14:12 . 2013-11-25 19:48 -------- d-----w- c:\program files\Bitdefender
2013-11-19 16:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-11-19 16:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-11-19 11:27 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-19 11:21 . 2013-11-19 11:21 977408 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-11-18 12:00 . 2013-11-18 12:10 -------- d-----w- c:\users\Martin\AppData\Local\NPE
2013-11-18 12:00 . 2013-11-18 12:00 -------- d-----w- c:\programdata\Norton
2013-11-15 07:26 . 2013-11-15 07:26 -------- d-----w- c:\users\Martin\AppData\Local\Avg2014
2013-11-13 21:11 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 21:11 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iPod
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iTunes
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files (x86)\iTunes
2013-10-31 08:04 . 2013-10-31 08:04 -------- d-----w- c:\users\Martin\AppData\Roaming\KB-ext
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-22 20:40 . 2011-05-19 06:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 22:16 . 2011-04-27 16:24 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-30 10:27 . 2013-10-08 15:35 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-30 10:27 . 2013-10-15 11:20 42808 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-30 10:27 . 2013-10-15 11:20 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2013-10-30 10:27 . 2013-10-08 15:35 29496 ----a-w- c:\windows\system32\authuitu.dll
2013-10-30 10:27 . 2013-10-08 15:35 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-10-27 08:12 . 2012-11-19 22:20 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-10-27 08:12 . 2012-11-19 22:20 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-10-27 08:12 . 2013-02-25 22:32 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-27 08:12 . 2013-02-25 22:32 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-10-27 08:12 . 2013-10-27 08:12 9480328 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 11374520 ----a-w- c:\windows\system32\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 30344480 ----a-w- c:\windows\system32\nvoglv64.dll
2013-10-27 08:12 . 2013-10-27 08:12 22933792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-10-27 08:12 . 2013-10-27 08:12 655136 ----a-w- c:\windows\system32\NvIFR64.dll
2013-10-27 08:12 . 2013-10-27 08:12 560416 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-10-27 08:12 . 2013-10-27 08:12 12572960 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-10-27 08:12 . 2013-10-27 08:12 696096 ----a-w- c:\windows\system32\NvFBC64.dll
2013-10-27 08:12 . 2013-10-27 08:12 599840 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-10-27 08:12 . 2013-10-27 08:12 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-10-27 08:12 . 2013-10-27 08:12 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 9524088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 3131680 ----a-w- c:\windows\system32\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 3124512 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 2946848 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 2747168 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-27 08:12 . 2013-10-27 08:12 11426568 ----a-w- c:\windows\system32\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-27 08:12 . 2013-10-27 08:12 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-10-27 08:12 . 2013-10-27 08:12 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-10-27 08:12 . 2013-02-25 22:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 08:20 . 2012-11-19 22:21 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-11-19 22:21 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-11-19 22:21 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-11-19 22:21 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-11-19 22:21 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-11-19 22:21 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-21 10:17 . 2013-10-21 10:17 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-21 10:17 . 2013-10-21 10:17 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\java.exe
2013-10-08 05:50 . 2013-10-21 08:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-25 02:22 . 2013-11-13 21:10 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 21:10 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-08 02:30 . 2013-10-16 10:13 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-16 10:13 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-16 10:13 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 23:43 . 2013-09-04 23:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-09-04 12:12 . 2013-10-17 16:08 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-17 16:08 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-17 16:08 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-17 16:08 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-17 16:08 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-17 16:08 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-17 16:08 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-16 10:13 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-16 10:13 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-16 10:13 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-16 10:13 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-16 10:13 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-16 10:13 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-16 10:13 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-16 10:13 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-16 10:13 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-16 10:13 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-16 10:13 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-16 10:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-16 10:13 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-16 10:13 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-16 10:13 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-16 10:13 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\system32\Drivers\mfpec.sys;c:\windows\SYSNATIVE\Drivers\mfpec.sys [x]
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WUSBVBus;MFP Server Detector;c:\windows\system32\DRIVERS\mfpvbus.sys;c:\windows\SYSNATIVE\DRIVERS\mfpvbus.sys [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 20:40]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.loveme.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ED65330E-844E-665C-7DB7-8ED3822296AF}*]
@Allowed: (Read) (RestrictedCode)
"jaiggidmnngdffnkkipn"=hex:69,61,67,70,67,68,6c,62,69,64,6d,68,63,65,64,66,6a,
69,00,77
"iaofiklfjaineophfg"=hex:69,61,64,70,62,65,6b,6b,66,63,65,62,65,6d,69,67,65,61,
00,77
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-26 17:39:15
ComboFix-quarantined-files.txt 2013-11-26 16:39
ComboFix2.txt 2013-11-26 07:27
ComboFix3.txt 2013-11-25 21:06
ComboFix4.txt 2013-11-25 20:07
ComboFix5.txt 2013-11-26 16:23
.
Před spuštěním: Volných bajtů: 90 303 729 664
Po spuštění: Volných bajtů: 90 010 730 496
.
- - End Of File - - 71715EE59A1B3351236EDA3E25C929CD
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-11-23.02 - Martin 26.11.2013 17:24:11.27.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.1180 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-26 16:35 . 2013-11-26 16:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-26 16:35 . 2013-11-26 16:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-26 16:35 . 2013-11-26 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- c:\program files\trend micro
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- C:\rsit
2013-11-24 14:12 . 2013-11-26 07:30 -------- d-----w- c:\users\Martin\AppData\Local\CrashDumps
2013-11-24 14:12 . 2013-11-24 14:12 49805 ----a-w- c:\programdata\1385302309.bdinstall.bin
2013-11-24 14:12 . 2013-11-24 14:12 -------- d-----w- c:\programdata\Bitdefender
2013-11-24 14:12 . 2013-11-25 19:48 -------- d-----w- c:\program files\Bitdefender
2013-11-19 16:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-11-19 16:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-11-19 11:27 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-19 11:21 . 2013-11-19 11:21 977408 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-11-18 12:00 . 2013-11-18 12:10 -------- d-----w- c:\users\Martin\AppData\Local\NPE
2013-11-18 12:00 . 2013-11-18 12:00 -------- d-----w- c:\programdata\Norton
2013-11-15 07:26 . 2013-11-15 07:26 -------- d-----w- c:\users\Martin\AppData\Local\Avg2014
2013-11-13 21:11 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 21:11 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iPod
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iTunes
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files (x86)\iTunes
2013-10-31 08:04 . 2013-10-31 08:04 -------- d-----w- c:\users\Martin\AppData\Roaming\KB-ext
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-22 20:40 . 2011-05-19 06:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 22:16 . 2011-04-27 16:24 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-30 10:27 . 2013-10-08 15:35 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-30 10:27 . 2013-10-15 11:20 42808 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-30 10:27 . 2013-10-15 11:20 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2013-10-30 10:27 . 2013-10-08 15:35 29496 ----a-w- c:\windows\system32\authuitu.dll
2013-10-30 10:27 . 2013-10-08 15:35 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-10-27 08:12 . 2012-11-19 22:20 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-10-27 08:12 . 2012-11-19 22:20 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-10-27 08:12 . 2013-02-25 22:32 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-27 08:12 . 2013-02-25 22:32 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-10-27 08:12 . 2013-10-27 08:12 9480328 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 11374520 ----a-w- c:\windows\system32\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 30344480 ----a-w- c:\windows\system32\nvoglv64.dll
2013-10-27 08:12 . 2013-10-27 08:12 22933792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-10-27 08:12 . 2013-10-27 08:12 655136 ----a-w- c:\windows\system32\NvIFR64.dll
2013-10-27 08:12 . 2013-10-27 08:12 560416 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-10-27 08:12 . 2013-10-27 08:12 12572960 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-10-27 08:12 . 2013-10-27 08:12 696096 ----a-w- c:\windows\system32\NvFBC64.dll
2013-10-27 08:12 . 2013-10-27 08:12 599840 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-10-27 08:12 . 2013-10-27 08:12 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-10-27 08:12 . 2013-10-27 08:12 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 9524088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 3131680 ----a-w- c:\windows\system32\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 3124512 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 2946848 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 2747168 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-27 08:12 . 2013-10-27 08:12 11426568 ----a-w- c:\windows\system32\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-27 08:12 . 2013-10-27 08:12 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-10-27 08:12 . 2013-10-27 08:12 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-10-27 08:12 . 2013-02-25 22:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 08:20 . 2012-11-19 22:21 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-11-19 22:21 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-11-19 22:21 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-11-19 22:21 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-11-19 22:21 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-11-19 22:21 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-21 10:17 . 2013-10-21 10:17 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-21 10:17 . 2013-10-21 10:17 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\java.exe
2013-10-08 05:50 . 2013-10-21 08:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-25 02:22 . 2013-11-13 21:10 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 21:10 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-08 02:30 . 2013-10-16 10:13 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-16 10:13 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-16 10:13 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 23:43 . 2013-09-04 23:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-09-04 12:12 . 2013-10-17 16:08 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-17 16:08 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-17 16:08 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-17 16:08 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-17 16:08 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-17 16:08 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-17 16:08 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-16 10:13 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-16 10:13 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-16 10:13 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-16 10:13 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-16 10:13 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-16 10:13 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-16 10:13 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-16 10:13 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-16 10:13 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-16 10:13 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-16 10:13 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-16 10:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-16 10:13 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-16 10:13 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-16 10:13 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-16 10:13 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\system32\Drivers\mfpec.sys;c:\windows\SYSNATIVE\Drivers\mfpec.sys [x]
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WUSBVBus;MFP Server Detector;c:\windows\system32\DRIVERS\mfpvbus.sys;c:\windows\SYSNATIVE\DRIVERS\mfpvbus.sys [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 20:40]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.loveme.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ED65330E-844E-665C-7DB7-8ED3822296AF}*]
@Allowed: (Read) (RestrictedCode)
"jaiggidmnngdffnkkipn"=hex:69,61,67,70,67,68,6c,62,69,64,6d,68,63,65,64,66,6a,
69,00,77
"iaofiklfjaineophfg"=hex:69,61,64,70,62,65,6b,6b,66,63,65,62,65,6d,69,67,65,61,
00,77
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-26 17:39:15
ComboFix-quarantined-files.txt 2013-11-26 16:39
ComboFix2.txt 2013-11-26 07:27
ComboFix3.txt 2013-11-25 21:06
ComboFix4.txt 2013-11-25 20:07
ComboFix5.txt 2013-11-26 16:23
.
Před spuštěním: Volných bajtů: 90 303 729 664
Po spuštění: Volných bajtů: 90 010 730 496
.
- - End Of File - - 71715EE59A1B3351236EDA3E25C929CD
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Při skenu jste nevypnul antivir. Tu hlášku nedává CF pro legraci. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\programdata\1385302309.bdinstall.bin
Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=-
RegLock::
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Regnull::
[HKEY_USERS\S-1-5-21-1719993599-3695932510-4238446904-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{ED65330E-844E-665C-7DB7-8ED3822296AF}*]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Přikládám nový log ComboFixu se skriptem:
ComboFix 13-11-23.02 - Martin 26.11.2013 22:35:46.29.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.808 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1385302309.bdinstall.bin
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-26 21:42 . 2013-11-26 21:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-26 21:42 . 2013-11-26 21:42 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-26 21:42 . 2013-11-26 21:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- c:\program files\trend micro
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- C:\rsit
2013-11-24 14:12 . 2013-11-26 07:30 -------- d-----w- c:\users\Martin\AppData\Local\CrashDumps
2013-11-24 14:12 . 2013-11-24 14:12 -------- d-----w- c:\programdata\Bitdefender
2013-11-24 14:12 . 2013-11-25 19:48 -------- d-----w- c:\program files\Bitdefender
2013-11-19 16:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-11-19 16:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-11-19 11:27 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-19 11:21 . 2013-11-19 11:21 977408 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-11-18 12:00 . 2013-11-18 12:10 -------- d-----w- c:\users\Martin\AppData\Local\NPE
2013-11-18 12:00 . 2013-11-18 12:00 -------- d-----w- c:\programdata\Norton
2013-11-15 07:26 . 2013-11-15 07:26 -------- d-----w- c:\users\Martin\AppData\Local\Avg2014
2013-11-13 21:11 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 21:11 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iPod
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iTunes
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files (x86)\iTunes
2013-10-31 08:04 . 2013-10-31 08:04 -------- d-----w- c:\users\Martin\AppData\Roaming\KB-ext
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-22 20:40 . 2011-05-19 06:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 22:16 . 2011-04-27 16:24 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-30 10:27 . 2013-10-08 15:35 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-30 10:27 . 2013-10-15 11:20 42808 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-30 10:27 . 2013-10-15 11:20 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2013-10-30 10:27 . 2013-10-08 15:35 29496 ----a-w- c:\windows\system32\authuitu.dll
2013-10-30 10:27 . 2013-10-08 15:35 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-10-27 08:12 . 2012-11-19 22:20 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-10-27 08:12 . 2012-11-19 22:20 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-10-27 08:12 . 2013-02-25 22:32 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-27 08:12 . 2013-02-25 22:32 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-10-27 08:12 . 2013-10-27 08:12 9480328 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 11374520 ----a-w- c:\windows\system32\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 30344480 ----a-w- c:\windows\system32\nvoglv64.dll
2013-10-27 08:12 . 2013-10-27 08:12 22933792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-10-27 08:12 . 2013-10-27 08:12 655136 ----a-w- c:\windows\system32\NvIFR64.dll
2013-10-27 08:12 . 2013-10-27 08:12 560416 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-10-27 08:12 . 2013-10-27 08:12 12572960 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-10-27 08:12 . 2013-10-27 08:12 696096 ----a-w- c:\windows\system32\NvFBC64.dll
2013-10-27 08:12 . 2013-10-27 08:12 599840 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-10-27 08:12 . 2013-10-27 08:12 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-10-27 08:12 . 2013-10-27 08:12 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 9524088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 3131680 ----a-w- c:\windows\system32\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 3124512 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 2946848 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 2747168 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-27 08:12 . 2013-10-27 08:12 11426568 ----a-w- c:\windows\system32\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-27 08:12 . 2013-10-27 08:12 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-10-27 08:12 . 2013-10-27 08:12 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-10-27 08:12 . 2013-02-25 22:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 08:20 . 2012-11-19 22:21 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-11-19 22:21 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-11-19 22:21 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-11-19 22:21 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-11-19 22:21 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-11-19 22:21 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-21 10:17 . 2013-10-21 10:17 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-21 10:17 . 2013-10-21 10:17 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\java.exe
2013-10-08 05:50 . 2013-10-21 08:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-25 02:22 . 2013-11-13 21:10 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 21:10 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-08 02:30 . 2013-10-16 10:13 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-16 10:13 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-16 10:13 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 23:43 . 2013-09-04 23:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-09-04 12:12 . 2013-10-17 16:08 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-17 16:08 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-17 16:08 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-17 16:08 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-17 16:08 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-17 16:08 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-17 16:08 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-16 10:13 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-16 10:13 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-16 10:13 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-16 10:13 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-16 10:13 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-16 10:13 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-16 10:13 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-16 10:13 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-16 10:13 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-16 10:13 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-16 10:13 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-16 10:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-16 10:13 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-16 10:13 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-16 10:13 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-16 10:13 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\system32\Drivers\mfpec.sys;c:\windows\SYSNATIVE\Drivers\mfpec.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WUSBVBus;MFP Server Detector;c:\windows\system32\DRIVERS\mfpvbus.sys;c:\windows\SYSNATIVE\DRIVERS\mfpvbus.sys [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 20:40]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.loveme.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-11-26 22:51:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-26 21:51
ComboFix2.txt 2013-11-26 21:25
ComboFix3.txt 2013-11-26 16:39
ComboFix4.txt 2013-11-26 07:27
ComboFix5.txt 2013-11-26 21:34
.
Před spuštěním: Volných bajtů: 90 050 572 288
Po spuštění: Volných bajtů: 89 978 109 952
.
- - End Of File - - E144C869FF249B798711E3000212C1CB
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-11-23.02 - Martin 26.11.2013 22:35:46.29.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2047.808 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1385302309.bdinstall.bin
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-26 do 2013-11-26 )))))))))))))))))))))))))))))))
.
.
2013-11-26 21:42 . 2013-11-26 21:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-26 21:42 . 2013-11-26 21:42 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-26 21:42 . 2013-11-26 21:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- c:\program files\trend micro
2013-11-26 10:56 . 2013-11-26 10:56 -------- d-----w- C:\rsit
2013-11-24 14:12 . 2013-11-26 07:30 -------- d-----w- c:\users\Martin\AppData\Local\CrashDumps
2013-11-24 14:12 . 2013-11-24 14:12 -------- d-----w- c:\programdata\Bitdefender
2013-11-24 14:12 . 2013-11-25 19:48 -------- d-----w- c:\program files\Bitdefender
2013-11-19 16:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-11-19 16:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-11-19 11:27 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-19 11:21 . 2013-11-19 11:21 977408 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-11-18 12:00 . 2013-11-18 12:10 -------- d-----w- c:\users\Martin\AppData\Local\NPE
2013-11-18 12:00 . 2013-11-18 12:00 -------- d-----w- c:\programdata\Norton
2013-11-15 07:26 . 2013-11-15 07:26 -------- d-----w- c:\users\Martin\AppData\Local\Avg2014
2013-11-13 21:11 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 21:11 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iPod
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files\iTunes
2013-11-08 06:48 . 2013-11-08 06:48 -------- d-----w- c:\program files (x86)\iTunes
2013-10-31 08:04 . 2013-10-31 08:04 -------- d-----w- c:\users\Martin\AppData\Roaming\KB-ext
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-22 20:40 . 2011-05-19 06:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-13 22:16 . 2011-04-27 16:24 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-30 10:27 . 2013-10-08 15:35 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2013-10-30 10:27 . 2013-10-15 11:20 42808 ----a-w- c:\windows\system32\uxtuneup.dll
2013-10-30 10:27 . 2013-10-15 11:20 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2013-10-30 10:27 . 2013-10-08 15:35 29496 ----a-w- c:\windows\system32\authuitu.dll
2013-10-30 10:27 . 2013-10-08 15:35 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2013-10-27 08:12 . 2012-11-19 22:20 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-10-27 08:12 . 2012-11-19 22:20 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-10-27 08:12 . 2013-02-25 22:32 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-10-27 08:12 . 2013-02-25 22:32 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-10-27 08:12 . 2013-10-27 08:12 9480328 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 11374520 ----a-w- c:\windows\system32\nvopencl.dll
2013-10-27 08:12 . 2013-10-27 08:12 30344480 ----a-w- c:\windows\system32\nvoglv64.dll
2013-10-27 08:12 . 2013-10-27 08:12 22933792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-10-27 08:12 . 2013-10-27 08:12 655136 ----a-w- c:\windows\system32\NvIFR64.dll
2013-10-27 08:12 . 2013-10-27 08:12 560416 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-10-27 08:12 . 2013-10-27 08:12 12572960 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-10-27 08:12 . 2013-10-27 08:12 696096 ----a-w- c:\windows\system32\NvFBC64.dll
2013-10-27 08:12 . 2013-10-27 08:12 599840 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-10-27 08:12 . 2013-10-27 08:12 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-10-27 08:12 . 2013-10-27 08:12 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-27 08:12 . 2013-10-27 08:12 9524088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 3131680 ----a-w- c:\windows\system32\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 3124512 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 2946848 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-10-27 08:12 . 2013-10-27 08:12 2747168 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-10-27 08:12 . 2013-10-27 08:12 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-10-27 08:12 . 2013-10-27 08:12 11426568 ----a-w- c:\windows\system32\nvcuda.dll
2013-10-27 08:12 . 2013-10-27 08:12 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-10-27 08:12 . 2013-10-27 08:12 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-10-27 08:12 . 2013-10-27 08:12 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-10-27 08:12 . 2013-02-25 22:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll
2013-10-23 08:20 . 2012-11-19 22:21 6669600 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-11-19 22:21 3489568 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-11-19 22:21 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-11-19 22:21 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-11-19 22:21 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-11-19 22:21 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-23 02:02 . 2013-10-23 02:02 589600 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-21 10:17 . 2013-10-21 10:17 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-21 10:17 . 2013-10-21 10:17 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-21 10:17 . 2013-10-21 10:17 189352 ----a-w- c:\windows\system32\java.exe
2013-10-08 05:50 . 2013-10-21 08:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-25 02:22 . 2013-11-13 21:10 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 21:10 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-08 02:30 . 2013-10-16 10:13 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-16 10:13 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-16 10:13 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 23:43 . 2013-09-04 23:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-09-04 12:12 . 2013-10-17 16:08 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-17 16:08 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-17 16:08 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-17 16:08 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-17 16:08 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-17 16:08 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-17 16:08 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-16 10:13 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-16 10:13 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-16 10:13 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-16 10:13 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-16 10:13 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-16 10:13 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-16 10:13 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-16 10:13 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-16 10:13 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-16 10:13 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-16 10:13 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-16 10:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-16 10:13 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-16 10:13 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-16 10:13 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-16 10:13 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-09-22 4411952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\system32\Drivers\mfpec.sys;c:\windows\SYSNATIVE\Drivers\mfpec.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WUSBVBus;MFP Server Detector;c:\windows\system32\DRIVERS\mfpvbus.sys;c:\windows\SYSNATIVE\DRIVERS\mfpvbus.sys [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 20:40]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.loveme.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-11-26 22:51:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-26 21:51
ComboFix2.txt 2013-11-26 21:25
ComboFix3.txt 2013-11-26 16:39
ComboFix4.txt 2013-11-26 07:27
ComboFix5.txt 2013-11-26 21:34
.
Před spuštěním: Volných bajtů: 90 050 572 288
Po spuštění: Volných bajtů: 89 978 109 952
.
- - End Of File - - E144C869FF249B798711E3000212C1CB
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Děkuji moc za pomoc, zatím je to bez problémů.
-
Rudy
- Site Admin
- Příspěvky: 119531
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?