Prosím o kontrolu logů Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 02 črc 2012 12:40

Dobrý , asi po 2 restartu to už naskočilo ))
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod jaro3 » 02 črc 2012 19:54

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\AutoKMS.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\Drivers\X6va008
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4030349538-3256620621-3723112974-1001Core.job
c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4030349538-3256620621-3723112974-1001UA.job

Folder::
c:\windows\SysWOW64\Drivers\X6va008

Driver::
gupdatem
X6va008

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]


RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 03 črc 2012 10:22

Combofix :


ComboFix 12-07-01.03 - Asus 03.07.2012 9:23.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4007.2412 [GMT 2:00]
Spuštěný z: c:\users\Asus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Asus\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\program files (x86)\Google\Update\GoogleUpdate.exe"
"c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe"
"c:\windows\AutoKMS.exe"
"c:\windows\SysWOW64\Drivers\X6va008"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4030349538-3256620621-3723112974-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4030349538-3256620621-3723112974-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\Asus\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\AutoKMS.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4030349538-3256620621-3723112974-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4030349538-3256620621-3723112974-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA008
-------\Service_gupdatem
-------\Service_X6va008
-------\Service_gupdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-03 do 2012-07-03 )))))))))))))))))))))))))))))))
.
.
2012-07-03 07:28 . 2012-07-03 07:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-03 07:28 . 2012-07-03 07:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-03 07:28 . 2012-07-03 07:28 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-01 19:10 . 2012-07-01 19:22 -------- d-----w- c:\users\Asus\AppData\Local\Windows Live
2012-06-30 21:54 . 2012-06-30 21:54 -------- d-----w- c:\users\Asus\AppData\Roaming\Malwarebytes
2012-06-30 21:53 . 2012-06-30 21:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 21:53 . 2012-06-30 21:53 -------- d-----w- c:\programdata\Malwarebytes
2012-06-30 21:53 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 14:06 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{84BAE2D5-7C45-4027-AE31-82FFAC14E1B7}\mpengine.dll
2012-06-28 16:34 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-06-28 16:34 . 2012-06-28 16:34 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-06-24 14:02 . 2012-07-01 22:37 -------- d-----w- c:\users\Asus\AppData\Local\LogMeIn Hamachi
2012-06-24 13:52 . 2012-07-02 13:13 -------- d-----w- c:\users\Asus\AppData\Roaming\.minecraft
2012-06-24 13:51 . 2012-06-24 13:51 -------- d-----w- c:\users\Asus\minecraftserver
2012-06-24 09:47 . 2012-06-24 09:47 -------- d-----w- c:\program files (x86)\AMD
2012-06-24 09:44 . 2012-06-24 09:44 -------- d-----w- c:\windows\SysWow64\xlive
2012-06-24 09:44 . 2012-06-24 09:44 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-06-24 09:36 . 2012-06-24 09:36 271424 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-23 16:14 . 2012-06-23 16:14 -------- d-----w- c:\programdata\Blizzard
2012-06-22 05:13 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 05:13 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 05:13 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 05:13 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 05:13 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 05:13 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 05:13 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 05:13 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 05:13 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 21:19 . 2012-06-17 21:19 -------- d-----w- c:\program files\WinPcap
2012-06-17 21:19 . 2012-06-20 21:16 -------- d-----w- c:\users\Asus\AppData\Roaming\vso
2012-06-17 21:19 . 2012-06-17 21:19 -------- d-----w- c:\program files (x86)\VSO
2012-06-17 21:14 . 2012-06-17 21:14 -------- d-----w- c:\users\Asus\AppData\Roaming\CENZURA
2012-06-17 21:14 . 2012-06-17 21:14 -------- d-----w- c:\program files (x86)\YTD
2012-06-17 20:55 . 2012-06-17 20:55 -------- d-----w- c:\program files (x86)\Xi
2012-06-15 01:01 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-14 02:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-01 18:55 . 2012-03-23 15:28 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-19 15:05 . 2012-05-04 22:51 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-19 15:05 . 2012-05-04 22:51 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-29 18:46 . 2012-04-16 16:05 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2012-05-29 18:46 . 2012-04-16 16:06 35680 ----a-w- c:\windows\system32\uxtuneup.dll
2012-05-29 18:46 . 2012-04-16 16:06 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-05-29 18:46 . 2012-04-16 16:05 25952 ----a-w- c:\windows\system32\authuitu.dll
2012-05-29 18:46 . 2012-04-16 16:05 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-04-30 14:34 . 2012-04-30 14:33 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2012-04-26 19:44 . 2012-04-26 19:44 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-11 15:40 . 2012-04-11 15:40 56832 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2012-04-06 18:15 . 2012-04-06 18:15 38632 ----a-w- c:\windows\system32\drivers\taphss.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-01_18.49.07 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-01 18:48 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-03 07:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-01 18:48 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-03 07:32 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-01 18:48 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-03 07:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-07-01 18:57 54728 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-02 14:10 41594 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-22 16:59 . 2012-07-02 14:10 13050 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4030349538-3256620621-3723112974-1001_UserData.bin
+ 2011-02-18 19:47 . 2012-07-03 07:29 5006 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-02-18 19:47 . 2012-07-01 14:51 5006 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-07-03 07:30 . 2012-07-03 07:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-01 18:46 . 2012-07-01 18:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-03 07:30 . 2012-07-03 07:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-01 18:46 . 2012-07-01 18:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-03 08:20 . 2012-07-03 06:13 313932 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-03-22 20:48 . 2012-07-02 22:04 288110 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-07-01 14:24 627420 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-03 06:17 627420 c:\windows\system32\perfh009.dat
- 2011-02-19 05:36 . 2012-07-01 14:24 642704 c:\windows\system32\perfh005.dat
+ 2011-02-19 05:36 . 2012-07-03 06:17 642704 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-07-03 06:17 110140 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-01 14:24 110140 c:\windows\system32\perfc009.dat
- 2011-02-19 05:36 . 2012-07-01 14:24 125666 c:\windows\system32\perfc005.dat
+ 2011-02-19 05:36 . 2012-07-03 06:17 125666 c:\windows\system32\perfc005.dat
- 2012-03-23 00:42 . 2012-07-01 14:51 830008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-03-23 00:42 . 2012-07-01 23:45 830008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-07-03 07:29 384992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-01 14:51 384992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-03-25 14:22 . 2012-07-01 14:51 5513856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-8192.dat
+ 2012-03-25 14:22 . 2012-07-02 13:48 5513856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-8192.dat
- 2012-04-02 20:44 . 2012-06-09 23:09 4850832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-12288.dat
+ 2012-04-02 20:44 . 2012-07-01 23:45 4850832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]
"uTorrent"="d:\programy\uTorrent\uTorrent.exe" [2012-05-13 880496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"amd_dc_opt"=c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 257224]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-06 276248]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-02 1255736]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R4 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-09 2983808]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-02-23 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-03-01 28992]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-24 271424]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-02-23 69976]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-02-23 131288]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-04-02 329544]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-02-21 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-02-21 396776]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-14 327168]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-04-12 142632]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 15:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 15:23 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-06 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-06 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-06 439576]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"combofix"="c:\combofix\CF23077.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stáhnout pomocí Net Transportu - c:\program files (x86)\Xi\NetTransport 2\NTAddLink.html
IE: Stáhnout vše pomocí &Net Transportu - c:\program files (x86)\Xi\NetTransport 2\NTAddList.html
IE: ŔĚ ´Üľî °Ë»ö(&S) - c:\program files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll/SEARCH.HTM
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-AutoKMS - c:\windows\AutoKMS.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-07-03 09:34:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-03 07:34
ComboFix2.txt 2012-07-01 18:53
.
Před spuštěním: Volných bajtů: 193 815 740 416
Po spuštění: Volných bajtů: 193 360 502 784
.
- - End Of File - - E149B8F3D14F4D1DD084CE66333E0AF3


HJT:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:21:12, on 3.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Users\Asus\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Asus\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files (x86)\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [RocketDock] "D:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout pomocí Net Transportu - C:\Program Files (x86)\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Stáhnout vše pomocí &Net Transportu - C:\Program Files (x86)\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: ŔĚ ´Üľî °Ë»ö(&S) - res://C:\Program Files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll/SEARCH.HTM
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14541 bytes


aswMBR :


aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-03 10:12:27
-----------------------------
10:12:27.472 OS Version: Windows x64 6.1.7601 Service Pack 1
10:12:27.472 Number of processors: 4 586 0x2A07
10:12:27.472 ComputerName: PICMUND-NTBK UserName: Asus
10:12:28.580 Initialize success
10:12:29.063 AVAST engine defs: 12051601
10:12:35.600 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:12:35.600 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
10:12:35.615 Disk 0 MBR read successfully
10:12:35.615 Disk 0 MBR scan
10:12:35.615 Disk 0 unknown MBR code
10:12:35.646 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
10:12:35.646 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 249554 MB offset 52430848
10:12:35.662 Disk 0 Partition - 00 0F Extended LBA 328824 MB offset 576831486
10:12:35.678 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290631 MB offset 576831488
10:12:35.678 Disk 0 Partition - 00 05 Extended 34185 MB offset 1172043968
10:12:35.709 Disk 0 Partition 4 00 83 Linux 34185 MB offset 1172045824
10:12:35.724 Disk 0 Partition - 00 05 Extended 4007 MB offset 1837269186
10:12:35.756 Disk 0 Partition 5 00 82 Linux swap 4006 MB offset 1242058752
10:12:35.802 Disk 0 scanning C:\Windows\system32\drivers
10:12:45.334 Service scanning
10:13:03.461 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
10:13:09.358 Modules scanning
10:13:09.358 Disk 0 trace - called modules:
10:13:09.374 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys sptd.sys hal.dll
10:13:09.374 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80069e0060]
10:13:09.389 3 CLASSPNP.SYS[fffff88001d8f43f] -> nt!IofCallDriver -> [0xfffffa8004e13430]
10:13:09.389 5 ACPI.sys[fffff880011aa7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004e19050]
10:13:09.857 AVAST engine scan C:\Windows
10:13:12.182 AVAST engine scan C:\Windows\system32
10:15:22.286 AVAST engine scan C:\Windows\system32\drivers
10:15:31.147 AVAST engine scan C:\Users\Asus
10:17:41.298 AVAST engine scan C:\ProgramData
10:18:58.097 Scan finished successfully
10:19:40.919 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\MBR.dat"
10:19:40.919 The log file has been saved successfully to "C:\Users\Asus\Desktop\aswMBR.txt"
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod jaro3 » 03 črc 2012 11:01

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Asus\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

File::
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\perfc005.dat
c:\program files (x86)\Skype\Updater\Updater.exe

Driver::
SkypeUpdate



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 03 črc 2012 16:50

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:50:34, on 3.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
D:\Programy\uTorrent\uTorrent.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\AsScrPro.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Users\Asus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Asus\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Asus\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [RocketDock] "D:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ŔĚ ´Üľî °Ë»ö(&S) - res://C:\Program Files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll/SEARCH.HTM
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14823 bytes
Nahoru
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 03 črc 2012 16:51

ComboFix 12-07-01.03 - Asus 03.07.2012 16:25:07.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4007.2331 [GMT 2:00]
Spuštěný z: c:\users\Asus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Asus\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh005.dat
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-03 do 2012-07-03 )))))))))))))))))))))))))))))))
.
.
2012-07-03 14:31 . 2012-07-03 14:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-03 14:31 . 2012-07-03 14:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-03 14:31 . 2012-07-03 14:31 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-03 12:30 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD2CAA96-C8B4-4849-8198-8957F5FD3D48}\mpengine.dll
2012-07-03 09:58 . 2012-07-03 09:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-03 09:57 . 2012-07-03 09:57 -------- d-----w- c:\program files (x86)\Oracle
2012-07-03 09:56 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-03 09:56 . 2012-07-03 09:56 -------- d-----w- c:\program files (x86)\Java
2012-07-03 09:54 . 2012-07-03 09:54 627600 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-03 09:54 . 2012-07-03 09:54 -------- d-----w- c:\program files\Java
2012-07-03 09:37 . 2012-07-03 13:27 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-03 09:37 . 2012-07-03 09:37 -------- d-----w- c:\users\Asus\AppData\Local\PunkBuster
2012-07-03 09:35 . 2012-07-03 14:01 -------- d-----w- c:\users\Asus\AppData\Local\Ubisoft Game Launcher
2012-07-03 08:40 . 2012-07-03 13:04 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-03 08:37 . 2012-07-03 08:37 -------- d-----w- c:\program files (x86)\Ubisoft
2012-07-03 08:30 . 2012-07-03 08:30 -------- d-----w- c:\users\Asus\AppData\Roaming\Ubisoft
2012-07-01 19:10 . 2012-07-01 19:22 -------- d-----w- c:\users\Asus\AppData\Local\Windows Live
2012-06-30 21:54 . 2012-06-30 21:54 -------- d-----w- c:\users\Asus\AppData\Roaming\Malwarebytes
2012-06-30 21:53 . 2012-06-30 21:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 21:53 . 2012-06-30 21:53 -------- d-----w- c:\programdata\Malwarebytes
2012-06-30 21:53 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-28 16:34 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-06-28 16:34 . 2012-06-28 16:34 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-06-24 14:02 . 2012-07-03 09:16 -------- d-----w- c:\users\Asus\AppData\Local\LogMeIn Hamachi
2012-06-24 13:52 . 2012-07-02 13:13 -------- d-----w- c:\users\Asus\AppData\Roaming\.minecraft
2012-06-24 13:51 . 2012-06-24 13:51 -------- d-----w- c:\users\Asus\minecraftserver
2012-06-24 09:44 . 2012-06-24 09:44 -------- d-----w- c:\windows\SysWow64\xlive
2012-06-24 09:44 . 2012-06-24 09:44 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-06-24 09:36 . 2012-06-24 09:36 271424 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-23 16:14 . 2012-06-23 16:14 -------- d-----w- c:\programdata\Blizzard
2012-06-22 05:13 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 05:13 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 05:13 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 05:13 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 05:13 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 05:13 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 05:13 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 05:13 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 05:13 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 21:19 . 2012-07-03 14:04 -------- d-----w- c:\program files\WinPcap
2012-06-17 21:19 . 2012-06-20 21:16 -------- d-----w- c:\users\Asus\AppData\Roaming\vso
2012-06-17 21:19 . 2012-06-17 21:19 -------- d-----w- c:\program files (x86)\VSO
2012-06-17 21:14 . 2012-06-17 21:14 -------- d-----w- c:\users\Asus\AppData\Roaming\CENZURA
2012-06-17 21:14 . 2012-06-17 21:14 -------- d-----w- c:\program files (x86)\YTD
2012-06-15 01:01 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-14 02:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-01 18:55 . 2012-03-23 15:28 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-19 15:05 . 2012-05-04 22:51 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-19 15:05 . 2012-05-04 22:51 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-29 18:46 . 2012-04-16 16:05 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2012-05-29 18:46 . 2012-04-16 16:06 35680 ----a-w- c:\windows\system32\uxtuneup.dll
2012-05-29 18:46 . 2012-04-16 16:06 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-05-29 18:46 . 2012-04-16 16:05 25952 ----a-w- c:\windows\system32\authuitu.dll
2012-05-29 18:46 . 2012-04-16 16:05 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-05-15 10:48 . 2012-04-02 20:41 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2012-04-02 20:41 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2012-03-23 15:14 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2012-03-23 15:14 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 09:29 . 2011-05-11 10:53 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-05-11 10:53 858944 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-05-15 09:29 . 2011-05-11 10:53 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-05-11 10:53 55616 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-05-15 09:29 . 2011-05-11 10:53 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-05-11 10:53 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-05-11 10:53 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-05-15 09:29 . 2011-05-11 10:52 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-05-11 10:53 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-04 17:29 . 2012-04-26 19:44 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-30 14:34 . 2012-04-30 14:33 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2012-04-11 15:40 . 2012-04-11 15:40 56832 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2012-04-06 18:15 . 2012-04-06 18:15 38632 ----a-w- c:\windows\system32\drivers\taphss.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-01_18.49.07 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-01 18:48 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-03 14:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-01 18:48 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-03 14:34 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-01 18:48 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-03 14:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-07-03 12:48 55326 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-03 12:48 42258 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-22 16:59 . 2012-07-03 12:48 13464 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4030349538-3256620621-3723112974-1001_UserData.bin
+ 2009-07-14 05:30 . 2012-07-03 12:43 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-06-24 09:36 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-07-03 12:42 . 2012-05-15 10:48 68928 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\OpenCL64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 61248 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\OpenCL.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 28992 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvpciflt.sys
+ 2012-07-03 10:02 . 2012-05-15 10:48 28992 c:\windows\system32\drivers\nvpciflt.sys
- 2012-04-02 20:41 . 2012-03-01 00:02 28992 c:\windows\system32\drivers\nvpciflt.sys
+ 2012-04-02 20:04 . 2012-07-03 07:45 34144 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\oisicon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 34144 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\oisicon.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 42848 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\msouc.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 42848 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\msouc.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 19296 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\cagicon.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 19296 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\cagicon.exe
- 2012-06-24 09:45 . 2012-06-24 09:45 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2012-03-25 14:22 . 2012-07-03 14:31 5944 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-03-25 14:22 . 2012-05-27 17:01 5944 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-07-03 12:42 . 2012-05-15 10:48 4096 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdetx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 4096 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdet.dll
+ 2011-02-18 19:47 . 2012-07-03 14:31 5006 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-02-18 19:47 . 2012-07-01 14:51 5006 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-07-03 14:33 . 2012-07-03 14:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-01 18:46 . 2012-07-01 18:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-03 14:33 . 2012-07-03 14:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-01 18:46 . 2012-07-01 18:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-03 10:02 . 2012-05-15 10:48 818496 c:\windows\SysWOW64\nvumdshim.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 202048 c:\windows\SysWOW64\nvinit.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 301376 c:\windows\SysWOW64\nvdecodemft.dll
- 2012-04-02 20:41 . 2012-03-01 00:02 301376 c:\windows\SysWOW64\nvdecodemft.dll
+ 2012-04-02 20:46 . 2012-05-15 10:48 818496 c:\windows\SysWOW64\NV\igdumd32.dll
+ 2012-03-23 15:16 . 2012-05-15 10:48 818496 c:\windows\SysWOW64\NV\igd10umd32.dll
+ 2012-07-03 09:56 . 2012-05-04 17:29 227720 c:\windows\SysWOW64\javaws.exe
+ 2012-07-03 09:56 . 2012-07-03 09:56 174064 c:\windows\SysWOW64\javaw.exe
+ 2012-07-03 09:56 . 2012-07-03 09:56 174064 c:\windows\SysWOW64\java.exe
+ 2012-04-03 08:20 . 2012-07-03 06:13 313932 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-03-22 20:48 . 2012-07-02 22:04 288110 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-07-03 07:47 627420 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-01 14:24 627420 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-01 14:24 110140 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-07-03 07:47 110140 c:\windows\system32\perfc009.dat
+ 2012-07-03 10:02 . 2012-05-15 10:48 246592 c:\windows\system32\nvinitx.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 364352 c:\windows\system32\nvdecodemft.dll
- 2012-04-02 20:41 . 2012-03-01 00:02 364352 c:\windows\system32\nvdecodemft.dll
+ 2012-03-23 15:16 . 2012-05-15 10:48 949056 c:\windows\system32\NV\igdumd64.dll
+ 2012-03-23 15:16 . 2012-05-15 10:48 949056 c:\windows\system32\NV\igd10umd64.dll
+ 2012-07-03 09:54 . 2012-07-03 09:54 252296 c:\windows\system32\javaws.exe
+ 2012-07-03 09:54 . 2012-07-03 09:54 188808 c:\windows\system32\javaw.exe
+ 2012-07-03 09:54 . 2012-07-03 09:54 188808 c:\windows\system32\java.exe
- 2009-07-14 05:30 . 2012-06-24 09:36 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-07-03 12:43 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-07-03 12:43 143360 c:\windows\system32\DriverStore\infstor.dat
- 2009-07-14 05:30 . 2012-06-24 09:36 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-07-03 12:42 . 2012-05-15 10:48 949056 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvumdshimx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 818496 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvumdshim.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 249152 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvkflt.sys
+ 2012-07-03 12:42 . 2012-05-15 10:48 246592 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvinitx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 202048 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvinit.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 249856 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdxgiwrapx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 220480 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdxgiwrap.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 301376 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdecodemft32.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 364352 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdecodemft.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 316928 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\Nvd3d9wrapx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 285504 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\Nvd3d9wrap.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 232768 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\dbInstaller.exe
+ 2012-03-23 00:42 . 2012-07-01 23:45 830008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-03-23 00:42 . 2012-07-01 14:51 830008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-07-01 14:51 384992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-03 14:31 384992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-03 09:58 . 2012-07-03 09:58 179200 c:\windows\Installer\75b0ca.msi
+ 2012-07-03 09:56 . 2012-07-03 09:56 461312 c:\windows\Installer\75b0c4.msi
+ 2012-07-03 09:54 . 2012-07-03 09:54 973312 c:\windows\Installer\75b0bc.msi
+ 2012-02-13 19:30 . 2012-02-13 19:30 475136 c:\windows\Installer\2101aa.msi
- 2012-04-02 20:04 . 2012-06-15 01:02 415584 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pubs.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 415584 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pubs.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 303456 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\outicon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 303456 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\outicon.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 571232 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\misc.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 571232 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\misc.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 326496 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\joticon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 326496 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\joticon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 469856 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\inficon.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 469856 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\inficon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 178528 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\grvicons.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 178528 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\grvicons.exe
+ 2012-07-03 08:39 . 2012-07-03 08:39 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 8105280 c:\windows\SysWOW64\nvwgf2um.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 2524992 c:\windows\SysWOW64\nvcuvid.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 2445120 c:\windows\SysWOW64\nvcuvenc.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 5982528 c:\windows\SysWOW64\nvcuda.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 2368832 c:\windows\SysWOW64\nvapi.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 2681664 c:\windows\system32\nvcuvid.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 2881856 c:\windows\system32\nvcuvenc.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 8139072 c:\windows\system32\nvcuda.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 8105280 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvwgf2um.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 1468224 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvgenco64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 1066872 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdrsdb.bin
+ 2012-07-03 12:42 . 2012-05-15 10:48 1738048 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvdispco64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 2524992 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcuvid32.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 2681664 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcuvid.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 2881856 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcuvenc64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 2445120 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcuvenc.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 5982528 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcuda32.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 8139072 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcuda.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 2741568 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvapi64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 2368832 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvapi.dll
+ 2012-03-25 14:22 . 2012-07-03 10:12 5513856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-8192.dat
- 2012-03-25 14:22 . 2012-07-01 14:51 5513856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-8192.dat
+ 2012-04-02 20:44 . 2012-07-03 12:45 4850832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-12288.dat
- 2012-04-02 20:44 . 2012-06-09 23:09 4850832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-12288.dat
- 2012-04-02 20:04 . 2012-06-15 01:02 1479520 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 1479520 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 1858400 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 1858400 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 3792736 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 3792736 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
+ 2012-04-02 20:04 . 2012-07-03 07:45 1449312 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\accicons.exe
- 2012-04-02 20:04 . 2012-06-15 01:02 1449312 c:\windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\accicons.exe
- 2012-06-24 09:45 . 2012-06-24 09:45 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-06-24 09:45 . 2012-06-24 09:45 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 08:39 . 2012-07-03 08:39 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 19607872 c:\windows\SysWOW64\nvoglv32.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 15322432 c:\windows\SysWOW64\nvd3dum.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 17551680 c:\windows\SysWOW64\nvcompiler.dll
+ 2012-03-23 15:16 . 2012-05-15 10:48 19607872 c:\windows\SysWOW64\NV\ig4icd32.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 10194752 c:\windows\system32\nvwgf2umx.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 25743168 c:\windows\system32\nvoglv64.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 18044224 c:\windows\system32\nvd3dumx.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 25248064 c:\windows\system32\nvcompiler.dll
+ 2012-03-23 15:16 . 2012-05-15 10:48 25743168 c:\windows\system32\NV\ig4icd64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 10194752 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvwgf2umx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 25743168 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvoglv64.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 19607872 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvoglv32.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 14298944 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvlddmkm.sys
+ 2012-07-03 12:42 . 2012-05-15 10:48 18044224 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvd3dumx.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 15322432 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvd3dum.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 71931424 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\NvCplSetupInt.exe
+ 2012-07-03 12:42 . 2012-05-15 10:48 17551680 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcompiler32.dll
+ 2012-07-03 12:42 . 2012-05-15 10:48 25248064 c:\windows\system32\DriverStore\FileRepository\nvam.inf_amd64_neutral_5f16d6d65e690a52\nvcompiler.dll
+ 2012-07-03 10:02 . 2012-05-15 10:48 14298944 c:\windows\system32\drivers\nvlddmkm.sys
+ 2012-07-03 09:56 . 2012-07-03 09:56 17379328 c:\windows\Installer\75b0c0.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]
"uTorrent"="d:\programy\uTorrent\uTorrent.exe" [2012-05-13 880496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 257224]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-06 276248]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-02 1255736]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-09 2983808]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-02-23 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-24 271424]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-02-23 69976]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-02-23 131288]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-04-02 329544]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-02-21 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-02-21 396776]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-14 327168]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-04-12 142632]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 15:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 15:23 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-06 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-06 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-06 439576]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"combofix"="c:\combofix\CF7510.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: ŔĚ ´Üľî °Ë»ö(&S) - c:\program files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll/SEARCH.HTM
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-07-03 16:37:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-03 14:37
ComboFix2.txt 2012-07-03 07:34
ComboFix3.txt 2012-07-01 18:53
.
Před spuštěním: Volných bajtů: 182 487 683 072
Po spuštění: Volných bajtů: 182 198 353 920
.
- - End Of File - - EC6110F70BCC49F9433A002D62CF29B9
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod jaro3 » 03 črc 2012 20:50

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)


Odinstaluj:
netimo

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\program files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll

Folder::
c:\program files (x86)\netimo

DDS::
IE: ŔĚ ´Üľî °Ë»ö(&S) - c:\program files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll/SEARCH.HTM


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 04 črc 2012 17:25

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:18, on 4.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
D:\Programy\RocketDock\RocketDock.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
D:\Programy\uTorrent\uTorrent.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Asus\Desktop\HiJackThis.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Asus\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [RocketDock] "D:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "D:\Programy\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13697 bytes



ComboFix 12-07-04.03 - Asus 04.07.2012 17:09:26.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4007.2325 [GMT 2:00]
Spuštěný z: c:\users\Asus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Asus\Desktop\CFScript.txt
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\netimo\Common Shared\URLHelper\ntmurl.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\netimo
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-04 do 2012-07-04 )))))))))))))))))))))))))))))))
.
.
2012-07-04 15:15 . 2012-07-04 15:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-04 15:15 . 2012-07-04 15:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-04 15:15 . 2012-07-04 15:15 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-03 16:09 . 2012-07-03 16:09 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-03 16:09 . 2012-07-03 16:09 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-03 15:49 . 2012-07-03 15:49 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD2CAA96-C8B4-4849-8198-8957F5FD3D48}\offreg.dll
2012-07-03 12:30 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD2CAA96-C8B4-4849-8198-8957F5FD3D48}\mpengine.dll
2012-07-03 09:58 . 2012-07-03 09:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-03 09:56 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-03 09:56 . 2012-07-03 09:56 -------- d-----w- c:\program files (x86)\Java
2012-07-03 09:54 . 2012-07-03 09:54 627600 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-03 09:37 . 2012-07-03 16:09 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-03 09:37 . 2012-07-03 09:37 -------- d-----w- c:\users\Asus\AppData\Local\PunkBuster
2012-07-03 09:35 . 2012-07-03 16:08 -------- d-----w- c:\users\Asus\AppData\Local\Ubisoft Game Launcher
2012-07-03 08:37 . 2012-07-03 08:37 -------- d-----w- c:\program files (x86)\Ubisoft
2012-07-03 08:30 . 2012-07-03 08:30 -------- d-----w- c:\users\Asus\AppData\Roaming\Ubisoft
2012-07-01 19:10 . 2012-07-01 19:22 -------- d-----w- c:\users\Asus\AppData\Local\Windows Live
2012-06-30 21:54 . 2012-06-30 21:54 -------- d-----w- c:\users\Asus\AppData\Roaming\Malwarebytes
2012-06-30 21:53 . 2012-06-30 21:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-30 21:53 . 2012-06-30 21:53 -------- d-----w- c:\programdata\Malwarebytes
2012-06-30 21:53 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-28 16:34 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2012-06-28 16:34 . 2012-06-28 16:34 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-06-24 14:02 . 2012-07-03 09:16 -------- d-----w- c:\users\Asus\AppData\Local\LogMeIn Hamachi
2012-06-24 13:52 . 2012-07-02 13:13 -------- d-----w- c:\users\Asus\AppData\Roaming\.minecraft
2012-06-24 13:51 . 2012-06-24 13:51 -------- d-----w- c:\users\Asus\minecraftserver
2012-06-24 09:44 . 2012-06-24 09:44 -------- d-----w- c:\windows\SysWow64\xlive
2012-06-24 09:44 . 2012-06-24 09:44 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2012-06-24 09:36 . 2012-06-24 09:36 271424 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-23 16:14 . 2012-06-23 16:14 -------- d-----w- c:\programdata\Blizzard
2012-06-22 05:13 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 05:13 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 05:13 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 05:13 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 05:13 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-22 05:13 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 05:13 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 05:13 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 05:13 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 21:19 . 2012-07-03 14:04 -------- d-----w- c:\program files\WinPcap
2012-06-17 21:19 . 2012-06-20 21:16 -------- d-----w- c:\users\Asus\AppData\Roaming\vso
2012-06-17 21:19 . 2012-06-17 21:19 -------- d-----w- c:\program files (x86)\VSO
2012-06-17 21:14 . 2012-06-17 21:14 -------- d-----w- c:\users\Asus\AppData\Roaming\CENZURA
2012-06-17 21:14 . 2012-06-17 21:14 -------- d-----w- c:\program files (x86)\YTD
2012-06-15 01:01 . 2012-05-18 01:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-14 02:10 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-01 18:55 . 2012-03-23 15:28 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-06-19 15:05 . 2012-05-04 22:51 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-19 15:05 . 2012-05-04 22:51 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-29 18:46 . 2012-04-16 16:05 34656 ----a-w- c:\windows\system32\TURegOpt.exe
2012-05-29 18:46 . 2012-04-16 16:06 35680 ----a-w- c:\windows\system32\uxtuneup.dll
2012-05-29 18:46 . 2012-04-16 16:06 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2012-05-29 18:46 . 2012-04-16 16:05 25952 ----a-w- c:\windows\system32\authuitu.dll
2012-05-29 18:46 . 2012-04-16 16:05 21344 ----a-w- c:\windows\SysWow64\authuitu.dll
2012-05-15 10:48 . 2012-04-02 20:41 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2012-04-02 20:41 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2012-03-23 15:14 949056 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-05-15 10:48 . 2012-03-23 15:14 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 09:29 . 2011-05-11 10:53 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-05-11 10:53 858944 ----a-w- c:\windows\system32\nv3dappshext.dll
2012-05-15 09:29 . 2011-05-11 10:53 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-05-11 10:53 55616 ----a-w- c:\windows\system32\nv3dappshextr.dll
2012-05-15 09:29 . 2011-05-11 10:53 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-05-11 10:53 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-05-11 10:53 2621723 ----a-w- c:\windows\system32\nvcoproc.bin
2012-05-15 09:29 . 2011-05-11 10:52 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-05-11 10:53 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-04 17:29 . 2012-04-26 19:44 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-30 14:34 . 2012-04-30 14:33 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2012-04-11 15:40 . 2012-04-11 15:40 56832 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2012-04-06 18:15 . 2012-04-06 18:15 38632 ----a-w- c:\windows\system32\drivers\taphss.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-03_14.33.53 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-03 14:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-04 15:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-03 14:34 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-04 15:18 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-03 14:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-04 15:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2012-07-04 08:14 55866 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-04 08:14 42362 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-03-22 16:59 . 2012-07-04 08:14 13712 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4030349538-3256620621-3723112974-1001_UserData.bin
+ 2012-07-03 16:02 . 2012-07-03 16:02 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2011-02-18 19:47 . 2012-07-03 14:31 5006 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-02-18 19:47 . 2012-07-04 15:15 5006 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2012-07-04 15:16 . 2012-07-04 15:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-03 14:33 . 2012-07-03 14:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-03 14:33 . 2012-07-03 14:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-04 15:16 . 2012-07-04 15:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-03 09:56 . 2012-07-03 09:56 227824 c:\windows\SysWOW64\javaws.exe
+ 2009-07-14 05:01 . 2012-07-04 15:15 384992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-03 14:31 384992 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-07-03 08:39 . 2012-07-03 08:39 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2012-03-25 14:22 . 2012-07-04 15:15 5513856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-8192.dat
- 2012-03-25 14:22 . 2012-07-03 10:12 5513856 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-4030349538-3256620621-3723112974-1001-8192.dat
+ 2012-07-03 16:02 . 2012-07-03 16:02 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-07-03 16:02 . 2012-07-03 16:02 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2012-07-03 08:39 . 2012-07-03 08:39 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\programy\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]
"uTorrent"="d:\programy\uTorrent\uTorrent.exe" [2012-05-13 880496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-23 4031368]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-3-23 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 257224]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-03-06 276248]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2010-08-03 290920]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-02-23 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-05-15 28992]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-24 271424]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-03 379520]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-02-23 69976]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-02-23 131288]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-04-02 329544]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-09 2983808]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-02-21 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-02-21 396776]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-14 327168]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-04-12 142632]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-20 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 15:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-23 15:23 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-06 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-06 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-06 439576]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2012-07-04 17:21:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-04 15:21
ComboFix2.txt 2012-07-03 14:37
ComboFix3.txt 2012-07-03 07:34
ComboFix4.txt 2012-07-01 18:53
.
Před spuštěním: Volných bajtů: 182 332 514 304
Po spuštění: Volných bajtů: 182 005 854 208
.
- - End Of File - - BB52B69A570FDBAB9544355FB3B916BF
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod jaro3 » 04 črc 2012 19:16

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Jak to vypadá nyní?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 02 srp 2012 12:33

Tak sem vse udelal , ale nektere problemy stale trvaj .. napriklad jak sem psal o modre smrti , pri kazdem zapnuti z hybernace to hodi modrou smrt , pokazde .. pak spousteni win se mi zda strasne pomale , zapnu ntbk , zadam heslo a muzu cekat klidne i 10 minut nez se vubec neco stane
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Žbeky » 03 srp 2012 09:20

Stáhni si a nainstaluj WhoCrashed
Otevři ho a klikni na Analyze. Program vytvoří zprávu, celou ji zkopíruj a vlož prosím sem.


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.


Stáhni si Memtest:
Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048), dej Start, nech nejméně 2h běžet a pokud bude po 2h stále 0 errors, jsou v pořádku.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Pičmundík
nováček
Příspěvky: 48
Registrován: únor 12
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu logů

Příspěvekod Pičmundík » 06 srp 2012 22:07

Welcome to WhoCrashed (HOME EDITION) v 3.06
--------------------------------------------------------------------------------

This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.

Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.

This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. If will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.


To obtain technical support visit www.resplendence.com/support

Click here to check if you have the latest version or if an update is available.

Just click the Analyze button for a comprehensible report ...



--------------------------------------------------------------------------------
Home Edition Notice
--------------------------------------------------------------------------------

This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.

Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.



--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------

computer name: PICMUND-NTBK
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: GenuineIntel Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Intel586, level: 6
4 logical processors, active mask: 15
RAM: 4201324544 total
VM: 2147352576, free: 1941729280



--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.


On Fri 3.8.2012 11:34:03 GMT your computer crashed
crash dump file: C:\Windows\Minidump\080312-19734-01.dmp
This was probably caused by the following module: ndis.sys (ndis+0x64110)
Bugcheck code: 0xC2 (0x7, 0x109B, 0x4440016, 0xFFFFFA80090AC170)
Error: BAD_POOL_CALLER
file path: C:\Windows\system32\drivers\ndis.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NDIS 6.2 driver
Bug check description: This indicates that the current thread is making a bad pool request.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time.


On Fri 3.8.2012 11:34:03 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: hssdrv.sys (HssDrv+0x2BAC)
Bugcheck code: 0xC2 (0x7, 0x109B, 0x4440016, 0xFFFFFA80090AC170)
Error: BAD_POOL_CALLER
file path: C:\Windows\system32\drivers\hssdrv.sys
product: Hotspot Shield® Routing Driver
company: AnchorFree Inc.
description: Hotspot Shield Routing Driver
Bug check description: This indicates that the current thread is making a bad pool request.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: hssdrv.sys (Hotspot Shield Routing Driver, AnchorFree Inc.).
Google query: hssdrv.sys AnchorFree Inc. BAD_POOL_CALLER




On Thu 2.8.2012 16:13:45 GMT your computer crashed
crash dump file: C:\Windows\Minidump\080212-18657-01.dmp
This was probably caused by the following module: ndis.sys (ndis+0x64110)
Bugcheck code: 0xC2 (0x7, 0x109B, 0x4440009, 0xFFFFFA8009EC2890)
Error: BAD_POOL_CALLER
file path: C:\Windows\system32\drivers\ndis.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NDIS 6.2 driver
Bug check description: This indicates that the current thread is making a bad pool request.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time.



--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

3 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

hssdrv.sys (Hotspot Shield Routing Driver, AnchorFree Inc.)

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

.............


----------------------------------------------------------------------------
CrystalDiskInfo 4.1.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/08/06 22:06:54

-- Controller Map ----------------------------------------------------------
+ Intel(R) Mobile Express Chipset SATA AHCI Controller [ATA]
- Hitachi HTS547564A9E384
- MATSHITA DVD-RAM UJ8B0
+ AYJ18G3W IDE Controller [SCSI]
- PODOLOB DA7GDYJ4XYV SCSI CdRom Device
- PODOLOB DA7GDYJ4XYV SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS547564A9E384 : 640.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS547564A9E384
----------------------------------------------------------------------------
Model : Hitachi HTS547564A9E384
Firmware : JEDOA60A
Serial Number : J2130053D9T6VB
Disk Size : 640.1 GB (8.4/137.4/640.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 1414 hod.
Power On Count : 348 krát
Temparature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 200 200 _33 000B00000001 Čas na roztočení ploten
04 100 100 __0 000000000166 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _97 _97 __0 000000000586 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000015C Počet cyklů zapnutí zařízení
BF _97 _97 __0 000000060000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000001E Počet vypnutí disku
C1 _99 _99 __0 000000002B5C Počet cyklů načítání/vymazání
C2 157 157 __0 002C000E0026 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 4A 32 31 33 30 30
020: 35 33 44 39 54 36 56 42 00 03 40 00 00 04 4A 45
030: 44 4F 41 36 30 41 48 69 74 61 63 68 69 20 48 54
040: 53 35 34 37 35 36 34 41 39 45 33 38 34 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 40 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 5E 00 0C
0A0: 01 FC 00 28 74 6B 7D 69 61 63 74 69 BC 49 61 63
0B0: 40 7F 00 55 00 56 40 80 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 82 B0 4A 85 00 00 00 00
0D0: 00 00 00 00 60 03 82 6C 50 00 CC A6 3E D2 89 C4
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 0B 00 00 00 00 21 82 1C F1 FA 00 00 00
110: 40 00 04 00 01 08 00 00 00 00 0A 05 08 07 09 05
120: 08 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 44 33 44 36 00 00 29 04 00 00 5D AD 25 18 80 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 1F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 03 E0 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 42 A5


A memtest sem delal je to asi tyden zpatky , nabootoval sem a bezelo to cca 12 hodin a 0 errors , ale pro jistotu to muzu dnes pres noc udelal opet
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 98 hostů