Prosím o kontrolu, Díky

Zpráva

Duteča · #1 Příspěvek od **Duteča** » 17 pro 2011 23:15

Ahoj, prosím o kontrolu, zablokovali mi školní wi-fi, protože mám prý virus, ale avast žádný nenašel, tak rposím o pomoc, Díky

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tereza at 2011-12-17 22:00:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 459 GB (78%) free of 588 GB
Total RAM: 4030 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:30, on 17.12.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Terka\Xfire\Xfire.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Tereza\Desktop\fff\lol\hra\League of Legends\RADS\system\rads_user_kernel.exe
C:\Users\Tereza\Desktop\fff\lol\hra\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.35\deploy\LoLLauncher.exe
C:\Program Files\trend micro\Tereza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{12467694-E266-437A-AEBB-8936A97D792C}: NameServer = 85.255.112.126
O17 - HKLM\System\CS1\Services\Tcpip\..\{12467694-E266-437A-AEBB-8936A97D792C}: NameServer = 85.255.112.126
O17 - HKLM\System\CS2\Services\Tcpip\..\{12467694-E266-437A-AEBB-8936A97D792C}: NameServer = 85.255.112.126
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Realtek - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 18688 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\Explorer.EXE
C:\windows\system32\WLANExt.exe 31969296
\??\C:\windows\system32\conhost.exe "-2033571133-5850813241572467280245528210-92191621-20808877882857347692080727292
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
C:\windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe" /i
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4212
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
-Minimized
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Connection Manager</Title><Text>Wi-Fi: Odpojeno
Bluetooth®: Vypnuto
Síť LAN: Připojeno</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</IconPath><ID>1</ID><Path>C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe</Path><Parameters>OpenMainWindow</Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\wuauclt.exe"
"taskhost.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
{A5F946FE-F7FC-4461-A29E-0553BF3F8E17}
{9203D478-561A-452D-BDBA-17F906D2A7F3}
"C:\Terka\Xfire\Xfire.exe" /update_success
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=9700.10827990.295168608 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.8.0.1 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 9700 "\\.\pipe\gecko-crash-server-pipe.9700" plugin
C:\windows\system32\wbem\wmiprvse.exe
"C:\Users\Tereza\Desktop\fff\lol\hra\League of Legends\RADS\system\rads_user_kernel.exe" updateandrun lol_launcher LoLLauncher.exe
LoLLauncher.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe55_ Global\UsGthrCtrlFltPipeMssGthrPipe55 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
C:\windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\Tereza\Downloads\RSITx64.exe"
taskhost.exe $(Arg0)

======Scheduled tasks folder======

C:\windows\tasks\HPCeeScheduleForTEREZA-HP$.job
C:\windows\tasks\HPCeeScheduleForTereza.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0]
"Description"=Bing Bar
"Path"=C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default\extensions\
DTToolbar@toolbarnet.com
toolbar@ask.com

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default\searchplugins\
askcom.xml
daemon-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-27 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll [2011-09-27 1050464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13 609544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-08-01 1536320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13 609544]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-08-01 1000768]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll [2011-09-27 1050464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-09-16 2828072]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-07 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-08-22 200704]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-09-28 1128448]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-10-04 3077528]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2736128]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk [2011-10-09 2413]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-28 113288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-28 336384]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-09-28 169528]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-07-06 323128]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2011-08-23 887976]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-09-27 894304]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"=C:\Program Files\AVAST Software\Avast\aswRegSvr.exe [2011-07-04 22016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
EpePcNp64
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2011-12-17 22:00:15 ----D---- C:\Program Files\trend micro
2011-12-17 22:00:14 ----D---- C:\rsit
2011-12-15 05:39:42 ----A---- C:\windows\SYSWOW64\xfcodec.dll
2011-12-15 05:39:42 ----A---- C:\windows\system32\xfcodec64.dll
2011-12-13 22:59:36 ----D---- C:\Program Files (x86)\EA GAMES
2011-12-13 22:58:58 ----A---- C:\debugInstaller.txt
2011-12-04 14:12:19 ----A---- C:\windows\system32\shell32.dll
2011-12-04 14:12:18 ----A---- C:\windows\SYSWOW64\shell32.dll
2011-11-21 16:04:51 ----D---- C:\BechMan
2011-11-14 22:07:23 ----D---- C:\Program Files (x86)\pdfforge Toolbar
2011-11-14 22:07:23 ----D---- C:\Program Files (x86)\Application Updater
2011-11-13 11:31:41 ----A---- C:\windows\system32\win32k.sys
2011-11-13 11:31:39 ----A---- C:\windows\system32\drivers\tcpip.sys
2011-11-12 14:37:40 ----HD---- C:\ProgramData\CanonIJScan
2011-11-10 20:30:38 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2011-11-06 11:39:56 ----D---- C:\windows\Sun
2011-10-25 21:06:35 ----A---- C:\windows\SYSWOW64\CmdLineExt_x64.dll
2011-10-25 21:06:04 ----A---- C:\windows\SYSWOW64\XAudio2_1.dll
2011-10-25 21:06:04 ----A---- C:\windows\SYSWOW64\XAPOFX1_0.dll
2011-10-25 21:06:04 ----A---- C:\windows\system32\XAudio2_1.dll
2011-10-25 21:06:04 ----A---- C:\windows\system32\XAPOFX1_0.dll
2011-10-25 21:06:03 ----A---- C:\windows\SYSWOW64\xactengine3_1.dll
2011-10-25 21:06:03 ----A---- C:\windows\SYSWOW64\X3DAudio1_4.dll
2011-10-25 21:06:03 ----A---- C:\windows\system32\xactengine3_1.dll
2011-10-25 21:06:03 ----A---- C:\windows\system32\X3DAudio1_4.dll
2011-10-25 21:06:02 ----A---- C:\windows\SYSWOW64\D3DX9_38.dll
2011-10-25 21:06:02 ----A---- C:\windows\SYSWOW64\d3dx10_38.dll
2011-10-25 21:06:02 ----A---- C:\windows\SYSWOW64\D3DCompiler_38.dll
2011-10-25 21:06:02 ----A---- C:\windows\system32\D3DX9_38.dll
2011-10-25 21:06:02 ----A---- C:\windows\system32\d3dx10_38.dll
2011-10-25 21:06:02 ----A---- C:\windows\system32\D3DCompiler_38.dll
2011-10-25 21:06:01 ----A---- C:\windows\SYSWOW64\XAudio2_0.dll
2011-10-25 21:06:01 ----A---- C:\windows\SYSWOW64\xactengine3_0.dll
2011-10-25 21:06:01 ----A---- C:\windows\system32\XAudio2_0.dll
2011-10-25 21:06:01 ----A---- C:\windows\system32\xactengine3_0.dll
2011-10-25 21:06:00 ----A---- C:\windows\SYSWOW64\X3DAudio1_3.dll
2011-10-25 21:06:00 ----A---- C:\windows\system32\X3DAudio1_3.dll
2011-10-25 21:05:59 ----A---- C:\windows\system32\d3dx10_37.dll
2011-10-25 21:05:59 ----A---- C:\windows\system32\D3DCompiler_37.dll
2011-10-25 21:05:58 ----A---- C:\windows\SYSWOW64\xactengine2_10.dll
2011-10-25 21:05:58 ----A---- C:\windows\system32\xactengine2_10.dll
2011-10-25 21:05:58 ----A---- C:\windows\system32\D3DX9_37.dll
2011-10-25 21:05:56 ----A---- C:\windows\SYSWOW64\d3dx9_36.dll
2011-10-25 21:05:56 ----A---- C:\windows\SYSWOW64\d3dx10_36.dll
2011-10-25 21:05:56 ----A---- C:\windows\SYSWOW64\D3DCompiler_36.dll
2011-10-25 21:05:56 ----A---- C:\windows\system32\d3dx9_36.dll
2011-10-25 21:05:56 ----A---- C:\windows\system32\d3dx10_36.dll
2011-10-25 21:05:56 ----A---- C:\windows\system32\D3DCompiler_36.dll
2011-10-25 21:05:55 ----A---- C:\windows\SYSWOW64\xactengine2_9.dll
2011-10-25 21:05:55 ----A---- C:\windows\SYSWOW64\d3dx10_35.dll
2011-10-25 21:05:55 ----A---- C:\windows\SYSWOW64\D3DCompiler_35.dll
2011-10-25 21:05:55 ----A---- C:\windows\system32\xactengine2_9.dll
2011-10-25 21:05:55 ----A---- C:\windows\system32\d3dx10_35.dll
2011-10-25 21:05:55 ----A---- C:\windows\system32\D3DCompiler_35.dll
2011-10-25 21:05:54 ----A---- C:\windows\SYSWOW64\xactengine2_8.dll
2011-10-25 21:05:54 ----A---- C:\windows\SYSWOW64\X3DAudio1_2.dll
2011-10-25 21:05:54 ----A---- C:\windows\SYSWOW64\d3dx9_35.dll
2011-10-25 21:05:54 ----A---- C:\windows\system32\xactengine2_8.dll
2011-10-25 21:05:54 ----A---- C:\windows\system32\X3DAudio1_2.dll
2011-10-25 21:05:54 ----A---- C:\windows\system32\d3dx9_35.dll
2011-10-25 21:05:53 ----A---- C:\windows\SYSWOW64\d3dx10_34.dll
2011-10-25 21:05:53 ----A---- C:\windows\SYSWOW64\D3DCompiler_34.dll
2011-10-25 21:05:53 ----A---- C:\windows\system32\d3dx10_34.dll
2011-10-25 21:05:53 ----A---- C:\windows\system32\D3DCompiler_34.dll
2011-10-25 21:05:52 ----A---- C:\windows\SYSWOW64\xactengine2_7.dll
2011-10-25 21:05:52 ----A---- C:\windows\SYSWOW64\d3dx9_34.dll
2011-10-25 21:05:52 ----A---- C:\windows\system32\xinput1_3.dll
2011-10-25 21:05:52 ----A---- C:\windows\system32\xactengine2_7.dll
2011-10-25 21:05:52 ----A---- C:\windows\system32\d3dx9_34.dll
2011-10-25 21:05:51 ----A---- C:\windows\SYSWOW64\d3dx10_33.dll
2011-10-25 21:05:51 ----A---- C:\windows\SYSWOW64\D3DCompiler_33.dll
2011-10-25 21:05:51 ----A---- C:\windows\system32\d3dx10_33.dll
2011-10-25 21:05:51 ----A---- C:\windows\system32\D3DCompiler_33.dll
2011-10-25 21:05:50 ----A---- C:\windows\SYSWOW64\d3dx9_33.dll
2011-10-25 21:05:50 ----A---- C:\windows\system32\d3dx9_33.dll
2011-10-25 21:05:49 ----A---- C:\windows\SYSWOW64\xactengine2_6.dll
2011-10-25 21:05:49 ----A---- C:\windows\SYSWOW64\xactengine2_5.dll
2011-10-25 21:05:49 ----A---- C:\windows\system32\xactengine2_6.dll
2011-10-25 21:05:49 ----A---- C:\windows\system32\xactengine2_5.dll
2011-10-25 21:05:48 ----A---- C:\windows\SYSWOW64\d3dx10.dll
2011-10-25 21:05:48 ----A---- C:\windows\system32\d3dx10.dll
2011-10-25 21:05:47 ----A---- C:\windows\SYSWOW64\xactengine2_4.dll
2011-10-25 21:05:47 ----A---- C:\windows\SYSWOW64\x3daudio1_1.dll
2011-10-25 21:05:47 ----A---- C:\windows\system32\xactengine2_4.dll
2011-10-25 21:05:47 ----A---- C:\windows\system32\x3daudio1_1.dll
2011-10-25 21:05:46 ----A---- C:\windows\SYSWOW64\xinput1_2.dll
2011-10-25 21:05:46 ----A---- C:\windows\SYSWOW64\xactengine2_3.dll
2011-10-25 21:05:46 ----A---- C:\windows\system32\xinput1_2.dll
2011-10-25 21:05:46 ----A---- C:\windows\system32\xactengine2_3.dll
2011-10-25 21:05:45 ----A---- C:\windows\SYSWOW64\xactengine2_2.dll
2011-10-25 21:05:45 ----A---- C:\windows\system32\xactengine2_2.dll
2011-10-25 21:05:44 ----A---- C:\windows\SYSWOW64\xinput1_1.dll
2011-10-25 21:05:44 ----A---- C:\windows\SYSWOW64\xactengine2_1.dll
2011-10-25 21:05:44 ----A---- C:\windows\system32\xinput1_1.dll
2011-10-25 21:05:44 ----A---- C:\windows\system32\xactengine2_1.dll
2011-10-25 21:05:38 ----A---- C:\windows\SYSWOW64\xactengine2_0.dll
2011-10-25 21:05:38 ----A---- C:\windows\SYSWOW64\x3daudio1_0.dll
2011-10-25 21:05:38 ----A---- C:\windows\SYSWOW64\d3dx9_30.dll
2011-10-25 21:05:38 ----A---- C:\windows\system32\xactengine2_0.dll
2011-10-25 21:05:38 ----A---- C:\windows\system32\x3daudio1_0.dll
2011-10-25 21:05:38 ----A---- C:\windows\system32\d3dx9_30.dll
2011-10-25 21:05:37 ----A---- C:\windows\SYSWOW64\d3dx9_29.dll
2011-10-25 21:05:37 ----A---- C:\windows\system32\d3dx9_29.dll
2011-10-25 21:05:36 ----A---- C:\windows\SYSWOW64\d3dx9_28.dll
2011-10-25 21:05:36 ----A---- C:\windows\SYSWOW64\d3dx9_27.dll
2011-10-25 21:05:36 ----A---- C:\windows\system32\d3dx9_28.dll
2011-10-25 21:05:36 ----A---- C:\windows\system32\d3dx9_27.dll
2011-10-25 21:05:35 ----A---- C:\windows\SYSWOW64\d3dx9_26.dll
2011-10-25 21:05:35 ----A---- C:\windows\system32\d3dx9_26.dll
2011-10-25 21:05:34 ----A---- C:\windows\SYSWOW64\d3dx9_25.dll
2011-10-25 21:05:34 ----A---- C:\windows\SYSWOW64\d3dx9_24.dll
2011-10-25 21:05:34 ----A---- C:\windows\system32\d3dx9_25.dll
2011-10-25 21:05:34 ----A---- C:\windows\system32\d3dx9_24.dll
2011-10-25 21:05:23 ----A---- C:\windows\SYSWOW64\d3dx10_37.dll
2011-10-25 21:05:23 ----A---- C:\windows\SYSWOW64\D3DCompiler_37.dll
2011-10-25 21:05:22 ----A---- C:\windows\SYSWOW64\xinput1_3.dll
2011-10-25 21:05:22 ----A---- C:\windows\SYSWOW64\D3DX9_37.dll
2011-10-25 21:05:04 ----D---- C:\windows\SYSWOW64\xlive
2011-10-25 21:05:02 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-10-25 20:20:10 ----D---- C:\Program Files (x86)\Rockstar Games
2011-10-23 20:18:47 ----RD---- C:\Program Files (x86)\Skype
2011-10-23 11:50:48 ----D---- C:\Users\Tereza\AppData\Roaming\PC Suite
2011-10-23 11:50:48 ----D---- C:\Users\Tereza\AppData\Roaming\Nokia
2011-10-23 11:50:47 ----D---- C:\ProgramData\PC Suite
2011-10-23 11:50:02 ----D---- C:\Program Files\DIFX
2011-10-23 11:50:02 ----A---- C:\windows\system32\drivers\pccsmcfdx64.sys
2011-10-23 11:49:59 ----DC---- C:\windows\system32\DRVSTORE
2011-10-23 11:49:49 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2011-10-23 11:49:39 ----A---- C:\windows\system32\nmwcdclsX64.dll
2011-10-23 11:49:38 ----D---- C:\Program Files (x86)\Nokia
2011-10-23 11:47:13 ----D---- C:\ProgramData\Installations
2011-10-23 11:25:16 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2011-10-23 11:25:16 ----A---- C:\windows\system32\mshtmled.dll
2011-10-23 11:25:15 ----A---- C:\windows\SYSWOW64\url.dll
2011-10-23 11:25:15 ----A---- C:\windows\SYSWOW64\iertutil.dll
2011-10-23 11:25:15 ----A---- C:\windows\system32\url.dll
2011-10-23 11:25:15 ----A---- C:\windows\system32\iertutil.dll
2011-10-23 11:25:14 ----A---- C:\windows\SYSWOW64\wininet.dll
2011-10-23 11:25:14 ----A---- C:\windows\SYSWOW64\urlmon.dll
2011-10-23 11:25:14 ----A---- C:\windows\system32\urlmon.dll
2011-10-23 11:25:14 ----A---- C:\windows\system32\jsproxy.dll
2011-10-23 11:25:13 ----A---- C:\windows\SYSWOW64\ieui.dll
2011-10-23 11:25:13 ----A---- C:\windows\system32\wininet.dll
2011-10-23 11:25:13 ----A---- C:\windows\system32\jscript9.dll
2011-10-23 11:25:13 ----A---- C:\windows\system32\ieui.dll
2011-10-23 11:25:12 ----A---- C:\windows\SYSWOW64\jscript9.dll
2011-10-23 11:25:12 ----A---- C:\windows\SYSWOW64\jscript.dll
2011-10-23 11:25:11 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2011-10-23 11:25:11 ----A---- C:\windows\system32\jscript.dll
2011-10-23 11:25:09 ----A---- C:\windows\SYSWOW64\mshtml.dll
2011-10-23 11:25:07 ----A---- C:\windows\SYSWOW64\ieframe.dll
2011-10-23 11:25:07 ----A---- C:\windows\system32\mshtml.dll
2011-10-23 11:25:06 ----A---- C:\windows\system32\ieframe.dll
2011-10-23 11:23:24 ----A---- C:\windows\SYSWOW64\psisdecd.dll
2011-10-23 11:23:24 ----A---- C:\windows\system32\psisdecd.dll
2011-10-23 11:23:23 ----A---- C:\windows\SYSWOW64\oleacc.dll
2011-10-23 11:23:23 ----A---- C:\windows\system32\oleacc.dll
2011-10-23 11:23:22 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2011-10-23 11:23:22 ----A---- C:\windows\system32\oleaut32.dll
2011-10-22 00:31:06 ----A---- C:\windows\SYSWOW64\javaws.exe
2011-10-22 00:31:06 ----A---- C:\windows\SYSWOW64\javaw.exe
2011-10-22 00:31:06 ----A---- C:\windows\SYSWOW64\java.exe
2011-10-22 00:30:51 ----D---- C:\Program Files (x86)\Java
2011-10-21 21:54:21 ----D---- C:\Users\Tereza\AppData\Roaming\.minecraft
2011-10-21 21:53:34 ----D---- C:\ProgramData\Sun
2011-10-21 21:53:24 ----A---- C:\windows\SYSWOW64\deployJava1.dll

======List of files/folders modified in the last 2 months======

2011-12-17 22:00:26 ----D---- C:\windows\Prefetch
2011-12-17 22:00:17 ----D---- C:\windows\Temp
2011-12-17 22:00:15 ----RD---- C:\Program Files
2011-12-17 20:08:01 ----D---- C:\windows\SysWOW64
2011-12-17 20:08:01 ----D---- C:\Windows
2011-12-17 19:17:26 ----D---- C:\ProgramData\PDFC
2011-12-17 17:36:54 ----D---- C:\ProgramData\Xfire
2011-12-17 17:36:42 ----D---- C:\Users\Tereza\AppData\Roaming\Xfire
2011-12-17 17:21:10 ----D---- C:\windows\system32\config
2011-12-17 17:00:47 ----D---- C:\windows\System32
2011-12-17 17:00:47 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-12-17 17:00:46 ----D---- C:\windows\inf
2011-12-17 16:59:34 ----D---- C:\windows\system32\Tasks
2011-12-17 16:59:33 ----D---- C:\windows\Tasks
2011-12-16 03:07:26 ----D---- C:\ProgramData\PMB Files
2011-12-13 23:29:22 ----A---- C:\windows\SYSWOW64\log.txt
2011-12-13 23:20:31 ----D---- C:\windows\system32\catroot2
2011-12-13 22:59:36 ----RD---- C:\Program Files (x86)
2011-12-11 15:53:19 ----SHD---- C:\System Volume Information
2011-12-11 12:58:04 ----SD---- C:\Users\Tereza\AppData\Roaming\Microsoft
2011-12-09 22:35:40 ----SHD---- C:\windows\Installer
2011-12-09 17:31:27 ----D---- C:\windows\system32\NDF
2011-12-08 16:00:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-12-04 21:44:32 ----D---- C:\windows\winsxs
2011-12-04 14:14:06 ----D---- C:\windows\system32\drivers
2011-12-04 14:13:48 ----D---- C:\windows\system32\catroot
2011-12-04 14:13:30 ----D---- C:\windows\system32\DriverStore
2011-11-28 19:01:23 ----A---- C:\windows\SYSWOW64\aswBoot.exe
2011-11-28 19:01:14 ----A---- C:\windows\system32\aswBoot.exe
2011-11-27 10:18:47 ----D---- C:\Users\Tereza\AppData\Roaming\Skype
2011-11-15 14:29:56 ----N---- C:\windows\system32\MpSigStub.exe
2011-11-14 22:07:23 ----D---- C:\Program Files (x86)\Common Files
2011-11-13 20:09:05 ----D---- C:\Program Files\Common Files\System
2011-11-13 11:32:46 ----A---- C:\windows\system32\MRT.exe
2011-11-12 14:37:41 ----D---- C:\Users\Tereza\AppData\Roaming\Canon
2011-11-12 14:37:40 ----HD---- C:\ProgramData
2011-11-07 21:20:54 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2011-10-28 21:52:18 ----D---- C:\Users\Tereza\AppData\Roaming\BSplayer
2011-10-25 23:03:27 ----D---- C:\windows\system32\wdi
2011-10-25 21:05:44 ----RSD---- C:\windows\assembly
2011-10-25 21:05:40 ----D---- C:\windows\Microsoft.NET
2011-10-25 20:28:03 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-25 20:18:49 ----D---- C:\Users\Tereza\AppData\Roaming\DAEMON Tools Lite
2011-10-23 20:18:46 ----D---- C:\ProgramData\Skype
2011-10-23 17:49:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-23 16:50:10 ----D---- C:\windows\SYSWOW64\migration
2011-10-23 16:50:10 ----D---- C:\windows\system32\migration
2011-10-23 16:50:10 ----D---- C:\windows\ehome
2011-10-23 16:50:10 ----D---- C:\Program Files\Internet Explorer
2011-10-23 16:50:10 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-23 16:37:35 ----D---- C:\Users\Tereza\AppData\Roaming\skypePM
2011-10-23 11:52:33 ----D---- C:\windows\system32\drivers\UMDF
2011-10-23 11:25:57 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2011-08-22 100808]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-08-22 158920]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-11-28 42328]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-11-28 591192]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-11-28 304472]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-11-28 58712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-02 270912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-11-28 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-28 9319424]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-28 303616]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-06-21 2753536]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-01-07 28832]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-09-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-09-28 208896]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2011-04-07 1826048]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2011-09-28 528384]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-01-07 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-01-07 298144]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-01-07 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-01-07 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-01-07 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-01-07 279200]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2011-09-28 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-28 203264]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-08-24 486224]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-07-06 1698360]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-23 212944]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-08-22 1318912]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2011-07-20 206336]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 RtlISMServ;RtlISMServ; C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-09-28 301568]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-09-01 991288]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-09-28 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 18 pro 2011 10:21

Zdravim a pekne nedelni dopoledne preji

No mate tam mrchu ktera posila internet nekam na Ukrajinu, predpokladam ze mate ale pripojeni k internetu od bezneho ceskeho poskytovatele

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Duteča · #3 Příspěvek od **Duteča** » 18 pro 2011 22:59

Jestli mislíš tu školní Wi-fi, tak to vůbec nevím, jestli je to od čekého poskytovatele, vím jen, že se jmenuje eduroam. Doma mám Wi-fi i síť od O2. Jinak toolbary jsem už odinstalovala.

#4 Příspěvek od **vyosek** » 19 pro 2011 10:11

Eduroam je celosvetova sit, na vut v brne ji mame tez...Defakto kdyz prijdete kamkoliv na vysku na svete, tak se na tu wifi eduroam prihlasite loginem jaky mate u vas na skole na ten eduroam - priklad: chodim na vut brno, byl jsem na utb ve zline a krasne jsem se prihlasil

Takze ty ukrainske IP tam nacpala havet a proto vas eduroam kopnul...

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost 2 a potvrte enterem
Utilita provede svou cinnost a da log - ten sem vlozte
Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

Duteča · #5 Příspěvek od **Duteča** » 19 pro 2011 12:12

Možnost 2:

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tereza [Admin rights]
Mode: Remove -- Date : 12/19/2011 12:09:20

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 6 ¤¤¤
[SUSP PATH] {303EC718-4DB2-4275-BCB4-F010237A5A90}.job : C:\Users\Tereza\Desktop\Setup.exe -> DELETED
[SUSP PATH] Update Check.job : C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe -> DELETED
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{12467694-E266-437A-AEBB-8936A97D792C} : NameServer (85.255.112.126) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{12467694-E266-437A-AEBB-8936A97D792C} : NameServer (85.255.112.126) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤
--- User ---
[MBR] 4d03127019e76ee52d130522fc468cf0
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 314 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 616448 | Size: 616350 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 1204426752 | Size: 18096 Mo
3 - [XXXXXX] FAT32 [VISIBLE] Offset (sectors): 1239771136 | Size: 5363 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 8d7c17ec0ab52f8d4bc5cb08cd1bc581
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 314 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 616448 | Size: 64424 Mo
2 - [ACTIVE] FAT16 [VISIBLE] Offset (sectors): 167999488 | Size: 1049 Mo
3 - [XXXXXX] FAT16 [VISIBLE] Offset (sectors): 171999232 | Size: 2097 Mo

Finished : << RKreport[1].txt >>
RKreport[1].txt

Duteča · #6 Příspěvek od **Duteča** » 19 pro 2011 12:14

možnost 3:

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tereza [Admin rights]
Mode: HOSTSFix -- Date : 12/19/2011 12:12:43

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

Možnost 4:

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tereza [Admin rights]
Mode: ProxyFix -- Date : 12/19/2011 12:13:06

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#7 Příspěvek od **vyosek** » 19 pro 2011 12:23

Jeste pouzijte na RogueKilleru moznost 5 - log pak opet sem

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Duteča · #8 Příspěvek od **Duteča** » 19 pro 2011 13:00

No radši se zeptám, když mám avast stačí na ikonu v liště kliknout pravym dát ovládání štítů programu avast a dát ukončit? nebo třeba jen pozastavit? Stačí tento krok nebo se musím někde proklikat ještě někam jinam a ukončit vše někde jinde? Děkuji

#9 Příspěvek od **vyosek** » 19 pro 2011 13:01

Kliknete na tu jeho oranzovou kouli pravym - ovladani stitu - Pozastavit do restartu

Kdyz by i tak ComboFix kricel, tak si toho nevsimejte

Duteča · #10 Příspěvek od **Duteča** » 19 pro 2011 13:11

možnost 5:

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Tereza [Admin rights]
Mode: DNSFix -- Date : 12/19/2011 13:10:01

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{12467694-E266-437A-AEBB-8936A97D792C} : NameServer (85.255.112.126) -> REPLACED ()
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{12467694-E266-437A-AEBB-8936A97D792C} : NameServer (85.255.112.126) -> REPLACED ()

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#11 Příspěvek od **vyosek** » 19 pro 2011 13:17

Sjupr Teri

Ted pockam na log z ComboFixu

Duteča · #12 Příspěvek od **Duteča** » 19 pro 2011 14:11

log z toho programu, ale mám problém nejde mi mozila ani explorer a ani avast! co se to sakra stalo.. musim jit pres druhy pc.. a neotevru zastupce na plose protoze to potrebuje explorer.. tatovi to rict nemuzu ten by me doslova zabil.. tak mi prosim reknete co mam delat.. pise mi to ze to je urcene k odstraneni.

ComboFix 11-12-19.01 - Tereza 19.12.2011 13:41:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1945 [GMT 1:00]
Spuštěný z: c:\users\Tereza\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tereza\SkypeSetup.exe
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-19 do 2011-12-19 )))))))))))))))))))))))))))))))
.
.
2011-12-19 12:46 . 2011-12-19 12:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-18 21:05 . 2011-12-18 21:05 -------- d-----w- c:\users\Tereza\AppData\Local\Apps
2011-12-18 21:05 . 2011-12-18 21:05 -------- d-----w- c:\users\Tereza\AppData\Local\Deployment
2011-12-17 21:00 . 2011-12-17 21:00 -------- d-----w- c:\program files\trend micro
2011-12-17 21:00 . 2011-12-17 21:00 -------- d-----w- C:\rsit
2011-12-15 04:39 . 2011-12-15 04:39 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2011-12-15 04:39 . 2011-12-15 04:39 28056 ----a-w- c:\windows\system32\xfcodec64.dll
2011-12-13 22:29 . 2011-12-13 22:29 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1B452E80-AA87-4B44-8CDD-6B7B2C0938CA}\offreg.dll
2011-12-13 21:59 . 2011-12-13 21:59 -------- d-----w- c:\program files (x86)\EA GAMES
2011-12-11 09:28 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1B452E80-AA87-4B44-8CDD-6B7B2C0938CA}\mpengine.dll
2011-12-05 10:46 . 2011-12-05 10:46 -------- d-----w- c:\users\Tereza\AppData\Local\Windows Live
2011-11-21 15:04 . 2011-11-21 15:05 -------- d-----w- C:\BechMan
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-09-27 22:41 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-09-27 22:41 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-09-27 22:41 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-09-27 22:41 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-09-27 22:41 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-09-27 22:41 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-09-27 22:41 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-09-27 22:41 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-09-27 22:41 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-27 22:53 . 2011-09-30 15:14 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-15 13:29 . 2011-09-28 00:46 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-25 20:06 . 2011-10-25 20:06 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-10-21 23:30 . 2011-10-21 20:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-09 20:11 . 2011-10-09 20:11 13756720 ----a-w- c:\users\Tereza\aTube_Catcher_Setup.exe
2011-10-07 18:21 . 2011-10-07 18:21 4096 ----a-w- c:\windows\SysWow64\sigfile.exe
2011-10-02 18:20 . 2011-10-02 18:20 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-29 16:29 . 2011-11-13 10:31 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 04:03 . 2011-11-13 10:31 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-09-28 20:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-09-28 20:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-09-28 18:58 . 2011-09-28 18:58 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-09-28 18:58 . 2011-09-28 18:58 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-09-28 18:58 . 2011-09-28 18:58 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-09-28 18:58 . 2011-09-28 18:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-09-28 18:58 . 2011-09-28 18:58 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-09-28 18:58 . 2011-09-28 18:58 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-09-28 18:58 . 2011-09-28 18:58 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-28 18:58 . 2011-09-28 18:58 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-28 18:58 . 2011-09-28 18:58 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-09-28 18:58 . 2011-09-28 18:58 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-09-28 18:58 . 2011-09-28 18:58 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-09-28 18:58 . 2011-09-28 18:58 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-09-28 18:58 . 2011-09-28 18:58 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-09-28 18:58 . 2011-09-28 18:58 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-09-28 18:58 . 2011-09-28 18:58 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-28 18:58 . 2011-09-28 18:58 448512 ----a-w- c:\windows\system32\html.iec
2011-09-28 18:58 . 2011-09-28 18:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-09-28 18:58 . 2011-09-28 18:58 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-09-28 18:58 . 2011-09-28 18:58 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-09-28 18:58 . 2011-09-28 18:58 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-28 18:58 . 2011-09-28 18:58 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-09-28 18:58 . 2011-09-28 18:58 222208 ----a-w- c:\windows\system32\msls31.dll
2011-09-28 18:58 . 2011-09-28 18:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-28 18:58 . 2011-09-28 18:58 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-09-28 18:58 . 2011-09-28 18:58 160256 ----a-w- c:\windows\system32\wextract.exe
2011-09-28 18:58 . 2011-09-28 18:58 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-09-28 18:58 . 2011-09-28 18:58 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-09-28 18:58 . 2011-09-28 18:58 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-28 18:58 . 2011-09-28 18:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-09-28 18:58 . 2011-09-28 18:58 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-09-28 18:58 . 2011-09-28 18:58 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-09-28 18:58 . 2011-09-28 18:58 12288 ----a-w- c:\windows\system32\mshta.exe
2011-09-28 18:58 . 2011-09-28 18:58 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-09-28 18:58 . 2011-09-28 18:58 114176 ----a-w- c:\windows\system32\admparse.dll
2011-09-28 18:58 . 2011-09-28 18:58 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-28 18:58 . 2011-09-28 18:58 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-09-28 01:47 . 2011-09-28 01:47 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-09-28 01:46 . 2011-09-28 01:46 528384 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2011-09-28 01:46 . 2011-09-28 01:46 654336 ------w- c:\windows\system32\stapi64.dll
2011-09-28 01:46 . 2011-09-28 01:46 431616 ----a-w- c:\windows\system32\stcplx64.dll
2011-09-28 01:46 . 2011-09-28 01:46 1965056 ----a-w- c:\windows\system32\stapo64.dll
2011-09-28 01:46 . 2011-09-08 17:46 4780032 ----a-w- c:\windows\system32\stlang64.dll
2011-09-28 01:46 . 2011-09-08 17:46 1128448 ----a-w- c:\windows\sttray64.exe
2011-09-28 01:46 . 2011-09-08 17:45 224256 ----a-w- c:\windows\system32\staco64.dll
2011-09-28 01:46 . 2011-09-08 17:46 4933120 ----a-w- c:\windows\system32\IDTNHP.dll
2011-09-28 01:46 . 2011-09-08 17:46 212480 ----a-w- c:\windows\system32\IDTNJ.exe
2011-09-28 01:46 . 2011-09-08 17:46 1029120 ----a-w- c:\windows\system32\IDTNX.dll
2011-09-28 01:46 . 2011-09-08 17:46 6382080 ----a-w- c:\windows\system32\IDTNGUI.exe
2011-09-28 01:46 . 2011-09-08 17:46 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2011-09-28 01:46 . 2011-09-08 17:46 68608 ----a-w- c:\windows\system32\AESTAR64.dll
2011-09-28 01:46 . 2011-09-08 17:46 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2011-09-28 01:46 . 2011-09-08 17:46 221184 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2011-09-28 01:46 . 2011-09-08 17:46 162304 ----a-w- c:\windows\system32\AESTAC64.dll
2011-09-28 01:46 . 2011-09-08 17:46 1523712 ----a-w- c:\windows\system32\IDTNC64.cpl
2011-09-28 01:45 . 2011-09-28 01:45 91648 ----a-w- c:\windows\system32\drivers\nusb3hub.sys
2011-09-28 01:45 . 2011-09-28 01:45 81920 ----a-w- c:\windows\system32\nusb3co2.dll
2011-09-28 01:45 . 2011-09-28 01:45 208896 ----a-w- c:\windows\system32\drivers\nusb3xhc.sys
2011-09-28 01:42 . 2011-09-28 01:42 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll
2011-09-28 01:42 . 2011-09-28 01:42 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2011-09-28 00:51 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-28 00:17 . 2011-09-28 00:17 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2011-09-28 00:17 . 2011-09-28 00:17 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2011-09-28 00:17 . 2011-09-28 00:17 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2011-09-28 00:17 . 2011-09-28 00:17 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2011-09-28 00:17 . 2011-09-28 00:17 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-10-04 3077528]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2736128]
"PCSpeedUp"="c:\program files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk" [2011-10-09 2413]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-28 113288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-09-28 169528]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-07-06 323128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2011-09-28 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-07-06 1698360]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-23 212944]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-08-22 1318912]
S2 PCSUService;PC Speed Up Service;c:\program files (x86)\Zrychleni Pocitace\PCSUService.exe [2011-07-20 206336]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 RtlISMServ;RtlISMServ;c:\program files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-05-30 40960]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-19 c:\windows\Tasks\HPCeeScheduleForTEREZA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2011-12-19 c:\windows\Tasks\HPCeeScheduleForTereza.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-08-22 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-09-28 1128448]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"combofix"="c:\combofix\CF11680.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=14672
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\59ufdlrw.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe
AddRemove-276330501.www.pcspeedup.com - c:\program files (x86)\Microsoft Silverlight\4.0.60531.0\Silverlight.Configuration.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2011-12-19 14:00:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-19 13:00
.
Před spuštěním: Volných bajtů: 484 959 866 880
Po spuštění: Volných bajtů: 484 798 222 336
.
- - End Of File - - F311ED2369749035393BBB605C090266

#13 Příspěvek od **vyosek** » 19 pro 2011 14:13

Restartujte PC, to pomuze

#14 Příspěvek od **vyosek** » 19 pro 2011 14:20

A jdem domazat zbytky haveti co tam mame

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\Zrychleni Pocitace
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\DAEMON Tools Toolbar
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\pdfforge Toolbar
C:\Program Files (x86)\Application Updater

Driver::
Application Updater
PCSUService

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Pando Media Booster"=-
"PCSpeedUp"=-
"PC Suite Tray"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

File::
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default\extensions\DTToolbar@toolbarnet.com
C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default\extensions\toolbar@ask.com
C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default\searchplugins\askcom.xml
C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\25hw8urg.default\searchplugins\daemon-search.xml

DDS::
uStart Page = hxxp://eu.ask.com/?l=dis&o=14672
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=CMNTDF

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

AtJob::

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Duteča · #15 Příspěvek od **Duteča** » 19 pro 2011 14:40

avast štíty mám mít opět vypnutné nebo už to není potřeba?

VIRY.CZ

Prosím o kontrolu, Díky

Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky

Re: Prosím o kontrolu, Díky