rpcrtremote a logonui problém pri štarte windows

[eXtenZ1]

Dobrý deň, pri štarte windowsu na mňa vybehne tabuľka s logonUI.exe a RpcRtRemote.dll, že je niekde chyba. Po kliknutí na to, ostane len čierna obrazovka a windows nenabehne na plochu. Skúšal som len obnovenie systému, obnovilo všetko v poriadku, aj po niekoľkých reštartoch, ale dnes zase pri spúšťaní, mi nenabehol windows, len tieto hlášky.

Ďakujem vopred.

Prikladám log z RSIT:


Logfile of random's system information tool 1.09 (written by random/random)
Run by eXtenZ at 2012-02-15 14:18:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 235 GB (54%) free of 431 GB
Total RAM: 2009 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:19:11, on 15. 2. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\IObit\Advanced SystemCare 5\DelayLoad.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\eXtenZ\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\windows\system32\taskhost.exe
C:\Users\eXtenZ\Downloads\RSIT.exe
C:\Program Files\trend micro\eXtenZ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [PrintDisp] C:\windows\system32\PrintDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\windows\system32\HPSIsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\windows\system32\PrintCtrl.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6818 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-217525786-4203485839-1761426994-1003Core1cce123b277cc96.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-217525786-4203485839-1761426994-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2011-10-01 218544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2009-09-18 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2009-09-18 174104]
"Persistence"=C:\windows\system32\igfxpers.exe [2009-09-18 150552]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-04-28 307768]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-09-29 4114288]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 3080264]
"PrintDisp"=C:\windows\system32\PrintDisp.exe [2011-02-19 826368]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2012-01-26 3462552]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-12-29 620376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-09-29 5064560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\eXtenZ\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wextract_cleanup0]
C:\windows\system32\advpack.dll [2009-07-14 126464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^eXtenZ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_66584283.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2009-07-03 215552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-04-14 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"ConsentPromptBehaviorAdmin"=5

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=0
"NoFileAssociate"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-02-15 14:09:47 ----D---- C:\rsit
2012-02-14 00:34:28 ----D---- C:\Program Files\Android
2012-02-13 17:12:14 ----D---- C:\Program Files\Spirent Communications
2012-02-13 17:12:07 ----D---- C:\Program Files\HTC
2012-02-12 14:16:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-02-11 17:34:16 ----D---- C:\Program Files\Common Files\Skype
2012-02-11 17:34:14 ----RD---- C:\Program Files\Skype
2012-02-11 17:04:40 ----D---- C:\Users\eXtenZ\AppData\Roaming\Nitro PDF
2012-02-11 17:04:18 ----A---- C:\windows\system32\nitrolocalui2.dll
2012-02-11 17:04:18 ----A---- C:\windows\system32\nitrolocalmon2.dll
2012-02-11 17:04:07 ----D---- C:\ProgramData\Nitro PDF
2012-02-11 17:04:03 ----D---- C:\Program Files\Nitro PDF
2012-02-11 17:02:21 ----D---- C:\Users\eXtenZ\AppData\Roaming\Downloaded Installations
2012-02-11 17:01:36 ----D---- C:\Program Files\DigiSigner
2012-02-11 16:48:32 ----D---- C:\Users\eXtenZ\AppData\Roaming\SumatraPDF
2012-02-11 16:48:26 ----D---- C:\Program Files\SumatraPDF
2012-02-11 16:37:33 ----D---- C:\Program Files\Tracker Software
2012-02-10 10:30:24 ----D---- C:\ProgramData\Canneverbe Limited
2012-02-10 10:30:23 ----D---- C:\Users\eXtenZ\AppData\Roaming\Canneverbe Limited
2012-02-10 10:30:11 ----D---- C:\Program Files\CDBurnerXP
2012-02-10 10:20:08 ----A---- C:\windows\iun6002.exe
2012-02-09 17:49:21 ----D---- C:\Program Files\totalcmd
2012-02-09 17:49:21 ----A---- C:\windows\PKZIP.PIF
2012-02-09 17:49:21 ----A---- C:\windows\PKUNZIP.PIF
2012-02-09 17:03:10 ----D---- C:\Program Files\Gekko Manager
2012-02-08 18:30:39 ----D---- C:\Users\eXtenZ\AppData\Roaming\SpeedProject
2012-02-08 18:30:37 ----D---- C:\Program Files\Common Files\SpeedProject
2012-02-08 18:30:26 ----D---- C:\Program Files\SpeedProject
2012-02-08 00:13:11 ----D---- C:\Program Files\PhotoPerfect Express
2012-02-07 17:47:24 ----D---- C:\Program Files\Opera
2012-02-07 12:50:46 ----D---- C:\Users\eXtenZ\AppData\Roaming\FreeCommander
2012-02-07 12:50:45 ----D---- C:\Program Files\FreeCommander
2012-02-07 00:42:35 ----D---- C:\Program Files\Common Files\SlimPDFReader
2012-02-07 00:25:37 ----D---- C:\Users\eXtenZ\AppData\Roaming\Foxit Software
2012-02-07 00:24:08 ----D---- C:\Program Files\Foxit Software
2012-02-06 23:15:59 ----D---- C:\Program Files\Common Files\PX Storage Engine
2012-02-06 14:44:18 ----D---- C:\Users\eXtenZ\AppData\Roaming\PhotoScape
2012-02-06 14:05:42 ----D---- C:\Users\eXtenZ\AppData\Roaming\gtk-2.0
2012-02-04 14:57:16 ----A---- C:\windows\system32\RegistryDefragBootTime.exe
2012-02-04 14:08:19 ----D---- C:\Users\eXtenZ\AppData\Roaming\Ulozto File Manager
2012-02-03 01:29:20 ----D---- C:\Users\eXtenZ\AppData\Roaming\IDM
2012-02-03 01:29:14 ----D---- C:\Program Files\Internet Download Manager
2012-02-03 00:51:59 ----D---- C:\Users\eXtenZ\AppData\Roaming\VitySoft
2012-02-03 00:40:24 ----D---- C:\Users\eXtenZ\AppData\Roaming\FlashGet
2012-02-03 00:37:30 ----A---- C:\windows\system32\secustat.dat
2012-02-03 00:34:47 ----A---- C:\windows\libem.INI
2012-02-03 00:33:59 ----D---- C:\Users\eXtenZ\AppData\Roaming\BITS
2012-02-02 16:59:15 ----D---- C:\Program Files\Your Uninstaller! 7
2012-01-30 22:11:29 ----D---- C:\ProgramData\DivX
2012-01-30 13:25:39 ----D---- C:\Users\eXtenZ\AppData\Roaming\Ashampoo
2012-01-30 13:20:54 ----D---- C:\ProgramData\ashampoo
2012-01-29 17:53:18 ----A---- C:\windows\system32\CLWCP.exe
2012-01-26 14:42:01 ----A---- C:\windows\system32\drivers\idmwfp.sys
2012-01-17 16:32:25 ----D---- C:\Users\eXtenZ\AppData\Roaming\maComfort
2012-01-17 16:28:51 ----A---- C:\windows\system32\xpsrchvw.exe
2012-01-17 16:28:48 ----A---- C:\windows\system32\StikyNot.exe
2012-01-17 16:28:47 ----A---- C:\windows\system32\SoundRecorder.exe
2012-01-17 16:28:45 ----A---- C:\windows\system32\SnippingTool.exe
2012-01-17 16:28:43 ----A---- C:\windows\system32\rstrui.exe
2012-01-17 16:28:42 ----A---- C:\windows\system32\recdisc.exe
2012-01-17 16:28:40 ----A---- C:\windows\system32\osk.exe
2012-01-17 16:28:39 ----A---- C:\windows\system32\notepad.exe
2012-01-17 16:28:38 ----A---- C:\windows\system32\Narrator.exe
2012-01-17 16:28:37 ----A---- C:\windows\system32\mstsc.exe
2012-01-17 16:28:36 ----A---- C:\windows\system32\msra.exe
2012-01-17 16:28:35 ----A---- C:\windows\system32\mspaint.exe
2012-01-17 16:28:34 ----A---- C:\windows\system32\msinfo32.exe
2012-01-17 16:28:34 ----A---- C:\windows\system32\msconfig.exe
2012-01-17 16:28:33 ----A---- C:\windows\system32\mobsync.exe
2012-01-17 16:28:31 ----A---- C:\windows\system32\MdSched.exe
2012-01-17 16:28:30 ----A---- C:\windows\system32\mblctr.exe
2012-01-17 16:28:28 ----A---- C:\windows\system32\Magnify.exe
2012-01-17 16:28:23 ----A---- C:\windows\system32\eudcedit.exe
2012-01-17 16:28:23 ----A---- C:\windows\explorer.exe
2012-01-17 16:28:21 ----A---- C:\windows\system32\DisplaySwitch.exe
2012-01-17 16:28:21 ----A---- C:\windows\system32\dfrgui.exe
2012-01-17 16:28:20 ----A---- C:\windows\system32\control.exe
2012-01-17 16:28:20 ----A---- C:\windows\system32\colorcpl.exe
2012-01-17 16:28:19 ----A---- C:\windows\system32\cleanmgr.exe
2012-01-17 16:28:17 ----A---- C:\windows\system32\charmap.exe
2012-01-17 16:28:16 ----A---- C:\windows\system32\calc.exe
2012-01-17 16:28:15 ----A---- C:\windows\system32\taskmgr.exe
2012-01-17 16:28:14 ----A---- C:\windows\system32\SndVol.exe
2012-01-17 16:28:12 ----A---- C:\windows\system32\wucltux.dll
2012-01-17 16:28:12 ----A---- C:\windows\system32\wmploc.DLL
2012-01-17 16:28:11 ----A---- C:\windows\system32\wsecedit.dll
2012-01-17 16:28:10 ----A---- C:\windows\system32\wpccpl.dll
2012-01-17 16:28:10 ----A---- C:\windows\system32\WFSR.dll
2012-01-17 16:28:09 ----A---- C:\windows\system32\wdc.dll
2012-01-17 16:28:09 ----A---- C:\windows\system32\Vault.dll
2012-01-17 16:28:08 ----A---- C:\windows\system32\usercpl.dll
2012-01-17 16:28:07 ----A---- C:\windows\system32\TSWorkspace.dll
2012-01-17 16:28:06 ----A---- C:\windows\system32\themecpl.dll
2012-01-17 16:28:06 ----A---- C:\windows\system32\taskbarcpl.dll
2012-01-17 16:28:05 ----A---- C:\windows\system32\SyncCenter.dll
2012-01-17 16:28:04 ----A---- C:\windows\system32\srchadmin.dll
2012-01-17 16:28:02 ----A---- C:\windows\system32\SensorsCpl.dll
2012-01-17 16:28:02 ----A---- C:\windows\system32\sdcpl.dll
2012-01-17 16:28:01 ----A---- C:\windows\system32\powercpl.dll
2012-01-17 16:28:01 ----A---- C:\windows\system32\PerfCenterCPL.dll
2012-01-17 16:28:00 ----A---- C:\windows\system32\OobeFldr.dll
2012-01-17 16:28:00 ----A---- C:\windows\system32\odbcint.dll
2012-01-17 16:27:59 ----A---- C:\windows\system32\networkexplorer.dll
2012-01-17 16:27:59 ----A---- C:\windows\system32\netcenter.dll
2012-01-17 16:27:58 ----A---- C:\windows\system32\mycomput.dll
2012-01-17 16:27:56 ----A---- C:\windows\system32\miguiresource.dll
2012-01-17 16:27:56 ----A---- C:\windows\system32\iscsicpl.dll
2012-01-17 16:27:45 ----A---- C:\windows\system32\imageres.dll
2012-01-17 16:27:44 ----A---- C:\windows\system32\ieframe.dll
2012-01-17 16:27:43 ----A---- C:\windows\system32\gameux.dll
2012-01-17 16:27:43 ----A---- C:\windows\system32\fontext.dll
2012-01-17 16:27:42 ----A---- C:\windows\system32\FirewallControlPanel.dll
2012-01-17 16:27:42 ----A---- C:\windows\system32\filemgmt.dll
2012-01-17 16:27:40 ----A---- C:\windows\system32\ExplorerFrame.dll
2012-01-17 16:27:39 ----A---- C:\windows\system32\Display.dll
2012-01-17 16:27:39 ----A---- C:\windows\system32\DiagCpl.dll
2012-01-17 16:27:38 ----A---- C:\windows\system32\devmgr.dll
2012-01-17 16:27:38 ----A---- C:\windows\system32\DeviceCenter.dll
2012-01-17 16:27:37 ----A---- C:\windows\system32\DDORes.dll
2012-01-17 16:27:36 ----A---- C:\windows\system32\comres.dll
2012-01-17 16:27:35 ----A---- C:\windows\system32\autoplay.dll
2012-01-17 16:27:34 ----A---- C:\windows\system32\AuthFWGP.dll
2012-01-17 16:27:34 ----A---- C:\windows\system32\ActionCenterCPL.dll
2012-01-17 16:27:33 ----A---- C:\windows\system32\accessibilitycpl.dll
2012-01-17 16:27:32 ----A---- C:\windows\system32\stobject.dll
2012-01-17 16:27:32 ----A---- C:\windows\system32\SndVolSSO.dll
2012-01-17 16:27:31 ----A---- C:\windows\system32\pnidui.dll
2012-01-17 16:27:31 ----A---- C:\windows\system32\mydocs.dll
2012-01-17 16:27:30 ----A---- C:\windows\system32\browseui.dll
2012-01-17 16:27:29 ----A---- C:\windows\system32\batmeter.dll
2012-01-17 16:27:28 ----A---- C:\windows\system32\authui.dll
2012-01-17 16:27:27 ----A---- C:\windows\system32\pnpui.dll
2012-01-17 16:27:27 ----A---- C:\windows\system32\netshell.dll
2012-01-17 16:27:26 ----A---- C:\windows\system32\mmres.dll
2012-01-17 16:27:26 ----A---- C:\windows\system32\imagesp1.dll
2012-01-17 16:27:25 ----A---- C:\windows\system32\hotplug.dll
2012-01-17 16:27:25 ----A---- C:\windows\system32\ActionCenter.dll
2012-01-17 15:07:05 ----D---- C:\Program Files\Common Files\DESIGNER
2012-01-17 15:05:43 ----D---- C:\Program Files\Microsoft Visual Studio
2012-01-17 13:28:36 ----D---- C:\windows\pss

======List of files/folders modified in the last 1 month======

2012-02-15 22:58:40 ----D---- C:\windows\Tasks
2012-02-15 22:58:40 ----D---- C:\windows\system32\wfp
2012-02-15 22:58:40 ----D---- C:\windows\system32\wbem
2012-02-15 22:58:40 ----D---- C:\windows\system32\migration
2012-02-15 22:58:40 ----D---- C:\windows\system32\DriverStore
2012-02-15 22:58:40 ----D---- C:\windows\system32\drivers
2012-02-15 22:58:40 ----D---- C:\windows\system32\CodeIntegrity
2012-02-15 22:58:40 ----D---- C:\Windows
2012-02-15 22:58:40 ----D---- C:\Program Files\Internet Explorer
2012-02-15 22:58:33 ----D---- C:\windows\AppCompat
2012-02-15 22:58:32 ----D---- C:\Users\eXtenZ\AppData\Roaming\GHISLER
2012-02-15 22:58:32 ----D---- C:\ProgramData\Skype
2012-02-15 22:58:32 ----D---- C:\ProgramData\IObit
2012-02-15 22:58:31 ----RD---- C:\Program Files
2012-02-15 22:58:31 ----D---- C:\Program Files\Microsoft SQL Server
2012-02-15 22:58:31 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-15 22:58:19 ----D---- C:\Program Files\Mozilla Thunderbird
2012-02-15 22:58:09 ----D---- C:\windows\registration
2012-02-15 22:57:44 ----D---- C:\windows\Microsoft.NET
2012-02-15 22:56:33 ----D---- C:\Users\eXtenZ\AppData\Roaming\Skype
2012-02-15 22:56:18 ----D---- C:\ProgramData
2012-02-15 22:55:57 ----D---- C:\Program Files\Common Files\Adobe
2012-02-15 22:55:57 ----D---- C:\Program Files\Common Files
2012-02-15 14:18:55 ----D---- C:\Program Files\trend micro
2012-02-15 14:13:17 ----D---- C:\windows\temp
2012-02-15 14:11:06 ----A---- C:\windows\system32\MRT.exe
2012-02-15 14:10:28 ----D---- C:\windows\winsxs
2012-02-15 14:10:02 ----SHD---- C:\windows\Installer
2012-02-15 14:09:58 ----RSD---- C:\windows\assembly
2012-02-15 14:08:54 ----SHD---- C:\System Volume Information
2012-02-15 14:07:44 ----D---- C:\windows\System32
2012-02-15 14:07:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-02-15 14:07:43 ----D---- C:\windows\inf
2012-02-15 14:06:11 ----D---- C:\ProgramData\Microsoft Help
2012-02-15 14:05:28 ----D---- C:\windows\system32\catroot2
2012-02-15 14:05:28 ----D---- C:\windows\system32\catroot
2012-02-15 14:02:15 ----AD---- C:\ProgramData\Temp
2012-02-15 14:01:38 ----D---- C:\Users\eXtenZ\AppData\Roaming\DMCache
2012-02-15 13:59:54 ----D---- C:\windows\system32\config
2012-02-14 23:10:53 ----D---- C:\windows\system32\LogFiles
2012-02-14 22:02:54 ----D---- C:\windows\debug
2012-02-14 20:33:30 ----D---- C:\Users\eXtenZ\AppData\Roaming\eM Client
2012-02-14 00:34:41 ----D---- C:\windows\Prefetch
2012-02-12 20:32:49 ----D---- C:\Program Files\Warcraft III
2012-02-12 19:35:44 ----D---- C:\Program Files\Garena
2012-02-11 17:23:18 ----D---- C:\ProgramData\Adobe
2012-02-10 19:32:01 ----D---- C:\windows\system32\Tasks
2012-02-10 10:41:24 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-10 10:41:23 ----D---- C:\Program Files\Lenovo
2012-02-09 17:59:29 ----D---- C:\Program Files\IObit
2012-02-08 14:38:02 ----D---- C:\Users\eXtenZ\AppData\Roaming\uTorrent
2012-02-07 18:14:54 ----D---- C:\Users\eXtenZ\AppData\Roaming\Mozilla
2012-02-07 17:47:37 ----D---- C:\Users\eXtenZ\AppData\Roaming\Opera
2012-02-06 23:41:01 ----D---- C:\Program Files\Adobe
2012-02-06 23:16:27 ----D---- C:\Users\eXtenZ\AppData\Roaming\Adobe
2012-02-06 14:53:41 ----D---- C:\eclipse
2012-02-05 12:00:57 ----D---- C:\Program Files\Common Files\Canon
2012-02-03 23:10:46 ----SHD---- C:\$RECYCLE.BIN
2012-02-01 12:40:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-01-31 20:12:53 ----D---- C:\Users\eXtenZ\AppData\Roaming\XnView
2012-01-29 18:18:56 ----D---- C:\windows\system32\drivers\etc
2012-01-29 18:03:51 ----D---- C:\Program Files\CCleaner
2012-01-29 17:49:59 ----D---- C:\windows\system32\migwiz
2012-01-29 17:49:59 ----D---- C:\Program Files\Windows Sidebar
2012-01-29 17:49:59 ----D---- C:\Program Files\Windows Media Player
2012-01-29 17:49:59 ----D---- C:\Program Files\Windows Journal
2012-01-29 17:49:59 ----D---- C:\Program Files\Windows Defender
2012-01-29 17:49:59 ----D---- C:\Program Files\DVD Maker
2012-01-29 17:47:42 ----D---- C:\windows\system32\cs-CZ
2012-01-29 17:47:29 ----D---- C:\windows\Cursors
2012-01-29 16:49:21 ----D---- C:\Users\eXtenZ\AppData\Roaming\Imagenomic
2012-01-28 20:00:11 ----D---- C:\ProgramData\PowerDesigner 12
2012-01-19 21:49:16 ----D---- C:\Program Files\EMDB
2012-01-18 00:36:43 ----D---- C:\Users\eXtenZ\AppData\Roaming\IObit
2012-01-17 16:28:58 ----RSD---- C:\windows\Media
2012-01-17 16:27:24 ----A---- C:\windows\system32\themeui.dll
2012-01-17 16:27:23 ----A---- C:\windows\system32\uxtheme.dll
2012-01-17 16:27:23 ----A---- C:\windows\system32\themeservice.dll
2012-01-17 15:54:25 ----D---- C:\ProgramData\Kaspersky Lab
2012-01-17 15:07:43 ----RSD---- C:\windows\Fonts
2012-01-17 15:07:10 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-17 15:07:04 ----D---- C:\Program Files\Microsoft Works
2012-01-17 15:06:37 ----D---- C:\Program Files\MSBuild
2012-01-17 15:05:33 ----D---- C:\windows\ShellNew
2012-01-17 14:59:12 ----A---- C:\windows\win.ini
2012-01-17 14:59:11 ----D---- C:\Program Files\Common Files\System
2012-01-17 13:27:30 ----SD---- C:\ProgramData\Microsoft
2012-01-17 13:27:01 ----D---- C:\Program Files\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 66584283;66584283; C:\windows\system32\DRIVERS\66584283.sys [2012-01-16 133208]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-09-29 691696]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 cpuz135;cpuz135; \??\C:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R2 IDMWFP;IDMWFP; C:\windows\system32\DRIVERS\idmwfp.sys [2012-01-27 91936]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2010-04-22 218744]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-07-07 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2010-03-31 517688]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-07-03 5922816]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 usbsmi;Lenovo EasyCamera; C:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 catchme;catchme; C:\windows\system32\drivers\catchme.sys []
S3 cpuz134;cpuz134; C:\windows\system32\drivers\cpuz134.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 HTCAND32;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 mvusbews;USB EWS Device; C:\windows\System32\Drivers\mvusbews.sys [2009-10-26 17408]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 582944]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2011-05-11 99896]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 Printer Control;Printer Control; C:\windows\system32\PrintCtrl.exe [2009-10-28 65536]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe [2010-03-25 445496]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-01-31 158856]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-09-29 1343400]

-----------------EOF-----------------

[Rudy]

Zdravím!
Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[eXtenZ1]

Opäť som musel obnoviť systém do určitého bodu, pretože sa mi PC reštartoval.
Tu prikladám log z Combofix:


ComboFix 12-02-15.01 - eXtenZ . 02. 2012 19:44:49.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1029.18.2009.1005 [GMT 1:00]
Running from: c:\users\eXtenZ\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\eXtenZ\AppData\Local\TempDIR
c:\windows\host32.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\ntos.exe
c:\windows\system32\sdra64.exe
c:\windows\system32\twext.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-01-15 to 2012-02-15 )))))))))))))))))))))))))))))))
.
.
2012-02-15 18:52 . 2012-02-15 18:52 -------- d-----w- c:\users\eXtenZ\AppData\Local\temp
2012-02-15 18:52 . 2012-02-15 18:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-02-15 18:52 . 2012-02-15 18:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-15 17:43 . 2012-02-16 03:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-02-15 17:40 . 2012-02-16 03:35 -------- d-----w- c:\programdata\Spyware Terminator
2012-02-15 17:40 . 2012-02-15 17:40 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Spyware Terminator
2012-02-15 17:39 . 2012-02-16 03:35 -------- d-----w- c:\program files\Spyware Terminator
2012-02-15 15:25 . 2012-02-15 15:25 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\SUPERAntiSpyware.com
2012-02-15 15:24 . 2012-02-16 00:54 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-15 15:24 . 2012-02-15 15:24 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-02-15 13:09 . 2012-02-15 13:10 -------- d-----w- C:\rsit
2012-02-15 13:04 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 13:04 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 13:04 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 13:04 . 2012-01-14 03:35 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-02-13 23:34 . 2012-02-15 21:58 -------- d-----w- c:\program files\Android
2012-02-13 16:12 . 2012-02-14 09:46 -------- d-----w- c:\program files\Spirent Communications
2012-02-13 16:12 . 2012-02-13 16:12 -------- d-----w- c:\program files\HTC
2012-02-12 13:16 . 2012-02-12 13:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-11 16:34 . 2012-02-15 21:58 -------- d-----w- c:\program files\Common Files\Skype
2012-02-11 16:34 . 2012-02-15 21:58 -------- d-----r- c:\program files\Skype
2012-02-11 16:04 . 2012-02-11 16:04 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Nitro PDF
2012-02-11 16:04 . 2012-02-08 21:59 27640 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-02-11 16:04 . 2012-02-08 21:59 18936 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-02-11 16:04 . 2012-02-11 16:04 -------- d-----w- c:\programdata\Nitro PDF
2012-02-11 16:04 . 2012-02-11 16:04 -------- d-----w- c:\program files\Nitro PDF
2012-02-11 16:02 . 2012-02-15 21:58 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Downloaded Installations
2012-02-11 16:01 . 2012-02-15 21:58 -------- d-----w- c:\users\eXtenZ\.digiSigner
2012-02-11 16:01 . 2012-02-11 16:19 -------- d-----w- c:\program files\DigiSigner
2012-02-11 15:48 . 2012-02-11 15:48 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\SumatraPDF
2012-02-11 15:48 . 2012-02-11 15:49 -------- d-----w- c:\program files\SumatraPDF
2012-02-11 15:38 . 2012-02-11 15:38 -------- d-----w- c:\users\eXtenZ\AppData\Local\Tracker Software
2012-02-11 15:37 . 2012-02-15 21:58 -------- d-----w- c:\program files\Tracker Software
2012-02-10 09:30 . 2012-02-10 09:30 -------- d-----w- c:\programdata\Canneverbe Limited
2012-02-10 09:30 . 2012-02-10 09:30 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Canneverbe Limited
2012-02-10 09:30 . 2012-02-10 09:30 -------- d-----w- c:\program files\CDBurnerXP
2012-02-09 16:49 . 2012-02-09 16:50 -------- d-----w- c:\program files\totalcmd
2012-02-09 16:03 . 2012-02-09 16:12 -------- d-----w- c:\program files\Gekko Manager
2012-02-08 17:30 . 2012-02-08 17:30 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\SpeedProject
2012-02-08 17:30 . 2012-02-08 17:30 -------- d-----w- c:\program files\Common Files\SpeedProject
2012-02-08 17:30 . 2012-02-08 17:30 -------- d-----w- c:\program files\SpeedProject
2012-02-07 23:13 . 2012-02-07 23:13 -------- d-----w- c:\program files\PhotoPerfect Express
2012-02-07 16:47 . 2012-02-07 16:47 -------- d-----w- c:\users\eXtenZ\AppData\Local\Opera
2012-02-07 16:47 . 2012-02-07 16:47 -------- d-----w- c:\program files\Opera
2012-02-07 11:50 . 2012-02-15 21:58 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\FreeCommander
2012-02-07 11:50 . 2012-02-07 11:50 -------- d-----w- c:\program files\FreeCommander
2012-02-06 23:42 . 2012-02-06 23:42 -------- d-----w- c:\program files\Common Files\SlimPDFReader
2012-02-06 23:25 . 2012-02-06 23:25 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Foxit Software
2012-02-06 23:24 . 2012-02-14 22:18 -------- d-----w- c:\program files\Foxit Software
2012-02-06 22:15 . 2012-02-06 22:30 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2012-02-06 13:44 . 2012-02-06 13:52 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\PhotoScape
2012-02-06 13:30 . 2012-02-06 13:40 -------- d-----w- c:\users\eXtenZ\AppData\Local\Paint.NET
2012-02-06 13:05 . 2012-02-06 13:07 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\gtk-2.0
2012-02-06 13:05 . 2012-02-06 13:05 -------- d-----w- c:\users\eXtenZ\.thumbnails
2012-02-06 13:03 . 2012-02-06 13:29 -------- d-----w- c:\users\eXtenZ\.gimp-2.6
2012-02-04 13:57 . 2011-12-30 16:02 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-02-04 13:08 . 2012-02-04 13:11 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Ulozto File Manager
2012-02-03 00:29 . 2012-02-15 18:38 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\IDM
2012-02-03 00:29 . 2012-02-16 03:35 -------- d-----w- c:\program files\Internet Download Manager
2012-02-02 23:51 . 2012-02-02 23:51 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\VitySoft
2012-02-02 23:40 . 2012-02-02 23:40 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\FlashGet
2012-02-02 23:33 . 2012-02-02 23:37 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\BITS
2012-02-02 15:59 . 2012-02-02 15:59 -------- d-----w- c:\program files\Your Uninstaller! 7
2012-01-30 21:11 . 2012-01-30 21:11 -------- d-----w- c:\programdata\DivX
2012-01-30 12:25 . 2012-01-30 12:25 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\Ashampoo
2012-01-30 12:20 . 2012-01-30 12:20 -------- d-----w- c:\programdata\ashampoo
2012-01-29 16:53 . 2007-11-24 06:00 517120 ----a-w- c:\windows\system32\CLWCP.exe
2012-01-26 13:42 . 2012-01-27 00:48 91936 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2012-01-17 15:32 . 2012-01-17 15:32 -------- d-----w- c:\users\eXtenZ\AppData\Local\IsolatedStorage
2012-01-17 15:32 . 2012-01-17 15:32 -------- d-----w- c:\users\eXtenZ\AppData\Local\Blue_Onion_Software
2012-01-17 15:32 . 2012-01-18 01:36 -------- d-----w- c:\users\eXtenZ\AppData\Roaming\maComfort
2012-01-17 15:27 . 2010-11-20 12:20 1661440 ----a-w- c:\windows\system32\networkexplorer.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-17 15:27 . 2011-03-08 22:46 2755072 ----a-w- c:\windows\system32\themeui.dll
2012-01-17 15:27 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2012-01-17 15:27 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll
2012-01-15 23:39 . 2012-01-15 21:30 133208 ----a-w- c:\windows\system32\drivers\66584283.sys
2012-01-12 13:34 . 2011-11-01 17:42 1218627 ----a-w- c:\windows\unins000.exe
2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2011-11-19 14:01 . 2012-01-11 12:29 67072 ----a-w- c:\windows\system32\packager.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-11-17 . 05F38CB7CAB3CE8E9A1812D517DA93EF . 22528 . . [6.1.7600.21092] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[-] 2011-11-17 . C2243FF9E9AAD0C30E8B1A0914DA15B6 . 22528 . . [6.1.7600.16915] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[-] 2011-11-17 . 81951F51E318AECC2D68559E47485CC4 . 22528 . . [6.1.7601.17725] . . c:\windows\System32\lsass.exe
[-] 2011-11-17 . 81951F51E318AECC2D68559E47485CC4 . 22528 . . [6.1.7601.17725] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[-] 2011-11-17 . FBCB2DFA40862DAA7B1534C9538208A5 . 22528 . . [6.1.7601.21861] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
[7] 2009-07-14 . F42309C4191C506B71DB5D1126D26318 . 22528 . . [6.1.7600.16385] . . c:\windows\ERDNT\cache\lsass.exe
[7] 2009-07-14 . F42309C4191C506B71DB5D1126D26318 . 22528 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[7] 2009-07-14 . F42309C4191C506B71DB5D1126D26318 . 22528 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[7] 2009-07-14 . F42309C4191C506B71DB5D1126D26318 . 22528 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[7] 2009-07-14 . F42309C4191C506B71DB5D1126D26318 . 22528 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
.
[-] 2011-12-14 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll
[-] 2011-12-14 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16441_none_2bad15823c800473\mshtml.dll
[-] 2011-12-14 . A29CFD4B9F6F2BBE06C8D64B6D07F1D4 . 12282368 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20546_none_2c3bb3bf559922f0\mshtml.dll
[-] 2011-11-03 . A21B983E40578D0E6CFA9864AC4E1219 . 12279808 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20544_none_2c39b32b559af042\mshtml.dll
[-] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16421] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16440_none_2bac15383c80eb1c\mshtml.dll
[-] 2011-09-01 . 04E0CD31A63DFC0D73725A3D1768FB5A . 12275200 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16437_none_2bbde72a3c72808c\mshtml.dll
[-] 2011-09-01 . 8C93AED0A332209434B62162D03C38C9 . 12275200 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20537_none_2c4783f555902056\mshtml.dll
[-] 2011-07-22 . E6D5C7E4AAC0C682169AA5021386EFF3 . 12273664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16434_none_2bbae64c3c753487\mshtml.dll
[-] 2011-07-22 . F2966190D2C20C585A730F9C0B3C7373 . 12273664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20534_none_2c4483175592d451\mshtml.dll
[-] 2011-04-22 . 3F63F95C998F7E1AF409BC74E83D45E5 . 12269056 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16430_none_2bb6e5243c78cf2b\mshtml.dll
[-] 2011-04-22 . 858AD7EC121DBC3D39D4ABFE2E7E789C . 12269056 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20530_none_2c4081ef55966ef5\mshtml.dll
[-] 2011-04-14 . 4DEF8126CABAA6CDC12103CD74C6A919 . 12268544 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16421_none_2bc2b55a3c6fcc91\mshtml.dll
[-] 2011-03-07 . 3D2F69861D7B24A3C5B0473583FE3D9D . 5981696 . . [8.00.7601.17573] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17573_none_2fc2e3ecf79f1af3\mshtml.dll
[-] 2011-03-07 . 5E87C06B924495F6FA381391FDE0C9D4 . 5981696 . . [8.00.7601.21676] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21676_none_304f819610ba06c2\mshtml.dll
[-] 2011-02-24 . F861A76F208BD31031A91412AA77BD4F . 5982720 . . [8.00.7600.20908] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20908_none_2eb6d67e13590714\mshtml.dll
[-] 2011-02-24 . C75417DD80FE9D56A906DD9DA791ED6F . 5981696 . . [8.00.7600.16766] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16766_none_2dea57b0fa6ddf1b\mshtml.dll
[-] 2011-01-07 . 1C6045D48179D15A843486D12BEC0EAF . 5980672 . . [8.00.7601.17537] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17537_none_2ff224c4f77b108b\mshtml.dll
[-] 2011-01-07 . 1011333570E1CECAE8FAC34C8D9461BC . 5980672 . . [8.00.7601.21636] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.21636_none_307ac146109996fe\mshtml.dll
[-] 2010-12-18 . 6E9E2D2DC298FE9A3A3C164FB8A2C9EA . 5980672 . . [8.00.7600.16722] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16722_none_2e119638fa5109fb\mshtml.dll
[-] 2010-12-18 . A8B89A12E7A379AC443FB002F4AAB51F . 5980672 . . [8.00.7600.20861] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20861_none_2e6ef30a13900032\mshtml.dll
[-] 2010-11-20 . C50799F0D47DFB9774F721521B6C41D5 . 5977600 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_3004c3bef76d8ca4\mshtml.dll
[-] 2010-11-04 . 61854D1111E33A09603452B32A84B5F0 . 5979136 . . [8.00.7600.20831] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20831_none_2e8f62ce1377ac5f\mshtml.dll
[-] 2010-11-04 . 9145EF1A437A3FCA06069FC649E16E32 . 5978112 . . [8.00.7600.16700] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16700_none_2e25357cfa429f6b\mshtml.dll
[-] 2010-09-08 . 4F3DEEE94B0F650862F7AB7ABBE40CA1 . 5977088 . . [8.00.7600.20795] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20795_none_2e52828813a4bc3a\mshtml.dll
[-] 2010-09-08 . BAF92C3C3D5A0958817B661439A81FD9 . 5977600 . . [8.00.7600.16671] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16671_none_2dda846cfa7a7f32\mshtml.dll
[-] 2010-06-30 . BDFD710842C8A25DD27254D91DE60AC6 . 5971456 . . [8.00.7600.16625] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16625_none_2e149530fa4e58d9\mshtml.dll
[-] 2010-06-30 . 25C1646ADC24C371B594544C3D530967 . 5972992 . . [8.00.7600.20745] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20745_none_2e889224137c3085\mshtml.dll
[-] 2010-06-07 . 6EE36579E69E37D2AB2926A40B16DBB3 . 5961728 . . [8.00.7600.16490] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16490_none_2dc3e07efa8ba36f\mshtml.dll
[-] 2010-06-07 . 96990605689B601287D4A83DD2B05F0B . 5962240 . . [8.00.7600.20600] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20600_none_2eaece7c136044e7\mshtml.dll
[-] 2010-06-07 . 5F0851C767DE71C261283D423650FAC9 . 5958656 . . [8.00.7600.16444] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16444_none_2dfdf142fa5f7d16\mshtml.dll
[-] 2010-06-07 . FE1B4F611CFF0B442CEC979BE1CDDF77 . 5958656 . . [8.00.7600.20553] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20553_none_2e7bbdd813861f7a\mshtml.dll
[-] 2010-06-07 . F8F43D14BA21CF92D16B3A16A958778B . 5958656 . . [8.00.7600.16466] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_2dea51fefa6de7a6\mshtml.dll
[-] 2010-06-07 . 31F80311F487ABA186A10E551B212573 . 5959168 . . [8.00.7600.20579] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_2e6c1fbc1390ef66\mshtml.dll
[-] 2010-06-07 . 56F5053760581989A9BC7A47E916F661 . 5958656 . . [8.00.7600.16419] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16419_none_2e236278fa42a7f6\mshtml.dll
[-] 2010-06-07 . A89E3948B2EFC55F642FE1FE2CDA2D9E . 5958656 . . [8.00.7600.20521] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20521_none_2e9a2d08136f98f9\mshtml.dll
[-] 2009-07-14 . 43592D31AFF84DD957199248898D9430 . 5957632 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16385_none_2dd3aff6fa7f090a\mshtml.dll
.
[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[-] 2011-12-16 . F8A61B2E713309B4616D107919BDAB6E . 690688 . . [7.0.7600.16930] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16930_none_d15ca5d2001597a0\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] . . c:\windows\System32\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[-] 2011-12-16 . 10142C1975202A767C0EDB3BC066FD88 . 690688 . . [7.0.7600.21108] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.21108_none_d20e8cd31913e191\msvcrt.dll
[7] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] . . c:\windows\ERDNT\cache\msvcrt.dll
[7] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll
[-] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll
[-] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll
[-] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll
[-] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll
[-] 2011-09-01 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll
[-] 2011-09-01 . C0FCEE8D760C70DB6EF858BB2262288E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20537_none_1aed64d6d539b720\wininet.dll
[-] 2011-07-22 . 2C7332C222D1FE1FC57D622699A8C001 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16434_none_1a60c72dbc1ecb51\wininet.dll
[-] 2011-07-22 . AA75F065975FCE762FC9BBF5A3C08368 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20534_none_1aea63f8d53c6b1b\wininet.dll
[-] 2011-04-14 . A1236375B74EA63C75657D564890C436 . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16421_none_1a68963bbc19635b\wininet.dll
[-] 2011-03-07 . A5B19B240901CAB0C8E7767D2873613E . 981504 . . [8.00.7601.17573] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll
[-] 2011-03-07 . EDEB2904636B657782F824D8FF97D0B8 . 981504 . . [8.00.7601.21676] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll
[-] 2011-02-24 . DA2950BAD7306006EBA77DD93CC42690 . 982016 . . [8.00.7600.20908] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll
[-] 2011-02-24 . 214605C48AE416BC067C39D227CFCC57 . 981504 . . [8.00.7600.16766] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll
[-] 2010-12-21 . 78B9ADA2BC8946AF7B17678E0D07A773 . 981504 . . [8.00.7600.16723] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll
[-] 2010-12-21 . 1B3DD46BC6396143A205EAAF05F38039 . 981504 . . [8.00.7600.20862] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll
[-] 2010-12-18 . F019FCA21F609E34B79AE130681D08F7 . 981504 . . [8.00.7600.16722] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll
[-] 2010-12-18 . 025031C16D3A486F6AFE1C9B2FB1ADE0 . 981504 . . [8.00.7600.20861] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll
[-] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[-] 2010-11-04 . 749A4DDB8915066566E2BB38C2618048 . 981504 . . [8.00.7600.20831] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20831_none_1d3543af93214329\wininet.dll
[-] 2010-11-04 . A7360A3B20B38F1D6A09402FB6E9E2C3 . 978944 . . [8.00.7600.16700] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16700_none_1ccb165e79ec3635\wininet.dll
[-] 2010-09-08 . 84795F28EB2E942951138827B8704819 . 980480 . . [8.00.7600.20795] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20795_none_1cf86369934e5304\wininet.dll
[-] 2010-09-08 . 3D6AA6DD4D0F3BB41B804747EB489831 . 978432 . . [8.00.7600.16671] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16671_none_1c80654e7a2415fc\wininet.dll
[-] 2010-06-30 . 250267CE6217C1AB4517F22FB7EA13E8 . 978432 . . [8.00.7600.16625] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll
[-] 2010-06-30 . 91A9CCAD9829A89C840899932B9EC2DF . 980480 . . [8.00.7600.20745] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll
[-] 2010-06-07 . F1C359CE656BD76F90E0E6C4BC04A4BE . 977920 . . [8.00.7600.16490] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16490_none_1c69c1607a353a39\wininet.dll
[-] 2010-06-07 . 23587164011EC849E58E229ABC49E239 . 977920 . . [8.00.7600.20600] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20600_none_1d54af5d9309dbb1\wininet.dll
[7] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-12-19 19:46 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-01-26 3462552]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-18 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-18 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-18 150552]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-29 4114288]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"PrintDisp"="c:\windows\system32\PrintDisp.exe" [2011-02-19 826368]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^eXtenZ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_66584283.lnk]
backup=c:\windows\pss\_uninst_66584283.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
2009-09-29 16:22 5064560 ----a-w- c:\program files\Lenovo\Energy Management\Energy Management.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-29 09:23 136176 ----atw- c:\users\eXtenZ\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wextract_cleanup0]
2009-07-14 01:14 126464 ----a-w- c:\windows\System32\advpack.dll
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Google Update"="c:\users\eXtenZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 cpuz134;cpuz134; [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys [2009-10-26 17408]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-29 1343400]
R3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S0 66584283;66584283;c:\windows\system32\DRIVERS\66584283.sys [2012-01-15 133208]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-29 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2011-05-11 99896]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-01-27 91936]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-10-28 65536]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [2010-03-25 445496]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-217525786-4203485839-1761426994-1003Core1cce123b277cc96.job
- c:\users\eXtenZ\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 09:23]
.
2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-217525786-4203485839-1761426994-1003UA.job
- c:\users\eXtenZ\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 09:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.2.1
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-217525786-4203485839-1761426994-1003_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):06,10,3e,0e,ec,8f,ee,43,b4,bd,32,2e,7e,6b,3a,69,18,a6,11,f7,fe,
b3,d5,46,a9,bc,a6,e8,db,35,7c,c6,e1,78,16,60,25,47,36,c0,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-217525786-4203485839-1761426994-1003_Classes\CLSID\{6574475f-8974-400e-b9e1-c79598efd3e3}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000002d
"Therad"=dword:0000000f
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-02-15 19:55:57
ComboFix-quarantined-files.txt 2012-02-15 18:55
.
Pre-Run: Volných bajtů: 244 019 523 584
Post-Run: Volných bajtů: 244 016 107 520
.
- - End Of File - - 2A8761106C9AB6CFF3D8502B5F1EF75C

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\users\eXtenZ\AppData\Local\Google\Update

Collect::
c:\windows\system32\DRIVERS\66584283.sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-217525786-4203485839-1761426994-1003Core1cce123b277cc96.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-217525786-4203485839-1761426994-1003UA.job

Driver::
66584283

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"=-

RegLock::
[HKEY_USERS\S-1-5-21-217525786-4203485839-1761426994-1003_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
[HKEY_USERS\S-1-5-21-217525786-4203485839-1761426994-1003_Classes\CLSID\{6574475f-8974-400e-b9e1-c79598efd3e3}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[eXtenZ1]

Všetko som spravil. Pri ďalšom reštarte som musel 2x obnoviť windows, nechcelo mi to nabehnúť zase.

Čo teraz ?

Ďakujem

[Rudy]

Po obnovení systém nabíhá normálně?

[eXtenZ1]

Pri 1 obnovení mi systém nenabehol a vyskytla sa tá istá chyba, pri druhom obnovení (iný dátum a čas) mi to nabehlo normálne.

[Rudy]

OK. Proveďte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

[eXtenZ1]

Po dokončení scanu mi nevypísalo žiaden log. Čo mám s tým spraviť ?

[Rudy]

Znamená to, že PC je čistý. Jak se nyní PC chová?

[eXtenZ1]

Teraz pri prvom spustení windows, zase som musel obnovovať systém.

[Rudy]

Zkuste opravu systému z instal. media.