VIRY.CZ

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 12-02-07.01 - Petra 07.02.2012 14:44:08.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2013.1285 [GMT 1:00]
Spuštěný z: c:\users\Petra\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Downloaded Installers
c:\program files\Downloaded Installers\{751f6a0b-fdec-47b6-b45d-7a1ae742a87a}\setup.msi
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-07 do 2012-02-07 )))))))))))))))))))))))))))))))
.
.
2012-02-07 13:55 . 2012-02-07 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-07 12:10 . 2012-02-07 12:17 -------- d-----w- C:\UsbFix
2012-02-07 11:13 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FA6E23E-3731-47B2-ABFF-4E9E2D66A5E3}\mpengine.dll
2012-02-06 19:36 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-02-06 19:16 . 2012-02-06 19:47 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-02-06 19:16 . 2012-02-06 19:16 -------- d-----w- c:\users\Petra\AppData\Local\SlimWare Utilities Inc
2012-02-06 19:14 . 2012-02-06 19:14 -------- d-----w- c:\program files\SlimDrivers
2012-02-06 18:48 . 2012-02-06 18:49 -------- d-----w- C:\rsit
2012-02-06 18:48 . 2012-02-06 18:48 -------- d-----w- c:\program files\trend micro
2012-02-01 17:20 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-02-01 17:20 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-02-01 17:20 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-02-01 17:20 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-02-01 17:20 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-02-01 17:20 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll
2012-02-01 17:20 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-02-01 17:20 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-02-01 17:20 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-02-01 17:20 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-02-01 17:20 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-02-01 17:19 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-02-01 17:19 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-02-01 17:19 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-02-01 16:30 . 2012-02-01 16:30 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-02-01 16:17 . 2012-02-01 16:17 -------- d-----w- c:\program files\MSXML 4.0
2012-01-19 11:56 . 2012-01-19 11:58 -------- d-----w- c:\users\Petra\AppData\Roaming\Stellarium
2012-01-18 19:29 . 2012-01-18 19:29 -------- d-----w- c:\program files\Stellarium
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-07 12:17 . 2012-02-07 12:17 5872780 ----a-w- C:\UsbFix_Upload_Me_PETRA-PC.zip
2012-01-26 23:21 . 2011-12-21 20:20 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-17 21:00 . 2011-10-07 17:47 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-22 16:56 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-12-22 16:03 . 2011-12-22 16:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-22 16:01 . 2011-12-22 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-21 21:15 . 2011-12-21 21:15 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-21 21:15 . 2011-12-21 21:15 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-21 21:15 . 2011-12-21 21:15 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-21 21:15 . 2011-12-21 21:15 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-21 21:15 . 2011-12-21 21:15 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-21 21:15 . 2011-12-21 21:15 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-21 21:15 . 2011-12-21 21:15 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-21 21:15 . 2011-12-21 21:15 367104 ----a-w- c:\windows\system32\html.iec
2011-12-21 21:15 . 2011-12-21 21:15 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-21 21:15 . 2011-12-21 21:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-21 21:15 . 2011-12-21 21:15 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-21 21:15 . 2011-12-21 21:15 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-21 21:15 . 2011-12-21 21:15 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-21 21:15 . 2011-12-21 21:15 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-21 21:15 . 2011-12-21 21:15 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-21 21:15 . 2011-12-21 21:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-21 21:15 . 2011-12-21 21:15 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-21 21:15 . 2011-12-21 21:15 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-21 21:15 . 2011-12-21 21:15 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-21 21:15 . 2011-12-21 21:15 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-21 21:15 . 2011-12-21 21:15 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-19 18:59 . 2011-10-07 17:47 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2011-10-07 17:47 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2011-10-07 17:47 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-07 17:47 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2011-10-07 17:47 301224 ----a-w- c:\windows\system32\guard32.dll
2011-11-24 04:25 . 2011-12-21 20:52 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 05:34 . 2012-02-01 17:20 224768 ----a-w- c:\windows\system32\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-02-06 4617600]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-22 1725736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-12-22 15:19 136176 ----atw- c:\users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-02-06 12984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-01-17 491816]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001Core.job
- c:\users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-22 15:19]
.
2012-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001UA.job
- c:\users\Petra\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-22 15:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{1E072B46-86EE-48A4-A857-8D19370131DE}: NameServer = 78.136.128.4 78.136.128.12
TCP: Interfaces\{733563F1-00E8-4A8A-B10C-9DD9317FE984}: NameServer = 192.168.1.1
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(692)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(560)
c:\windows\system32\guard32.dll
.
Celkový čas: 2012-02-07 15:03:15
ComboFix-quarantined-files.txt 2012-02-07 14:03
.
Před spuštěním: Volných bajtů: 184 728 313 856
Po spuštění: Volných bajtů: 186 448 445 440
.
- - End Of File - - ACC74B650822EB591FBB4EBBB6B610DC

ješte jsem zapoměl žádný ICQ Toolbar jsem nenašel

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001UA.job

Registry::
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 12-02-07.01 - Petra 07.02.2012 22:08:38.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2013.1137 [GMT 1:00]
Spuštěný z: c:\users\Petra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petra\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2434014512-3133335245-3839603683-1001UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-07 do 2012-02-07 )))))))))))))))))))))))))))))))
.
.
2012-02-07 21:14 . 2012-02-07 21:16 -------- d-----w- c:\users\Petra\AppData\Local\temp
2012-02-07 21:14 . 2012-02-07 21:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-07 20:31 . 2012-02-07 20:53 -------- d-----w- c:\users\Petra\AppData\Roaming\PwrMgr
2012-02-07 20:15 . 2012-02-07 20:15 -------- d-----w- c:\program files\Common Files\Lenovo
2012-02-07 20:12 . 2012-02-07 20:12 -------- d-----w- C:\swtools
2012-02-07 19:49 . 2009-09-15 12:30 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
2012-02-07 19:49 . 2009-09-15 11:36 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2012-02-07 19:49 . 2009-09-07 17:00 48128 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2012-02-07 19:49 . 2007-07-25 11:48 172032 ----a-w- c:\windows\system32\rixdicon.dll
2012-02-07 19:49 . 2004-09-04 02:00 90112 ----a-w- c:\windows\system32\snymsico.dll
2012-02-07 19:49 . 2012-02-07 20:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-02-07 19:49 . 2012-02-07 19:49 -------- d-----w- C:\DRIVERS
2012-02-07 19:27 . 2012-02-07 19:27 -------- d-----w- c:\program files\Lavalys
2012-02-07 16:27 . 2012-02-07 16:27 -------- d-----w- c:\program files\Microsoft Silverlight
2012-02-07 16:24 . 2012-02-07 16:24 -------- d-----w- c:\program files\Microsoft Games
2012-02-07 15:42 . 2012-02-07 15:46 -------- d--h--w- c:\windows\msdownld.tmp
2012-02-07 12:10 . 2012-02-07 12:17 -------- d-----w- C:\UsbFix
2012-02-07 11:13 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FA6E23E-3731-47B2-ABFF-4E9E2D66A5E3}\mpengine.dll
2012-02-06 19:36 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-02-06 19:16 . 2012-02-07 19:52 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-02-06 19:16 . 2012-02-06 19:16 -------- d-----w- c:\users\Petra\AppData\Local\SlimWare Utilities Inc
2012-02-06 19:14 . 2012-02-06 19:14 -------- d-----w- c:\program files\SlimDrivers
2012-02-06 18:48 . 2012-02-06 18:49 -------- d-----w- C:\rsit
2012-02-06 18:48 . 2012-02-06 18:48 -------- d-----w- c:\program files\trend micro
2012-02-01 17:20 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-02-01 17:20 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-02-01 17:20 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-02-01 17:20 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-02-01 17:20 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-02-01 17:20 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll
2012-02-01 17:20 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-02-01 17:20 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-02-01 17:20 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-02-01 17:20 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-02-01 17:20 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-02-01 17:19 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-02-01 17:19 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-02-01 17:19 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-02-01 16:30 . 2012-02-01 16:30 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-02-01 16:17 . 2012-02-01 16:17 -------- d-----w- c:\program files\MSXML 4.0
2012-01-19 11:56 . 2012-01-19 11:58 -------- d-----w- c:\users\Petra\AppData\Roaming\Stellarium
2012-01-18 19:29 . 2012-01-18 19:29 -------- d-----w- c:\program files\Stellarium
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-07 12:17 . 2012-02-07 12:17 5872780 ----a-w- C:\UsbFix_Upload_Me_PETRA-PC.zip
2012-01-26 23:21 . 2011-12-21 20:20 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-17 21:00 . 2011-10-07 17:47 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-22 16:56 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-12-22 16:03 . 2011-12-22 16:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-22 16:01 . 2011-12-22 16:02 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-21 21:15 . 2011-12-21 21:15 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-12-21 21:15 . 2011-12-21 21:15 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-21 21:15 . 2011-12-21 21:15 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-21 21:15 . 2011-12-21 21:15 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-12-21 21:15 . 2011-12-21 21:15 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-12-21 21:15 . 2011-12-21 21:15 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-21 21:15 . 2011-12-21 21:15 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-12-21 21:15 . 2011-12-21 21:15 367104 ----a-w- c:\windows\system32\html.iec
2011-12-21 21:15 . 2011-12-21 21:15 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-12-21 21:15 . 2011-12-21 21:15 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-21 21:15 . 2011-12-21 21:15 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-21 21:15 . 2011-12-21 21:15 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-12-21 21:15 . 2011-12-21 21:15 161792 ----a-w- c:\windows\system32\msls31.dll
2011-12-21 21:15 . 2011-12-21 21:15 152064 ----a-w- c:\windows\system32\wextract.exe
2011-12-21 21:15 . 2011-12-21 21:15 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-12-21 21:15 . 2011-12-21 21:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-21 21:15 . 2011-12-21 21:15 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-21 21:15 . 2011-12-21 21:15 11776 ----a-w- c:\windows\system32\mshta.exe
2011-12-21 21:15 . 2011-12-21 21:15 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-21 21:15 . 2011-12-21 21:15 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-12-21 21:15 . 2011-12-21 21:15 101888 ----a-w- c:\windows\system32\admparse.dll
2011-12-19 18:59 . 2011-10-07 17:47 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2011-10-07 17:47 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2011-10-07 17:47 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-07 17:47 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2011-10-07 17:47 301224 ----a-w- c:\windows\system32\guard32.dll
2011-11-24 04:25 . 2011-12-21 20:52 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 05:34 . 2012-02-01 17:20 224768 ----a-w- c:\windows\system32\schannel.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-07_13.55.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-07 15:47 . 2007-04-04 17:53 81768 c:\windows\System32\xinput1_3.dll
+ 2012-02-07 15:47 . 2006-07-28 08:30 62744 c:\windows\System32\xinput1_2.dll
+ 2012-02-07 15:47 . 2006-03-31 11:39 62672 c:\windows\System32\xinput1_1.dll
+ 2012-02-07 15:47 . 2010-06-02 03:55 74072 c:\windows\System32\XAPOFX1_5.dll
+ 2012-02-07 15:47 . 2010-02-04 09:01 74072 c:\windows\System32\XAPOFX1_4.dll
+ 2012-02-07 15:47 . 2009-09-04 16:44 69464 c:\windows\System32\XAPOFX1_3.dll
+ 2012-02-07 15:47 . 2008-10-27 09:04 70992 c:\windows\System32\XAPOFX1_2.dll
+ 2012-02-07 15:47 . 2008-07-31 09:41 68616 c:\windows\System32\XAPOFX1_1.dll
+ 2012-02-07 15:47 . 2008-05-30 13:17 65032 c:\windows\System32\XAPOFX1_0.dll
+ 2012-02-07 15:47 . 2010-02-04 09:01 22360 c:\windows\System32\X3DAudio1_7.dll
+ 2012-02-07 15:47 . 2009-03-16 13:18 22360 c:\windows\System32\X3DAudio1_6.dll
+ 2012-02-07 15:47 . 2008-10-27 09:04 23376 c:\windows\System32\X3DAudio1_5.dll
+ 2012-02-07 15:47 . 2008-05-30 13:17 25608 c:\windows\System32\X3DAudio1_4.dll
+ 2012-02-07 15:47 . 2008-03-05 15:00 25608 c:\windows\System32\X3DAudio1_3.dll
+ 2012-02-07 15:47 . 2007-10-22 02:37 17928 c:\windows\System32\X3DAudio1_2.dll
+ 2012-02-07 15:47 . 2007-03-05 11:42 15128 c:\windows\System32\x3daudio1_1.dll
+ 2012-02-07 15:47 . 2006-02-03 07:41 14032 c:\windows\System32\x3daudio1_0.dll
+ 2011-12-21 20:04 . 2012-02-07 20:18 22462 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2012-02-07 21:17 38622 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-21 21:41 . 2009-02-27 02:42 66440 c:\windows\System32\spool\drivers\w32x86\msonpui.dll
+ 2011-12-21 21:41 . 2009-02-27 02:42 66440 c:\windows\System32\spool\drivers\w32x86\3\msonpui.dll
+ 2009-07-13 23:55 . 2009-07-14 01:16 18432 c:\windows\System32\simptcp.dll
+ 2011-12-21 21:41 . 2009-02-27 02:42 31640 c:\windows\System32\msonpmon.dll
- 2009-07-14 04:50 . 2012-02-06 19:37 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2009-07-14 04:50 . 2012-02-07 19:50 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2012-02-07 19:49 . 2009-09-15 12:30 38400 c:\windows\System32\DriverStore\FileRepository\rixdptsk.inf_x86_neutral_8cee15f65198fca6\rixdptsk.sys
+ 2012-02-07 19:49 . 2004-09-04 02:00 90112 c:\windows\System32\DriverStore\FileRepository\rimsptsk.inf_x86_neutral_8ced335f9913a65e\snymsico.dll
+ 2012-02-07 19:49 . 2009-09-15 11:36 44544 c:\windows\System32\DriverStore\FileRepository\rimsptsk.inf_x86_neutral_8ced335f9913a65e\rimsptsk.sys
+ 2012-02-07 19:49 . 2009-09-07 17:00 48128 c:\windows\System32\DriverStore\FileRepository\rimmptsk.inf_x86_neutral_11dd3185ac337b40\rimmptsk.sys
+ 2011-12-21 19:57 . 2012-02-07 21:16 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-21 19:57 . 2012-02-07 12:54 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-21 19:57 . 2012-02-07 12:54 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-12-21 19:57 . 2012-02-07 21:16 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2012-02-07 21:16 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2012-02-07 12:54 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-02-07 15:47 . 2005-03-18 15:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-08-30 16:03 . 2011-08-30 16:03 41984 c:\windows\Installer\6c5de.msi
- 2011-12-21 21:41 . 2012-02-06 15:12 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-02-07 16:27 . 2012-02-07 16:27 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VBAME.DLL
+ 2009-02-26 14:24 . 2009-02-26 14:24 71536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONFILTER.DLL
+ 2009-02-26 14:24 . 2009-02-26 14:24 97680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\ONENOTEM.EXE
+ 2006-07-24 09:50 . 2006-07-24 09:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSADDNDR.DLL
+ 2011-12-21 21:39 . 2011-12-21 21:39 35648 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLCTLPIA.DLL
+ 2009-04-02 11:01 . 2009-04-02 11:01 56680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXP_XPS.DLL
+ 2009-04-03 17:46 . 2009-04-03 17:46 97640 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXP_PDF.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 56192 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECNFLT.EXE
+ 2012-02-07 16:05 . 2012-02-07 16:05 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
- 2012-02-04 19:10 . 2012-02-04 19:10 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2012-02-07 16:04 . 2012-02-07 16:04 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2012-02-07 16:05 . 2012-02-07 16:05 34696 c:\windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-12-21 20:04 . 2012-02-07 21:17 5370 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2434014512-3133335245-3839603683-1001_UserData.bin
- 2012-02-07 12:54 . 2012-02-07 12:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-07 20:16 . 2012-02-07 21:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-07 20:16 . 2012-02-07 21:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-02-07 12:54 . 2012-02-07 12:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-13 23:41 . 2009-07-14 01:16 222720 c:\windows\System32\zgmprxy.dll
+ 2012-02-07 15:47 . 2010-06-02 03:55 527192 c:\windows\System32\XAudio2_7.dll
+ 2012-02-07 15:47 . 2010-02-04 09:01 528216 c:\windows\System32\XAudio2_6.dll
+ 2012-02-07 15:47 . 2009-09-04 16:44 515416 c:\windows\System32\XAudio2_5.dll
+ 2012-02-07 15:47 . 2009-03-16 13:18 517448 c:\windows\System32\XAudio2_4.dll
+ 2012-02-07 15:47 . 2008-10-27 09:04 514384 c:\windows\System32\XAudio2_3.dll
+ 2012-02-07 15:47 . 2008-07-31 09:40 509448 c:\windows\System32\XAudio2_2.dll
+ 2012-02-07 15:47 . 2008-05-30 13:19 507400 c:\windows\System32\XAudio2_1.dll
+ 2012-02-07 15:47 . 2008-03-05 15:03 479752 c:\windows\System32\XAudio2_0.dll
+ 2012-02-07 15:47 . 2010-06-02 03:55 239960 c:\windows\System32\xactengine3_7.dll
+ 2012-02-07 15:47 . 2010-02-04 09:01 238936 c:\windows\System32\xactengine3_6.dll
+ 2012-02-07 15:47 . 2009-09-04 16:44 238936 c:\windows\System32\xactengine3_5.dll
+ 2012-02-07 15:47 . 2009-03-16 13:18 235352 c:\windows\System32\xactengine3_4.dll
+ 2012-02-07 15:47 . 2008-10-27 09:04 235856 c:\windows\System32\xactengine3_3.dll
+ 2012-02-07 15:47 . 2008-07-31 09:41 238088 c:\windows\System32\xactengine3_2.dll
+ 2012-02-07 15:47 . 2008-05-30 13:18 238088 c:\windows\System32\xactengine3_1.dll
+ 2012-02-07 15:47 . 2008-03-05 15:03 238088 c:\windows\System32\xactengine3_0.dll
+ 2012-02-07 15:47 . 2007-07-19 23:57 267112 c:\windows\System32\xactengine2_9.dll
+ 2012-02-07 15:47 . 2007-06-20 19:46 266088 c:\windows\System32\xactengine2_8.dll
+ 2012-02-07 15:47 . 2007-04-04 17:55 261480 c:\windows\System32\xactengine2_7.dll
+ 2012-02-07 15:47 . 2007-01-24 14:27 255848 c:\windows\System32\xactengine2_6.dll
+ 2012-02-07 15:47 . 2006-12-08 11:02 251672 c:\windows\System32\xactengine2_5.dll
+ 2012-02-07 15:47 . 2006-09-28 15:05 237848 c:\windows\System32\xactengine2_4.dll
+ 2012-02-07 15:47 . 2006-07-28 08:30 236824 c:\windows\System32\xactengine2_3.dll
+ 2012-02-07 15:47 . 2006-05-31 06:24 230168 c:\windows\System32\xactengine2_2.dll
+ 2012-02-07 15:47 . 2007-10-22 02:39 267272 c:\windows\System32\xactengine2_10.dll
+ 2012-02-07 15:47 . 2006-03-31 11:39 229584 c:\windows\System32\xactengine2_1.dll
+ 2012-02-07 15:47 . 2006-02-03 07:42 230096 c:\windows\System32\xactengine2_0.dll
+ 2011-12-24 16:27 . 2012-02-07 20:42 191512 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-12-24 14:56 . 2012-02-07 17:11 245838 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2011-12-21 21:41 . 2009-02-27 02:42 863128 c:\windows\System32\spool\drivers\w32x86\msonpdrv.dll
+ 2011-12-21 21:41 . 2009-02-27 02:42 863128 c:\windows\System32\spool\drivers\w32x86\3\msonpdrv.dll
- 2009-07-14 02:05 . 2012-02-07 13:00 616008 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2012-02-07 20:20 616008 c:\windows\System32\perfh009.dat
+ 2009-07-14 08:44 . 2012-02-07 20:20 631292 c:\windows\System32\perfh005.dat
- 2009-07-14 08:44 . 2012-02-07 13:00 631292 c:\windows\System32\perfh005.dat
- 2009-07-14 02:05 . 2012-02-07 13:00 106388 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2012-02-07 20:20 106388 c:\windows\System32\perfc009.dat
+ 2009-07-14 08:44 . 2012-02-07 20:20 121914 c:\windows\System32\perfc005.dat
- 2009-07-14 08:44 . 2012-02-07 13:00 121914 c:\windows\System32\perfc005.dat
- 2009-07-14 04:50 . 2012-02-06 19:37 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2012-02-07 19:50 143360 c:\windows\System32\DriverStore\infstrng.dat
- 2009-07-14 04:50 . 2012-02-06 19:37 143360 c:\windows\System32\DriverStore\infstor.dat
+ 2009-07-14 04:50 . 2012-02-07 19:50 143360 c:\windows\System32\DriverStore\infstor.dat
+ 2012-02-07 19:49 . 2007-07-25 11:48 172032 c:\windows\System32\DriverStore\FileRepository\rixdptsk.inf_x86_neutral_8cee15f65198fca6\rixdicon.dll
+ 2012-02-07 15:47 . 2010-05-26 10:41 248672 c:\windows\System32\d3dx11_43.dll
+ 2012-02-07 15:47 . 2009-09-04 16:29 235344 c:\windows\System32\d3dx11_42.dll
+ 2012-02-07 15:47 . 2010-05-26 10:41 470880 c:\windows\System32\d3dx10_43.dll
+ 2012-02-07 15:47 . 2009-09-04 16:29 453456 c:\windows\System32\d3dx10_42.dll
+ 2012-02-07 15:47 . 2009-03-09 14:27 453456 c:\windows\System32\d3dx10_41.dll
+ 2012-02-07 15:47 . 2008-07-10 10:01 467984 c:\windows\System32\d3dx10_39.dll
+ 2012-02-07 15:47 . 2008-05-30 13:11 467984 c:\windows\System32\d3dx10_38.dll
+ 2012-02-07 15:47 . 2008-02-05 22:07 462864 c:\windows\System32\d3dx10_37.dll
+ 2012-02-07 15:47 . 2007-10-02 08:56 444776 c:\windows\System32\d3dx10_36.dll
+ 2012-02-07 15:47 . 2007-07-19 17:14 444776 c:\windows\System32\d3dx10_35.dll
+ 2012-02-07 15:47 . 2007-05-16 15:45 443752 c:\windows\System32\d3dx10_34.dll
+ 2012-02-07 15:47 . 2007-03-15 15:57 443752 c:\windows\System32\d3dx10_33.dll
+ 2012-02-07 15:47 . 2006-11-29 12:06 440080 c:\windows\System32\d3dx10.dll
+ 2009-07-14 04:34 . 2012-02-07 19:24 112048 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:47 . 2012-02-07 20:15 389820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:47 . 2012-02-07 12:53 389820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-07 15:47 . 2006-03-31 10:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2006-02-03 06:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-12-05 16:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-09-28 13:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-07-22 16:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-05-26 14:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-03-18 16:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-02-05 18:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2012-02-07 15:47 . 2005-03-18 15:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2011-02-25 14:09 . 2011-02-25 14:09 803328 c:\windows\Installer\15f51d.msi
- 2012-02-04 19:08 . 2012-02-04 19:08 217864 c:\windows\Installer\{90120000-006E-0405-0000-0000000FF1CE}\misc.exe
+ 2012-02-07 16:00 . 2012-02-07 16:00 217864 c:\windows\Installer\{90120000-006E-0405-0000-0000000FF1CE}\misc.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-14 06:10 . 2011-01-14 06:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL
+ 2011-01-14 06:10 . 2011-01-14 06:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL
+ 2007-06-07 18:51 . 2007-06-07 18:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\SSGEN.DLL
+ 2007-06-07 18:51 . 2007-06-07 18:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OUTLFLTR.DLL
+ 2008-03-19 05:27 . 2008-03-19 05:27 661536 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\OGALEGIT.DLL
+ 2006-07-24 09:50 . 2006-07-24 09:50 125744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\MSSTDFMT.DLL
+ 2008-10-25 05:18 . 2008-10-25 05:18 172880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\IEAWSDC.DLL
+ 2006-10-27 14:35 . 2006-10-27 14:35 436512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\UMOUTLOOKADDIN.DLL
+ 2006-10-26 19:13 . 2006-10-26 19:13 764800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECNF.DLL
+ 2012-02-07 20:14 . 2012-02-07 20:14 882688 c:\windows\assembly\NativeImages_v2.0.50727_32\PWMUICtl\13e3402d8c210d6be4eb09333d3a93d4\PWMUICtl.ni.dll
+ 2012-02-07 20:14 . 2012-02-07 20:14 158208 c:\windows\assembly\NativeImages_v2.0.50727_32\PWMUIAux\11b99efad6082c38be86cfbf1dafcc42\PWMUIAux.ni.exe
+ 2012-02-07 20:14 . 2012-02-07 20:14 928768 c:\windows\assembly\NativeImages_v2.0.50727_32\PWMUI\85774f309be59e8ef0e1f703d87055ed\PWMUI.ni.exe
+ 2012-02-07 16:05 . 2012-02-07 16:05 608136 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2012-02-07 16:05 . 2012-02-07 16:05 117160 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
- 2012-02-04 19:11 . 2012-02-04 19:11 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2012-02-07 16:05 . 2012-02-07 16:05 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2012-02-07 16:04 . 2012-02-07 16:04 149368 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-07-07 01:28 . 2011-07-07 01:28 1193320 c:\windows\System32\FM20.DLL
+ 2012-02-07 15:47 . 2010-05-26 10:41 1998168 c:\windows\System32\D3DX9_43.dll
+ 2012-02-07 15:47 . 2009-09-04 16:29 1892184 c:\windows\System32\D3DX9_42.dll
+ 2012-02-07 15:47 . 2009-03-09 14:27 4178264 c:\windows\System32\D3DX9_41.dll
+ 2012-02-07 15:47 . 2008-10-10 03:52 4379984 c:\windows\System32\D3DX9_40.dll
+ 2012-02-07 15:47 . 2008-07-10 10:00 3851784 c:\windows\System32\D3DX9_39.dll
+ 2012-02-07 15:47 . 2008-05-30 13:11 3850760 c:\windows\System32\D3DX9_38.dll
+ 2012-02-07 15:47 . 2008-03-05 14:56 3786760 c:\windows\System32\D3DX9_37.dll
+ 2012-02-07 15:47 . 2007-10-12 14:14 3734536 c:\windows\System32\d3dx9_36.dll
+ 2012-02-07 15:47 . 2007-07-19 17:14 3727720 c:\windows\System32\d3dx9_35.dll
+ 2012-02-07 15:47 . 2007-05-16 15:45 3497832 c:\windows\System32\d3dx9_34.dll
+ 2012-02-07 15:47 . 2007-03-12 15:42 3495784 c:\windows\System32\d3dx9_33.dll
+ 2012-02-07 15:47 . 2006-11-29 12:06 3426072 c:\windows\System32\d3dx9_32.dll
+ 2012-02-07 15:47 . 2006-09-28 15:05 2414360 c:\windows\System32\d3dx9_31.dll
+ 2012-02-07 15:47 . 2006-02-03 07:43 2332368 c:\windows\System32\d3dx9_29.dll
+ 2012-02-07 15:47 . 2005-12-05 17:09 2323664 c:\windows\System32\d3dx9_28.dll
+ 2012-02-07 15:47 . 2005-07-22 18:59 2319568 c:\windows\System32\d3dx9_27.dll
+ 2012-02-07 15:47 . 2005-05-26 14:34 2297552 c:\windows\System32\d3dx9_26.dll
+ 2012-02-07 15:47 . 2005-03-18 16:19 2337488 c:\windows\System32\d3dx9_25.dll
+ 2012-02-07 15:47 . 2005-02-05 18:45 2222800 c:\windows\System32\d3dx9_24.dll
+ 2012-02-07 15:47 . 2010-05-26 10:41 1868128 c:\windows\System32\d3dcsx_43.dll
+ 2012-02-07 15:47 . 2009-09-04 16:29 5501792 c:\windows\System32\d3dcsx_42.dll
+ 2012-02-07 15:47 . 2010-05-26 10:41 2106216 c:\windows\System32\D3DCompiler_43.dll
+ 2012-02-07 15:47 . 2009-09-04 16:29 1974616 c:\windows\System32\D3DCompiler_42.dll
+ 2012-02-07 15:47 . 2009-03-09 14:27 1846632 c:\windows\System32\D3DCompiler_41.dll
+ 2012-02-07 15:47 . 2008-10-10 03:52 2036576 c:\windows\System32\D3DCompiler_40.dll
+ 2012-02-07 15:47 . 2008-07-10 10:00 1493528 c:\windows\System32\D3DCompiler_39.dll
+ 2012-02-07 15:47 . 2008-05-30 13:11 1491992 c:\windows\System32\D3DCompiler_38.dll
+ 2012-02-07 15:47 . 2008-03-05 14:56 1420824 c:\windows\System32\D3DCompiler_37.dll
+ 2012-02-07 15:47 . 2007-10-12 14:14 1374232 c:\windows\System32\D3DCompiler_36.dll
+ 2012-02-07 15:47 . 2007-07-19 17:14 1358192 c:\windows\System32\D3DCompiler_35.dll
+ 2012-02-07 15:47 . 2007-05-16 15:45 1124720 c:\windows\System32\D3DCompiler_34.dll
+ 2012-02-07 15:47 . 2007-03-12 15:42 1123696 c:\windows\System32\D3DCompiler_33.dll
+ 2009-07-13 23:41 . 2009-07-14 01:15 1092096 c:\windows\System32\cmncliM.dll
+ 2009-07-13 23:41 . 2009-07-14 01:04 6214144 c:\windows\System32\CardGames.dll
+ 2009-07-14 04:34 . 2012-02-07 16:24 7400364 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-12-21 21:50 . 2012-02-07 20:15 3053216 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2434014512-3133335245-3839603683-1001-8192.dat
- 2011-12-21 21:50 . 2012-02-07 12:53 2065616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2434014512-3133335245-3839603683-1001-4096.dat
+ 2011-12-21 21:50 . 2012-02-07 14:07 2065616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2434014512-3133335245-3839603683-1001-4096.dat
+ 2011-12-22 16:49 . 2012-02-07 19:50 2297646 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2434014512-3133335245-3839603683-1001-12288.dat
+ 2012-02-07 15:47 . 2004-12-01 14:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2004-09-29 11:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2011-07-21 11:34 . 2011-07-21 11:34 3456000 c:\windows\Installer\6c5d8.msp
+ 2011-01-15 08:46 . 2011-01-15 08:46 2049536 c:\windows\Installer\66e4e1.msi
+ 2011-09-15 18:29 . 2011-09-15 18:29 1287680 c:\windows\Installer\66e4da.msp
+ 2011-09-15 18:26 . 2011-09-15 18:26 2681344 c:\windows\Installer\66e4bc.msp
- 2011-12-21 21:41 . 2012-02-06 15:12 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-12-21 21:41 . 2012-02-06 15:12 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-12-21 21:41 . 2012-02-07 16:07 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-01-14 06:10 . 2011-01-14 06:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL
+ 2011-01-14 06:10 . 2011-01-14 06:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL
+ 2011-01-14 06:10 . 2011-01-14 06:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL
+ 2009-10-09 22:10 . 2009-10-09 22:10 2594632 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6612\VBE6.DLL
+ 2006-10-26 19:25 . 2006-10-26 19:25 2172688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSRCHFEA.DLL
+ 2012-02-07 16:05 . 2012-02-07 16:05 1279864 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 15:47 . 2012-02-07 15:47 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2012-02-07 16:27 . 2012-02-07 16:27 20333568 c:\windows\Installer\6c5e5.msp
+ 2011-09-15 17:38 . 2011-09-15 17:38 10838528 c:\windows\Installer\66e4d3.msp
+ 2011-09-15 17:37 . 2011-09-15 17:37 14140416 c:\windows\Installer\66e4c8.msp
+ 2011-09-15 18:26 . 2011-09-15 18:26 32752640 c:\windows\Installer\66e28a.msp
+ 2011-09-15 18:25 . 2011-09-15 18:25 14962688 c:\windows\Installer\66e27f.msp
+ 2011-09-15 17:34 . 2011-09-15 17:34 428804608 c:\windows\Installer\66e4b5.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-02-06 4617600]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-22 1725736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-02-07 12984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-22 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-01-17 491816]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{733563F1-00E8-4A8A-B10C-9DD9317FE984}: NameServer = 192.168.1.1
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(588)
c:\windows\system32\guard32.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\system32\conhost.exe
c:\windows\system32\Bubbles.scr
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-02-07 22:23:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-07 21:23
ComboFix2.txt 2012-02-07 14:03
.
Před spuštěním: Volných bajtů: 183 887 278 080
Po spuštění: Volných bajtů: 183 467 565 056
.
- - End Of File - - FBD379F6066B2FD10AD4977FB9AAAEA9

Co PC

vypadá to že to zabralo

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A je to

Chtěl bych se naučit číst logi a pomáhat ale nevím zda bych měl na to učení dost času

Pokud nemate cas, tak nema cenu neco zacinat - je to minimalne tak na 3 mesice kazdy den aspon 2-3 hodinky a pak samsozrejme aspon ten samy cas kazdy den na foru pomahat userum

Tak to ještě odložím.

děkuji za pomoc

Neni zac

VIRY.CZ

Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém

Re: Avast hlásí problém