VIRY.CZ

prosim o pomoc antivir AVG9 mi hlasil ze RPCNET.exe vytvaři soubory zapisuje do registru obnova po restartu vytvaří kody a nemam opravněni ani smazat nektere aktualizace win.update . Nejčastěji navštěvovane weby mam facebook.com/ajax/wallkit_get.php?_a=1. Předem děkuji za pomoc.VF1

Zdravim,

trochu zmatkovite popsano,ale budiz.

Nemuzeme vam pomoci,pokud nemame z ceho vychazet.Log z RSITu,jak je psano v uvodnich informacich,je kde?

Sorry nejsem žadnej přebornik přes PC a moc se v tom nevyznam ale ješte bych rad doplnil že na facebooku jsem nikdy nebyl a přesto je mym nejnavštěvovanějšim a cokoliv musim potvrdit jako spravce tak je neznamy vydavatel. Ten log mi nějak nejde vložit tak doufam že nevadí když ho skopčim sem do zpravy? Tady to je=Logfile of random's system information tool 1.07 (written by random/random)
Run by admin at 2010-07-01 12:06:21
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 85 GB (74%) free of 114 GB
Total RAM: 1788 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:06:43, on 1.7.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\ESET\ESET Smart Security\egui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\newdev.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\kontrola\Desktop\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\windows\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2922528737-1640953246-1812149701-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'kontrola')
O4 - S-1-5-21-2922528737-1640953246-1812149701-1002 Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (User 'kontrola')
O4 - S-1-5-21-2922528737-1640953246-1812149701-1002 User Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (User 'kontrola')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MI1933~1\Office14\ONBttnIE.dll/105
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.caminova.net/ja/downloads/ge ... px?lang=ja
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = My-connection
O17 - HKLM\Software\..\Telephony: DomainName = My-connection
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = My-connection
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\windows\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\windows\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

--
End of file - 6374 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{22F2F176-4208-4698-BD48-BF2DE6AB2724}.job
C:\Windows\tasks\User_Feed_Synchronization-{5D00925A-2F3A-4E19-B81F-37097E02A02B}.job
C:\Windows\tasks\User_Feed_Synchronization-{DE1CA336-A46E-466D-9D05-6A04A5E565B3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-14 98304]
"egui"=C:\windows\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"WPCUMI"=C:\Windows\system32\WpcUmi.exe [2006-11-02 176128]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-06-18 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Update Completion 0]
C:\Windows.old.000\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe -atboottime QuickTime Update Completion 0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f87b515-82fa-11df-9d0c-00030d000001}]
shell\AutoRun\command - E:\AutoRun.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-01 09:49:11 ----DC---- C:\Program Files\trend micro
2010-07-01 09:49:10 ----DC---- C:\rsit
2010-06-29 18:56:49 ----DC---- C:\Program Files\Hp
2010-06-29 18:54:10 ----D---- C:\Users\admin\AppData\Roaming\HpUpdate
2010-06-29 18:15:16 ----DC---- C:\Program Files\T-Mobile
2010-06-29 04:25:10 ----D---- C:\Users\admin\AppData\Roaming\PeaZip
2010-06-28 23:20:16 ----D---- C:\Users\admin\AppData\Roaming\ATI
2010-06-28 23:20:15 ----D---- C:\Users\admin\AppData\Roaming\ESET
2010-06-28 23:18:00 ----D---- C:\Users\admin\AppData\Roaming\Identities
2010-06-28 23:17:29 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2010-06-28 22:52:10 ----DC---- C:\index
2010-06-28 22:21:31 ----D---- C:\Windows\Profiles
2010-06-28 22:21:25 ----D---- C:\Windows\system32\Adobe
2010-06-28 22:21:07 ----A---- C:\Windows\IsUninst.exe
2010-06-28 15:27:24 ----DC---- C:\Program Files\Huawei technologies
2010-06-28 13:59:00 ----A---- C:\ProgramData\HPWALog.txt
2010-06-28 13:55:33 ----D---- C:\Windows\Minidump
2010-06-28 12:25:59 ----D---- C:\Program Files\Common Files\Adobe
2010-06-28 04:30:13 ----D---- C:\ProgramData\Google Updater
2010-06-28 02:59:28 ----DC---- C:\Program Files\Microsoft Silverlight
2010-06-28 01:39:36 ----DC---- C:\Program Files\Windows Collaboration
2010-06-28 00:51:33 ----D---- C:\Windows\ESET
2010-06-28 00:51:33 ----D---- C:\ProgramData\ESET
2010-06-27 21:58:30 ----DC---- C:\Program Files\LizardTech
2010-06-27 19:33:38 ----D---- C:\Windows\Cache
2010-06-27 19:31:16 ----DC---- C:\Program Files\Adobe
2010-06-27 12:43:59 ----DC---- C:\Program Files\DirectVobSub
2010-06-27 12:10:02 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-06-27 12:09:04 ----DC---- C:\NVIDIA
2010-06-27 05:13:07 ----DC---- C:\Program Files\Microsoft Office
2010-06-27 05:13:06 ----D---- C:\ProgramData\Microsoft Help
2010-06-27 05:12:27 ----RHDC---- C:\MSOCache
2010-06-27 04:46:44 ----D---- C:\ProgramData\page
2010-06-27 04:46:43 ----DC---- C:\Program Files\Ashampoo
2010-06-27 03:10:23 ----DC---- C:\Program Files\ATI
2010-06-27 02:33:28 ----DC---- C:\Program Files\Nero
2010-06-27 02:33:09 ----D---- C:\ProgramData\Nero
2010-06-27 02:33:08 ----D---- C:\Program Files\Common Files\Nero
2010-06-27 02:09:06 ----DC---- C:\Program Files\Circle Dock
2010-06-27 01:52:57 ----D---- C:\Windows\system32\EventProviders
2010-06-26 23:16:28 ----D---- C:\Windows\system32\WindowsPowerShell
2010-06-26 23:14:38 ----A---- C:\Windows\system32\winrsmgr.dll
2010-06-26 23:13:56 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-06-26 23:13:56 ----A---- C:\Windows\system32\winrshost.exe
2010-06-26 23:13:56 ----A---- C:\Windows\system32\winrs.exe
2010-06-26 23:13:53 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-06-26 23:13:53 ----A---- C:\Windows\system32\winrssrv.dll
2010-06-26 23:13:50 ----A---- C:\Windows\system32\WsmRes.dll
2010-06-26 23:13:50 ----A---- C:\Windows\system32\wevtfwd.dll
2010-06-26 23:13:50 ----A---- C:\Windows\system32\wecutil.exe
2010-06-26 23:13:50 ----A---- C:\Windows\system32\wecsvc.dll
2010-06-26 23:13:50 ----A---- C:\Windows\system32\wecapi.dll
2010-06-26 23:13:49 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-06-26 23:13:43 ----A---- C:\Windows\system32\winrm.vbs
2010-06-26 23:13:33 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-06-26 23:13:33 ----A---- C:\Windows\system32\WsmAuto.dll
2010-06-26 23:13:33 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-06-26 23:13:33 ----A---- C:\Windows\system32\winrscmd.dll
2010-06-26 23:13:32 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-26 23:13:32 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-06-26 15:58:59 ----A---- C:\Windows\system32\msasn1.dll
2010-06-26 13:03:05 ----A---- C:\Windows\ntbtlog.txt
2010-06-26 07:20:51 ----N---- C:\Windows\system32\MpSigStub.exe
2010-06-24 06:59:49 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-06-24 06:58:45 ----D---- C:\Program Files\Windows Live
2010-06-24 06:58:29 ----D---- C:\Windows\PCHEALTH
2010-06-24 06:33:03 ----D---- C:\Program Files\Common Files\Windows Live
2010-06-24 01:05:10 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 01:05:10 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 01:05:10 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 01:05:10 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 01:05:10 ----A---- C:\Windows\system32\dfshim.dll
2010-06-23 16:56:33 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-23 16:56:33 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-22 14:53:18 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-06-22 14:53:16 ----A---- C:\Windows\system32\mf.dll
2010-06-22 11:51:54 ----D---- C:\Program Files\Windows Portable Devices
2010-06-22 08:27:35 ----D---- C:\ProgramData\Adobe
2010-06-22 07:45:29 ----A---- C:\Windows\system32\UIAnimation.dll
2010-06-22 07:45:25 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-06-22 07:45:24 ----A---- C:\Windows\system32\UIRibbon.dll
2010-06-22 07:44:35 ----A---- C:\Windows\system32\WMPhoto.dll
2010-06-22 07:44:30 ----A---- C:\Windows\system32\cdd.dll
2010-06-22 07:44:25 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-06-22 07:44:25 ----A---- C:\Windows\system32\d3d10warp.dll
2010-06-22 07:44:24 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-06-22 07:44:24 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-06-22 07:44:24 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-06-22 07:44:24 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-06-22 07:44:24 ----A---- C:\Windows\system32\d2d1.dll
2010-06-22 07:44:23 ----A---- C:\Windows\system32\XpsPrint.dll
2010-06-22 07:44:23 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-06-22 07:44:23 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-06-22 07:44:23 ----A---- C:\Windows\system32\OpcServices.dll
2010-06-22 07:44:23 ----A---- C:\Windows\system32\dxdiagn.dll
2010-06-22 07:44:23 ----A---- C:\Windows\system32\dxdiag.exe
2010-06-22 07:44:22 ----A---- C:\Windows\system32\xpsservices.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\FntCache.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\dxgi.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\DWrite.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\d3d11.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\d3d10level9.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\d3d10core.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-06-22 07:44:22 ----A---- C:\Windows\system32\d3d10_1.dll
2010-06-22 07:44:21 ----A---- C:\Windows\system32\d3d10.dll
2010-06-22 07:43:34 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-06-22 07:43:33 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-06-22 07:43:33 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-06-22 07:43:23 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-06-22 07:43:18 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-06-22 07:43:18 ----A---- C:\Windows\system32\WpdConns.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\WPDSp.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\wpdshext.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\WpdMtp.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\wpd_ci.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-06-22 07:43:17 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-06-22 07:41:53 ----A---- C:\Windows\system32\oleaccrc.dll
2010-06-22 07:41:52 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-06-22 07:41:52 ----A---- C:\Windows\system32\oleacc.dll
2010-06-22 07:03:46 ----A---- C:\Windows\system32\netiohlp.dll
2010-06-22 07:03:44 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-06-22 07:03:44 ----A---- C:\Windows\system32\ARP.EXE
2010-06-22 07:03:43 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-06-22 07:03:43 ----A---- C:\Windows\system32\finger.exe
2010-06-22 07:03:42 ----A---- C:\Windows\system32\MRINFO.EXE
2010-06-22 07:03:42 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-06-22 07:03:41 ----A---- C:\Windows\system32\ROUTE.EXE
2010-06-22 07:03:40 ----A---- C:\Windows\system32\netevent.dll
2010-06-22 06:50:50 ----A---- C:\Windows\system32\httpapi.dll
2010-06-22 06:50:49 ----A---- C:\Windows\system32\nshhttp.dll
2010-06-22 06:45:34 ----A---- C:\Windows\system32\secproc_isv.dll
2010-06-22 06:45:21 ----A---- C:\Windows\system32\secproc.dll
2010-06-22 06:45:08 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-06-22 06:45:04 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-06-22 06:45:02 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-06-22 06:45:00 ----A---- C:\Windows\system32\RMActivate.exe
2010-06-22 06:44:59 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-06-22 06:44:59 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-06-22 06:44:58 ----A---- C:\Windows\system32\msdrm.dll
2010-06-22 06:44:39 ----A---- C:\Windows\system32\mshtml.dll
2010-06-22 06:44:38 ----A---- C:\Windows\system32\ieframe.dll
2010-06-22 06:44:37 ----A---- C:\Windows\system32\iertutil.dll
2010-06-22 06:44:36 ----A---- C:\Windows\system32\wininet.dll
2010-06-22 06:44:36 ----A---- C:\Windows\system32\urlmon.dll
2010-06-22 06:44:35 ----A---- C:\Windows\system32\occache.dll
2010-06-22 06:44:35 ----A---- C:\Windows\system32\mstime.dll
2010-06-22 06:44:35 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-22 06:44:35 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-22 06:44:34 ----A---- C:\Windows\system32\ieui.dll
2010-06-22 06:44:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-22 06:44:33 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-22 06:44:33 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-22 06:44:33 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-22 06:44:33 ----A---- C:\Windows\system32\iepeers.dll
2010-06-22 06:44:33 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-22 06:44:32 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-22 06:44:32 ----A---- C:\Windows\system32\iesetup.dll
2010-06-22 06:44:32 ----A---- C:\Windows\system32\iernonce.dll
2010-06-22 06:36:29 ----A---- C:\Windows\system32\gameux.dll
2010-06-22 06:23:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-06-22 00:04:40 ----A---- C:\Windows\system32\winhttp.dll
2010-06-22 00:01:33 ----A---- C:\Windows\system32\wlansec.dll
2010-06-22 00:01:33 ----A---- C:\Windows\system32\wlanmsm.dll
2010-06-22 00:01:33 ----A---- C:\Windows\system32\L2SecHC.dll
2010-06-22 00:01:32 ----A---- C:\Windows\system32\wlansvc.dll
2010-06-22 00:01:32 ----A---- C:\Windows\system32\wlanapi.dll
2010-06-21 23:56:50 ----A---- C:\Windows\system32\msxml6.dll
2010-06-21 23:56:49 ----A---- C:\Windows\system32\msxml3.dll
2010-06-21 23:53:43 ----A---- C:\Windows\system32\t2embed.dll
2010-06-21 18:45:58 ----N---- C:\Windows\system32\rpcnet.exe
2010-06-21 18:45:58 ----A---- C:\Windows\system32\rpcnet.dll
2010-06-21 17:48:08 ----A---- C:\Windows\system32\rpcnetp.dll
2010-06-21 14:30:18 ----A---- C:\Windows\system32\kerberos.dll
2010-06-21 14:30:17 ----A---- C:\Windows\system32\schannel.dll
2010-06-21 14:05:17 ----A---- C:\Windows\system32\wmp.dll
2010-06-21 14:05:15 ----A---- C:\Windows\system32\unregmp2.exe
2010-06-21 14:05:11 ----A---- C:\Windows\system32\wmploc.DLL
2010-06-20 10:42:28 ----D---- C:\Windows\Panther
2010-06-20 10:42:03 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\Oemdspif.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atiumdva.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atiumdag.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atitmmxx.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atipdlxx.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atioglxx.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atimuixx.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atimpc32.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atiesrxx.exe
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atieclxx.exe
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atidxx32.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\ATIDEMGX.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\aticalrt.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\aticaldd.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\aticalcl.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atibtmon.exe
2010-06-20 10:41:44 ----A---- C:\Windows\system32\atiadlxx.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\ati2edxx.dll
2010-06-20 10:41:44 ----A---- C:\Windows\system32\amdpcom32.dll
2010-06-20 10:41:41 ----A---- C:\Windows\system32\bcmwlcoi.dll
2010-06-20 10:41:38 ----A---- C:\Windows\system32\yk60x86.dll
2010-06-20 10:03:37 ----A---- C:\Windows\system32\rpcnetp.exe
2010-06-20 08:05:59 ----A---- C:\Windows\system32\localspl.dll
2010-06-20 08:04:58 ----A---- C:\Windows\system32\mstscax.dll
2010-06-20 05:13:55 ----A---- C:\Windows\system32\jscript.dll
2010-06-20 05:13:37 ----A---- C:\Windows\system32\msv1_0.dll
2010-06-20 05:13:36 ----A---- C:\Windows\system32\wdigest.dll
2010-06-20 05:13:35 ----A---- C:\Windows\system32\lsasrv.dll
2010-06-20 05:13:32 ----A---- C:\Windows\system32\secur32.dll
2010-06-20 05:13:32 ----A---- C:\Windows\system32\lsass.exe
2010-06-20 05:12:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-06-20 05:12:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-06-20 05:10:52 ----A---- C:\Windows\system32\wmpdxm.dll
2010-06-20 05:10:47 ----A---- C:\Windows\system32\dxmasf.dll
2010-06-20 05:10:44 ----A---- C:\Windows\system32\spwmp.dll
2010-06-20 05:09:40 ----A---- C:\Windows\system32\vbscript.dll
2010-06-20 05:05:33 ----A---- C:\Windows\system32\inetcomm.dll
2010-06-20 05:02:31 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-20 05:00:47 ----A---- C:\Windows\system32\rastls.dll
2010-06-20 05:00:27 ----A---- C:\Windows\system32\tzres.dll
2010-06-20 04:58:51 ----A---- C:\Windows\system32\WSDApi.dll
2010-06-20 04:56:06 ----A---- C:\Windows\system32\wkssvc.dll
2010-06-20 04:50:13 ----A---- C:\Windows\system32\quartz.dll
2010-06-20 04:50:11 ----A---- C:\Windows\system32\tsbyuv.dll
2010-06-20 04:50:11 ----A---- C:\Windows\system32\msvidc32.dll
2010-06-20 04:50:10 ----A---- C:\Windows\system32\msrle32.dll
2010-06-20 04:50:08 ----A---- C:\Windows\system32\msyuv.dll
2010-06-20 04:50:07 ----A---- C:\Windows\system32\iyuv_32.dll
2010-06-20 04:50:05 ----A---- C:\Windows\system32\avifil32.dll
2010-06-20 04:50:04 ----A---- C:\Windows\system32\mciavi32.dll
2010-06-20 04:50:02 ----A---- C:\Windows\system32\msvfw32.dll
2010-06-20 04:46:56 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-06-20 04:07:24 ----A---- C:\Windows\system32\browserchoice.exe
2010-06-20 04:05:34 ----A---- C:\Windows\system32\rpcrt4.dll
2010-06-20 04:05:30 ----A---- C:\Windows\system32\fontsub.dll
2010-06-20 04:05:30 ----A---- C:\Windows\system32\atmfd.dll
2010-06-20 04:05:29 ----A---- C:\Windows\system32\lpk.dll
2010-06-20 04:05:29 ----A---- C:\Windows\system32\dciman32.dll
2010-06-20 04:05:29 ----A---- C:\Windows\system32\atmlib.dll
2010-06-20 04:05:25 ----A---- C:\Windows\system32\atl.dll
2010-06-20 03:53:16 ----A---- C:\Windows\system32\wintrust.dll
2010-06-20 03:53:09 ----A---- C:\Windows\system32\cabview.dll
2010-06-20 03:16:25 ----A---- C:\Windows\system32\wups2.dll
2010-06-20 03:16:25 ----A---- C:\Windows\system32\wuauclt.exe
2010-06-20 03:16:24 ----A---- C:\Windows\system32\wucltux.dll
2010-06-20 03:16:24 ----A---- C:\Windows\system32\wuaueng.dll
2010-06-20 03:15:54 ----A---- C:\Windows\system32\wups.dll
2010-06-20 03:15:54 ----A---- C:\Windows\system32\wudriver.dll
2010-06-20 03:15:54 ----A---- C:\Windows\system32\wuapi.dll
2010-06-20 03:15:25 ----A---- C:\Windows\system32\wuwebv.dll
2010-06-20 03:15:25 ----A---- C:\Windows\system32\wuapp.exe
2010-06-20 01:28:57 ----SHD---- C:\ProgramData\Šablony
2010-06-20 01:28:57 ----SHD---- C:\ProgramData\Plocha
2010-06-20 01:28:57 ----SHD---- C:\ProgramData\Oblíbené položky
2010-06-20 01:28:57 ----SHD---- C:\ProgramData\Nabídka Start
2010-06-20 01:28:57 ----SHD---- C:\ProgramData\Dokumenty
2010-06-20 01:28:57 ----SHD---- C:\ProgramData\Data aplikací
2010-06-20 01:28:05 ----D---- C:\Windows\Debug
2010-06-20 00:54:47 ----D---- C:\Program Files\Synaptics
2010-06-19 15:45:14 ----D---- C:\Windows\SoftwareDistribution
2010-06-19 14:48:28 ----D---- C:\ProgramData\Hewlett-Packard
2010-06-19 14:42:56 ----D---- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
2010-06-19 13:04:00 ----A---- C:\Windows\system32\BtwRSupport.dll
2010-06-19 12:56:18 ----D---- C:\Windows\Hewlett-Packard
2010-06-19 12:45:01 ----D---- C:\Windows\Options
2010-06-19 01:21:53 ----D---- C:\Windows\system32\Macromed
2010-06-18 21:18:12 ----D---- C:\ProgramData\WinZip
2010-06-18 19:55:22 ----D---- C:\ProgramData\WindowsSearch
2010-06-18 14:51:18 ----D---- C:\Program Files\QuickTime
2010-06-18 14:36:49 ----D---- C:\ProgramData\Bluetooth
2010-06-18 14:14:01 ----D---- C:\Program Files\Google
2010-06-18 14:13:36 ----D---- C:\ProgramData\Google
2010-06-18 13:38:23 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-06-18 13:38:01 ----D---- C:\Program Files\SUPERAntiSpyware
2010-06-18 13:19:44 ----D---- C:\ProgramData\ATI
2010-06-18 13:06:31 ----A---- C:\Windows\system32\BCMLogon.dll
2010-06-18 13:06:13 ----D---- C:\Windows\system32\vs08
2010-06-18 13:06:13 ----A---- C:\Windows\system32\vcredist_x86.bat
2010-06-18 13:06:12 ----A---- C:\Windows\system32\vcredist_x86.exe
2010-06-18 13:03:43 ----D---- C:\Windows\Downloaded Installations
2010-06-18 13:01:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-18 13:01:13 ----D---- C:\Program Files\Hewlett-Packard
2010-06-18 12:41:26 ----D---- C:\ProgramData\AVG Security Toolbar
2010-06-18 12:32:34 ----D---- C:\Program Files\ATI Technologies
2010-06-18 12:24:19 ----D---- C:\ProgramData\Vodafone
2010-06-18 12:22:47 ----SHD---- C:\Windows\Installer
2010-06-15 16:53:34 ----A---- C:\Windows\system32\HPMDPCoInst10.dll
2010-06-10 05:56:16 ----SHDC---- C:\Config.Msi
2010-06-02 15:02:29 ----DC---- C:\Temp

======List of files/folders modified in the last 1 months======

2010-07-01 12:06:43 ----D---- C:\Windows\Temp
2010-07-01 09:49:11 ----DC---- C:\Program Files
2010-07-01 09:37:02 ----D---- C:\Windows\inf
2010-07-01 09:35:15 ----D---- C:\Windows\tracing
2010-07-01 08:56:02 ----D---- C:\Windows\Prefetch
2010-07-01 07:44:43 ----DC---- C:\inetpub
2010-07-01 07:40:44 ----RD---- C:\Users
2010-07-01 07:23:59 ----D---- C:\Windows\System32
2010-07-01 07:22:06 ----D---- C:\Windows
2010-07-01 07:19:31 ----D---- C:\Windows\winsxs
2010-07-01 07:19:29 ----RSD---- C:\Windows\assembly
2010-07-01 07:16:37 ----D---- C:\Windows\Tasks
2010-07-01 05:45:43 ----D---- C:\Program Files\Internet Explorer
2010-07-01 05:14:04 ----SHD---- C:\System Volume Information
2010-07-01 04:50:30 ----SD---- C:\ProgramData\Microsoft
2010-07-01 04:32:02 ----D---- C:\Windows\Microsoft.NET
2010-07-01 04:30:41 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-01 04:30:13 ----RSD---- C:\Windows\Fonts
2010-07-01 04:29:42 ----D---- C:\Program Files\Common Files
2010-07-01 04:29:38 ----D---- C:\Windows\system32\wbem
2010-07-01 04:26:32 ----D---- C:\Program Files\Common Files\System
2010-07-01 04:26:30 ----A---- C:\Windows\win.ini
2010-07-01 04:21:17 ----D---- C:\Windows\system32\catroot2
2010-07-01 04:07:37 ----HD---- C:\ProgramData
2010-07-01 03:57:05 ----D---- C:\Windows\system32\catroot
2010-07-01 03:57:01 ----D---- C:\Windows\system32\drivers
2010-07-01 03:53:20 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-01 03:46:39 ----D---- C:\Windows\system32\spool
2010-07-01 01:11:15 ----D---- C:\Windows\system32\Tasks
2010-06-30 21:53:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-30 01:02:37 ----D---- C:\Windows\ModemLogs
2010-06-29 19:00:35 ----SD---- C:\Windows\Downloaded Program Files
2010-06-29 07:28:13 ----SHDC---- C:\$Recycle.Bin
2010-06-28 23:13:13 ----HD---- C:\Windows\system32\GroupPolicyUsers
2010-06-28 23:07:06 ----HD---- C:\Windows\system32\GroupPolicy
2010-06-28 13:24:13 ----DC---- C:\SWSetup
2010-06-28 01:58:20 ----D---- C:\Windows\rescache
2010-06-28 01:43:20 ----D---- C:\Windows\system32\inetsrv
2010-06-28 01:39:42 ----D---- C:\Windows\system32\cs-CZ
2010-06-27 02:58:00 ----D---- C:\Windows\twain_32
2010-06-27 01:58:21 ----D---- C:\Windows\system32\CodeIntegrity
2010-06-26 23:16:29 ----D---- C:\Windows\PolicyDefinitions
2010-06-26 17:06:36 ----D---- C:\Windows\system32\zh-TW
2010-06-26 17:06:36 ----D---- C:\Windows\system32\zh-CN
2010-06-26 17:06:36 ----D---- C:\Windows\system32\sv-SE
2010-06-26 17:06:36 ----D---- C:\Windows\system32\ru-RU
2010-06-26 17:06:36 ----D---- C:\Windows\system32\pt-BR
2010-06-26 17:06:36 ----D---- C:\Windows\system32\pl-PL
2010-06-26 17:06:36 ----D---- C:\Windows\system32\nl-NL
2010-06-26 17:06:36 ----D---- C:\Windows\system32\nb-NO
2010-06-26 17:06:36 ----D---- C:\Windows\system32\ko-KR
2010-06-26 17:06:36 ----D---- C:\Windows\system32\ja-JP
2010-06-26 17:06:36 ----D---- C:\Windows\system32\it-IT
2010-06-26 17:06:36 ----D---- C:\Windows\system32\fr-FR
2010-06-26 17:06:35 ----D---- C:\Windows\system32\fi-FI
2010-06-26 17:06:35 ----D---- C:\Windows\system32\es-ES
2010-06-26 17:06:35 ----D---- C:\Windows\system32\en-US
2010-06-26 17:06:35 ----D---- C:\Windows\system32\de-DE
2010-06-26 17:06:35 ----D---- C:\Windows\system32\da-DK
2010-06-26 15:16:54 ----DC---- C:\PerfLogs
2010-06-26 07:10:13 ----D---- C:\Windows\system32\WDI
2010-06-26 05:50:35 ----D---- C:\Windows\system32\migration
2010-06-26 04:57:02 ----D---- C:\Windows\system32\zh-HK
2010-06-26 04:57:02 ----D---- C:\Windows\system32\tr-TR
2010-06-26 04:57:02 ----D---- C:\Windows\system32\th-TH
2010-06-26 04:57:02 ----D---- C:\Windows\system32\sl-SI
2010-06-26 04:57:02 ----D---- C:\Windows\system32\sk-SK
2010-06-26 04:57:02 ----D---- C:\Windows\system32\ro-RO
2010-06-26 04:57:02 ----D---- C:\Windows\system32\pt-PT
2010-06-26 04:57:02 ----D---- C:\Windows\system32\lv-LV
2010-06-26 04:57:02 ----D---- C:\Windows\system32\lt-LT
2010-06-26 04:57:02 ----D---- C:\Windows\system32\hu-HU
2010-06-26 04:57:02 ----D---- C:\Windows\system32\hr-HR
2010-06-26 04:57:02 ----D---- C:\Windows\system32\he-IL
2010-06-26 04:57:02 ----D---- C:\Windows\system32\et-EE
2010-06-26 04:57:02 ----D---- C:\Windows\system32\el-GR
2010-06-26 04:57:02 ----D---- C:\Windows\system32\bg-BG
2010-06-26 04:57:02 ----D---- C:\Windows\system32\ar-SA
2010-06-26 04:57:02 ----D---- C:\Windows\Help
2010-06-24 01:17:57 ----D---- C:\Windows\AppPatch
2010-06-22 11:51:50 ----D---- C:\Windows\system32\uk-UA
2010-06-22 11:51:50 ----D---- C:\Windows\system32\sr-Latn-CS
2010-06-22 11:51:46 ----D---- C:\Program Files\Windows Mail
2010-06-21 17:44:43 ----D---- C:\Windows\system32\en
2010-06-21 14:08:45 ----D---- C:\Program Files\Windows Media Player
2010-06-20 10:42:13 ----RASC---- C:\BOOTSECT.BAK
2010-06-20 10:42:10 ----SHDC---- C:\Boot
2010-06-20 10:41:17 ----D---- C:\Windows\system32\config
2010-06-20 10:00:58 ----D---- C:\Program Files\Movie Maker
2010-06-20 03:51:25 ----D---- C:\Windows\Logs
2010-06-20 02:16:40 ----D---- C:\Windows\system32\restore
2010-06-20 01:28:57 ----D---- C:\Program Files\Windows NT
2010-06-20 01:15:53 ----D---- C:\Windows\Registration
2010-06-20 01:09:16 ----D---- C:\Windows\system32\Msdtc
2010-06-20 01:04:41 ----D---- C:\Windows\system32\NDF
2010-06-20 00:57:37 ----D---- C:\Windows\system32\sysprep
2010-06-15 16:53:24 ----A---- C:\Windows\system32\hpservice.exe
2010-06-15 16:53:18 ----A---- C:\Windows\system32\accelerometerdll.DLL

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-06-15 33848]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-15 5068800]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 UMPass;Ovladač Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2009-06-04 312832]
S1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-06-18 24856]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 esihdrv;esihdrv; \??\C:\Users\VF1\AppData\Local\Temp\esihdrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2010-03-12 81920]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-15 172032]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\windows\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-10-15 120832]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-06-15 26168]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2010-06-21 57752]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 EhttpSrv;ESET HTTP Server; C:\windows\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------

Statistiku nejcasteji navstevovanych webu jste vzal kde?

Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

Pokud RPCNet nepouzivate - odinstalujte jej.

CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!

Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.

Budte prihlasen na pc s administratorskymi pravy.

stahnete a ulozte nejlepe na plochu ComboFix

v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.

hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:



pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120



odklepnout OK

Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

sorry za zdrženi ale ccleaner už trvá přes dvě hodky a pořad ještě hodina a pul zbyva. Je to normalní??? Zapl jsem si rodičovskou kontrolu a z te jsem vyčetl různé statistiky včetně navštěvovanych webu. jestli by to nějak pomohlo mužu to zkusit zkopírovat a poslat vam to. ? VF1

Tady aspon vidite,v jakem stavu to pc je.

Nechte probehnout vsechny procedury,jak jsem psal a ja se pak na to podivam.

A spolecne to pak dame do pucu.

Statistiky posilat netreba.(pokud mate deti,tak je jasne,odkud vitr vane s tim facebookem...)

zde je log z combofix= ComboFix 10-06-30.03 - admin 02.07.2010 14:32:23.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1788.996 [GMT 2:00]
Spuštěný z: c:\users\admin\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\admin\Documents\cc_20100701_200316.reg
c:\users\admin\Documents\cc_20100702_022012.reg
c:\windows\system32\drivers\npf.sys
c:\windows\system32\oem12.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-02 do 2010-07-02 )))))))))))))))))))))))))))))))
.

2010-07-02 12:36 . 2010-07-02 12:37 -------- d-----w- c:\users\admin\AppData\Local\temp
2010-07-02 12:36 . 2010-07-02 12:36 -------- d-----w- c:\users\VF1\AppData\Local\temp
2010-07-02 12:36 . 2010-07-02 12:36 -------- d-----w- c:\users\kontrola\AppData\Local\temp
2010-07-02 12:36 . 2010-07-02 12:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-02 10:38 . 2010-07-02 10:38 17920 ----a-w- c:\windows\system32\rpcnetp.dll
2010-07-02 10:38 . 2010-07-02 11:00 17920 ----a-w- c:\windows\system32\rpcnetp.exe
2010-07-01 20:28 . 2010-07-01 20:29 3396176 ----a-w- c:\users\kontrola\ccsetup233.exe
2010-07-01 17:49 . 2010-07-01 20:29 -------- dc----w- c:\program files\CCleaner
2010-07-01 16:23 . 2010-07-01 16:23 -------- d-----w- c:\users\VF1\AppData\Roaming\ATI
2010-07-01 16:23 . 2010-07-01 16:23 -------- d-----w- c:\users\VF1\AppData\Local\VirtualStore
2010-07-01 07:49 . 2010-07-01 10:06 -------- dc----w- c:\program files\trend micro
2010-07-01 07:49 . 2010-07-01 10:07 -------- dc----w- C:\rsit
2010-07-01 06:54 . 2010-07-01 06:54 -------- d-----w- c:\users\VF1\AppData\Local\ATI
2010-07-01 05:39 . 2010-07-01 05:39 98808 ----a-w- c:\users\VF1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-01 05:25 . 2010-07-01 05:25 -------- d-----w- c:\users\VF1\AppData\Local\ESET
2010-06-30 19:46 . 2010-06-30 19:55 -------- d-----w- c:\users\kontrola\AppData\Roaming\HpUpdate
2010-06-29 16:56 . 2010-06-29 16:56 -------- dc----w- c:\program files\Hp
2010-06-29 16:54 . 2010-06-29 17:54 -------- d-----w- c:\users\admin\AppData\Roaming\HpUpdate
2010-06-29 16:15 . 2010-06-29 16:15 -------- dc----w- c:\program files\T-Mobile
2010-06-29 16:12 . 2010-06-29 16:13 -------- d-----w- c:\users\admin\{72b0bcd6-7aac-41f2-9382-2f7727015cd8}
2010-06-29 14:17 . 2010-06-29 14:17 -------- d-----w- c:\users\kontrola\AppData\Local\Adobe
2010-06-29 13:05 . 2010-06-29 13:11 -------- d-----w- c:\users\kontrola\AppData\Roaming\PeaZip
2010-06-29 12:58 . 2010-06-29 12:59 -------- d-----w- c:\users\admin\{ec6822a1-ebd3-4e52-b7e8-399bc8557831}
2010-06-29 05:28 . 2010-06-29 05:28 -------- d-----w- c:\users\kontrola\AppData\Local\ESET
2010-06-29 05:28 . 2010-06-29 05:28 -------- d-----w- c:\users\kontrola\AppData\Roaming\ATI
2010-06-29 05:28 . 2010-06-29 05:28 -------- d-----w- c:\users\kontrola\AppData\Local\ATI
2010-06-29 05:28 . 2010-07-01 06:43 98808 ----a-w- c:\users\kontrola\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-29 03:23 . 2010-06-29 03:24 -------- d-----w- c:\users\admin\{5d4a8b37-e22f-42fd-b133-ad411f1fdf0b}
2010-06-29 02:25 . 2010-06-29 02:30 -------- d-----w- c:\users\admin\AppData\Roaming\PeaZip
2010-06-29 02:22 . 2010-06-29 02:23 -------- d-----w- c:\users\admin\{0faa445e-ce28-4ed7-b206-7af3325fa7f6}
2010-06-29 02:21 . 2006-06-20 08:49 0 ----a-w- c:\users\admin\EW600APICfg.dat
2010-06-29 02:21 . 2010-07-01 01:55 -------- d-----w- c:\users\admin\Drivers
2010-06-29 02:21 . 2010-07-01 01:55 -------- d-----w- c:\users\admin\Data
2010-06-29 00:46 . 2010-06-29 00:46 -------- d-----w- c:\users\admin\AppData\Local\Microsoft Help
2010-06-28 21:20 . 2010-06-28 21:20 -------- d-----w- c:\users\admin\AppData\Roaming\ATI
2010-06-28 21:20 . 2010-06-28 21:20 -------- d-----w- c:\users\admin\AppData\Local\ATI
2010-06-28 21:20 . 2010-06-28 21:20 -------- d-----w- c:\users\admin\AppData\Local\ESET
2010-06-28 21:19 . 2010-07-01 16:20 98808 ----a-w- c:\users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-28 20:52 . 2010-06-28 21:16 -------- dc----w- C:\index
2010-06-28 20:21 . 2010-06-28 20:21 -------- d-----w- c:\windows\Profiles
2010-06-28 20:21 . 2010-06-28 20:21 -------- d-----w- c:\windows\system32\Adobe
2010-06-28 20:21 . 1998-10-29 12:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-06-28 13:27 . 2010-06-28 13:27 -------- dc----w- c:\program files\Huawei technologies
2010-06-28 10:25 . 2010-07-01 01:38 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-28 02:30 . 2010-06-28 02:30 -------- d-----w- c:\programdata\Google Updater
2010-06-28 00:59 . 2010-07-01 01:49 -------- dc----w- c:\program files\Microsoft Silverlight
2010-06-27 23:39 . 2010-06-27 23:39 -------- dc----w- c:\program files\Windows Collaboration
2010-06-27 19:58 . 2010-07-01 01:53 -------- dc----w- c:\program files\LizardTech
2010-06-27 17:33 . 2010-06-27 17:33 -------- d-----w- c:\windows\Cache
2010-06-27 10:43 . 2010-07-01 01:51 -------- dc----w- c:\program files\DirectVobSub
2010-06-27 10:10 . 2009-06-04 14:39 457248 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-27 10:09 . 2010-06-27 10:09 -------- dc----w- C:\NVIDIA
2010-06-27 03:13 . 2010-07-01 02:31 -------- d-----w- c:\programdata\Microsoft Help
2010-06-27 03:12 . 2010-06-27 03:12 -------- dc----r- C:\MSOCache
2010-06-27 02:46 . 2010-06-27 02:46 -------- d-----w- c:\programdata\page
2010-06-27 02:46 . 2010-06-27 02:46 -------- dc----w- c:\program files\Ashampoo
2010-06-27 01:10 . 2010-06-27 01:10 -------- dc----w- c:\program files\ATI
2010-06-27 00:33 . 2010-06-27 00:34 -------- dc----w- c:\program files\Nero
2010-06-27 00:33 . 2010-06-27 00:33 -------- d-----w- c:\programdata\Nero
2010-06-27 00:33 . 2010-06-27 00:34 -------- d-----w- c:\program files\Common Files\Nero
2010-06-27 00:09 . 2010-06-27 00:09 -------- dc----w- c:\program files\Circle Dock
2010-06-26 23:52 . 2010-06-26 23:52 -------- d-----w- c:\windows\system32\EventProviders
2010-06-26 21:36 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-06-26 21:36 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-06-26 21:14 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-06-26 13:58 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-06-26 13:29 . 2010-06-26 13:29 -------- d-----w- c:\windows\system32\drivers\x86
2010-06-26 05:56 . 2007-07-05 12:30 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm (2).sys
2010-06-26 05:56 . 2006-09-16 12:26 23424 ----a-w- c:\windows\system32\drivers\ewdcsc (2).sys
2010-06-26 05:20 . 2010-05-21 12:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-06-24 04:59 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-06-24 04:58 . 2010-06-26 23:01 -------- d-----w- c:\program files\Windows Live
2010-06-24 04:58 . 2010-06-24 04:58 -------- d-----w- c:\windows\PCHEALTH
2010-06-24 04:33 . 2010-06-24 04:33 -------- d-----w- c:\program files\Common Files\Windows Live
2010-06-23 23:05 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 23:05 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 23:05 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 23:05 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 23:05 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 14:56 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-23 14:56 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-22 12:53 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2010-06-22 09:51 . 2010-06-22 09:51 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-22 05:45 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-06-22 05:45 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-06-22 05:45 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-06-22 05:43 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-22 05:41 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-06-22 05:41 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-06-22 05:41 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-06-22 05:03 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-06-22 05:03 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-06-22 05:03 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-06-22 05:03 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-06-22 05:03 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe
2010-06-22 05:03 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-06-22 05:03 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-06-22 05:03 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-06-22 05:03 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll
2010-06-22 04:50 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-06-22 04:50 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-06-22 04:50 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-06-22 04:45 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-06-22 04:45 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-06-22 04:45 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-06-22 04:45 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-06-22 04:45 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-06-22 04:45 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-06-22 04:36 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-06-22 04:33 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 04:23 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-22 04:23 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-06-22 04:23 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-06-22 04:23 . 2009-12-08 17:26 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-06-21 22:04 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-06-21 22:01 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-06-21 22:01 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-06-21 22:01 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-06-21 22:01 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-06-21 22:01 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-06-21 21:56 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-06-21 21:56 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-06-21 21:53 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-06-21 16:45 . 2010-07-02 10:59 57752 ----a-w- c:\windows\system32\rpcnet.dll
2010-06-21 16:45 . 2010-06-21 16:43 57752 ------w- c:\windows\system32\rpcnet.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-01 01:53 . 2010-04-01 12:49 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-30 19:53 . 2009-06-21 07:53 623194 ----a-w- c:\windows\system32\perfh005.dat
2010-06-30 19:53 . 2009-06-21 07:53 136124 ----a-w- c:\windows\system32\perfc005.dat
2010-06-28 11:03 . 2010-06-28 11:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-06-26 21:40 . 2010-06-26 21:40 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-06-22 09:51 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-22 09:51 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-06-22 09:47 . 2010-06-22 09:47 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-06-19 23:28 . 2010-06-19 23:28 -------- d-sh--we c:\programdata\Plocha
2010-06-19 23:28 . 2010-06-19 23:28 -------- d-sh--we c:\programdata\Oblíbené položky
2010-06-19 23:28 . 2010-06-19 23:28 -------- d-sh--we c:\programdata\Šablony
2010-06-19 23:28 . 2010-06-19 23:28 -------- d-sh--we c:\programdata\Nabídka Start
2010-06-19 23:28 . 2010-06-19 23:28 -------- d-sh--we c:\programdata\Dokumenty
2010-06-19 23:28 . 2010-06-19 23:28 -------- d-sh--we c:\programdata\Data aplikací
2010-06-19 22:58 . 2010-06-19 22:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-19 22:54 . 2010-06-19 22:54 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2010-06-19 09:32 . 2010-06-19 09:32 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WUDFUsbccidDriver_01_07_00.Wdf
2010-06-18 20:17 . 2010-06-20 08:41 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2010-06-18 11:05 . 2010-06-20 08:41 91376 ----a-w- c:\windows\system32\bcmwlcoi.dll
2010-06-15 14:53 . 2009-07-08 11:48 25656 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2010-06-15 14:53 . 2009-07-08 11:48 26168 ----a-w- c:\windows\system32\hpservice.exe
2010-06-15 14:53 . 2009-07-08 11:48 15416 ----a-w- c:\windows\system32\accelerometerdll.DLL
2010-05-27 20:31 . 2010-05-27 20:31 165160 ----a-w- c:\windows\system32\SET4917.tmp
2010-05-27 20:31 . 2010-05-27 20:31 173352 ----a-w- c:\windows\system32\SET4D8B.tmp
2010-05-04 05:59 . 2010-06-22 04:44 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-22 04:44 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-22 04:44 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-22 04:44 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-04-16 16:43 . 2010-06-23 14:56 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-23 14:56 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-23 14:56 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-23 14:56 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-06-18 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):99,eb,94,9f,a9,ba,c9,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2922528737-1640953246-1812149701-1000]
"EnableNotificationsRef"=dword:00000001

R1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-06-18 24856]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 esihdrv;esihdrv;c:\users\VF1\AppData\Local\Temp\esihdrv.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-15 172032]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-06-15 26168]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - AVGIDSDrivervtx
*Deregistered* - AVGIDSFiltervtx
*Deregistered* - AVGIDSShimvtx
*Deregistered* - AvgRkx86
*Deregistered* - AvgTdiX
*Deregistered* - dlkmdldr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
rsmsvcs REG_MULTI_SZ ntmssvc
.
Obsah adresáře 'Naplánované úlohy'

2010-07-02 c:\windows\Tasks\User_Feed_Synchronization-{22F2F176-4208-4698-BD48-BF2DE6AB2724}.job
- c:\windows\system32\msfeedssync.exe [2010-06-22 04:30]

2010-07-02 c:\windows\Tasks\User_Feed_Synchronization-{5D00925A-2F3A-4E19-B81F-37097E02A02B}.job
- c:\windows\system32\msfeedssync.exe [2010-06-22 04:30]

2010-07-02 c:\windows\Tasks\User_Feed_Synchronization-{DE1CA336-A46E-466D-9D05-6A04A5E565B3}.job
- c:\windows\system32\msfeedssync.exe [2010-06-22 04:30]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: viry.cz\www
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-MobileConnect - c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
MSConfigStartUp-QuickTime Update Completion 0 - c:\windows.old.000\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe
MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-02 14:37
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-07-02 14:39:39
ComboFix-quarantined-files.txt 2010-07-02 12:39

Před spuštěním: Volných bajtů: 89 788 133 376
Po spuštění: Volných bajtů: 89 561 137 152

- - End Of File - - 236C58D94A0B44B75C91503D4810E14C

Stahnete si OTM , spustte (pokud mate vistu spuste run as administrator) a
do leveho policka se zlutym hornim okrajem Paste Instructions for Items to be Moved zkopirujte toto:

Kliknete na MoveIt, v okne se zelenym hornim okrajem Results se objevi vysledek,obsah okna zkopirujte sem. Kdyby OTMoveIt vyzadoval restart - povolit. Nasledujici log najdete v C:\_OTMoveIt\MovedFiles\xxxxx.log (x je zastupny znak) ktery otevrete v poznamkovem bloku.

zde to je==All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\windows\system32\SET4917.tmp moved successfully.
c:\windows\system32\SET4D8B.tmp moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 51636 bytes
->Temporary Internet Files folder emptied: 2137481 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: kontrola
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 82566385 bytes
->Flash cache emptied: 456 bytes

User: VF1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3991928 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 85,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.12.2 log created on 07022010_213851

Files moved on Reboot...
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PU4F8HM8\afr[1].htm moved successfully.
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PU4F8HM8\viewtopic[1].htm moved successfully.
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

Jak se chova pc nyni?

Zdravím, zatim to vypada ze je vše OK. Jen bych se chtěl ješte zeptat jestli je normalní, že stále ještě nemam dostatečná práva ke zrušení sdílení souborů a nějaké tiskárny v síti??? Když už se mi nejak podaří zrušit nebo smazat sdílení plochy atd... tak se to tam zase nekde objeví.Zatím ale Díky moc příteli

Pokud je na vasem pc jediny ucet s admin pravy (vyjma administratora),tak v nem to musi jit.

Potom to jedine zkusit zmenit v Nouzovem rezimu jako Administrator.

Jeste docistime po procesu odvirovani:

Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,

pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho.

Stahnete OTC

spustte a klepnete na CleanUp.



Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.

A nemate samozrejme zac.

Zdravím, tak jsem si myslel že už je vše OK ale zjistil jsem, že windows update nefunguje hlasí kod-800B0110 a na strankách microsoft jsem takovou chybu vubec nenašel. Dale jsem si všiml že jakekoliv https stranky neotevřu a diagnostika žadny problém nezjistí a taky mi občas AVG tray icona zahlasi chybnou souběžnost a vypne se celý AVG a nejde spustit dokud nerestartuji PC.

Je poskozena instalace antiviru AVG.

Odinstalujte jej,vycistete registry Ccleanerem a znovu po restartu nainstalujte.

Https stranky jste zkousel otevrit v IE,Firefoxu i Opere?(Chrome...)

Otevrete si poznamkovy blok a do nej zkopirujte nasledujici text:
Ulozte jej jako soubor Fix.bat,spustte a restartujte pc.

Pote zkuste navstivit stranku Windows Update jestli budou aktualizace fungovat.

tak jsem to udělal a už mi nejdou ani zapnout auto.aktualizace chyba 0x800106ba. A při pokusu o zapnutí Windows Defender hlasi že nelze zapnout z centra zabezpečení. Ccleaner našel u par programů chyby s try ikonama a nedokazal smazat 1 soubor v dočasné pam. IE. https nejdou ani na firefoxu