VIRY.CZ

zdravim, pri spusteny windovsu sa otvori okno System Check.
Ako sa toho zbavim, prosim o pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jozef at 2012-03-11 22:09:59
Microsoft Windows 7 Home Premium
System drive C: has 85 GB (38%) free of 224 GB
Total RAM: 1788 MB (31% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\File Helper.job
C:\Windows\tasks\Final Media Player Update Checker.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForJozef.job
C:\Windows\tasks\RegistryBooster.job
C:\Windows\tasks\RegPowerClean.job
C:\Windows\tasks\RPCReminder.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll [2011-09-22 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL [2009-08-22 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll [2011-09-22 378736]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"QPService"=C:\Program Files (x86)\HP\QuickPlay\QPService.exe [2009-06-24 468264]
"UCam_Menu"=C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-02-18 218408]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-06-24 320056]
"UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2009-06-22 60464]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-11 417792]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-03-23 500792]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"DSA_F10TimeoutSetter"=C:\BOSCH_PR\DSA_3_31\Runtime\DDB\F10TimeoutSetter.exe [2004-01-07 359936]
"DSA_AutoBackup"=C:\BOSCH_PR\DSA_3_31\Runtime\AutoBackup.exe [2009-09-18 40960]
"KTSInit"= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-16 1668664]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-06-16 2736128]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-10-13 17351304]
"gWLwiaDlyb.exe"=C:\ProgramData\gWLwiaDlyb.exe [2012-03-08 449536]

C:\Users\Jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2009-08-22 52272]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-11 22:05:02 ----D---- C:\Program Files (x86)\trend micro
2012-03-11 22:05:01 ----D---- C:\rsit
2012-03-11 20:56:54 ----HD---- C:\Users\Jozef\AppData\Roaming\Spyware Terminator
2012-03-11 20:56:54 ----HD---- C:\ProgramData\Spyware Terminator
2012-03-11 20:56:48 ----D---- C:\Program Files (x86)\Spyware Terminator
2012-03-08 18:35:33 ----AH---- C:\ProgramData\wNsb0KpqgaBa3H.exe
2012-03-08 18:05:26 ----AH---- C:\ProgramData\gWLwiaDlyb.exe
2012-02-22 18:09:14 ----D---- C:\Program Files (x86)\PokerStars.NET
2012-02-17 08:17:22 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-02-17 08:17:18 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-02-17 08:17:17 ----A---- C:\Windows\SysWOW64\url.dll
2012-02-17 08:17:16 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-02-17 08:17:15 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-02-17 08:17:15 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-02-17 08:17:13 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-02-17 08:17:08 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-02-17 08:17:07 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-02-17 08:17:06 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-02-17 08:16:52 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-02-16 11:02:44 ----HD---- C:\Windows\AxInstSV
2012-02-15 10:27:02 ----A---- C:\Windows\SysWOW64\shell32.dll
2012-02-15 10:26:59 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2012-02-15 10:26:50 ----A---- C:\Windows\SysWOW64\msvcrt.dll

======List of files/folders modified in the last 1 month======

2012-03-11 22:10:00 ----D---- C:\Windows\Temp
2012-03-11 22:05:02 ----RD---- C:\Program Files (x86)
2012-03-11 22:04:37 ----SHD---- C:\System Volume Information
2012-03-11 21:58:06 ----SHD---- C:\Windows\Installer
2012-03-11 21:58:06 ----SHD---- C:\Config.Msi
2012-03-11 21:58:05 ----HD---- C:\ProgramData\Symantec
2012-03-11 21:52:47 ----HD---- C:\Users\Jozef\AppData\Roaming\Skype
2012-03-11 21:52:47 ----D---- C:\Windows\Panther
2012-03-11 21:52:47 ----D---- C:\Windows\inf
2012-03-11 21:52:46 ----D---- C:\Windows\Minidump
2012-03-11 21:52:46 ----D---- C:\Windows\Logs
2012-03-11 21:52:46 ----D---- C:\Windows\debug
2012-03-11 21:52:46 ----D---- C:\Windows
2012-03-11 21:49:25 ----RD---- C:\Program Files
2012-03-11 21:47:51 ----D---- C:\Program Files (x86)\Winferno
2012-03-11 21:19:40 ----AH---- C:\ProgramData\HPWALog.txt
2012-03-11 20:56:54 ----HD---- C:\ProgramData
2012-03-11 20:54:05 ----D---- C:\Windows\System32
2012-03-11 20:48:17 ----AH---- C:\ProgramData\hpqp.ini
2012-03-10 21:57:06 ----HD---- C:\ProgramData\CanonIJPLM
2012-03-09 10:12:06 ----D---- C:\Windows\Prefetch
2012-03-08 08:26:49 ----RSD---- C:\Windows\assembly
2012-03-08 08:26:49 ----D---- C:\Windows\Microsoft.NET
2012-03-05 08:27:38 ----D---- C:\Windows\Tasks
2012-02-21 08:16:57 ----D---- C:\ProgramData\Microsoft Help
2012-02-21 08:14:42 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2012-02-21 08:14:38 ----D---- C:\Windows\SysWOW64
2012-02-19 09:00:22 ----D---- C:\Windows\winsxs
2012-02-19 08:59:29 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-02-19 08:57:37 ----D---- C:\Windows\SysWOW64\migration
2012-02-19 08:57:37 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS []
R1 BHDrvx64;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys []
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-01-22 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100317.002\IDSvia64.sys [2009-10-28 466992]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1008030.006\SRTSPX64.SYS []
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NISx64\1008030.006\SYMTDI.SYS []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys []
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100324.037\ENG64.SYS [2010-02-03 116272]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100324.037\EX64.SYS [2010-02-03 1742896]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl64.sys []
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1008030.006\SRTSP64.SYS []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NISx64\1008000.029\SYMFW.SYS []
S3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-06-16 73728]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-09-22 117648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 1148632]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [2009-07-22 240128]
R2 Transbase TECDOC CD 1_2012 Service;Transbase TECDOC CD 1_2012 Service; C:\TECDOC_CD\1_2012\db\tbmux32.exe [2011-08-25 360448]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-03-15 9216]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 135664]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2010-09-30 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-11 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Zdravim a pekny den preji

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte

Pekny den prajem aj ja.
Spravil som scan. Dakujem
RogueKiller V7.3.1 [03/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Jozef [Admin rights]
Mode: Scan -- Date: 03/12/2012 13:30:55

¤¤¤ Bad processes: 2 ¤¤¤
[WINDOW : System Check] wNsb0KpqgaBa3H.exe -- C:\ProgramData\wNsb0KpqgaBa3H.exe -> KILLED [TermProc]
[SUSP PATH] gWLwiaDlyb.exe -- C:\ProgramData\gWLwiaDlyb.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 23 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : gWLwiaDlyb.exe (C:\ProgramData\gWLwiaDlyb.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-3512108138-2885134008-1077158089-1001[...]\Run : gWLwiaDlyb.exe (C:\ProgramData\gWLwiaDlyb.exe) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{EF0674E4-F682-4652-86E7-6231066C51DF} : NameServer (195.146.132.58 195.146.128.62) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{EF0674E4-F682-4652-86E7-6231066C51DF} : NameServer (195.146.132.58 195.146.128.62) -> FOUND
[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowControlPanel (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND
[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : Rogue.FakeHDD ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX ATA Device +++++
--- User ---
[MBR] 98c7a1253aeec28a1769335159745bb8
[BSP] 83bb12a9b12d514fc28be86a9c9b3bb1 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 224493 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 460171264 | Size: 13678 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 488183808 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB 2.0 Flash Disk USB Device +++++
--- User ---
[MBR] fddf816fd7d3d79db6d466bd59e92cab
[BSP] dec9f0908d0564afbcbcc26fa1ab4266 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 983 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

Ulozte nejlepe na plochu
Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Report
Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

pridavam scan
code]
MBRScan v1.1.1

OS : Windows 7 (64 bit)
PROCESSOR : AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
BOOT : Normal Boot
DATE : 2012/03/12 (ISO 8601) at 14:41:08
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __TOSHIBA MK2555GSX (FG002C)
BUS_TYPE : (0x0B) S-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK : Device\Harddisk1\DR1 __USB 2.0 Flash Disk (0.00)
BUS_TYPE : (0x07) USB
USE_PIO : NO
MAX_TRANSFER : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0 232.9 Go [Fixed] ==> HP Recovery Manager

MBR_MD5 : 98C7A1253AEEC28A1769335159745BB8
MBR_SHA1 : 8C288146C7EC332C81129BEEDAEE9E3A0D604736

Device\Harddisk0\Partition1 199.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 219.2 Go 0x07 NTFS / HPFS
Device\Harddisk0\Partition3 13.36 Go 0x07 NTFS / HPFS
Device\Harddisk0\Partition4 103.2 Mo 0x0C FAT32 [LBA]
________________________________________________________________________________

Device\Harddisk1\DR1 984.0 Mo [Removable] ==> Unknown MBR Code

MBR_MD5 : FDDF816FD7D3D79DB6D466BD59E92CAB
MBR_SHA1 : 4B64F8AB4E723F3CBE4B8F4C826876C098669BD1

Device\Harddisk1\Partition1 984.0 Mo 0x0B FAT32 [CHS] __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x033F4000
SIZE : 292.0 Ko

DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BAB000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\mcupdate_AuthenticAMD.dll => Invisible on the disk
ADDRESS : 0x00CC0000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CE1000
SIZE : 376.0 Ko

DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00D3F000
SIZE : 768.0 Ko

DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 656.0 Ko

DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00CA4000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ACPI.sys => Invisible on the disk
ADDRESS : 0x00E5E000
SIZE : 348.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00EB5000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00EBE000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pci.sys => Invisible on the disk
ADDRESS : 0x00EC8000
SIZE : 204.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00EFB000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\isapnp.sys => Invisible on the disk
ADDRESS : 0x00F08000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mpio.sys => Invisible on the disk
ADDRESS : 0x00F11000
SIZE : 168.0 Ko

DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00F3B000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk
ADDRESS : 0x00F50000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00F59000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\volmgr.sys => Invisible on the disk
ADDRESS : 0x00F65000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00F7A000
SIZE : 368.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\intelide.sys => Invisible on the disk
ADDRESS : 0x00FD6000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00FDE000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\aliide.sys => Invisible on the disk
ADDRESS : 0x00FEE000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\amdide.sys => Invisible on the disk
ADDRESS : 0x00FF5000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\cmdide.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE : 32.0 Ko

DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00E08000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\msdsm.sys => Invisible on the disk
ADDRESS : 0x00E22000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\drivers\nvraid.sys => Invisible on the disk
ADDRESS : 0x010C0000
SIZE : 160.0 Ko

DRIVER : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x010E8000
SIZE : 192.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pciide.sys => Invisible on the disk
ADDRESS : 0x01118000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\viaide.sys => Invisible on the disk
ADDRESS : 0x0111F000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\drivers\iaStorV.sys => Invisible on the disk
ADDRESS : 0x012C7000
SIZE : 1.12 Mo

DRIVER : C:\Windows\system32\DRIVERS\atapi.sys => Invisible on the disk
ADDRESS : 0x013E5000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ataport.SYS => Invisible on the disk
ADDRESS : 0x01200000
SIZE : 168.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lsi_sas.sys => Invisible on the disk
ADDRESS : 0x0122A000
SIZE : 116.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\storport.sys => Invisible on the disk
ADDRESS : 0x01247000
SIZE : 392.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\msahci.sys => Invisible on the disk
ADDRESS : 0x012A9000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HpSAMD.sys => Invisible on the disk
ADDRESS : 0x01127000
SIZE : 92.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\adp94xx.sys => Invisible on the disk
ADDRESS : 0x0113E000
SIZE : 492.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\adpahci.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE : 344.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\adpu320.sys => Invisible on the disk
ADDRESS : 0x01056000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\drivers\amdsata.sys => Invisible on the disk
ADDRESS : 0x01085000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\amdsbs.sys => Invisible on the disk
ADDRESS : 0x011B9000
SIZE : 284.0 Ko

DRIVER : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x012B4000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\arc.sys => Invisible on the disk
ADDRESS : 0x010A3000
SIZE : 100.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\arcsas.sys => Invisible on the disk
ADDRESS : 0x0145A000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\elxstor.sys => Invisible on the disk
ADDRESS : 0x01475000
SIZE : 540.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\iirsp.sys => Invisible on the disk
ADDRESS : 0x014FC000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lsi_fc.sys => Invisible on the disk
ADDRESS : 0x0150D000
SIZE : 124.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lsi_sas2.sys => Invisible on the disk
ADDRESS : 0x0152C000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lsi_scsi.sys => Invisible on the disk
ADDRESS : 0x0153F000
SIZE : 124.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\megasas.sys => Invisible on the disk
ADDRESS : 0x0155E000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\MegaSR.sys => Invisible on the disk
ADDRESS : 0x01688000
SIZE : 656.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nfrd960.sys => Invisible on the disk
ADDRESS : 0x0172C000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\drivers\nvstor.sys => Invisible on the disk
ADDRESS : 0x0173C000
SIZE : 172.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ql2300.sys => Invisible on the disk
ADDRESS : 0x0182D000
SIZE : 1.64 Mo

DRIVER : C:\Windows\system32\DRIVERS\ql40xx.sys => Invisible on the disk
ADDRESS : 0x01767000
SIZE : 380.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\SiSRaid2.sys => Invisible on the disk
ADDRESS : 0x019D1000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\sisraid4.sys => Invisible on the disk
ADDRESS : 0x019DF000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\stexstor.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vsmraid.sys => Invisible on the disk
ADDRESS : 0x017C6000
SIZE : 168.0 Ko

DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x01600000
SIZE : 304.0 Ko

DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x0180A000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS => Invisible on the disk
ADDRESS : 0x0156A000
SIZE : 412.0 Ko

DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01A30000
SIZE : 1.63 Mo

DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01C7A000
SIZE : 376.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01CD8000
SIZE : 104.0 Ko

DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01CF2000
SIZE : 460.0 Ko

DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01D65000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01D76000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01ED9000
SIZE : 968.0 Ko

DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01E00000
SIZE : 384.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01E60000
SIZE : 172.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x02002000
SIZE : 1.99 Mo

DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01E8B000
SIZE : 296.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wd.sys => Invisible on the disk
ADDRESS : 0x01FCB000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\volsnap.sys => Invisible on the disk
ADDRESS : 0x01D80000
SIZE : 304.0 Ko

DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01FD3000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\sbp2port.sys => Invisible on the disk
ADDRESS : 0x01FDB000
SIZE : 116.0 Ko

DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01C00000
SIZE : 232.0 Ko

DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01C3A000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01C4C000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x0164C000
SIZE : 232.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x01C55000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\AtiPcie.sys => Invisible on the disk
ADDRESS : 0x01FF8000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01BD2000
SIZE : 168.0 Ko

DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01DF6000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x01A00000
SIZE : 28.0 Ko

DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x01A07000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x015D1000
SIZE : 148.0 Ko

DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x01A15000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x01A25000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x0181E000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x019F7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x017F0000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x01400000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x01411000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x0142F000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\Drivers\NISx64\1008030.006\SYMTDI.SYS => Invisible on the disk
ADDRESS : 0x03482000
SIZE : 304.0 Ko

DRIVER : C:\Windows\system32\Drivers\SYMEVENT64x86.SYS => Invisible on the disk
ADDRESS : 0x034CE000
SIZE : 216.0 Ko

DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03504000
SIZE : 548.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x0358D000
SIZE : 276.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x035D2000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03400000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x03426000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\SymIMv.sys => Invisible on the disk
ADDRESS : 0x0343C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03447000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x035DB000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x03456000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\drivers\NISx64\1008030.006\SRTSPX64.SYS => Invisible on the disk
ADDRESS : 0x0346A000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x042C1000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x04312000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x0431E000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x04276000
SIZE : 60.0 Ko

DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x04285000
SIZE : 120.0 Ko

DRIVER : C:\Windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys => Invisible on the disk
ADDRESS : 0x03E40000
SIZE : 568.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x03ECE000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys => Invisible on the disk
ADDRESS : 0x03EDF000
SIZE : 348.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x03F36000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\amdppm.sys => Invisible on the disk
ADDRESS : 0x03F5C000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x0504A000
SIZE : 6.09 Mo

DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x05661000
SIZE : 976.0 Ko

DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x05755000
SIZE : 280.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x0579B000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\athrx.sys => Invisible on the disk
ADDRESS : 0x0466C000
SIZE : 1.54 Mo

DRIVER : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x04600000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x0460D000
SIZE : 228.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbohci.sys => Invisible on the disk
ADDRESS : 0x04646000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x03F71000
SIZE : 344.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x04651000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x057BF000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HpqKbFiltr.sys => Invisible on the disk
ADDRESS : 0x057DD000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x057E9000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0x05000000
SIZE : 292.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x04662000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x03FC7000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x04664000
SIZE : 20.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x047F5000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x03FD6000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x03FE6000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x03E24000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x043A0000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x043CF000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x04AF3000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x04B14000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x04B6B000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x04B9A000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x04B9C000
SIZE : 268.0 Ko

DRIVER : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x04A00000
SIZE : 216.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x04A36000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x04A48000
SIZE : 360.0 Ko

DRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x04AA2000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\AtiHdmi.sys => Invisible on the disk
ADDRESS : 0x04AB7000
SIZE : 128.0 Ko

DRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x0485E000
SIZE : 244.0 Ko

DRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x0489B000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x048BD000
SIZE : 24.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\stwrt64.sys => Invisible on the disk
ADDRESS : 0x048C3000
SIZE : 492.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x0493E000
SIZE : 116.0 Ko

DRIVER : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x0495B000
SIZE : 184.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x04989000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x04997000
SIZE : 100.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x049B0000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x049B9000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x049C6000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x049D4000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_msahci.sys => Invisible on the disk
ADDRESS : 0x049E0000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x049EB000
SIZE : 76.0 Ko

DRIVER : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00020000
SIZE : 3.08 Mo

DRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x04800000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x0480C000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00410000
SIZE : 40.0 Ko

DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00740000
SIZE : 156.0 Ko

DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x0481A000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\stflt.sys => Invisible on the disk
ADDRESS : 0x02CD3000
SIZE : 176.0 Ko

DRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x02CFF000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x02D20000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x02D35000
SIZE : 332.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x02D88000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x02D9B000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x02C00000
SIZE : 800.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x02DB3000
SIZE : 120.0 Ko

DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x02DD1000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x04C3F000
SIZE : 180.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x04C6C000
SIZE : 312.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x04CBA000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x04CDD000
SIZE : 664.0 Ko

DRIVER : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x04D83000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x04D8E000
SIZE : 180.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x04DBB000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x06A27000
SIZE : 412.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x06A8E000
SIZE : 596.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x06B23000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x06B3E000
SIZE : 196.0 Ko

DRIVER : C:\Windows\system32\drivers\spsys.sys => Invisible on the disk
ADDRESS : 0x06B71000
SIZE : 452.0 Ko

DRIVER : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x48380000
SIZE : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions : NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 33 C0 8E D0 BC 00 7C FB 8E C0 8E D8 8B F4 BF 00 3À.Ð¼.|û.À.Ø.ô¿.
0x00000010 06 B9 00 02 FC F3 A4 EA 60 06 00 00 00 00 00 00 .¹..üó¤ê`.......
0x00000020 52 65 63 6F 76 65 72 79 4D 67 72 20 00 A8 6D 1B RecoveryMgr .¨m.
0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D 0A ................
0x00000050 00 00 00 00 57 00 00 00 FF FF FF FF FF FF FF FF ....W...........
0x00000060 86 4C BD BE 30 06 AC B4 0E 33 DB CD 10 0A C0 75 .L½¾0.¬´.3ÛÍ..Àu
0x00000070 F5 E3 0B FE 06 13 06 53 53 E8 6D 00 EB 36 B8 12 õã.þ...SSèm.ë6¸.
0x00000080 5F 66 BA 51 50 48 5F CD 15 80 E3 01 74 20 EB 24 _fºQPH_Í..ã.t ë$
0x00000090 8B 16 6C 04 FA 66 A1 1C 06 BF 54 06 B1 03 F2 66 ..l.úf¡..¿T.±.òf
0x000000A0 AF FB 74 0A A1 3D 00 00 C2 83 F8 24 76 E6 B0 01 ¯ût.¡=..Â.ø$væ°.
0x000000B0 84 C0 75 1C BB C6 7D 66 8B 37 66 8B 3E 2C 06 66 .Àu.»Æ}f.7f.>,.f
0x000000C0 3B F7 74 07 80 C3 10 73 EE EB 05 BB 28 06 EB 10 ;÷t..Ã.sîë.»(.ë.
0x000000D0 BB C2 7D 80 7F FC 00 78 07 80 C3 10 73 F5 EB FE »Â}..ü.x..Ã.sõëþ
0x000000E0 66 FF 77 04 E8 02 00 FF E4 C8 10 00 00 B4 08 B2 f.w.è...äÈ...´.²
0x000000F0 80 CD 13 8A C1 24 3F FE C6 8A D8 F6 E6 C0 E9 06 .Í..Á$?þÆ.ØöæÀé.
0x00000100 86 CD 41 91 F7 E1 39 56 06 8B 56 06 8B 46 04 73 .ÍA.÷á9V..V..F.s
0x00000110 1C F7 F1 91 92 F6 F3 86 CD C0 E1 06 02 CC 41 8A .÷ñ..öó.ÍÀá..ÌA.
0x00000120 F0 B8 01 02 BB 00 7C 86 26 13 06 EB 14 83 C4 10 ð¸..».|.&..ë..Ä.
0x00000130 0E 0E 52 50 0E 68 00 7C 6A 01 6A 10 8B F4 B8 00 ..RP.h.|j.j..ô¸.
0x00000140 42 B2 80 CD 13 C9 C2 04 00 1E 50 53 0E 1F BB 1B B².Í.ÉÂ...PS..».
0x00000150 06 A0 17 04 24 0F 88 47 04 E4 60 3C E0 74 1A 3C ....$..G.ä`<àt.<
0x00000160 1D 74 10 3C 2A 74 0C 3C 36 74 08 3C 38 74 04 84 .t.<*t.<6t.<8t..
0x00000170 C0 79 06 66 83 27 00 EB 06 FE 07 02 1F 88 07 5B Ày.f.'.ë.þ.....[
0x00000180 58 1F EA 00 00 00 00 00 00 00 00 00 00 00 00 00 X.ê.............
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 00 00 00 A8 03 E5 07 00 00 80 20 ........¨.å....
0x000001C0 21 00 07 7E 25 19 00 08 00 00 00 38 06 00 00 7E !..~%......8...~
0x000001D0 26 19 07 FE FF FF 00 40 06 00 00 68 67 1B 00 FE &..þ...@...hg..þ
0x000001E0 FF FF 07 FE FF FF 00 A8 6D 1B 00 70 AB 01 00 FE ...þ...¨m..p«..þ
0x000001F0 FF FF 0C FE FF FF 00 18 19 1D 70 39 03 00 55 AA ...þ......p9..Uª

_______MBR \Device\Harddisk1\DR1

0x00000000 FA 33 C0 8E D0 BC 00 7C 8B F4 50 07 50 1F FB FC ú3À.Ð¼.|.ôP.P.ûü
0x00000010 BF 00 06 B9 00 01 F2 A5 EA 1D 06 00 00 BE BE 07 ¿..¹..ò¥ê....¾¾.
0x00000020 B3 04 80 3C 80 74 0E 80 3C 00 75 1C 83 C6 10 FE ³..<.t..<.u..Æ.þ
0x00000030 CB 75 EF CD 18 8B 14 8B 4C 02 8B EE 83 C6 10 FE ËuïÍ....L..î.Æ.þ
0x00000040 CB 74 1A 80 3C 00 74 F4 BE 8B 06 AC 3C 00 74 0B Ët..<.tô¾..¬<.t.
0x00000050 56 BB 07 00 B4 0E CD 10 5E EB F0 EB FE BF 05 00 V»..´.Í.^ëðëþ¿..
0x00000060 BB 00 7C B8 01 02 57 CD 13 5F 73 0C 33 C0 CD 13 ».|¸..WÍ._s.3ÀÍ.
0x00000070 4F 75 ED BE A3 06 EB D3 BE C2 06 BF FE 7D 81 3D Ouí¾£.ëÓ¾Â.¿þ}.=
0x00000080 55 AA 75 C7 8B F5 EA 00 7C 00 00 49 6E 76 61 6C UªuÇ.õê.|..Inval
0x00000090 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 62 id partition tab
0x000000A0 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E 67 le.Error loading
0x000000B0 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65 operating syste
0x000000C0 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 74 m.Missing operat
0x000000D0 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 00 ing system......
0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 00 00 00 24 2D F7 91 00 00 80 01 ........$-÷.....
0x000001C0 01 00 0B FE 3F 7C 3F 00 00 00 C0 BF 1E 00 00 00 ...þ?|?...À¿....
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
[/code]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

zdravim toto bude asi ono, dakujem za radu..

ComboFix 12-03-12.03 - Jozef . 03. 2012 18:51:51.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1033.18.1788.664 [GMT 1:00]
Running from: F:\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\ProgramData\~wNsb0KpqgaBa3H
C:\ProgramData\~wNsb0KpqgaBa3Hr
C:\ProgramData\gWLwiaDlyb.exe
C:\ProgramData\wNsb0KpqgaBa3H
C:\ProgramData\wNsb0KpqgaBa3H.exe
C:\Users\Jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
C:\Users\Jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk
C:\Users\Jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk
C:\Windows\IsUn0407.exe

((((((((((((((((((((((((( Files Created from 2012-02-12 to 2012-03-12 )))))))))))))))))))))))))))))))

2012-03-12 18:05:22 . 2012-03-12 18:05:22 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-03-12 17:59:11 . 2012-03-12 17:59:12 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B0670D43-654B-4BC2-8960-9D3EA5D90E9B}\offreg.dll
2012-03-11 21:05:02 . 2012-03-11 21:05:02 -------- d-----w- C:\Program Files (x86)\trend micro
2012-03-11 21:05:01 . 2012-03-11 21:05:13 -------- d-----w- C:\rsit
2012-03-11 20:49:25 . 2012-03-11 20:50:18 -------- d-----w- C:\Program Files\CCleaner
2012-03-11 19:56:54 . 2012-03-12 18:07:59 -------- d--h--w- C:\ProgramData\Spyware Terminator
2012-03-11 19:56:54 . 2012-03-11 19:56:54 51496 ----a-w- C:\Windows\system32\drivers\stflt.sys
2012-03-11 19:56:54 . 2012-03-11 19:56:54 -------- d--h--w- C:\Users\Jozef\AppData\Roaming\Spyware Terminator
2012-03-11 19:56:48 . 2012-03-11 19:57:18 -------- d--h--w- C:\Program Files (x86)\Spyware Terminator
2012-03-09 07:52:34 . 2012-02-08 07:13:59 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B0670D43-654B-4BC2-8960-9D3EA5D90E9B}\mpengine.dll
2012-02-22 17:09:37 . 2012-02-22 17:09:57 -------- d--h--w- C:\Users\Jozef\AppData\Local\PokerStars.NET
2012-02-22 17:09:14 . 2012-02-22 17:09:49 -------- d-----w- C:\Program Files (x86)\PokerStars.NET
2012-02-16 10:02:44 . 2012-02-16 10:02:53 -------- d--h--w- C:\Windows\AxInstSV
2012-02-15 09:26:59 . 2012-01-04 09:58:13 509952 ----a-w- C:\Windows\system32\ntshrui.dll
2012-02-15 09:26:59 . 2012-01-04 09:03:07 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 09:26:58 . 2012-01-03 06:24:52 515584 ----a-w- C:\Windows\system32\timedate.cpl
2012-02-15 09:26:58 . 2012-01-03 05:44:24 478208 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 09:26:57 . 2012-01-14 04:02:25 3143168 ----a-w- C:\Windows\system32\win32k.sys
2012-02-15 09:26:55 . 2011-12-28 03:59:11 499200 ----a-w- C:\Windows\system32\drivers\afd.sys
2012-02-15 09:26:50 . 2011-12-16 08:42:13 634368 ----a-w- C:\Windows\system32\msvcrt.dll
2012-02-15 09:26:50 . 2011-12-16 07:59:17 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-02-23 08:18:36 . 2010-03-25 15:03:43 279656 ------w- C:\Windows\system32\MpSigStub.exe

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-16 00:51:42 1668664]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-06-16 12:40:16 2736128]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2011-10-13 09:27:14 17351304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 19:32:20 98304]
"QPService"="C:\Program Files (x86)\HP\QuickPlay\QPService.exe" [2009-06-24 05:34:22 468264]
"UCam_Menu"="C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-18 04:21:32 218408]
"QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 21:57:28 320056]
"UpdatePRCShortCut"="C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 05:16:16 222504]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 02:04:47 35760]
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 19:00:00 60464]
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 21:50:04 54576]
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2009-11-10 23:08:18 417792]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 08:06:33 976832]
"WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 12:47:08 500792]
"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 09:18:54 1185112]
"DSA_F10TimeoutSetter"="C:\BOSCH_PR\DSA_3_31\Runtime\DDB\F10TimeoutSetter.exe" [2004-01-07 16:21:00 359936]
"DSA_AutoBackup"="C:\BOSCH_PR\DSA_3_31\Runtime\AutoBackup.exe" [2009-09-18 10:51:50 40960]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 11:59:52 254696]

C:\Users\Jozef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe [2011-6-14 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
R2 gupdate;Služba Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 08:38:10 135664]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 16:10:28 86072]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 08:38:10 135664]
R3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\system32\DRIVERS\ewusbfake.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;C:\Windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\system32\drivers\ccdcmbx64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;C:\Windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 17:10:10 57184]
S0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS [x]
S1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys [x]
S1 ccHP;Symantec Hash Provider;C:\Windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100317.002\IDSvia64.sys [2009-10-28 22:37:21 466992]
S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 21:42:58 89600]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe [2009-07-14 01:39:46 27136]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 16:07:50 94264]
S2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-09-22 00:35:57 117648]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\system32\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2011-11-22 03:30:54 1148632]
S2 Transbase TECDOC CD 1_2012 Service;Transbase TECDOC CD 1_2012 Service;C:\TECDOC_CD\1_2012\db\tbmux32.exe [2011-08-25 10:22:46 360448]
S2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2010-03-15 19:11:02 9216]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 17:11:50 228408]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [x]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - WS2IFSL

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 12:38:16 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe

Contents of the 'Scheduled Tasks' folder

2012-03-12 C:\Windows\Tasks\Final Media Player Update Checker.job
- C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe [2010-09-21 13:20:39 . 2010-08-24 12:37:22]

2012-03-12 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 08:38:11 . 2010-08-11 08:38:10]

2012-03-12 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-11 08:38:11 . 2010-08-11 08:38:10]

2012-03-06 C:\Windows\Tasks\HPCeeScheduleForJozef.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 21:15:40 . 2010-09-13 21:15:40]

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2009-07-22 01:33:32 450048]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 02:50:00 2726728]
"Windows Mobile Device Center"="C:\Windows\WindowsMobile\wmdc.exe" [2007-05-31 10:11:56 660360]
"SpywareTerminatorShield"="C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-11-22 03:30:36 2779824]
"SpywareTerminatorUpdater"="C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-11-22 03:30:46 3621040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0

------- Supplementary Scan -------

uStart Page = hxxp://www.google.com/
uLocal Page = C:\Windows\system32\blank.htm
mStart Page = hxxp://www.yahoo.com
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{EF0674E4-F682-4652-86E7-6231066C51DF}: NameServer = 195.146.132.58 195.146.128.62

- - - - ORPHANS REMOVED - - - -

Wow6432Node-HKCU-Run-gWLwiaDlyb.exe - C:\ProgramData\gWLwiaDlyb.exe
Wow6432Node-HKLM-Run-KTSInit - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - C:\Windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - C:\Program Files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe

Ten Norton Internet Security mate legalni = zakoupena licence?? Dle logu z CF je nejak mimo\neaktualizovany

bol sučastou už pri kupe, pravdepodobne len skušobna verzia ale už je odinštalovany, nahradeny esetom. po tom combofix sa problemy stratili, a vyzera to, že už je v poriadku.
Velmi pekne dakujem za pomoc.

ESET hodlate kupovat nebo cracknout? Neni lepsi free reseni v podobe Avastu, Aviry ci MSE

VIRY.CZ

critical error a system check

critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check

Re: critical error a system check