virus dwm.exe (2020) Win32/Spy.Zbot.AAO Trojský kôň

[seebo]

Dobrý deň do počítača sa mi dostal nejký šmejd a ja neviem čo sním, prosím vas o pomoc
do počítača sa mi dostal po prihlásení na Facebook dwm.exe (2020) Win32/Spy.Zbot.AAO Trojský kôň

Log s DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Admin at 9:26:57 on 2012-11-25
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3069.1659 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\vfsFPService.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sk_sk&c=91&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sk_sk&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sk_sk&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sk_sk&c=91&bd=Pavilion&pf=cnnb
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - <orphaned>
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare 6\browerprotect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [AdobeBridge] <no file>
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [CLMLServer for HP TouchSmart] "c:\program files\hewlett-packard\touchsmart\media\kernel\clml\CLMLSvc.exe"
mRun: [UCam_Menu] "c:\program files\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe" "c:\program files\hewlett-packard\media\webcam" update "software\hewlett-packard\media\Webcam"
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [DpAgent] c:\program files\digitalpersona\bin\dpagent.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS6ServiceManager] "c:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{3EB28724-06DA-4B57-8661-AF46C61CF4AA} : DHCPNameServer = 192.168.2.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
LSA: Notification Packages = scecli DPPWDFLT
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-11-4 242240]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-10-8 170656]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2012-10-8 121216]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2012-10-8 104712]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-9-4 54784]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2012-11-3 23456]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-8-7 97536]
.
=============== Created Last 30 ================
.
2012-11-24 14:08:26 -------- d-----w- c:\users\admin\appdata\local\ESET
2012-11-24 14:08:03 -------- d-----w- c:\users\admin\appdata\roaming\Wacyq
2012-11-24 14:08:03 -------- d-----w- c:\users\admin\appdata\roaming\Obahmu
2012-11-24 14:08:03 -------- d-----w- c:\users\admin\appdata\roaming\Elfab
2012-11-23 18:58:23 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{84e6a803-9186-41b8-b790-c41a6470db91}\mpengine.dll
2012-11-21 10:18:16 -------- d-----w- c:\programdata\boost_interprocess
2012-11-21 10:05:18 -------- d-----w- c:\users\admin\appdata\local\Autodesk
2012-11-21 10:00:54 -------- d-----w- c:\program files\common files\Macrovision Shared
2012-11-21 09:52:21 -------- d-----w- c:\program files\Autodesk
2012-11-21 09:47:06 -------- d-----w- c:\program files\common files\Autodesk Shared
2012-11-21 09:46:40 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-11-21 09:46:40 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-11-21 09:46:38 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-11-21 09:34:28 -------- d-----w- c:\users\admin\appdata\roaming\Autodesk
2012-11-21 08:42:46 -------- d-----w- c:\users\admin\appdata\local\TSR Workshop
2012-11-21 08:42:08 -------- d-----w- c:\users\admin\appdata\local\Ibibi_HB
2012-11-21 08:42:06 -------- d-----w- c:\users\admin\appdata\roaming\TSRWorkshop
2012-11-21 08:41:28 -------- d-----w- c:\program files\The Sims Resource
2012-11-21 08:39:08 -------- d-----w- c:\users\admin\appdata\roaming\The Sims Resource
2012-11-19 12:52:09 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-19 12:52:09 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-18 14:39:55 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-11-18 14:39:41 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-11-18 12:41:51 -------- d-----w- c:\program files\ESET
2012-11-15 14:38:38 -------- d-----w- c:\program files\Mad Scientist Productions
2012-11-14 09:52:57 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 09:52:18 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-07 14:15:37 -------- d-----w- c:\programdata\EA Core
2012-11-07 14:06:51 -------- d-----w- c:\programdata\Origin
2012-11-07 09:29:48 -------- d-----w- c:\users\admin\appdata\roaming\Origin
2012-11-07 09:29:46 -------- d-----w- c:\programdata\Electronic Arts
2012-11-07 09:29:25 -------- d-----w- c:\program files\Origin
2012-11-07 09:13:39 -------- d-----w- c:\program files\Microsoft WSE
2012-11-06 17:00:20 -------- d-sh--w- C:\found.001
2012-11-06 16:50:01 -------- d-sh--w- C:\found.000
2012-11-06 08:18:19 -------- d-----w- c:\users\admin\appdata\roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-11-06 08:15:05 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-11-06 08:12:30 -------- d-----w- c:\programdata\ALM
2012-11-06 07:51:41 -------- d-----w- c:\users\admin\appdata\local\Adobe
2012-11-05 15:23:05 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2012-11-05 15:22:58 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-11-05 15:22:58 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-11-05 15:22:58 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-11-05 15:22:57 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-11-05 15:22:57 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-11-05 15:19:50 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-11-05 15:19:50 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-11-05 15:19:50 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-05 15:19:50 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-05 15:19:40 189952 ----a-w- c:\windows\system32\winmm.dll
2012-11-05 15:19:38 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-11-05 15:19:08 623616 ----a-w- c:\windows\system32\localspl.dll
2012-11-05 15:17:59 429056 ----a-w- c:\windows\system32\EncDec.dll
2012-11-05 15:17:53 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-11-05 07:38:37 -------- d-----w- c:\program files\Windows Portable Devices
2012-11-05 07:38:36 -------- d-----w- c:\windows\system32\drivers\umdf\sk-SK
2012-11-04 23:15:27 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2012-11-04 23:15:25 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2012-11-04 23:15:25 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-11-04 23:12:59 839168 ----a-w- c:\windows\system32\drivers\umdf\WpdMtpDr.dll
2012-11-04 23:03:47 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-04 23:03:47 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-04 23:03:47 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-04 22:52:44 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-11-04 22:51:26 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-11-04 22:51:26 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-11-04 22:51:26 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-11-04 22:51:25 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-11-04 22:51:25 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-11-04 22:51:25 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-11-04 22:51:25 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-11-04 08:41:05 -------- d-----w- c:\users\admin\appdata\roaming\2K Sports
2012-11-04 08:14:59 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2012-11-04 08:09:57 -------- d--h--w- c:\windows\msdownld.tmp
2012-11-04 08:09:12 -------- d-----w- c:\windows\system32\directx
2012-11-04 08:04:17 -------- d-----w- c:\users\admin\appdata\roaming\YourFileDownloader
2012-11-03 23:54:51 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-11-03 23:54:51 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-11-03 23:54:51 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-03 23:54:51 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-03 23:30:15 -------- d-----w- c:\program files\2K Sports
2012-11-03 23:25:30 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-03 23:25:23 -------- d-----w- c:\users\admin\appdata\roaming\DAEMON Tools Lite
2012-11-03 23:25:20 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-11-03 23:24:48 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-11-03 20:55:34 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-11-03 20:55:34 -------- d-----w- c:\users\admin\appdata\local\eSupport.com
2012-11-03 15:27:29 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-11-03 15:25:48 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-03 15:25:43 1404928 ----a-w- c:\program files\common files\microsoft shared\ink\InkObj.dll
2012-11-03 15:25:43 1218048 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-11-03 15:25:42 964608 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-11-03 15:25:41 983040 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-11-03 15:25:41 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-11-03 15:25:41 47104 ----a-w- c:\program files\windows journal\PDIALOG.exe
2012-11-03 15:25:12 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-11-03 15:25:11 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-11-03 15:24:55 66560 ----a-w- c:\windows\system32\packager.dll
2012-11-03 15:24:49 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-11-03 15:24:47 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-11-03 15:24:29 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-11-03 15:24:29 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-03 15:24:28 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-03 15:24:01 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-11-03 15:23:54 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-11-03 15:23:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-03 15:23:46 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-11-03 15:23:45 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-11-03 15:23:31 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-03 15:23:10 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-11-03 15:22:48 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-11-03 15:22:28 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-11-03 15:22:28 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-11-03 15:22:27 563712 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-03 15:22:27 238080 ----a-w- c:\windows\system32\oleacc.dll
2012-11-03 15:21:58 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-11-03 15:21:58 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-11-03 15:21:43 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-03 15:21:35 707584 ----a-w- c:\program files\common files\system\wab32.dll
2012-11-03 15:19:48 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-03 15:19:48 278528 ----a-w- c:\windows\system32\schannel.dll
2012-11-03 15:19:47 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-03 15:19:46 9728 ----a-w- c:\windows\system32\lsass.exe
2012-11-03 15:19:46 72704 ----a-w- c:\windows\system32\secur32.dll
2012-11-03 15:19:46 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-03 15:19:43 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-11-03 15:19:37 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-03 15:19:37 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-11-03 14:47:50 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-11-03 14:11:02 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-11-03 14:11:02 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-11-03 14:11:01 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-11-03 14:11:01 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-11-03 14:11:01 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-11-03 13:51:09 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-11-03 13:50:11 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-11-03 13:49:36 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-11-03 13:49:36 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-11-03 09:52:19 -------- d-----w- c:\program files\SystemRequirementsLab
2012-11-03 09:52:14 -------- d-----w- c:\users\admin\SystemRequirementsLab
2012-11-03 09:46:42 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-03 09:46:42 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-03 09:46:08 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-03 09:17:22 -------- d-----w- c:\windows\system32\vi-VN
2012-11-03 09:17:22 -------- d-----w- c:\windows\system32\eu-ES
2012-11-03 09:17:22 -------- d-----w- c:\windows\system32\ca-ES
2012-11-03 08:51:24 -------- d-----w- c:\windows\system32\EventProviders
2012-11-03 08:39:45 -------- d-----w- c:\users\admin\appdata\local\Macromedia
2012-11-03 08:39:03 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-03 08:39:03 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-02 23:45:24 -------- d-----w- c:\users\admin\appdata\local\Symantec
2012-11-02 23:01:34 -------- d-----w- c:\users\admin\appdata\local\AMD
2012-11-02 22:12:29 -------- d-----w- c:\programdata\AMD
2012-11-02 22:09:15 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2012-11-02 22:09:06 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2012-11-02 22:09:05 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2012-11-02 22:09:03 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2012-11-02 22:09:03 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2012-11-02 22:07:59 190464 ----a-w- c:\windows\system32\sperror.dll
2012-11-02 22:06:58 582144 ----a-w- c:\windows\system32\SLCommDlg.dll
2012-11-02 22:05:59 610304 ----a-w- c:\program files\common files\microsoft shared\dao\dao360.dll
2012-11-02 22:04:59 190424 ----a-w- c:\windows\system32\drivers\fltMgr.sys
2012-11-02 22:03:59 1224192 ----a-w- c:\windows\system32\sud.dll
2012-11-02 22:02:56 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2012-11-02 22:01:59 31744 ----a-w- c:\windows\system32\cscapi.dll
2012-11-02 21:59:19 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2012-11-02 21:59:19 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2012-11-02 21:59:19 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2012-11-02 21:59:19 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2012-11-02 21:59:19 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2012-11-02 21:59:19 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2012-11-02 21:59:18 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-11-02 21:58:56 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2012-11-02 21:58:20 218624 ----a-w- c:\windows\system32\wdscore.dll
2012-11-02 21:58:20 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2012-11-02 21:56:27 247808 ----a-w- c:\windows\system32\drvstore.dll
2012-11-02 21:53:48 -------- d-----w- C:\AMD
2012-11-02 21:14:14 -------- d-----w- c:\program files\VideoLAN
2012-11-02 21:10:21 17920 ----a-w- c:\windows\system32\netevent.dll
2012-11-02 21:10:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2012-11-02 21:05:48 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-11-02 19:45:07 -------- d-----r- c:\program files\Skype
2012-11-02 19:23:54 -------- d-----w- c:\programdata\IObit
2012-11-02 19:23:48 -------- d-----w- c:\users\admin\appdata\roaming\IObit
2012-11-02 19:23:41 -------- d-----w- c:\program files\IObit
2012-11-02 19:15:45 -------- d-----w- C:\System Recovery Files
2012-11-02 14:45:39 -------- d-----w- c:\users\admin\appdata\local\Google
2012-11-02 13:10:55 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-11-02 13:07:13 507904 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-11-02 13:07:13 30208 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-11-02 13:07:13 23040 ----a-w- c:\windows\system32\drivers\bthenum.sys
2012-11-02 13:07:13 196608 ----a-w- c:\windows\system32\fsquirt.exe
2012-11-02 13:05:11 216064 ----a-w- c:\windows\system32\lagarith.dll
2012-11-02 13:05:10 650752 ----a-w- c:\windows\system32\xvidcore.dll
2012-11-02 13:05:10 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2012-11-02 13:05:07 178688 ----a-w- c:\windows\system32\unrar.dll
2012-11-02 13:05:07 151552 ----a-w- c:\windows\system32\ac3acm.acm
2012-11-02 13:05:04 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-11-02 13:05:01 -------- d-----w- c:\program files\K-Lite Codec Pack
2012-11-02 13:04:15 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-11-02 13:04:12 411648 ----a-w- c:\windows\system32\drivers\http.sys
2012-11-02 13:04:11 30720 ----a-w- c:\windows\system32\httpapi.dll
2012-11-02 13:02:44 -------- d-----w- c:\program files\MSXML 4.0
2012-11-02 13:00:02 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2012-11-02 12:55:11 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2012-11-02 12:55:11 1136640 ----a-w- c:\windows\system32\mfc42.dll
2012-11-02 12:54:49 105984 ----a-w- c:\windows\system32\netiohlp.dll
2012-11-02 12:54:47 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-11-02 12:54:46 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-11-02 12:54:46 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-11-02 12:54:46 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-11-02 12:54:46 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-11-02 12:54:46 10240 ----a-w- c:\windows\system32\finger.exe
2012-11-02 12:54:45 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-11-02 12:53:37 499712 ----a-w- c:\windows\system32\kerberos.dll
2012-11-02 12:53:37 175104 ----a-w- c:\windows\system32\wdigest.dll
2012-11-02 12:52:16 1696256 ----a-w- c:\windows\system32\gameux.dll
2012-11-02 12:52:15 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2012-11-02 12:52:14 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2012-11-02 12:52:05 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-11-02 12:52:05 518144 ----a-w- c:\windows\system32\RMActivate.exe
2012-11-02 12:52:03 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2012-11-02 12:52:03 471552 ----a-w- c:\windows\system32\secproc.dll
2012-11-02 12:52:03 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2012-11-02 12:52:02 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2012-11-02 12:52:02 332288 ----a-w- c:\windows\system32\msdrm.dll
2012-11-02 12:52:01 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2012-11-02 12:52:01 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2012-11-02 12:51:40 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2012-11-02 12:51:40 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-02 12:51:28 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2012-11-02 12:51:06 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2012-11-02 12:51:06 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2012-11-02 12:51:06 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2012-11-02 12:51:05 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2012-11-02 12:51:05 7680 ----a-w- c:\windows\system32\spwmp.dll
2012-11-02 12:51:05 4096 ----a-w- c:\windows\system32\msdxm.ocx
2012-11-02 12:51:05 4096 ----a-w- c:\windows\system32\dxmasf.dll
2012-11-02 12:50:27 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-11-02 12:50:17 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2012-11-02 12:50:17 24576 ----a-w- c:\windows\system32\mfpmp.exe
2012-11-02 12:50:17 2048 ----a-w- c:\windows\system32\mferror.dll
2012-11-02 12:50:09 218624 ----a-w- c:\windows\system32\msv1_0.dll
2012-11-02 12:48:54 601600 ----a-w- c:\windows\system32\schedsvc.dll
2012-11-02 12:48:53 352768 ----a-w- c:\windows\system32\taskschd.dll
2012-11-02 12:48:53 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2012-11-02 12:48:52 270336 ----a-w- c:\windows\system32\taskcomp.dll
2012-11-02 12:48:52 171520 ----a-w- c:\windows\system32\taskeng.exe
2012-11-02 12:48:00 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2012-11-02 12:47:54 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-11-02 12:47:53 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-11-02 12:47:00 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-11-02 12:47:00 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-11-02 12:46:55 292864 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 12:46:54 72704 ----a-w- c:\windows\system32\fontsub.dll
2012-11-02 12:46:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-02 12:46:54 23552 ----a-w- c:\windows\system32\lpk.dll
2012-11-02 12:46:54 10240 ----a-w- c:\windows\system32\dciman32.dll
2012-11-02 12:45:40 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-11-02 12:45:40 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-11-02 12:45:39 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-11-02 12:45:19 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-02 12:45:13 128000 ----a-w- c:\windows\system32\spoolsv.exe
2012-11-02 12:45:09 2067968 ----a-w- c:\windows\system32\mstscax.dll
2012-11-02 12:45:08 677888 ----a-w- c:\windows\system32\mstsc.exe
2012-11-02 12:45:08 63488 ----a-w- c:\windows\system32\tscupgrd.exe
2012-11-02 12:45:08 53248 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-02 12:45:08 136192 ----a-w- c:\windows\system32\aaclient.dll
2012-11-02 12:45:03 1316864 ----a-w- c:\windows\system32\ole32.dll
2012-11-02 12:45:02 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2012-11-02 12:44:50 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2012-11-02 12:44:47 23040 ----a-w- c:\program files\movie maker\WMM2EXT.dll
2012-11-02 12:44:47 195072 ----a-w- c:\program files\movie maker\WMM2AE.dll
2012-11-02 12:44:46 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2012-11-02 12:44:30 322560 ----a-w- c:\windows\system32\sbe.dll
2012-11-02 12:44:30 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2012-11-02 12:44:30 153088 ----a-w- c:\windows\system32\sbeio.dll
2012-11-02 12:44:22 531968 ----a-w- c:\windows\system32\comctl32.dll
2012-11-02 12:44:17 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2012-11-02 12:44:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-11-02 12:43:57 243712 ----a-w- c:\windows\system32\rastls.dll
2012-11-02 12:43:42 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-11-02 12:43:42 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-11-02 12:43:39 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2012-11-02 12:43:39 515584 ----a-w- c:\program files\windows mail\wab.exe
2012-11-02 12:43:39 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2012-11-02 12:43:31 1169408 ----a-w- c:\windows\system32\sdclt.exe
2012-11-02 12:43:22 71680 ----a-w- c:\windows\system32\atl.dll
2012-11-02 12:43:14 355328 ----a-w- c:\windows\system32\WSDApi.dll
2012-11-02 12:43:09 62464 ----a-w- c:\windows\system32\l3codeca.acm
2012-11-02 12:43:09 220672 ----a-w- c:\windows\system32\l3codecp.acm
2012-11-02 12:43:02 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2012-11-02 12:42:56 739328 ----a-w- c:\windows\system32\inetcomm.dll
2012-11-02 12:42:52 81920 ----a-w- c:\windows\system32\iccvid.dll
2012-11-02 12:42:41 81920 ----a-w- c:\windows\system32\consent.exe
2012-11-02 12:42:25 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-11-02 12:42:18 502272 ----a-w- c:\windows\system32\usp10.dll
2012-11-02 12:42:12 157184 ----a-w- c:\windows\system32\t2embed.dll
2012-11-02 12:42:05 714240 ----a-w- c:\windows\system32\timedate.cpl
2012-11-02 12:41:55 36864 ----a-w- c:\windows\system32\rtutils.dll
2012-11-02 12:41:39 67072 ----a-w- c:\windows\system32\asycfilt.dll
2012-11-02 12:41:12 60928 ----a-w- c:\windows\system32\msasn1.dll
2012-11-02 12:41:07 98304 ----a-w- c:\windows\system32\cabview.dll
2012-11-02 12:41:04 867328 ----a-w- c:\windows\system32\wmpmde.dll
2012-11-02 12:40:59 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2012-11-02 12:40:48 31744 ----a-w- c:\windows\system32\msvidc32.dll
2012-11-02 12:40:48 13312 ----a-w- c:\windows\system32\msrle32.dll
2012-11-02 12:40:48 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2012-11-02 12:40:47 91136 ----a-w- c:\windows\system32\avifil32.dll
2012-11-02 12:40:47 82944 ----a-w- c:\windows\system32\mciavi32.dll
2012-11-02 12:40:47 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2012-11-02 12:40:47 22528 ----a-w- c:\windows\system32\msyuv.dll
2012-11-02 12:40:46 123904 ----a-w- c:\windows\system32\msvfw32.dll
2012-11-02 12:40:23 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2012-11-02 12:39:48 -------- d-----w- c:\program files\Guitar Pro 6
2012-11-02 12:20:49 -------- d-----w- c:\program files\uTorrent
2012-11-02 12:19:11 -------- d-----w- c:\users\admin\appdata\roaming\uTorrent
2012-11-02 12:17:18 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2012-11-02 12:17:16 310784 ----a-w- c:\windows\system32\unregmp2.exe
2012-11-02 11:50:40 -------- d-----w- c:\users\admin\appdata\roaming\Macrovision
2012-11-02 11:46:13 -------- d-----w- c:\users\admin\Bluetooth Software
2012-11-02 11:46:09 -------- d-----w- c:\users\admin\appdata\roaming\DigitalPersona
2012-11-02 11:46:09 -------- d-----w- c:\users\admin\appdata\local\DigitalPersona
2012-11-02 11:46:05 -------- d-----w- c:\users\admin\appdata\local\ATI
2012-11-02 11:46:01 -------- d-----w- c:\users\admin\appdata\local\Hewlett-Packard
2012-11-02 11:45:31 -------- d-----w- c:\users\admin\appdata\local\VirtualStore
2012-11-02 11:38:11 -------- d-----w- c:\windows\PCHEALTH
2012-11-02 11:38:11 -------- d-----w- c:\program files\MSN Messenger
2012-11-02 11:34:59 -------- d-sh--we c:\programdata\Plocha
2012-11-02 11:34:59 -------- d-sh--we c:\programdata\Oblíbené položky
2012-11-02 11:34:59 -------- d-sh--we c:\programdata\Šablony
2012-11-02 11:34:59 -------- d-sh--we c:\programdata\Nabídka Start
2012-11-02 11:34:59 -------- d-sh--we c:\programdata\Dokumenty
2012-11-02 11:34:59 -------- d-sh--we c:\programdata\Data aplikací
2012-11-02 10:13:02 -------- d-sh--w- C:\$RECYCLE.BIN
2012-11-02 10:07:27 -------- d-----w- c:\windows\system32\tr
2012-11-02 10:07:27 -------- d-----w- c:\windows\system32\ru
2012-11-02 10:07:26 -------- d-----w- c:\windows\system32\ko
2012-11-02 10:07:25 -------- d-----w- c:\windows\system32\ja
2012-11-02 10:07:25 -------- d-----w- c:\windows\system32\it
2012-11-02 10:07:25 -------- d-----w- c:\windows\system32\fr
2012-11-02 10:07:25 -------- d-----w- c:\windows\system32\es
2012-11-02 10:07:24 -------- d-----w- c:\windows\system32\de
2012-11-02 10:07:23 -------- d-----w- c:\windows\DPDrv
2012-11-02 10:07:20 -------- d-----w- c:\program files\DigitalPersona
2012-11-02 09:46:33 0 ----a-w- c:\windows\ativpsrm.bin
2012-11-02 09:43:59 81960 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2012-11-02 09:43:59 16168 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2012-11-02 09:43:58 80424 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2012-11-02 09:43:52 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2012-11-02 09:43:45 -------- d-----w- c:\windows\system32\es-MX
2012-11-02 09:43:45 -------- d-----w- c:\windows\system32\es-AR
2012-11-02 09:43:43 -------- d-----w- c:\program files\WIDCOMM
2012-11-02 09:43:03 22072 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2012-11-02 09:43:01 -------- d-----w- c:\program files\AMD
2012-11-02 09:42:47 -------- d-----w- c:\windows\system32\HPMDP
2012-11-02 09:41:47 516096 ----a-w- c:\windows\system32\S64CPA.exe
2012-11-02 09:41:47 -------- d-----w- c:\windows\system32\nn-NO
2012-11-02 09:41:46 53248 ----a-w- c:\windows\system32\athihvui.dll
2012-11-02 09:41:46 393216 ----a-w- c:\windows\system32\athihvs.dll
2012-11-02 09:41:33 -------- d-----w- c:\program files\Atheros
2012-11-02 09:41:30 -------- d-----w- c:\program files\Cisco
2012-11-02 09:41:26 -------- d-----w- c:\programdata\Atheros
2012-11-02 09:40:21 9728 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-11-02 09:40:21 124928 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2012-11-02 09:40:19 -------- d-----w- c:\program files\Realtek
2012-11-02 09:39:51 53248 ----a-w- c:\windows\system32\aestaren.dll
2012-11-02 09:39:51 376832 ----a-w- c:\windows\system32\aestecap.dll
2012-11-02 09:39:51 133632 ----a-w- c:\windows\system32\aestacap.dll
2012-11-02 09:39:50 73728 ----a-w- c:\windows\system32\AESTCom.dll
2012-11-02 09:39:50 532480 ----a-w- c:\windows\system32\idtmini1.exe
2012-11-02 09:39:50 446556 ----a-w- c:\windows\sttray.exe
2012-11-02 09:39:50 2875392 ----a-w- c:\windows\system32\stlang.dll
2012-11-02 09:39:50 10641500 ----a-w- c:\windows\system32\idtcpl.cpl
2012-11-02 09:39:39 -------- d-----w- c:\windows\system32\SRSLabs
2012-11-02 09:38:41 168960 ----a-w- c:\windows\system32\staco.dll
2012-11-02 09:38:10 389120 ----a-w- c:\windows\system32\drivers\stwrt.sys
2012-11-02 09:38:09 404480 ----a-w- c:\windows\system32\stcplx.dll
2012-11-02 09:38:08 671744 ----a-w- c:\windows\system32\stapo.dll
2012-11-02 09:38:08 427008 ----a-w- c:\windows\system32\stapi32.dll
2012-11-02 09:37:42 -------- d-----w- c:\program files\IDT
2012-11-02 09:37:33 125 ----a-w- c:\windows\xUninstall.bat
2012-11-02 09:36:58 110080 ----a-w- c:\windows\system32\JmCrIcon.dll
2012-11-02 09:36:58 -------- d-----w- c:\windows\JMCR_DIR
2012-11-02 09:36:20 -------- d-----w- c:\program files\Validity Sensors, Inc
2012-11-02 09:35:46 -------- d-----w- c:\program files\Synaptics
2012-11-02 09:31:43 -------- d-----w- c:\program files\ATI
2012-11-02 09:31:40 -------- d-----w- c:\program files\ATI Technologies
.
==================== Find3M ====================
.
2012-11-04 22:52:44 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-11-04 22:51:27 4096 ----a-w- c:\windows\system32\drivers\cs-cz\dxgkrnl.sys.mui
2012-11-04 22:51:26 4096 ----a-w- c:\windows\system32\drivers\sk-sk\dxgkrnl.sys.mui
2012-11-02 21:08:09 40960 ----a-w- c:\windows\system32\drivers\cs-cz\http.sys.mui
2012-11-02 21:08:09 36864 ----a-w- c:\windows\system32\drivers\en-us\http.sys.mui
2012-11-02 14:19:45 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-08 07:21:08 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21:08 104712 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2012-10-08 07:21:06 170656 ----a-w- c:\windows\system32\drivers\eamonm.sys
.
============= FINISH: 9:30:41,52 ===============

[vyosek]

Zdravim

Odinstalujte Advanced SystemCare 6 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[seebo]

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/25/2012 11:48:30 AM in x86 mode.
Windows Version: Windows Vista (TM) Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/25/2012 11:48:47 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)


ComboFix 12-11-25.01 - Admin . 11. 2012 11:23:24.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3069.1525 [GMT 1:00]
Running from: c:\users\Admin\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-10-25 to 2012-11-25 )))))))))))))))))))))))))))))))
.
.
2012-11-23 18:58 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{84E6A803-9186-41B8-B790-C41A6470DB91}\mpengine.dll
2012-11-21 10:18 . 2012-11-21 10:18 -------- d-----w- c:\programdata\boost_interprocess
2012-11-21 10:05 . 2012-11-21 10:12 -------- d-----w- c:\programdata\FLEXnet
2012-11-21 10:00 . 2012-11-21 10:00 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-11-21 09:52 . 2012-11-21 10:02 -------- d-----w- c:\program files\Autodesk
2012-11-21 09:47 . 2012-11-21 09:59 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2012-11-21 09:46 . 2008-10-15 05:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-11-21 09:46 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-11-21 09:46 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-11-21 09:34 . 2012-11-21 10:17 -------- d-----w- c:\programdata\Autodesk
2012-11-21 08:41 . 2012-11-21 08:41 -------- d-----w- c:\program files\The Sims Resource
2012-11-19 12:52 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-19 12:52 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-18 14:39 . 2012-05-31 11:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-11-18 12:41 . 2012-11-18 12:41 -------- d-----w- c:\program files\ESET
2012-11-18 12:41 . 2012-11-18 12:41 -------- d-----w- c:\programdata\WindowsSearch
2012-11-15 14:38 . 2012-11-15 14:38 -------- d-----w- c:\program files\Mad Scientist Productions
2012-11-07 14:15 . 2012-11-07 14:15 -------- d-----w- c:\programdata\EA Core
2012-11-07 14:06 . 2012-11-07 14:06 -------- d-----w- c:\programdata\Origin
2012-11-07 09:29 . 2012-11-07 09:29 -------- d-----w- c:\programdata\Electronic Arts
2012-11-07 09:29 . 2012-11-07 09:30 -------- d-----w- c:\program files\Origin
2012-11-07 09:13 . 2012-11-07 09:13 -------- d-----w- c:\program files\Microsoft WSE
2012-11-07 09:00 . 2012-11-14 19:13 -------- d-----w- c:\program files\Electronic Arts
2012-11-06 17:00 . 2012-11-06 17:00 -------- d-----w- C:\found.001
2012-11-06 16:50 . 2012-11-06 16:50 -------- d-----w- C:\found.000
2012-11-06 08:15 . 2012-11-20 08:04 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-11-06 08:12 . 2012-11-06 08:12 -------- d-----w- c:\programdata\ALM
2012-11-06 08:05 . 2012-11-06 08:05 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-11-05 15:22 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-11-05 15:22 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-11-05 15:22 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-11-05 15:22 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-11-05 15:22 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-11-05 15:19 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-11-05 15:19 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-11-05 15:19 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2012-11-05 15:17 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
2012-11-05 15:17 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-11-05 07:38 . 2012-11-05 07:38 -------- d-----w- c:\program files\Windows Portable Devices
2012-11-05 07:38 . 2012-11-05 07:38 -------- d-----w- c:\windows\system32\drivers\UMDF\sk-SK
2012-11-04 23:13 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2012-11-04 23:13 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2012-11-04 23:13 . 2009-10-01 01:01 227840 ----a-w- c:\windows\system32\drivers\UMDF\WpdFs.dll
2012-11-04 23:12 . 2009-10-01 01:01 839168 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2012-11-04 23:03 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-04 23:03 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-04 22:52 . 2012-11-04 22:52 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-11-04 22:52 . 2012-11-04 22:52 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2012-11-04 22:52 . 2012-11-04 22:52 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2012-11-04 22:52 . 2012-11-04 22:52 98816 ----a-w- c:\windows\system32\mfps.dll
2012-11-04 22:52 . 2012-11-04 22:52 2873344 ----a-w- c:\windows\system32\mf.dll
2012-11-04 22:52 . 2012-11-04 22:52 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2012-11-04 22:52 . 2012-11-04 22:52 209920 ----a-w- c:\windows\system32\mfplat.dll
2012-11-04 22:52 . 2012-11-04 22:52 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2012-11-04 22:52 . 2012-11-04 22:52 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-11-04 22:52 . 2012-11-04 22:52 478720 ----a-w- c:\windows\system32\dxgi.dll
2012-11-04 22:52 . 2012-11-04 22:52 37376 ----a-w- c:\windows\system32\cdd.dll
2012-11-04 22:52 . 2012-11-04 22:52 189952 ----a-w- c:\windows\system32\d3d10core.dll
2012-11-04 22:52 . 2012-11-04 22:52 1029120 ----a-w- c:\windows\system32\d3d10.dll
2012-11-04 22:51 . 2012-11-04 22:51 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-11-04 22:51 . 2012-11-04 22:51 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-11-04 22:51 . 2012-11-04 22:51 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-11-04 08:14 . 2007-05-16 15:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2012-11-04 08:09 . 2012-11-04 08:12 -------- d--h--w- c:\windows\msdownld.tmp
2012-11-03 23:30 . 2012-11-03 23:30 -------- d-----w- c:\program files\2K Sports
2012-11-03 23:25 . 2012-11-03 23:25 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-03 23:25 . 2012-11-03 23:25 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-11-03 23:24 . 2012-11-03 23:28 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-11-03 20:55 . 2012-11-03 20:55 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-11-03 15:25 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-03 15:25 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-11-03 15:25 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2012-11-03 15:25 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-11-03 15:25 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-11-03 15:25 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-11-03 15:25 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe
2012-11-03 15:25 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-11-03 15:24 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-11-03 15:24 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-03 15:24 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-03 15:23 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-11-03 15:23 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-03 15:22 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-11-03 15:21 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-03 15:21 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-11-03 15:19 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-03 15:19 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-03 15:19 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-11-03 14:11 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-11-03 09:52 . 2012-11-03 09:52 -------- d-----w- c:\program files\SystemRequirementsLab
2012-11-03 09:17 . 2012-11-03 09:17 -------- d-----w- c:\windows\system32\ca-ES
2012-11-03 09:17 . 2012-11-03 09:17 -------- d-----w- c:\windows\system32\eu-ES
2012-11-03 08:51 . 2012-11-03 08:51 -------- d-----w- c:\windows\system32\EventProviders
2012-11-03 08:39 . 2012-11-03 08:39 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-03 08:39 . 2012-11-03 08:39 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-02 23:01 . 2012-11-02 23:01 -------- d-----w- c:\programdata\ATI
2012-11-02 22:49 . 2012-11-02 22:49 -------- d-----w- c:\program files\Microsoft.NET
2012-11-02 22:12 . 2012-11-02 22:12 -------- d-----w- c:\programdata\AMD
2012-11-02 22:09 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2012-11-02 22:09 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2012-11-02 22:07 . 2009-04-11 06:28 1362944 ----a-w- c:\windows\system32\wbem\cimwin32.dll
2012-11-02 22:06 . 2009-04-11 06:28 438784 ----a-w- c:\windows\system32\IKEEXT.DLL
2012-11-02 22:05 . 2009-04-11 06:28 610304 ----a-w- c:\program files\Common Files\Microsoft Shared\DAO\dao360.dll
2012-11-02 22:04 . 2009-04-11 06:32 190424 ----a-w- c:\windows\system32\drivers\fltMgr.sys
2012-11-02 22:03 . 2009-04-11 04:38 17408 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-11-02 22:02 . 2009-04-11 04:45 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2012-11-02 22:01 . 2009-04-11 06:28 187904 ----a-w- c:\windows\system32\eapp3hst.dll
2012-11-02 21:59 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2012-11-02 21:59 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2012-11-02 21:59 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2012-11-02 21:59 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2012-11-02 21:59 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2012-11-02 21:59 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2012-11-02 21:59 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-11-02 21:56 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2012-11-02 21:53 . 2012-11-02 21:55 -------- d-----w- C:\AMD
2012-11-02 21:14 . 2012-11-02 21:14 -------- d-----w- c:\program files\VideoLAN
2012-11-02 19:45 . 2012-11-03 08:16 -------- d-----w- c:\program files\Common Files\Skype
2012-11-02 19:45 . 2012-11-22 16:15 -------- d-----r- c:\program files\Skype
2012-11-02 19:44 . 2012-11-22 16:16 -------- d-----w- c:\programdata\Skype
2012-11-02 19:23 . 2012-11-03 23:54 -------- d-----w- c:\programdata\IObit
2012-11-02 19:23 . 2012-11-03 23:54 -------- d-----w- c:\program files\IObit
2012-11-02 19:15 . 2012-11-14 11:46 -------- d-----w- C:\System Recovery Files
2012-11-02 14:45 . 2012-11-02 14:46 -------- d-----w- c:\program files\Google
2012-11-02 13:10 . 2010-02-12 10:48 293376 ----a-w- c:\windows\system32\browserchoice.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-04 22:54 . 2012-11-04 22:54 161792 ----a-w- c:\windows\system32\msls31.dll
2012-11-04 22:54 . 2012-11-04 22:54 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-04 22:54 . 2012-11-04 22:54 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-04 22:54 . 2012-11-04 22:54 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-04 22:54 . 2012-11-04 22:54 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-11-04 22:54 . 2012-11-04 22:54 152064 ----a-w- c:\windows\system32\wextract.exe
2012-11-04 22:54 . 2012-11-04 22:54 11776 ----a-w- c:\windows\system32\mshta.exe
2012-11-04 22:52 . 2012-11-04 22:52 586240 ----a-w- c:\windows\system32\stobject.dll
2012-11-04 22:52 . 2012-11-04 22:52 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2012-11-04 22:52 . 2012-11-04 22:52 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2012-11-04 22:52 . 2012-11-04 22:52 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2012-11-04 22:52 . 2012-11-04 22:52 258048 ----a-w- c:\windows\system32\winspool.drv
2012-11-04 22:52 . 2012-11-04 22:52 847360 ----a-w- c:\windows\system32\OpcServices.dll
2012-11-04 22:52 . 2012-11-04 22:52 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2012-11-04 22:51 . 2012-11-04 22:51 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2012-11-04 22:51 . 2012-11-04 22:51 4096 ----a-w- c:\windows\system32\drivers\sk-SK\dxgkrnl.sys.mui
2012-11-04 22:51 . 2012-11-04 22:51 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-11-04 22:51 . 2012-11-04 22:51 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-11-04 22:51 . 2012-11-04 22:51 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-11-04 22:51 . 2012-11-04 22:51 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-11-03 09:45 . 2012-11-03 09:46 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-03 09:44 . 2012-11-03 09:46 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-02 21:10 . 2012-11-02 21:10 17920 ----a-w- c:\windows\system32\netevent.dll
2012-11-02 21:10 . 2012-11-02 21:10 125952 ----a-w- c:\windows\system32\srvsvc.dll
2012-11-02 21:08 . 2012-11-02 21:08 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2012-11-02 21:08 . 2012-11-02 21:08 36864 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui
2012-11-02 14:19 . 2008-11-18 02:58 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
2012-10-12 18:09 . 2012-11-02 21:05 22912 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-10-12 14:29 . 2012-11-14 09:52 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-10-08 07:48 . 2012-11-14 12:24 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:43 . 2012-11-14 12:24 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40 . 2012-11-14 12:24 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-08 07:21 . 2012-10-08 07:21 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 104712 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2012-10-08 07:21 . 2012-10-08 07:21 170656 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-09-25 16:19 . 2012-11-14 09:52 75776 ----a-w- c:\windows\system32\synceng.dll
2012-09-13 13:28 . 2012-11-03 15:23 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-29 11:27 . 2012-11-03 15:19 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-11-03 15:19 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-11-02 963984]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-07-14 814144]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-09-05 206128]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-10-23 5074384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]
2008-09-26 01:36 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-01-19 11:55 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]
2008-10-03 08:47 912688 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]
2008-09-25 17:41 1152296 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent]
2008-09-24 17:07 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-03 08:39]
.
2012-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-02 14:45]
.
2012-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-02 14:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sk_sk&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sk_sk&c=91&bd=Pavilion&pf=cnnb
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-Efgur - c:\users\Admin\AppData\Roaming\Obahmu\wouca.exe
HKLM-Run-UCam_Menu - c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdateLBPShortCut - c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdatePSTShortCut - c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdateP2GoShortCut - c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
HKLM-Run-UpdatePDIRShortCut - c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-25 11:42
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(712)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(4852)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\vfsFPService.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
c:\program files\SMINST\BLService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
.
**************************************************************************
.
Completion time: 2012-11-25 11:47:25 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-25 10:47
.
Pre-Run: 251 031 089 152 bytes free
Post-Run: 250 819 833 856 bytes free
.
- - End Of File - - D57837D91754A85BC8B87D26C33223F6

[vyosek]

Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe

• Ulozte nejlepe na Plochu
• U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
• Kliknete na Scan
• Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

[seebo]

tak log som urobil a este jedna vec sa stala
nejak mi ten virus nod ulozil do karanteny a vyliecil akurat mi nejde terz nod odinstalovat.
predtym som sa nemohol dostat na ziadnu antivirusovu stranku ako NOD alebo AVAST teraz to uz ide
po zapnuti Firefoxu mi ten virus naskakoval ale uz som odinstaloval firefox a zasa nainstaloval a uz nenaskakuje ale tak pre istotu stale tomu neverm

Farbar Service Scanner Version: 09-11-2012
Ran by Admin (administrator) on 25-11-2012 at 20:35:06
Running from "C:\Users\Admin\Desktop"
Windows Vista (TM) Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-11-03 16:24] - [2012-06-02 01:02] - 0133120 ____A (Microsoft Corporation) F1E8C34892336D33EDDCDFE44E474F64

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 03:24] - [2008-01-21 03:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

[vyosek]

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami

• http://files.avast.com/files/eng/aswclear.exe
• http://download.eset.com/special/ESETUninstaller.exe navod zde http://www.viry.cz/forum/viewtopic.php?p=889437#p889437

Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\programdata\IObit
  c:\program files\IObit
  C:\found.001
  C:\found.000
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "uTorrent"=-
  "Skype"=-
  "DAEMON Tools Lite"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  "HP Software Update"=-
  "Adobe Reader Speed Launcher"=-
  "AdobeAAMUpdater-1.0"=-
  "AdobeCS6ServiceManager"=-
  "SwitchBoard"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
  
  NetSvc::
  ezSharedSvc
  
  Driver::
  ezSharedSvc
  
  File::
  c:\windows\Tasks\Adobe Flash Player Updater.job
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  DDS::
  uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
  mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
  
  RegLock::
  [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
  [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
  [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
  [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  
  DeQuarantine::
  c:\qoobox\quarantine\c\program files\CyberLink
  
  Ignore::
  c:\program files\CyberLink
  c:\program files\Hewlett-Packard
  
  FCopy::
  c:\qoobox\quarantine\c\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe.vir | c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[seebo]

ComboFix 12-11-25.01 - Admin . 11. 2012 23:41:04.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3069.2004 [GMT 1:00]
Running from: c:\users\Admin\Downloads\ComboFix.exe
Command switches used :: c:\users\Admin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\found.000
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-00-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-01-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-02-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-03-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-04-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-05-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-06-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-ClsdT-07-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-00-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-01-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-02-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-03-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-04-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-05-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-06-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-HalfT-07-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-00-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-01-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-02-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-03-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-04-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-05-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-06-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Brs-Hit-OpenT-07-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-00-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-01-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-02-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-03-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-04-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-05-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-06-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Pdl-Hit-Pedal-07-none-none-none-none.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-00-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-01-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-02-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-03-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-04-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-05-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-06-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-ClsdT-07-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-00-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-01-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-02-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-03-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-04-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-05-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-06-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-HalfT-07-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-00-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-01-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-02-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-03-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-04-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-05-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-06-none-none-none-Var00.wav
c:\found.000\dir0000.chk\HihatUF2-Stk-Hit-OpenT-07-none-none-none-Var00.wav
c:\found.000\dir0001.chk\bank.xml
c:\found.000\dir0001.chk\description.xml
c:\found.000\dir0001.chk\Samples.xml
c:\found.000\file0000.chk
c:\found.000\file0001.chk
c:\found.000\file0002.chk
c:\found.000\file0003.chk
c:\found.000\file0004.chk
C:\found.001
c:\found.001\dir0000.chk\taskeng.exe
c:\found.001\dir0000.chk\TaskEng.mof
c:\found.001\dir0001.chk\bank.xml
c:\found.001\dir0001.chk\description.xml
c:\found.001\dir0001.chk\Samples.xml
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-00-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-01-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-02-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-03-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-04-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-05-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-06-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Hit-07-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-00-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-01-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-02-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-03-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-04-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-05-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-06-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Brs-Hit-Choke-07-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-00-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-01-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-02-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-03-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-04-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-05-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-06-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Hit-07-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-00-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-01-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-02-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-03-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-04-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-05-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-06-none-none-none-none.wav
c:\found.001\dir0002.chk\Crash2UF2-Stk-Hit-Choke-07-none-none-none-none.wav
c:\found.001\file0000.chk
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 6\ASCService.exe
c:\program files\IObit\Advanced SystemCare 6\ASCService_Log.txt
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-10.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-11.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-12.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-13.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-14.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-15.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-16.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-17.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-18.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-19.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-20.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-21.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-22.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-23.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-24.log
c:\program files\IObit\Advanced SystemCare 6\ASCServiceLog\2012-11-25.log
c:\program files\IObit\Advanced SystemCare 6\AutoUpdate.log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2012-11-02(23-32-44).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2012-11-06(08-45-32).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2012-11-13(08-09-11).log
c:\program files\IObit\Advanced SystemCare 6\BootTimeLog\Defrag2012-11-25(09-14-45).log
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\asc.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\risk.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\safe.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\tip_details.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\window_risk.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\window_safe.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Advanced SystemCare 6\dxhelper.dll
c:\program files\IObit\Advanced SystemCare 6\Extensions.plist
c:\program files\IObit\Advanced SystemCare 6\checkinfo.txt
c:\program files\IObit\Advanced SystemCare 6\LatestNews\imagenews.png
c:\program files\IObit\Advanced SystemCare 6\LatestNews\LatestNews.ini
c:\program files\IObit\Advanced SystemCare 6\Main.ini
c:\program files\IObit\Advanced SystemCare 6\rtl120.bpl
c:\program files\IObit\Advanced SystemCare 6\SecurityHole_Backup\KB2345886.cab
c:\program files\IObit\Advanced SystemCare 6\SecurityHole_Backup\KB937286.cab
c:\program files\IObit\Advanced SystemCare 6\SecurityHole_Backup\KB970430.cab
c:\program files\IObit\Advanced SystemCare 6\SecurityHole_Backup\KB971737.cab
c:\program files\IObit\Advanced SystemCare 6\SecurityHoleScan.log
c:\program files\IObit\Advanced SystemCare 6\sh.dat
c:\program files\IObit\Advanced SystemCare 6\Shortcuts.log
c:\program files\IObit\Advanced SystemCare 6\Sun12_SystemControl.exe
c:\program files\IObit\Advanced SystemCare 6\Suo13_RegistryDefrag.exe
c:\program files\IObit\Advanced SystemCare 6\Sur12_DiskDoctor.exe
c:\program files\IObit\Advanced SystemCare 6\Sur13_WinFix.exe
c:\program files\IObit\Advanced SystemCare 6\Sus10_SysExplorer.exe
c:\program files\IObit\Advanced SystemCare 6\Sus11_ProcessManager.exe
c:\program files\IObit\Advanced SystemCare 6\Sus12_DriverManager.exe
c:\program files\IObit\Advanced SystemCare 6\SysExplorer.txt
c:\program files\IObit\Advanced SystemCare 6\Test.log
c:\program files\IObit\Advanced SystemCare 6\Update\Update.ini
c:\program files\IObit\Advanced SystemCare 6\UpdateLicense.log
c:\program files\IObit\Advanced SystemCare 6\vcl120.bpl
c:\program files\IObit\Game Booster 3\Boost.log
c:\program files\IObit\Game Booster 3\GameBooster.log
c:\program files\IObit\Game Booster 3\LatestGames\LatestGames.ini
c:\program files\IObit\Game Booster 3\Update\Update.Ini
c:\programdata\IObit
c:\programdata\IObit\Advanced SystemCare V6\App.bk
c:\programdata\IObit\Advanced SystemCare V6\AscService.ini
c:\programdata\IObit\Advanced SystemCare V6\License.dat
c:\programdata\IObit\Advanced SystemCare V6\ZLB2CF8.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB2DA4.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB2E11.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB4DA2.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB4F57.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB5FDA.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB644E.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB6F55.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB8C66.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLB90BA.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBAEC5.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBBAA7.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBBD26.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBC9E3.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBD6ED.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBD816.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBDD43.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBE71.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBE780.tmp
c:\programdata\IObit\Advanced SystemCare V6\ZLBFBCB.tmp
c:\programdata\IObit\Game Booster 3\Defrags.ini
c:\programdata\IObit\Game Booster 3\GameBooster.ini
c:\programdata\IObit\Game Booster 3\Process.ini
c:\programdata\IObit\Install.ini
.
.
--------------- FCopy ---------------
.
c:\qoobox\quarantine\c\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe.vir --> c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ezSharedSvc
-------\Legacy_WinRing0_1_2_0
-------\Service_WinRing0_1_2_0
.
.
((((((((((((((((((((((((( Files Created from 2012-10-25 to 2012-11-25 )))))))))))))))))))))))))))))))
.
.
2012-11-25 22:55 . 2012-11-25 22:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-25 22:24 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-11-25 22:24 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-11-25 22:23 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-11-25 22:23 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-11-25 22:23 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-11-25 22:23 . 2012-10-30 22:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-11-25 22:23 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-11-25 22:23 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-11-25 22:23 . 2012-11-25 22:23 -------- d-----w- c:\programdata\AVAST Software
2012-11-25 22:23 . 2012-11-25 22:23 -------- d-----w- c:\program files\AVAST Software
2012-11-25 18:15 . 2012-11-25 18:15 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-11-23 18:58 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{84E6A803-9186-41B8-B790-C41A6470DB91}\mpengine.dll
2012-11-21 10:18 . 2012-11-21 10:18 -------- d-----w- c:\programdata\boost_interprocess
2012-11-21 10:05 . 2012-11-21 10:12 -------- d-----w- c:\programdata\FLEXnet
2012-11-21 10:00 . 2012-11-21 10:00 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2012-11-21 09:52 . 2012-11-21 10:02 -------- d-----w- c:\program files\Autodesk
2012-11-21 09:47 . 2012-11-21 09:59 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2012-11-21 09:46 . 2008-10-15 05:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-11-21 09:46 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-11-21 09:46 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-11-21 09:34 . 2012-11-21 10:17 -------- d-----w- c:\programdata\Autodesk
2012-11-21 08:41 . 2012-11-21 08:41 -------- d-----w- c:\program files\The Sims Resource
2012-11-19 12:52 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-19 12:52 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-18 14:39 . 2012-05-31 11:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-11-18 12:41 . 2012-11-18 12:41 -------- d-----w- c:\programdata\WindowsSearch
2012-11-15 14:38 . 2012-11-15 14:38 -------- d-----w- c:\program files\Mad Scientist Productions
2012-11-14 09:52 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 09:52 . 2012-10-12 14:29 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-07 14:15 . 2012-11-07 14:15 -------- d-----w- c:\programdata\EA Core
2012-11-07 14:06 . 2012-11-07 14:06 -------- d-----w- c:\programdata\Origin
2012-11-07 09:29 . 2012-11-07 09:29 -------- d-----w- c:\programdata\Electronic Arts
2012-11-07 09:29 . 2012-11-07 09:30 -------- d-----w- c:\program files\Origin
2012-11-07 09:13 . 2012-11-07 09:13 -------- d-----w- c:\program files\Microsoft WSE
2012-11-07 09:00 . 2012-11-14 19:13 -------- d-----w- c:\program files\Electronic Arts
2012-11-06 08:15 . 2012-11-20 08:04 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-11-06 08:12 . 2012-11-06 08:12 -------- d-----w- c:\programdata\ALM
2012-11-06 08:05 . 2012-11-06 08:05 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-11-05 15:23 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2012-11-05 15:22 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-11-05 15:22 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-11-05 15:22 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-11-05 15:22 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-11-05 15:22 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-11-05 15:19 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-05 15:19 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-05 15:19 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-11-05 15:19 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-11-05 15:19 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-11-05 15:19 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-11-05 15:19 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2012-11-05 15:17 . 2011-10-14 16:02 429056 ----a-w- c:\windows\system32\EncDec.dll
2012-11-05 15:17 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-11-05 07:38 . 2012-11-05 07:38 -------- d-----w- c:\program files\Windows Portable Devices
2012-11-05 07:38 . 2012-11-05 07:38 -------- d-----w- c:\windows\system32\drivers\UMDF\sk-SK
2012-11-04 23:15 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2012-11-04 23:15 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2012-11-04 23:15 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-11-04 23:12 . 2009-10-01 01:01 839168 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2012-11-04 23:03 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-04 23:03 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-04 23:03 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-04 22:52 . 2012-11-04 22:52 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-11-04 22:51 . 2012-11-04 22:51 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-11-04 22:51 . 2012-11-04 22:51 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-11-04 22:51 . 2012-11-04 22:51 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-11-04 22:51 . 2012-11-04 22:51 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-11-04 22:51 . 2012-11-04 22:51 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-11-04 22:51 . 2012-11-04 22:51 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-11-04 22:51 . 2012-11-04 22:51 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-11-04 08:14 . 2007-10-22 02:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2012-11-04 08:09 . 2012-11-04 08:12 -------- d--h--w- c:\windows\msdownld.tmp
2012-11-03 23:30 . 2012-11-03 23:30 -------- d-----w- c:\program files\2K Sports
2012-11-03 23:25 . 2012-11-03 23:25 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-11-03 23:25 . 2012-11-03 23:25 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-11-03 23:24 . 2012-11-03 23:28 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-11-03 20:55 . 2012-11-03 20:55 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-11-03 15:27 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-11-03 15:25 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-03 15:25 . 2012-02-01 15:11 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-11-03 15:25 . 2012-02-01 15:10 1404928 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2012-11-03 15:25 . 2012-02-01 15:10 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-11-03 15:25 . 2012-02-01 15:10 983040 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2012-11-03 15:25 . 2012-02-01 15:10 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-11-03 15:25 . 2012-02-01 13:58 47104 ----a-w- c:\program files\Windows Journal\PDIALOG.exe
2012-11-03 15:25 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-11-03 15:25 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-11-03 15:24 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-11-03 15:24 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-11-03 15:24 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-11-03 15:24 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-11-03 15:24 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-11-03 15:24 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-11-03 15:24 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-11-03 15:23 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-11-03 15:23 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-03 15:23 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-11-03 15:23 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-11-03 15:23 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-03 15:23 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-11-03 15:22 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-11-03 15:22 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-11-03 15:22 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-11-03 15:22 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-03 15:22 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2012-11-03 15:21 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-11-03 15:21 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-11-03 15:21 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-03 15:21 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-11-03 15:19 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-11-03 15:19 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2012-11-03 15:19 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-03 15:19 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-03 15:19 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-11-03 15:19 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-11-03 15:19 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-11-03 15:19 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-11-03 15:19 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-11-03 14:47 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-11-03 14:11 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-11-03 14:11 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2012-11-03 14:11 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2012-11-03 14:11 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2012-11-03 14:11 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-04 22:54 . 2012-11-04 22:54 203776 ----a-w- c:\windows\system32\webcheck.dll
2012-11-04 22:51 . 2012-11-04 22:51 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2012-11-04 22:51 . 2012-11-04 22:51 4096 ----a-w- c:\windows\system32\drivers\sk-SK\dxgkrnl.sys.mui
2012-11-02 21:08 . 2012-11-02 21:08 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2012-11-02 21:08 . 2012-11-02 21:08 36864 ----a-w- c:\windows\system32\drivers\en-US\http.sys.mui
2012-11-02 14:19 . 2008-11-18 02:58 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
2012-11-20 06:17 . 2012-11-25 18:15 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-07-14 814144]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-09-05 206128]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDAgent]
2008-09-26 01:36 1148200 ------w- c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]
2008-10-03 08:47 912688 ----a-w- c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSMAgent]
2008-09-25 17:41 1152296 ------w- c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVAgent]
2008-09-24 17:07 206120 ------w- c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-03 08:39]
.
2012-11-25 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-11-25 22:50]
.
2012-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-02 14:45]
.
2012-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-02 14:45]
.
.
------- Supplementary Scan -------
.
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\0gsgddi5.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - ExtSQL: 2012-11-02 11:07; otis@digitalpersona.com; c:\program files\DigitalPersona\Bin\firefoxext
FF - ExtSQL: 2012-11-21 22:52; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2012-11-02 11:07; otis@digitalpersona.com; c:\program files\DigitalPersona\Bin\FirefoxExt
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-25 23:57
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(728)
c:\windows\system32\DPPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(4772)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btmmhook.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\vfsFPService.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
c:\program files\SMINST\BLService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Completion time: 2012-11-26 00:04:34 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-25 23:04
ComboFix2.txt 2012-11-25 10:47
C:\DeQuarantine.txt
.
Pre-Run: 247 234 551 808 bytes free
Post-Run: 246 666 981 376 bytes free
.
- - End Of File - - 533A76D1333F842B4A5E11115E1EC300

[vyosek]

Fajn, jak se chova PC

[seebo]

PC pracuje parádne a ja vám ďakujem za váš čas a pomoc
A neviete o niecom čo mi prečistí počítač okrem iObit kedze ten program je nakoniec hovadina ?

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

• Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
  • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
  • prepnete se do zalozky Nastroje
  • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
  • Toto provedte se vsemi disky
• Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
  • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
  • Kliknete na Analyzovat
  • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
  • Postup provedte se vsemi disky
• Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
  • Vyhodou programku je, ze se neinstaluje
  • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
  • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
  • Probehne analyza disku a nasledne i defragmentace

Dle meho staci CCleaner a Deffragler

A pokud nejsou problemy ci dotazy, je to z me strany vse