klávesnice sama píše +

Zpráva

krejca · #1 Příspěvek od **krejca** » 22 pro 2012 20:28

Při zapnutém internetu na NB se objevují v dialogovém okně nebo v okně pro vyhledávání nebo v textu psaného dokumentu znaky (+).
Pokud internet zakážu, je vše v pořádku. Klávenici jsem vyndal a je to stejné. Nechal jsem to projet vším možným a nic. Má někdo nějakou radu?

#2 Příspěvek od **Márty84** » 23 pro 2012 11:12

Zdravim

Dela to i v nouzovem rezimu?

krejca · #3 Příspěvek od **krejca** » 23 pro 2012 11:29

Pokud dám nouzový režim s prací v síti, tak to blbne. V normálním NR to je v pořádku. Zapoměl jsem napsat že na to NB jsou W Vista.

#4 Příspěvek od **Márty84** » 23 pro 2012 11:38

Dejte sem log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

krejca · #5 Příspěvek od **krejca** » 23 pro 2012 12:05

++Logfile of random's system information tool 1.09 (written by random/random)
Run by Dana at 2012-12-23 12:02:14
Microsoft® Windows Vista™ Home Premium
System drive C: has 40 GB (56%) free of 71 GB
Total RAM: 1790 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:02:28, on 23.12.2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Users\Dana\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\Dana\Downloads\RSIT.exe
C:\Program Files\trend micro\Dana.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5763 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\2nr2ctpd.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-24 206952]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-08-15 772616]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]
"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-06-11 1286144]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-06-06 159744]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-03-08 40048]
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-05-22 151552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2012-12-20 1232896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.mkdmp3enc"=C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-12-23 12:02:15 ----D---- C:\Program Files\trend micro
2012-12-23 12:02:14 ----D---- C:\rsit
2012-12-23 11:56:22 ----ASH---- C:\hiberfil.sys
2012-12-23 11:23:00 ----A---- C:\Windows\ntbtlog.txt
2012-12-22 15:51:44 ----SHD---- C:\$RECYCLE.BIN
2012-12-22 15:51:34 ----A---- C:\ComboFix.txt
2012-12-22 15:38:20 ----A---- C:\Windows\zip.exe
2012-12-22 15:38:20 ----A---- C:\Windows\SWXCACLS.exe
2012-12-22 15:38:20 ----A---- C:\Windows\SWSC.exe
2012-12-22 15:38:20 ----A---- C:\Windows\SWREG.exe
2012-12-22 15:38:20 ----A---- C:\Windows\sed.exe
2012-12-22 15:38:20 ----A---- C:\Windows\PEV.exe
2012-12-22 15:38:20 ----A---- C:\Windows\NIRCMD.exe
2012-12-22 15:38:20 ----A---- C:\Windows\MBR.exe
2012-12-22 15:38:20 ----A---- C:\Windows\grep.exe
2012-12-22 15:38:01 ----D---- C:\ComboFix
2012-12-22 15:37:52 ----D---- C:\Qoobox
2012-12-22 15:37:25 ----D---- C:\Windows\erdnt
2012-12-22 13:58:07 ----D---- C:\Users\Dana\AppData\Roaming\Mozilla
2012-12-22 13:58:00 ----D---- C:\ProgramData\Mozilla
2012-12-22 13:58:00 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-12-22 13:57:51 ----D---- C:\Program Files\Mozilla Firefox
2012-12-22 12:45:51 ----D---- C:\Windows\pss
2012-12-21 18:44:00 ----A---- C:\Windows\system32\winhttp.dll
2012-12-21 18:43:57 ----A---- C:\Windows\system32\es.dll
2012-12-20 20:52:19 ----D---- C:\Windows\system32\EventProviders
2012-12-20 18:48:31 ----A---- C:\Windows\UNINST32.EXE
2012-12-20 18:48:31 ----A---- C:\Windows\system32\drivers\DKbFltr.sys
2012-12-20 18:48:28 ----A---- C:\Windows\system32\nvuninst.exe
2012-12-20 18:48:28 ----A---- C:\Windows\system32\nvsvc.dll
2012-12-20 18:48:27 ----A---- C:\Windows\system32\nvmctray.dll
2012-12-20 18:48:27 ----A---- C:\Windows\system32\nvexpbar.dll
2012-12-20 18:48:26 ----A---- C:\Windows\system32\nvd3dum.dll
2012-12-20 18:48:26 ----A---- C:\Windows\system32\nvcpluir.dll
2012-12-20 18:48:26 ----A---- C:\Windows\system32\nvcplui.exe
2012-12-20 18:48:25 ----A---- C:\Windows\system32\nvapi.dll
2012-12-20 18:48:24 ----A---- C:\Windows\system32\nvconrm.dll
2012-12-20 18:48:24 ----A---- C:\Windows\system32\fdco1.dll
2012-12-20 18:48:24 ----A---- C:\Windows\system32\drivers\nvmfdx32.sys
2012-12-20 18:48:17 ----A---- C:\Windows\AFirst.cmd
2012-12-20 18:48:16 ----A---- C:\Windows\eRy.exe
2012-12-20 18:48:12 ----A---- C:\Windows\SETPANEL.INI
2012-12-20 18:48:11 ----A---- C:\Windows\MSSFT_RB.CMD
2012-12-20 18:48:11 ----A---- C:\Windows\MSSEC_RB.CMD
2012-12-20 18:48:11 ----A---- C:\Windows\devcon.exe
2012-12-20 18:48:11 ----A---- C:\Windows\CLEANUP.INI
2012-12-20 18:48:11 ----A---- C:\Windows\CLEANUP.CMD
2012-12-20 17:21:09 ----A---- C:\Windows\system32\drivers\pciidex.sys
2012-12-20 17:21:09 ----A---- C:\Windows\system32\drivers\pciide.sys
2012-12-20 17:21:09 ----A---- C:\Windows\system32\drivers\ataport.sys
2012-12-20 17:21:09 ----A---- C:\Windows\system32\drivers\atapi.sys
2012-12-20 17:21:08 ----A---- C:\Windows\system32\drivers\volsnap.sys
2012-12-20 17:21:08 ----A---- C:\Windows\system32\drivers\nwifi.sys
2012-12-20 17:20:43 ----A---- C:\Windows\explorer.exe
2012-12-20 17:20:17 ----A---- C:\Windows\system32\hcrstco.dll
2012-12-20 17:20:17 ----A---- C:\Windows\system32\hccoin.dll
2012-12-20 17:20:17 ----A---- C:\Windows\system32\drivers\usbport.sys
2012-12-20 17:20:17 ----A---- C:\Windows\system32\drivers\usbohci.sys
2012-12-20 17:20:17 ----A---- C:\Windows\system32\drivers\usbhub.sys
2012-12-20 17:20:17 ----A---- C:\Windows\system32\drivers\usbehci.sys
2012-12-20 17:20:17 ----A---- C:\Windows\system32\drivers\usbd.sys
2012-12-20 17:19:54 ----A---- C:\Windows\system32\wintrust.dll
2012-12-20 17:19:23 ----A---- C:\Windows\system32\kerberos.dll
2012-12-20 17:19:22 ----A---- C:\Windows\system32\schannel.dll
2012-12-20 17:18:53 ----A---- C:\Windows\system32\netcfg.exe
2012-12-20 17:18:24 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2012-12-20 17:18:24 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2012-12-20 17:18:24 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2012-12-20 17:18:24 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2012-12-20 17:18:23 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2012-12-20 17:18:23 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2012-12-20 17:18:23 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2012-12-20 17:18:22 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2012-12-20 17:18:21 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2012-12-20 17:18:21 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2012-12-20 17:18:20 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2012-12-20 17:18:20 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2012-12-20 17:18:20 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2012-12-20 17:18:19 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2012-12-20 17:18:19 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2012-12-20 17:18:19 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2012-12-20 17:18:18 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2012-12-20 17:18:18 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2012-12-20 17:18:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2012-12-20 17:18:17 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2012-12-20 17:18:16 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2012-12-20 17:18:16 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2012-12-20 17:18:16 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2012-12-20 17:18:15 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2012-12-20 17:18:15 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2012-12-20 17:18:14 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2012-12-20 17:18:14 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2012-12-20 17:18:14 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2012-12-20 17:18:14 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2012-12-20 17:18:13 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2012-12-20 17:18:13 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2012-12-20 17:18:12 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2012-12-20 17:18:12 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2012-12-20 17:18:11 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2012-12-20 17:18:11 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2012-12-20 17:18:10 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2012-12-20 17:18:10 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2012-12-20 17:18:09 ----A---- C:\Windows\system32\NlsModels0011.dll
2012-12-20 17:18:09 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2012-12-20 17:18:09 ----A---- C:\Windows\system32\NlsData0045.dll
2012-12-20 17:18:08 ----A---- C:\Windows\system32\NlsData0049.dll
2012-12-20 17:18:08 ----A---- C:\Windows\system32\NlsData0047.dll
2012-12-20 17:18:08 ----A---- C:\Windows\system32\NlsData0046.dll
2012-12-20 17:18:07 ----A---- C:\Windows\system32\NlsData0039.dll
2012-12-20 17:18:07 ----A---- C:\Windows\system32\NlsData0022.dll
2012-12-20 17:18:07 ----A---- C:\Windows\system32\NlsData0021.dll
2012-12-20 17:18:07 ----A---- C:\Windows\system32\NlsData0020.dll
2012-12-20 17:18:06 ----A---- C:\Windows\system32\NlsData0027.dll
2012-12-20 17:18:06 ----A---- C:\Windows\system32\NlsData0026.dll
2012-12-20 17:18:06 ----A---- C:\Windows\system32\NlsData0024.dll
2012-12-20 17:18:05 ----A---- C:\Windows\system32\NlsData0018.dll
2012-12-20 17:18:05 ----A---- C:\Windows\system32\NlsData0013.dll
2012-12-20 17:18:05 ----A---- C:\Windows\system32\NlsData0011.dll
2012-12-20 17:18:05 ----A---- C:\Windows\system32\NlsData0010.dll
2012-12-20 17:18:04 ----A---- C:\Windows\system32\NlsData0019.dll
2012-12-20 17:18:04 ----A---- C:\Windows\system32\NlsData0002.dll
2012-12-20 17:18:04 ----A---- C:\Windows\system32\NlsData0001.dll
2012-12-20 17:18:04 ----A---- C:\Windows\system32\NlsData0000.dll
2012-12-20 17:18:03 ----A---- C:\Windows\system32\NlsData0009.dll
2012-12-20 17:18:03 ----A---- C:\Windows\system32\NlsData0007.dll
2012-12-20 17:18:03 ----A---- C:\Windows\system32\NlsData0003.dll
2012-12-20 17:18:02 ----A---- C:\Windows\system32\NlsData004e.dll
2012-12-20 17:18:02 ----A---- C:\Windows\system32\NlsData004c.dll
2012-12-20 17:18:02 ----A---- C:\Windows\system32\NlsData004b.dll
2012-12-20 17:18:02 ----A---- C:\Windows\system32\NlsData004a.dll
2012-12-20 17:18:01 ----A---- C:\Windows\system32\NlsData003e.dll
2012-12-20 17:18:01 ----A---- C:\Windows\system32\NlsData002a.dll
2012-12-20 17:18:01 ----A---- C:\Windows\system32\NlsData001b.dll
2012-12-20 17:18:01 ----A---- C:\Windows\system32\NlsData001a.dll
2012-12-20 17:18:00 ----A---- C:\Windows\system32\NlsData001d.dll
2012-12-20 17:18:00 ----A---- C:\Windows\system32\NlsData000a.dll
2012-12-20 17:17:59 ----A---- C:\Windows\system32\NlsData000f.dll
2012-12-20 17:17:59 ----A---- C:\Windows\system32\NlsData000d.dll
2012-12-20 17:17:59 ----A---- C:\Windows\system32\NlsData000c.dll
2012-12-20 17:17:58 ----A---- C:\Windows\system32\NlsData0816.dll
2012-12-20 17:17:58 ----A---- C:\Windows\system32\NlsData0416.dll
2012-12-20 17:17:58 ----A---- C:\Windows\system32\NlsData0414.dll
2012-12-20 17:17:58 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2012-12-20 17:17:57 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2012-12-20 17:17:57 ----A---- C:\Windows\system32\NlsData0c1a.dll
2012-12-20 17:17:57 ----A---- C:\Windows\system32\NlsData081a.dll
2012-12-20 17:15:08 ----A---- C:\Windows\system32\setupapi.dll
2012-12-20 17:14:47 ----A---- C:\Windows\system32\srdelayed.exe
2012-12-20 17:14:47 ----A---- C:\Windows\system32\srcore.dll
2012-12-20 17:14:47 ----A---- C:\Windows\system32\srclient.dll
2012-12-20 17:14:47 ----A---- C:\Windows\system32\rstrui.exe
2012-12-20 17:14:46 ----A---- C:\Windows\system32\wpd_ci.dll
2012-12-20 17:14:46 ----A---- C:\Windows\system32\winresume.exe
2012-12-20 17:14:46 ----A---- C:\Windows\system32\winload.exe
2012-12-20 17:14:46 ----A---- C:\Windows\system32\kd1394.dll
2012-12-20 17:14:46 ----A---- C:\Windows\system32\clfs.sys
2012-12-20 17:14:46 ----A---- C:\Windows\system32\ci.dll
2012-12-20 17:14:45 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-12-20 17:14:45 ----A---- C:\Windows\system32\oleaut32.dll
2012-12-20 17:14:45 ----A---- C:\Windows\system32\kbd106n.dll
2012-12-20 17:14:45 ----A---- C:\Windows\system32\drvinst.exe
2012-12-20 17:14:45 ----A---- C:\Windows\system32\dpx.dll
2012-12-20 17:14:45 ----A---- C:\Windows\system32\cfgmgr32.dll
2012-12-20 17:14:44 ----A---- C:\Windows\system32\unlodctr.exe
2012-12-20 17:14:44 ----A---- C:\Windows\system32\schedsvc.dll
2012-12-20 17:14:44 ----A---- C:\Windows\system32\prflbmsg.dll
2012-12-20 17:14:44 ----A---- C:\Windows\system32\lodctr.exe
2012-12-20 17:14:44 ----A---- C:\Windows\system32\loadperf.dll
2012-12-20 17:14:43 ----A---- C:\Windows\system32\kbd106.dll
2012-12-20 17:14:43 ----A---- C:\Windows\system32\f3ahvoas.dll
2012-12-20 17:14:43 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-12-20 17:14:43 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-12-20 17:14:43 ----A---- C:\Windows\system32\drivers\sermouse.sys
2012-12-20 17:14:43 ----A---- C:\Windows\system32\drivers\mouhid.sys
2012-12-20 17:14:43 ----A---- C:\Windows\system32\drivers\mouclass.sys
2012-12-20 17:14:43 ----A---- C:\Windows\system32\dispci.dll
2012-12-20 17:14:43 ----A---- C:\Windows\system32\batt.dll
2012-12-20 17:14:42 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2012-12-20 17:14:42 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2012-12-20 17:14:42 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2012-12-20 17:13:29 ----A---- C:\Windows\system32\rpcss.dll
2012-12-20 17:13:28 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2012-12-20 17:13:28 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2012-12-20 17:13:27 ----A---- C:\Windows\system32\iasads.dll
2012-12-20 17:13:26 ----A---- C:\Windows\system32\sdohlp.dll
2012-12-20 17:13:26 ----A---- C:\Windows\system32\iasrecst.dll
2012-12-20 17:13:26 ----A---- C:\Windows\system32\iasdatastore.dll
2012-12-20 17:12:33 ----A---- C:\Windows\system32\jscript.dll
2012-12-20 17:12:08 ----A---- C:\Windows\system32\tcpipcfg.dll
2012-12-20 17:12:08 ----A---- C:\Windows\system32\netiougc.exe
2012-12-20 17:12:08 ----A---- C:\Windows\system32\iphlpsvc.dll
2012-12-20 17:12:08 ----A---- C:\Windows\system32\drivers\tunnel.sys
2012-12-20 17:12:08 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2012-12-20 17:12:08 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-12-20 17:11:20 ----A---- C:\Windows\system32\WMASF.DLL
2012-12-20 17:11:20 ----A---- C:\Windows\system32\LAPRXY.DLL
2012-12-20 17:11:20 ----A---- C:\Windows\system32\asferror.dll
2012-12-20 17:11:03 ----A---- C:\Windows\system32\browserchoice.exe
2012-12-20 17:10:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2012-12-20 17:10:14 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2012-12-20 17:10:13 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2012-12-20 17:09:44 ----A---- C:\Windows\system32\cabview.dll
2012-12-20 17:09:06 ----A---- C:\Windows\system32\win32spl.dll
2012-12-20 17:09:06 ----A---- C:\Windows\system32\printcom.dll
2012-12-20 17:08:47 ----A---- C:\Windows\system32\win32k.sys
2012-12-20 17:08:26 ----A---- C:\Windows\system32\wshrm.dll
2012-12-20 17:08:26 ----A---- C:\Windows\system32\drivers\rmcast.sys
2012-12-20 17:08:02 ----A---- C:\Windows\system32\wmpdxm.dll
2012-12-20 17:07:23 ----A---- C:\Windows\system32\secproc_ssp.dll
2012-12-20 17:07:23 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2012-12-20 17:07:23 ----A---- C:\Windows\system32\msdrm.dll
2012-12-20 17:07:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2012-12-20 17:07:22 ----A---- C:\Windows\system32\secproc_isv.dll
2012-12-20 17:07:22 ----A---- C:\Windows\system32\secproc.dll
2012-12-20 17:07:22 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2012-12-20 17:07:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
2012-12-20 17:07:22 ----A---- C:\Windows\system32\RMActivate.exe
2012-12-20 17:07:00 ----A---- C:\Windows\system32\sbunattend.exe
2012-12-20 17:06:33 ----A---- C:\Windows\system32\dnsrslvr.dll
2012-12-20 17:06:33 ----A---- C:\Windows\system32\dnscacheugc.exe
2012-12-20 17:06:33 ----A---- C:\Windows\system32\dnsapi.dll
2012-12-20 16:59:15 ----A---- C:\Windows\system32\icardagt.exe
2012-12-20 16:59:14 ----A---- C:\Windows\system32\infocardapi.dll
2012-12-20 16:59:14 ----A---- C:\Windows\system32\icardres.dll
2012-12-20 16:59:06 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2012-12-20 16:59:05 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2012-12-20 16:59:05 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2012-12-20 16:59:05 ----A---- C:\Windows\system32\PresentationHost.exe
2012-12-20 15:44:39 ----D---- C:\ProgramData\NVIDIA
2012-12-20 15:44:28 ----A---- C:\ProgramData\nvModes.dat
2012-12-20 15:32:53 ----A---- C:\Windows\system32\t2embed.dll
2012-12-20 15:32:53 ----A---- C:\Windows\system32\lpk.dll
2012-12-20 15:32:53 ----A---- C:\Windows\system32\fontsub.dll
2012-12-20 15:32:53 ----A---- C:\Windows\system32\dciman32.dll
2012-12-20 15:32:53 ----A---- C:\Windows\system32\atmlib.dll
2012-12-20 15:32:53 ----A---- C:\Windows\system32\atmfd.dll
2012-12-20 15:31:01 ----A---- C:\Windows\system32\iedkcs32.dll
2012-12-20 15:31:01 ----A---- C:\Windows\system32\ieakui.dll
2012-12-20 15:31:01 ----A---- C:\Windows\system32\ieaksie.dll
2012-12-20 15:31:01 ----A---- C:\Windows\system32\advpack.dll
2012-12-20 15:31:01 ----A---- C:\Windows\system32\admparse.dll
2012-12-20 15:31:00 ----A---- C:\Windows\system32\wininet.dll
2012-12-20 15:31:00 ----A---- C:\Windows\system32\jsproxy.dll
2012-12-20 15:31:00 ----A---- C:\Windows\system32\ieapfltr.dll
2012-12-20 15:31:00 ----A---- C:\Windows\system32\ieapfltr.dat
2012-12-20 15:30:59 ----A---- C:\Windows\system32\dxtrans.dll
2012-12-20 15:30:59 ----A---- C:\Windows\system32\dxtmsft.dll
2012-12-20 15:30:58 ----A---- C:\Windows\system32\msfeeds.dll
2012-12-20 15:30:57 ----A---- C:\Windows\system32\ieui.dll
2012-12-20 15:30:56 ----A---- C:\Windows\system32\ieframe.dll
2012-12-20 15:30:54 ----A---- C:\Windows\system32\mshtmler.dll
2012-12-20 15:30:54 ----A---- C:\Windows\system32\mshtmled.dll
2012-12-20 15:30:54 ----A---- C:\Windows\system32\ieencode.dll
2012-12-20 15:30:53 ----A---- C:\Windows\system32\mshtml.dll
2012-12-20 15:30:51 ----A---- C:\Windows\system32\mstime.dll
2012-12-20 15:30:50 ----A---- C:\Windows\system32\icardie.dll
2012-12-20 15:30:48 ----A---- C:\Windows\system32\ieUnatt.exe
2012-12-20 15:30:47 ----A---- C:\Windows\system32\urlmon.dll
2012-12-20 15:30:47 ----A---- C:\Windows\system32\occache.dll
2012-12-20 15:30:46 ----A---- C:\Windows\system32\pngfilt.dll
2012-12-20 15:30:46 ----A---- C:\Windows\system32\iertutil.dll
2012-12-20 15:30:45 ----A---- C:\Windows\system32\iesetup.dll
2012-12-20 15:30:45 ----A---- C:\Windows\system32\iernonce.dll
2012-12-20 15:30:45 ----A---- C:\Windows\system32\ie4uinit.exe
2012-12-20 15:28:34 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2012-12-20 15:28:33 ----A---- C:\Windows\system32\winipsec.dll
2012-12-20 15:28:33 ----A---- C:\Windows\system32\polstore.dll
2012-12-20 15:28:33 ----A---- C:\Windows\system32\IPSECSVC.DLL
2012-12-20 15:27:29 ----A---- C:\Windows\system32\riched32.dll
2012-12-20 15:27:29 ----A---- C:\Windows\system32\riched20.dll
2012-12-20 15:27:27 ----A---- C:\Windows\system32\rasser.dll
2012-12-20 15:27:27 ----A---- C:\Windows\system32\rasdiag.dll
2012-12-20 15:27:27 ----A---- C:\Windows\system32\rascfg.dll
2012-12-20 15:27:27 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2012-12-20 15:27:27 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2012-12-20 15:27:26 ----A---- C:\Windows\system32\rasmxs.dll
2012-12-20 15:27:26 ----A---- C:\Windows\system32\netcfgx.dll
2012-12-20 15:27:26 ----A---- C:\Windows\system32\msftedit.dll
2012-12-20 15:27:26 ----A---- C:\Windows\system32\drivers\wanarp.sys
2012-12-20 15:27:25 ----A---- C:\Windows\system32\ipnathlp.dll
2012-12-20 15:27:25 ----A---- C:\Windows\system32\icsunattend.exe
2012-12-20 15:27:24 ----A---- C:\Windows\system32\wshqos.dll
2012-12-20 15:27:24 ----A---- C:\Windows\system32\traffic.dll
2012-12-20 15:27:24 ----A---- C:\Windows\system32\pacerprf.dll
2012-12-20 15:27:24 ----A---- C:\Windows\system32\drivers\pacer.sys
2012-12-20 15:27:24 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2012-12-20 15:27:24 ----A---- C:\Windows\system32\cdd.dll
2012-12-20 15:27:23 ----A---- C:\Windows\system32\dps.dll
2012-12-20 15:26:23 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-12-20 15:26:22 ----A---- C:\Windows\system32\drivers\srv.sys
2012-12-20 15:25:21 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2012-12-20 15:25:21 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2012-12-20 15:25:20 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2012-12-20 15:24:02 ----A---- C:\Windows\system32\TCPSVCS.EXE
2012-12-20 15:24:02 ----A---- C:\Windows\system32\netevent.dll
2012-12-20 15:24:02 ----A---- C:\Windows\system32\MRINFO.EXE
2012-12-20 15:24:02 ----A---- C:\Windows\system32\HOSTNAME.EXE
2012-12-20 15:24:01 ----A---- C:\Windows\system32\ROUTE.EXE
2012-12-20 15:24:01 ----A---- C:\Windows\system32\NETSTAT.EXE
2012-12-20 15:24:01 ----A---- C:\Windows\system32\netiohlp.dll
2012-12-20 15:24:01 ----A---- C:\Windows\system32\finger.exe
2012-12-20 15:24:01 ----A---- C:\Windows\system32\ARP.EXE
2012-12-20 15:24:00 ----A---- C:\Windows\system32\drivers\netio.sys
2012-12-20 15:22:31 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2012-12-20 15:22:29 ----A---- C:\Windows\system32\wtsapi32.dll
2012-12-20 15:22:28 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2012-12-20 15:22:28 ----A---- C:\Windows\system32\drivers\compbatt.sys
2012-12-20 15:22:28 ----A---- C:\Windows\system32\drivers\CmBatt.sys
2012-12-20 15:22:28 ----A---- C:\Windows\system32\drivers\acpi.sys
2012-12-20 15:22:27 ----A---- C:\Windows\system32\drivers\battc.sys
2012-12-20 15:22:26 ----A---- C:\Windows\system32\sysmain.dll
2012-12-20 15:21:26 ----A---- C:\Windows\system32\WebClnt.dll
2012-12-20 15:21:26 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2012-12-20 15:20:28 ----A---- C:\Windows\system32\L2SecHC.dll
2012-12-20 15:20:27 ----A---- C:\Windows\system32\wlansvc.dll
2012-12-20 15:20:27 ----A---- C:\Windows\system32\wlansec.dll
2012-12-20 15:20:27 ----A---- C:\Windows\system32\wlanmsm.dll
2012-12-20 15:20:27 ----A---- C:\Windows\system32\wlanhlp.dll
2012-12-20 15:20:27 ----A---- C:\Windows\system32\wlanapi.dll
2012-12-20 15:19:16 ----A---- C:\Windows\system32\msxml3r.dll
2012-12-20 15:19:16 ----A---- C:\Windows\system32\msxml3.dll
2012-12-20 15:19:15 ----A---- C:\Windows\system32\msxml6r.dll
2012-12-20 15:19:15 ----A---- C:\Windows\system32\msxml6.dll
2012-12-20 15:18:01 ----A---- C:\Windows\system32\wdigest.dll
2012-12-20 15:18:01 ----A---- C:\Windows\system32\secur32.dll
2012-12-20 15:18:01 ----A---- C:\Windows\system32\msv1_0.dll
2012-12-20 15:18:01 ----A---- C:\Windows\system32\lsass.exe
2012-12-20 15:18:01 ----A---- C:\Windows\system32\lsasrv.dll
2012-12-20 15:18:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-12-20 15:12:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-12-20 15:12:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-12-20 15:12:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-12-20 15:11:54 ----A---- C:\Windows\system32\rrinstaller.exe
2012-12-20 15:11:54 ----A---- C:\Windows\system32\mfps.dll
2012-12-20 15:11:54 ----A---- C:\Windows\system32\mfpmp.exe
2012-12-20 15:11:54 ----A---- C:\Windows\system32\mferror.dll
2012-12-20 15:11:54 ----A---- C:\Windows\system32\mf.dll
2012-12-20 15:11:53 ----A---- C:\Windows\system32\WMVCORE.DLL
2012-12-20 15:10:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-12-20 15:10:45 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-12-20 15:07:43 ----A---- C:\Windows\system32\vbscript.dll
2012-12-20 15:06:43 ----A---- C:\Windows\system32\atl.dll
2012-12-20 15:05:46 ----A---- C:\Windows\system32\gdi32.dll
2012-12-20 15:04:51 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-12-20 15:04:51 ----A---- C:\Windows\system32\drivers\monitor.sys
2012-12-20 15:02:35 ----A---- C:\Windows\system32\xolehlp.dll
2012-12-20 15:02:35 ----A---- C:\Windows\system32\msdtcprx.dll
2012-12-20 15:01:38 ----A---- C:\Windows\system32\wkssvc.dll
2012-12-20 15:00:39 ----A---- C:\Windows\system32\tsgqec.dll
2012-12-20 15:00:39 ----A---- C:\Windows\system32\mstscax.dll
2012-12-20 15:00:39 ----A---- C:\Windows\system32\aaclient.dll
2012-12-20 14:59:37 ----A---- C:\Windows\system32\wmpeffects.dll
2012-12-20 14:56:43 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2012-12-20 14:55:49 ----A---- C:\Windows\system32\netapi32.dll
2012-12-20 14:52:41 ----A---- C:\Windows\system32\mcmde.dll
2012-12-20 14:52:41 ----A---- C:\Windows\system32\EncDec.dll
2012-12-20 14:52:40 ----A---- C:\Windows\system32\psisdecd.dll
2012-12-20 14:50:49 ----A---- C:\Windows\system32\shell32.dll
2012-12-20 14:49:34 ----A---- C:\Windows\system32\tzres.dll
2012-12-20 14:48:28 ----A---- C:\Windows\system32\localspl.dll
2012-12-20 14:40:05 ----A---- C:\Windows\system32\kernel32.dll
2012-12-20 14:40:04 ----A---- C:\Windows\system32\apilogen.dll
2012-12-20 14:40:04 ----A---- C:\Windows\system32\amxread.dll
2012-12-20 14:37:34 ----A---- C:\Windows\system32\ntprint.exe
2012-12-20 14:37:34 ----A---- C:\Windows\system32\ntprint.dll
2012-12-20 14:37:30 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2012-12-20 14:37:30 ----A---- C:\Windows\system32\dhcpcsvc.dll
2012-12-20 14:37:30 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2012-12-20 14:37:30 ----A---- C:\Windows\system32\authui.dll
2012-12-20 14:37:23 ----A---- C:\Windows\system32\sendmail.dll
2012-12-20 14:37:22 ----A---- C:\Windows\system32\ssBranded.scr
2012-12-20 14:06:53 ----A---- C:\Windows\system32\dfshim.dll
2012-12-20 14:06:52 ----A---- C:\Windows\system32\netfxperf.dll
2012-12-20 14:06:51 ----A---- C:\Windows\system32\mscoree.dll
2012-12-20 14:06:50 ----A---- C:\Windows\system32\mscories.dll
2012-12-20 14:06:50 ----A---- C:\Windows\system32\mscorier.dll
2012-12-20 13:53:24 ----A---- C:\Windows\system32\Apphlpdm.dll
2012-12-20 13:53:22 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2012-12-20 13:53:22 ----A---- C:\Windows\system32\gameux.dll
2012-12-20 13:52:44 ----A---- C:\Windows\system32\WMNetMgr.dll
2012-12-20 13:52:44 ----A---- C:\Windows\system32\logagent.exe
2012-12-20 13:51:58 ----A---- C:\Windows\system32\INETRES.dll
2012-12-20 13:51:58 ----A---- C:\Windows\system32\inetcomm.dll
2012-12-20 13:51:38 ----A---- C:\Windows\system32\msasn1.dll
2012-12-20 13:51:20 ----A---- C:\Windows\system32\connect.dll
2012-12-20 13:51:00 ----A---- C:\Windows\system32\rpcrt4.dll
2012-12-20 13:50:20 ----A---- C:\Windows\system32\nshhttp.dll
2012-12-20 13:50:20 ----A---- C:\Windows\system32\httpapi.dll
2012-12-20 13:50:20 ----A---- C:\Windows\system32\drivers\http.sys
2012-12-20 13:48:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-12-20 13:47:57 ----A---- C:\Windows\system32\rastls.dll
2012-12-20 13:47:57 ----A---- C:\Windows\system32\raschap.dll
2012-12-20 13:47:34 ----A---- C:\Windows\system32\WSDApi.dll
2012-12-20 13:46:55 ----D---- C:\Program Files\MSXML 4.0
2012-12-20 13:46:34 ----N---- C:\Windows\system32\MpSigStub.exe
2012-12-20 13:45:28 ----A---- C:\Windows\system32\tsbyuv.dll
2012-12-20 13:45:28 ----A---- C:\Windows\system32\msyuv.dll
2012-12-20 13:45:28 ----A---- C:\Windows\system32\iyuv_32.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\quartz.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\msvidc32.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\msvfw32.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\msrle32.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\mciavi32.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\avifil32.dll
2012-12-20 13:45:27 ----A---- C:\Windows\system32\avicap32.dll
2012-12-20 13:45:06 ----A---- C:\Windows\system32\qmgr.dll
2012-12-20 13:44:53 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2012-12-20 13:44:25 ----A---- C:\Windows\system32\wmploc.DLL
2012-12-20 13:44:25 ----A---- C:\Windows\system32\wmp.dll
2012-12-20 13:44:24 ----A---- C:\Windows\system32\spwmp.dll
2012-12-20 13:44:24 ----A---- C:\Windows\system32\dxmasf.dll
2012-12-20 13:44:20 ----A---- C:\Windows\system32\unregmp2.exe
2012-12-20 12:06:56 ----A---- C:\Users\Dana\AppData\Roaming\nvModes.dat
2012-12-20 12:01:59 ----A---- C:\Windows\system32\drivers\aswFW.sys
2012-12-20 12:01:04 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2012-12-20 12:01:03 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2012-12-20 12:00:52 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2012-12-20 11:47:45 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-12-20 11:47:45 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-12-20 11:47:41 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-12-20 11:47:41 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-12-20 11:47:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-12-20 11:47:37 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-12-20 11:46:38 ----A---- C:\Windows\system32\aswBoot.exe
2012-12-20 11:46:38 ----A---- C:\Windows\avastSS.scr
2012-12-20 11:45:57 ----D---- C:\ProgramData\AVAST Software
2012-12-20 11:45:57 ----D---- C:\Program Files\AVAST Software
2012-12-20 10:36:09 ----A---- C:\Windows\system32\Remove_eRecovery.exe
2012-12-20 10:36:09 ----A---- C:\Windows\system32\LauncheRyAgentUser.exe
2012-12-20 10:36:09 ----A---- C:\Windows\system32\CheckD2DSystem.exe
2012-12-20 10:36:09 ----A---- C:\Windows\system32\ClearEvent.exe
2012-12-20 10:36:09 ----A---- C:\Windows\system32\Acer EULA.txt
2012-12-20 10:35:05 ----D---- C:\Program Files\Apoint2K
2012-12-20 10:33:05 ----A---- C:\Windows\system32\WinSATAPI.dll
2012-12-20 10:33:05 ----A---- C:\Windows\system32\WinSAT.exe
2012-12-20 10:26:44 ----A---- C:\Windows\system32\SRSTSHD.dll
2012-12-20 10:26:43 ----A---- C:\Windows\SkyTel.exe
2012-12-20 10:26:42 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2012-12-20 10:26:41 ----A---- C:\Windows\system32\RtkPgExt.dll
2012-12-20 10:26:41 ----A---- C:\Windows\system32\RtkCoInst.dll
2012-12-20 10:26:39 ----A---- C:\Windows\system32\RtkAPO.dll
2012-12-20 10:26:36 ----A---- C:\Windows\RtHDVCpl.exe
2012-12-20 10:26:35 ----A---- C:\Windows\system32\maxxaudioapo.dll
2012-12-20 10:25:31 ----N---- C:\junction.exe
2012-12-20 10:24:55 ----A---- C:\Windows\system32\gdiplus.dll
2012-12-20 10:23:46 ----A---- C:\Windows\SETUP.INI
2012-12-20 10:23:10 ----D---- C:\Program Files\Launch Manager
2012-12-20 10:22:11 ----D---- C:\Users\Dana\AppData\Roaming\Identities
2012-12-20 10:22:00 ----A---- C:\Windows\system32\acer.scr
2012-12-20 10:21:51 ----A---- C:\Windows\system32\acer.exe
2012-12-20 10:21:45 ----D---- C:\Users\Dana\AppData\Roaming\Macromedia
2012-12-20 10:21:45 ----D---- C:\Program Files\Acer Inc
2012-12-20 10:21:43 ----D---- C:\Windows\ACER
2012-12-20 10:21:21 ----D---- C:\Program Files\Yahoo!
2012-12-20 10:21:08 ----SD---- C:\Users\Dana\AppData\Roaming\Microsoft
2012-12-20 10:21:08 ----D---- C:\Users\Dana\AppData\Roaming\Media Center Programs
2012-12-20 10:17:46 ----SHD---- C:\ProgramData\Šablony
2012-12-20 10:17:46 ----SHD---- C:\ProgramData\Plocha
2012-12-20 10:17:46 ----SHD---- C:\ProgramData\Oblíbené položky
2012-12-20 10:17:46 ----SHD---- C:\ProgramData\Nabídka Start
2012-12-20 10:17:46 ----SHD---- C:\ProgramData\Dokumenty
2012-12-20 10:17:46 ----SHD---- C:\ProgramData\Data aplikací
2012-12-20 08:59:49 ----D---- C:\Windows\SoftwareDistribution
2012-12-20 08:59:23 ----D---- C:\Windows\BUVC_AP
2012-12-20 08:59:19 ----D---- C:\Windows\Options
2012-12-20 08:58:58 ----D---- C:\Windows\BisonC07
2012-12-20 08:55:29 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2012-12-23 12:02:28 ----D---- C:\Windows\Prefetch
2012-12-23 12:02:15 ----RD---- C:\Program Files
2012-12-23 12:02:07 ----D---- C:\Windows\Temp
2012-12-23 11:23:00 ----D---- C:\Windows
2012-12-22 15:49:25 ----A---- C:\Windows\system.ini
2012-12-22 15:49:16 ----D---- C:\Windows\system32\drivers\etc
2012-12-22 15:44:30 ----D---- C:\Windows\system32\drivers
2012-12-22 15:44:30 ----D---- C:\Windows\System32
2012-12-22 15:44:30 ----D---- C:\Windows\AppPatch
2012-12-22 15:44:27 ----D---- C:\Program Files\Common Files
2012-12-22 13:58:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-22 13:58:54 ----D---- C:\Windows\inf
2012-12-22 13:58:00 ----D---- C:\ProgramData
2012-12-22 12:38:55 ----D---- C:\Windows\rescache
2012-12-22 12:02:39 ----D---- C:\Windows\winsxs
2012-12-22 12:02:17 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-12-22 12:02:17 ----D---- C:\Windows\system32\cs-CZ
2012-12-22 12:01:41 ----SHD---- C:\System Volume Information
2012-12-21 18:26:12 ----D---- C:\Windows\system32\catroot2
2012-12-21 18:26:12 ----D---- C:\Windows\system32\catroot
2012-12-21 11:07:49 ----D---- C:\Windows\system32\WDI
2012-12-20 21:11:04 ----D---- C:\Windows\Microsoft.NET
2012-12-20 21:10:47 ----RSD---- C:\Windows\assembly
2012-12-20 20:47:17 ----D---- C:\Windows\servicing
2012-12-20 20:29:20 ----D---- C:\Windows\system32\Tasks
2012-12-20 20:10:19 ----D---- C:\Windows\system32\migration
2012-12-20 20:10:18 ----D---- C:\Windows\system32\wbem
2012-12-20 20:10:17 ----D---- C:\Windows\system32\manifeststore
2012-12-20 20:10:17 ----D---- C:\Program Files\Windows Sidebar
2012-12-20 18:48:24 ----D---- C:\DRV
2012-12-20 17:04:18 ----SHD---- C:\Windows\Installer
2012-12-20 16:59:38 ----D---- C:\Windows\system32\XPSViewer
2012-12-20 16:59:38 ----D---- C:\Windows\system32\en-US
2012-12-20 15:58:42 ----D---- C:\Windows\Debug
2012-12-20 15:43:31 ----ASH---- C:\Program Files\desktop.ini
2012-12-20 15:36:18 ----D---- C:\Program Files\Internet Explorer
2012-12-20 15:36:16 ----D---- C:\Program Files\Windows Calendar
2012-12-20 15:36:15 ----D---- C:\Windows\system32\ras
2012-12-20 15:36:15 ----D---- C:\Windows\system32\icsxml
2012-12-20 15:36:12 ----D---- C:\Windows\ehome
2012-12-20 15:36:12 ----D---- C:\Program Files\Movie Maker
2012-12-20 15:36:03 ----RSD---- C:\Windows\Fonts
2012-12-20 15:36:03 ----D---- C:\Program Files\Windows Media Player
2012-12-20 12:06:19 ----D---- C:\Windows\LiveKernelReports
2012-12-20 11:42:12 ----SD---- C:\ProgramData\Microsoft
2012-12-20 11:42:12 ----D---- C:\Windows\system32\drivers\UMDF
2012-12-20 11:17:40 ----D---- C:\Program Files\Acer GameZone
2012-12-20 11:09:21 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-12-20 11:08:22 ----D---- C:\ProgramData\Symantec
2012-12-20 11:02:52 ----D---- C:\ProgramData\Microsoft Help
2012-12-20 11:02:43 ----D---- C:\Program Files\Common Files\microsoft shared
2012-12-20 11:01:29 ----D---- C:\Windows\ShellNew
2012-12-20 10:53:25 ----A---- C:\Windows\Alaunch.ini
2012-12-20 10:53:17 ----D---- C:\Windows\system32\OEM
2012-12-20 10:52:30 ----D---- C:\ProgramData\CyberLink
2012-12-20 10:34:09 ----D---- C:\Acer
2012-12-20 10:27:36 ----D---- C:\Windows\system32\RTCOM
2012-12-20 10:26:48 ----A---- C:\Windows\DIFxAPI.dll
2012-12-20 10:26:35 ----D---- C:\Program Files\Realtek
2012-12-20 10:25:12 ----HD---- C:\Program Files\InstallShield Installation Information
2012-12-20 10:25:12 ----D---- C:\Program Files\Acer Arcade Deluxe
2012-12-20 10:21:32 ----D---- C:\Windows\system32\restore
2012-12-20 10:21:08 ----RD---- C:\Users
2012-12-20 10:17:46 ----D---- C:\Program Files\Windows NT
2012-12-20 09:00:21 ----D---- C:\Windows\Panther
2012-12-20 08:59:19 ----RSD---- C:\Windows\Media
2012-12-20 08:59:19 ----A---- C:\Windows\win.ini
2012-12-20 08:58:58 ----D---- C:\Windows\twain_32
2012-12-20 08:58:58 ----D---- C:\Windows\system
2012-11-28 15:19:16 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2012-09-21 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2012-10-30 199320]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 20776]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 60712]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2012-10-30 106560]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-05-17 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-05-17 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-14 154624]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-18 737280]
R3 Cam5607;Acer Crystal Eye webcam; C:\Windows\System32\Drivers\BisonC07.sys [2007-05-28 767664]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-05-17 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-05-17 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-18 1841312]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-07-27 6144]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-07-16 1062304]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-05-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-07-27 82432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-05-17 659968]
S3 catchme;catchme; \??\C:\Users\Dana\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-04-23 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-07-03 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-14 167936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-05-17 386560]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]

-----------------EOF-----------------
+

#6 Příspěvek od **Márty84** » 23 pro 2012 14:21

Achjo

Pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 jste asi necetl.

1. Přečtěte si Pravidla fóra a důležité informace - jsou tu především a hlavně pro vás

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám mi poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

Smazal jste mi vsechny pripadne stopy nakazy a ja ted muzu tak akorat hadat

Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

krejca · #7 Příspěvek od **krejca** » 23 pro 2012 15:23

+++Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.12.23.03

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
Dana :: DANA-PC [administrátor]

Ochrana: Povolena

23.12.2012 14:30:31
++.txt

Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 294148
Uplynulý čas: 46 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
D:\Škola\Bc\AITE\Testy\sbirka_word\arun.exe (Trojan.Oficla.H) -> Žádná instrukce nebyla provedena.
D:\EMAARC\2012\01\WGORREG.EXE (Trojan.Agent) -> Žádná instrukce nebyla provedena.

(konec)

#8 Příspěvek od **Márty84** » 23 pro 2012 17:22

Znate ty soubory? Jestli ne, smazat. Pokud ano, je to na vas, ale doporucuji to radeji taky smazat. Muzete je otestovat na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

krejca · #9 Příspěvek od **krejca** » 23 pro 2012 17:38

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Dana [Práva správce]
Mód : Kontrola -- Datum : 12/23/2012 17:37:55

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] RtHDVCpl.exe -- C:\Windows\RtHDVCpl.exe -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BEVS-22RST0 ATA Device +++++
--- User ---
[MBR] 605bdc38cf23a7a54b1c70e4b9e69396
[BSP] 89c39d7061dda3d07a1feb34b20e0af2 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20467712 | Size: 71448 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166793216 | Size: 71184 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_12232012_02d1737.txt >>
RKreport[1]_S_12232012_02d1737.txt

#10 Příspěvek od **Márty84** » 23 pro 2012 17:51

Co ty dva soubory co nasel MBAM. Jsou pryc?

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

krejca · #11 Příspěvek od **krejca** » 23 pro 2012 17:57

+RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Dana [Práva správce]
Mód : Odebrat -- Datum : 12/23/2012 17:56:24

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] RtHDVCpl.exe -- C:\Windows\RtHDVCpl.exe -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD1600BEVS-22RST0 ATA Device +++++
--- User ---
[MBR] 605bdc38cf23a7a54b1c70e4b9e69396
[BSP] 89c39d7061dda3d07a1feb34b20e0af2 : Acer tatooed MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20467712 | Size: 71448 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 166793216 | Size: 71184 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_12232012_02d1756.txt >>
RKreport[1]_S_12232012_02d1737.txt ; RKreport[2]_D_12232012_02d1756.txt

krejca · #12 Příspěvek od **krejca** » 23 pro 2012 17:58

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6000 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Dana [Práva správce]
Mód : Oprava HOSTS -- Datum : 12/23/2012 17:58:02

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] RtHDVCpl.exe -- C:\Windows\RtHDVCpl.exe -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[3]_H_12232012_02d1758.txt >>
RKreport[1]_S_12232012_02d1737.txt ; RKreport[2]_D_12232012_02d1756.txt ; RKreport[3]_H_12232012_02d1758.txt

krejca · #13 Příspěvek od **krejca** » 23 pro 2012 18:00

Oba jsou fuč. +++

#14 Příspěvek od **Márty84** » 23 pro 2012 18:02

Zkopirujte mi sem obsah tohoto logu C:\ComboFix.txt

krejca · #15 Příspěvek od **krejca** » 23 pro 2012 18:07

ComboFix 12-12-22.01 - Dana 22.12.2012 15:40:01.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.1790.1004 [GMT 1:00]
Spuštěný z: c:\users\Dana\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-22 do 2012-12-22 )))))))))))))))))))))))))))))))
.
.
2012-12-22 14:49 . 2012-12-22 14:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-22 12:58 . 2012-12-22 12:58 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-12-21 17:44 . 2009-08-24 12:47 378368 ----a-w- c:\windows\system32\winhttp.dll
2012-12-21 17:43 . 2008-04-19 08:13 268800 ----a-w- c:\windows\system32\es.dll
2012-12-21 17:25 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{66BAD6ED-E1D6-499D-8DDD-6BC33192B19A}\mpengine.dll
2012-12-20 19:52 . 2012-12-20 19:52 -------- d-----w- c:\windows\system32\EventProviders
2012-12-20 16:21 . 2012-12-20 16:21 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2012-12-20 16:21 . 2012-12-20 16:21 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2012-12-20 16:21 . 2012-12-20 16:21 15928 ----a-w- c:\windows\system32\drivers\pciide.sys
2012-12-20 16:21 . 2012-12-20 16:21 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2012-12-20 16:21 . 2012-12-20 16:21 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-20 16:21 . 2012-12-20 16:21 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2012-12-20 16:20 . 2012-12-20 16:20 2923520 ----a-w- c:\windows\explorer.exe
2012-12-20 16:20 . 2012-12-20 16:20 8704 ----a-w- c:\windows\system32\hcrstco.dll
2012-12-20 16:20 . 2012-12-20 16:20 8704 ----a-w- c:\windows\system32\hccoin.dll
2012-12-20 16:20 . 2012-12-20 16:20 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-12-20 16:20 . 2012-12-20 16:20 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-12-20 16:20 . 2012-12-20 16:20 224768 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-12-20 16:20 . 2012-12-20 16:20 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-12-20 16:20 . 2012-12-20 16:20 193536 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-12-20 16:19 . 2012-12-20 16:19 171520 ----a-w- c:\windows\system32\wintrust.dll
2012-12-20 16:19 . 2012-12-20 16:19 494592 ----a-w- c:\windows\system32\kerberos.dll
2012-12-20 16:19 . 2012-12-20 16:19 272384 ----a-w- c:\windows\system32\schannel.dll
2012-12-20 16:17 . 2012-12-20 16:17 2340864 ----a-w- c:\windows\system32\NlsData000d.dll
2012-12-20 16:17 . 2012-12-20 16:17 1963520 ----a-w- c:\windows\system32\NlsData000f.dll
2012-12-20 16:17 . 2012-12-20 16:17 4493312 ----a-w- c:\windows\system32\NlsData0414.dll
2012-12-20 16:17 . 2012-12-20 16:17 797696 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2012-12-20 16:17 . 2012-12-20 16:17 4493312 ----a-w- c:\windows\system32\NlsData0816.dll
2012-12-20 16:17 . 2012-12-20 16:17 4493312 ----a-w- c:\windows\system32\NlsData0416.dll
2012-12-20 16:17 . 2012-12-20 16:17 1963520 ----a-w- c:\windows\system32\NlsData081a.dll
2012-12-20 16:17 . 2012-12-20 16:17 6917120 ----a-w- c:\windows\system32\NlsLexicons0c1a.dll
2012-12-20 16:17 . 2012-12-20 16:17 1963520 ----a-w- c:\windows\system32\NlsData0c1a.dll
2012-12-20 16:15 . 2012-12-20 16:15 1585664 ----a-w- c:\windows\system32\setupapi.dll
2012-12-20 16:13 . 2012-12-20 16:13 549888 ----a-w- c:\windows\system32\rpcss.dll
2012-12-20 16:13 . 2012-12-20 16:13 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2012-12-20 16:13 . 2012-12-20 16:13 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2012-12-20 16:13 . 2012-12-20 16:13 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-12-20 16:13 . 2012-12-20 16:13 53248 ----a-w- c:\windows\system32\iasads.dll
2012-12-20 16:13 . 2012-12-20 16:13 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2012-12-20 16:13 . 2012-12-20 16:13 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2012-12-20 16:13 . 2012-12-20 16:13 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2012-12-20 16:13 . 2012-12-20 16:13 97280 ----a-w- c:\windows\system32\iasrecst.dll
2012-12-20 16:13 . 2012-12-20 16:13 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2012-12-20 16:13 . 2012-12-20 16:13 158720 ----a-w- c:\windows\system32\sdohlp.dll
2012-12-20 16:12 . 2012-12-20 16:12 62464 ----a-w- c:\windows\system32\l3codeca.acm
2012-12-20 16:12 . 2012-12-20 16:12 220672 ----a-w- c:\windows\system32\l3codecp.acm
2012-12-20 16:12 . 2012-12-20 16:12 815104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-12-20 16:12 . 2012-12-20 16:12 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2012-12-20 16:12 . 2012-12-20 16:12 22016 ----a-w- c:\windows\system32\netiougc.exe
2012-12-20 16:12 . 2012-12-20 16:12 179712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-12-20 16:12 . 2012-12-20 16:12 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2012-12-20 16:12 . 2012-12-20 16:12 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2012-12-20 16:11 . 2012-12-20 16:11 454656 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll
2012-12-20 16:11 . 2012-12-20 16:11 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2012-12-20 16:11 . 2012-12-20 16:11 223232 ----a-w- c:\windows\system32\WMASF.DLL
2012-12-20 16:11 . 2012-12-20 16:11 2048 ----a-w- c:\windows\system32\asferror.dll
2012-12-20 16:11 . 2012-12-20 16:11 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-12-20 16:10 . 2012-12-20 16:10 712192 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-12-20 16:10 . 2012-12-20 16:10 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-12-20 16:10 . 2012-12-20 16:10 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-12-20 16:09 . 2012-12-20 16:09 97792 ----a-w- c:\windows\system32\cabview.dll
2012-12-20 16:09 . 2012-12-20 16:09 441856 ----a-w- c:\windows\system32\win32spl.dll
2012-12-20 16:09 . 2012-12-20 16:09 37376 ----a-w- c:\windows\system32\printcom.dll
2012-12-20 16:08 . 2012-12-20 16:08 2031104 ----a-w- c:\windows\system32\win32k.sys
2012-12-20 16:08 . 2012-12-20 16:08 14848 ----a-w- c:\windows\system32\wshrm.dll
2012-12-20 16:08 . 2012-12-20 16:08 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2012-12-20 16:08 . 2012-12-20 16:08 43520 ----a-w- c:\windows\system32\msdxm.tlb
2012-12-20 16:08 . 2012-12-20 16:08 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2012-12-20 16:08 . 2012-12-20 16:08 18432 ----a-w- c:\windows\system32\amcompat.tlb
2012-12-20 16:07 . 2012-12-20 16:07 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2012-12-20 16:07 . 2012-12-20 16:07 312320 ----a-w- c:\windows\system32\msdrm.dll
2012-12-20 16:07 . 2012-12-20 16:07 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2012-12-20 16:07 . 2012-12-20 16:07 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2012-12-20 16:07 . 2012-12-20 16:07 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-12-20 16:07 . 2012-12-20 16:07 515584 ----a-w- c:\windows\system32\RMActivate.exe
2012-12-20 16:07 . 2012-12-20 16:07 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2012-12-20 16:07 . 2012-12-20 16:07 472576 ----a-w- c:\windows\system32\secproc.dll
2012-12-20 16:07 . 2012-12-20 16:07 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2012-12-20 16:07 . 2012-12-20 16:07 66048 ----a-w- c:\program files\Windows Sidebar\sbdrop.dll
2012-12-20 16:07 . 2012-12-20 16:07 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
2012-12-20 16:07 . 2012-12-20 16:07 11776 ----a-w- c:\windows\system32\sbunattend.exe
2012-12-20 16:06 . 2012-12-20 16:06 83968 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-12-20 16:06 . 2012-12-20 16:06 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-12-20 15:59 . 2012-12-20 15:59 622080 ----a-w- c:\windows\system32\icardagt.exe
2012-12-20 15:59 . 2012-12-20 15:59 97800 ----a-w- c:\windows\system32\infocardapi.dll
2012-12-20 15:59 . 2012-12-20 15:59 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2012-12-20 15:59 . 2012-12-20 15:59 11264 ----a-w- c:\windows\system32\icardres.dll
2012-12-20 15:59 . 2012-12-20 15:59 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2012-12-20 15:59 . 2012-12-20 15:59 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2012-12-20 15:59 . 2012-12-20 15:59 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-12-20 15:59 . 2012-12-20 15:59 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2012-12-20 14:44 . 2012-12-20 14:45 -------- d-----w- c:\programdata\NVIDIA
2012-12-20 14:32 . 2012-12-20 14:32 72704 ----a-w- c:\windows\system32\fontsub.dll
2012-12-20 14:32 . 2012-12-20 14:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 14:32 . 2012-12-20 14:32 289792 ----a-w- c:\windows\system32\atmfd.dll
2012-12-20 14:32 . 2012-12-20 14:32 24064 ----a-w- c:\windows\system32\lpk.dll
2012-12-20 14:32 . 2012-12-20 14:32 156672 ----a-w- c:\windows\system32\t2embed.dll
2012-12-20 14:32 . 2012-12-20 14:32 10240 ----a-w- c:\windows\system32\dciman32.dll
2012-12-20 14:31 . 2012-12-20 14:31 72704 ----a-w- c:\windows\system32\admparse.dll
2012-12-20 14:31 . 2012-12-20 14:31 832512 ----a-w- c:\windows\system32\wininet.dll
2012-12-20 14:28 . 2012-12-20 14:28 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2012-12-20 14:28 . 2012-12-20 14:28 61440 ----a-w- c:\windows\system32\winipsec.dll
2012-12-20 14:28 . 2012-12-20 14:28 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2012-12-20 14:28 . 2012-12-20 14:28 272896 ----a-w- c:\windows\system32\polstore.dll
2012-12-20 14:26 . 2012-12-20 14:26 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-12-20 14:26 . 2012-12-20 14:26 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2012-12-20 14:25 . 2012-12-20 14:25 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2012-12-20 14:25 . 2012-12-20 14:25 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2012-12-20 14:25 . 2012-12-20 14:25 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2012-12-20 14:24 . 2012-12-20 14:24 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-12-20 14:24 . 2012-12-20 14:24 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-12-20 14:24 . 2012-12-20 14:24 15360 ----a-w- c:\windows\system32\netevent.dll
2012-12-20 14:24 . 2012-12-20 14:24 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-12-20 14:24 . 2012-12-20 14:24 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-12-20 14:24 . 2012-12-20 14:24 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-12-20 14:24 . 2012-12-20 14:24 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-12-20 14:24 . 2012-12-20 14:24 103936 ----a-w- c:\windows\system32\netiohlp.dll
2012-12-20 14:24 . 2012-12-20 14:24 10240 ----a-w- c:\windows\system32\finger.exe
2012-12-20 14:24 . 2012-12-20 14:24 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2012-12-20 14:22 . 2012-12-20 14:22 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2012-12-20 14:22 . 2012-12-20 14:22 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2012-12-20 14:22 . 2012-12-20 14:22 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2012-12-20 14:22 . 2012-12-20 14:22 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-12-20 14:22 . 2012-12-20 14:22 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2012-12-20 14:22 . 2012-12-20 14:22 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 16:19 . 2012-12-20 16:19 272384 ----a-w- c:\windows\system32\schannel.dll
2012-12-20 16:14 . 2012-12-20 16:14 5632 ----a-w- c:\windows\system32\drivers\cs-CZ\sermouse.sys.mui
2012-12-20 16:14 . 2012-12-20 16:14 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\mouclass.sys.mui
2012-12-20 16:14 . 2012-12-20 16:14 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2012-12-20 16:14 . 2012-12-20 16:14 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\mouhid.sys.mui
2012-12-20 16:14 . 2012-12-20 16:14 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdhid.sys.mui
2012-12-20 16:14 . 2012-12-20 16:14 10240 ----a-w- c:\windows\system32\drivers\cs-CZ\i8042prt.sys.mui
2012-12-20 16:14 . 2012-12-20 16:14 595456 ----a-w- c:\windows\system32\schedsvc.dll
2012-12-20 14:31 . 2012-12-20 14:31 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2012-12-20 13:40 . 2012-12-20 13:40 40960 ----a-w- c:\windows\apppatch\apihex86.dll
2012-12-20 12:53 . 2012-12-20 12:53 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2012-12-20 12:53 . 2012-12-20 12:53 537600 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-12-20 12:53 . 2012-12-20 12:53 449024 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2012-12-20 12:53 . 2012-12-20 12:53 2143744 ----a-w- c:\windows\apppatch\AcGenral.dll
2012-12-20 12:53 . 2012-12-20 12:53 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2012-12-20 09:26 . 2007-07-27 09:30 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-11-29 08:26 . 2012-12-22 12:57 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2012-12-20 1232896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Skytel"="Skytel.exe" [2007-06-15 1826816]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13556256]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-15 772616]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 457216]
"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-27 535336]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
TCP: DhcpNameServer = 213.226.192.2 192.168.1.100
FF - ProfilePath - c:\users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\2nr2ctpd.default\
FF - ExtSQL: 2012-12-20 11:47; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2012-12-20 17:03; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-Acer Tour - (no file)
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-22 15:49
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2012-12-22 15:51:33
ComboFix-quarantined-files.txt 2012-12-22 14:51
.
Před spuštěním: Volných bajtů: 42 225 352 704
Po spuštění: Volných bajtů: 42 186 985 472
.
- - End Of File - - 881DE583CB185546D5F58AE906E75721

VIRY.CZ

klávesnice sama píše +

klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +

Re: klávesnice sama píše +