VIRY.CZ

Zdravím, mám pomalejší počítač zdá se mi to jakoby z ničeho nic (a to mám 4Gb RAM). Projel jsem pc nodem/Kaspersky Virus Removal Tool atp... defragmentace disku, pouzil jsem program Dll fixer atp... ale počítač který jsem zhruba před měsícem formátoval a stíhal spuštěné programy v pohodě, tak teď s nima celkem zápasí. Už jsem zoufaly celý den tu s tím blbnu.... prosím o pomoc
Zde mám informace:
+dva screeny z proces exploreru:




+ výpis logu z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by fantomas at 2014-08-31 23:32:09
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 61 GB (41%) free of 148 GB
Total RAM: 3036 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:32:18, on 31.8.2014
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
D:\RSIT.exe
C:\Program Files\trend micro\fantomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - Global Startup: Update ESET's license.lnk = C:\Program Files\ESET\MiNODLogin\launcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 8683 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job - C:\Users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job - C:\Users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-31 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2014-07-30 2558776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll [2014-07-30 736240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-31 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2014-07-30 2558776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2014-07-30 3607040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-09 2404296]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5075104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2014-07-30 24064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-02 821768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2014-08-08 300840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-04-28 6111232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2014-08-31 45056]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Update ESET's license.lnk - C:\Program Files\ESET\MiNODLogin\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2014-07-30 2972160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-08-31 23:18:37 ----D---- C:\AdwCleaner
2014-08-31 22:38:59 ----D---- C:\ProgramData\WindowsSearch
2014-08-31 22:35:42 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2014-08-31 22:35:18 ----HD---- C:\ProgramData\CanonBJ
2014-08-31 22:33:17 ----A---- C:\Windows\system32\CNMLMAA.DLL
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280U.dll
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280L.dll
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280I.dll
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280C.dll
2014-08-31 22:29:42 ----A---- C:\Windows\system32\CNHMCA.dll
2014-08-31 22:24:22 ----D---- C:\Windows\LastGood
2014-08-31 20:36:59 ----D---- C:\Program Files\trend micro
2014-08-31 20:36:55 ----D---- C:\rsit
2014-08-31 18:52:08 ----D---- C:\Users\fantomas\AppData\Roaming\ESET
2014-08-31 18:39:18 ----D---- C:\ProgramData\ESET
2014-08-31 18:39:18 ----D---- C:\Program Files\ESET
2014-08-31 17:24:58 ----D---- C:\Program Files\Common Files\Java
2014-08-31 17:24:45 ----A---- C:\Windows\system32\javaws.exe
2014-08-31 17:24:08 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-31 17:24:08 ----A---- C:\Windows\system32\javaw.exe
2014-08-31 17:24:08 ----A---- C:\Windows\system32\java.exe
2014-08-31 17:10:42 ----D---- C:\Windows\Sun
2014-08-31 16:16:05 ----D---- C:\ProgramData\Roaming
2014-08-31 16:12:17 ----D---- C:\Program Files\Cisco
2014-08-31 16:12:04 ----D---- C:\Program Files\Common Files\Intel
2014-08-31 16:11:53 ----D---- C:\ProgramData\Intel
2014-08-31 16:04:34 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-31 16:03:43 ----A---- C:\Windows\system32\msshsq.dll
2014-08-31 16:01:14 ----A---- C:\Windows\system32\srvsvc.dll
2014-08-31 16:01:14 ----A---- C:\Windows\system32\netevent.dll
2014-08-31 16:01:02 ----A---- C:\Windows\system32\winhttp.dll
2014-08-31 15:39:48 ----D---- C:\Windows\pss
2014-08-31 13:42:11 ----D---- C:\Windows\system32\WindowsPowerShell
2014-08-31 13:02:40 ----D---- C:\Windows\system32\MRT
2014-08-31 12:37:13 ----A---- C:\Windows\system32\msshooks.dll
2014-08-31 12:37:13 ----A---- C:\Windows\system32\msscb.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\thawbrkr.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\srchadmin.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-08-31 12:37:11 ----A---- C:\Windows\system32\propsys.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\propdefs.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\msstrc.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\mssprxy.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\mssitlb.dll
2014-08-31 12:37:11 ----A---- C:\Windows\system32\korwbrkr.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\xmlfilter.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\wsepno.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-08-31 12:37:09 ----A---- C:\Windows\system32\rtffilt.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\offfilt.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\nlhtml.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\msscntrs.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\mimefilt.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\chtbrkr.dll
2014-08-31 12:37:09 ----A---- C:\Windows\system32\chsbrkr.dll
2014-08-31 12:37:08 ----A---- C:\Windows\system32\tquery.dll
2014-08-31 12:37:08 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-08-31 12:37:08 ----A---- C:\Windows\system32\mssvp.dll
2014-08-31 12:37:08 ----A---- C:\Windows\system32\mssrch.dll
2014-08-31 12:37:08 ----A---- C:\Windows\system32\mssphtb.dll
2014-08-31 12:37:08 ----A---- C:\Windows\system32\mssph.dll
2014-08-31 12:31:07 ----A---- C:\Windows\system32\psisdecd.dll
2014-08-31 12:16:11 ----A---- C:\Windows\system32\browserchoice.exe
2014-08-31 12:12:19 ----D---- C:\ProgramData\Synaptics
2014-08-31 12:11:54 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-31 12:11:51 ----A---- C:\Windows\system32\SynTPCo9.dll
2014-08-31 12:02:23 ----A---- C:\Windows\system32\nshhttp.dll
2014-08-31 12:02:21 ----A---- C:\Windows\system32\httpapi.dll
2014-08-31 12:02:21 ----A---- C:\Windows\system32\drivers\http.sys
2014-08-31 11:51:36 ----A---- C:\Windows\system32\winrsmgr.dll
2014-08-31 11:51:22 ----A---- C:\Windows\system32\wsmprovhost.exe
2014-08-31 11:51:22 ----A---- C:\Windows\system32\winrshost.exe
2014-08-31 11:51:22 ----A---- C:\Windows\system32\winrs.exe
2014-08-31 11:51:21 ----A---- C:\Windows\system32\wsmplpxy.dll
2014-08-31 11:51:21 ----A---- C:\Windows\system32\winrssrv.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\WsmRes.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wevtfwd.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wecutil.exe
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wecsvc.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wecapi.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\pwrshplugin.dll
2014-08-31 11:51:14 ----A---- C:\Windows\system32\winrm.vbs
2014-08-31 11:51:13 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-08-31 11:51:13 ----A---- C:\Windows\system32\WsmAuto.dll
2014-08-31 11:51:13 ----A---- C:\Windows\system32\winrscmd.dll
2014-08-31 11:51:12 ----A---- C:\Windows\system32\WsmSvc.dll
2014-08-31 11:51:12 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-08-31 11:51:12 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlansvc.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlansec.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlanmsm.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\L2SecHC.dll
2014-08-31 11:47:58 ----A---- C:\Windows\system32\msxml6.dll
2014-08-31 11:47:52 ----A---- C:\Windows\system32\odbc32.dll
2014-08-31 11:47:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-08-31 11:47:37 ----A---- C:\Windows\system32\ntdll.dll
2014-08-31 11:47:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-08-31 11:47:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2014-08-31 11:47:23 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2014-08-31 11:47:09 ----A---- C:\Windows\system32\kd1394.dll
2014-08-31 11:47:08 ----A---- C:\Windows\system32\winload.exe
2014-08-31 11:47:08 ----A---- C:\Windows\system32\ci.dll
2014-08-31 11:47:07 ----A---- C:\Windows\system32\winresume.exe
2014-08-31 11:47:05 ----A---- C:\Windows\system32\srdelayed.exe
2014-08-31 11:47:05 ----A---- C:\Windows\system32\srcore.dll
2014-08-31 11:47:05 ----A---- C:\Windows\system32\srclient.dll
2014-08-31 11:47:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-08-31 11:47:05 ----A---- C:\Windows\system32\rstrui.exe
2014-08-31 11:47:05 ----A---- C:\Windows\system32\kbd106n.dll
2014-08-31 11:46:45 ----A---- C:\Windows\system32\mfc42.dll
2014-08-31 11:46:44 ----A---- C:\Windows\system32\mfc42u.dll
2014-08-31 11:46:37 ----A---- C:\Windows\system32\wdigest.dll
2014-08-31 11:46:37 ----A---- C:\Windows\system32\kerberos.dll
2014-08-31 11:46:36 ----A---- C:\Windows\system32\lsasrv.dll
2014-08-31 11:46:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-08-31 11:46:35 ----A---- C:\Windows\system32\secur32.dll
2014-08-31 11:46:35 ----A---- C:\Windows\system32\lsass.exe
2014-08-31 11:46:27 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-08-31 11:46:22 ----A---- C:\Windows\system32\msv1_0.dll
2014-08-31 11:46:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-08-31 11:46:16 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-08-31 11:46:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-08-31 11:46:06 ----A---- C:\Windows\system32\usp10.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\fontsub.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\dciman32.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\atmlib.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\atmfd.dll
2014-08-31 11:45:58 ----A---- C:\Windows\system32\localspl.dll
2014-08-31 11:45:55 ----A---- C:\Windows\system32\netapi32.dll
2014-08-31 11:45:46 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-08-31 11:45:22 ----A---- C:\Windows\system32\shsvcs.dll
2014-08-31 11:45:11 ----A---- C:\Windows\system32\drivers\srv.sys
2014-08-31 11:45:06 ----A---- C:\Windows\system32\win32k.sys
2014-08-31 11:45:03 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-08-31 11:44:58 ----A---- C:\Windows\system32\spoolsv.exe
2014-08-31 11:44:53 ----A---- C:\Windows\system32\ole32.dll
2014-08-31 11:44:50 ----A---- C:\Windows\system32\xolehlp.dll
2014-08-31 11:44:50 ----A---- C:\Windows\system32\msdtcprx.dll
2014-08-31 11:44:38 ----A---- C:\Windows\system32\gdi32.dll
2014-08-31 11:44:35 ----A---- C:\Windows\system32\drivers\afd.sys
2014-08-31 11:44:31 ----A---- C:\Windows\system32\wkssvc.dll
2014-08-31 11:44:26 ----A---- C:\Windows\system32\iccvid.dll
2014-08-31 11:44:22 ----A---- C:\Windows\system32\atl.dll
2014-08-31 11:44:18 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-08-31 11:44:18 ----A---- C:\Windows\system32\dnsapi.dll
2014-08-31 11:44:17 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-08-31 11:44:13 ----A---- C:\Windows\system32\asycfilt.dll
2014-08-31 11:44:04 ----A---- C:\Windows\system32\vbscript.dll
2014-08-31 11:44:04 ----A---- C:\Windows\system32\jscript.dll
2014-08-31 11:43:30 ----A---- C:\Windows\explorer.exe
2014-08-31 11:43:19 ----A---- C:\Windows\system32\wintrust.dll
2014-08-31 11:43:10 ----A---- C:\Windows\system32\wmpmde.dll
2014-08-31 11:21:56 ----A---- C:\Windows\system32\rpcss.dll
2014-08-31 11:21:53 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2014-08-31 11:21:51 ----A---- C:\Windows\system32\sdohlp.dll
2014-08-31 11:21:51 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2014-08-31 11:21:51 ----A---- C:\Windows\system32\iasrecst.dll
2014-08-31 11:21:50 ----A---- C:\Windows\system32\iasdatastore.dll
2014-08-31 11:21:49 ----A---- C:\Windows\system32\iashost.exe
2014-08-31 11:21:49 ----A---- C:\Windows\system32\iasads.dll
2014-08-31 11:20:44 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-08-31 11:20:44 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-08-31 11:19:34 ----A---- C:\Windows\system32\shell32.dll
2014-08-31 11:19:33 ----A---- C:\Windows\system32\shlwapi.dll
2014-08-31 11:18:30 ----A---- C:\Windows\system32\apilogen.dll
2014-08-31 11:18:30 ----A---- C:\Windows\system32\amxread.dll
2014-08-31 11:18:15 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2014-08-31 11:18:14 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-08-31 11:18:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-08-31 11:17:22 ----A---- C:\Windows\system32\msxml3.dll
2014-08-31 11:16:44 ----A---- C:\Windows\system32\emdmgmt.dll
2014-08-31 11:16:44 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-31 11:16:44 ----A---- C:\Windows\system32\dataclen.dll
2014-08-31 11:16:43 ----A---- C:\Windows\system32\drivers\nwifi.sys
2014-08-31 11:16:43 ----A---- C:\Windows\system32\cdd.dll
2014-08-31 11:16:06 ----A---- C:\Windows\system32\tzres.dll
2014-08-31 11:14:57 ----A---- C:\Windows\system32\wmpdxm.dll
2014-08-31 11:13:01 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-08-31 11:13:00 ----A---- C:\Windows\system32\logagent.exe
2014-08-31 10:44:21 ----D---- C:\ProgramData\Malwarebytes
2014-08-31 10:37:18 ----D---- C:\Windows\temp
2014-08-31 10:37:16 ----A---- C:\ComboFix.txt
2014-08-31 10:36:12 ----SHD---- C:\$RECYCLE.BIN
2014-08-31 10:10:07 ----D---- C:\ComboFix
2014-08-31 09:21:40 ----A---- C:\Windows\NIRCMD.exe
2014-08-31 09:21:40 ----A---- C:\Windows\MBR.exe
2014-08-31 09:21:37 ----A---- C:\Windows\SWREG.exe
2014-08-31 09:21:37 ----A---- C:\Windows\PEV.exe
2014-08-31 09:21:36 ----A---- C:\Windows\zip.exe
2014-08-31 09:21:36 ----A---- C:\Windows\SWSC.exe
2014-08-31 09:21:36 ----A---- C:\Windows\sed.exe
2014-08-31 09:21:36 ----A---- C:\Windows\grep.exe
2014-08-31 09:21:09 ----D---- C:\Qoobox
2014-08-31 09:20:29 ----D---- C:\Windows\erdnt
2014-08-31 01:28:49 ----D---- C:\ProgramData\Kaspersky Lab
2014-08-31 00:07:05 ----D---- C:\Users\fantomas\AppData\Roaming\Intel
2014-08-30 23:50:53 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-08-30 23:50:53 ----A---- C:\Windows\system32\RMActivate.exe
2014-08-30 23:50:52 ----A---- C:\Windows\system32\secproc.dll
2014-08-30 23:50:52 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-30 23:50:52 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-08-30 23:50:51 ----A---- C:\Windows\system32\secproc_isv.dll
2014-08-30 23:50:47 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-08-30 23:50:47 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-08-30 23:50:47 ----A---- C:\Windows\system32\msdrm.dll
2014-08-30 21:18:05 ----D---- C:\Users\fantomas\AppData\Roaming\QuickScan
2014-08-30 21:16:08 ----D---- C:\Program Files\Zrychleni Pocitace
2014-08-30 21:05:41 ----D---- C:\Users\fantomas\AppData\Roaming\dll-files.com
2014-08-30 21:05:34 ----D---- C:\ProgramData\Logs
2014-08-30 21:05:21 ----D---- C:\Program Files\Dll-Files.com Fixer
2014-08-23 23:27:32 ----A---- C:\Windows\uninst.exe
2014-08-23 23:27:30 ----RASH---- C:\MSDOS.SYS
2014-08-23 23:27:30 ----RASH---- C:\IO.SYS
2014-08-15 22:29:55 ----D---- C:\Program Files\iPod
2014-08-15 22:29:52 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-15 22:29:52 ----D---- C:\Program Files\iTunes
2014-08-13 16:22:46 ----D---- C:\Program Files\Hearthstone
2014-08-13 15:56:41 ----D---- C:\Users\fantomas\AppData\Roaming\.minecraft
2014-08-12 13:23:49 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-08-12 13:23:46 ----D---- C:\Program Files\Common Files\DESIGNER
2014-08-12 13:23:01 ----D---- C:\Windows\PCHEALTH
2014-08-12 13:23:01 ----D---- C:\Program Files\Microsoft Sync Framework
2014-08-12 13:23:01 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-12 13:18:40 ----D---- C:\Program Files\Microsoft Office
2014-08-11 22:10:45 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-08-10 17:18:47 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-08-07 22:09:55 ----D---- C:\Users\fantomas\AppData\Roaming\Skype
2014-08-07 22:09:32 ----D---- C:\Program Files\Common Files\Skype
2014-08-07 22:09:31 ----RD---- C:\Program Files\Skype
2014-08-07 22:09:14 ----D---- C:\ProgramData\Skype
2014-08-07 15:14:19 ----D---- C:\Program Files\uTorrent
2014-08-07 15:14:06 ----D---- C:\Users\fantomas\AppData\Roaming\uTorrent
2014-08-04 18:30:08 ----D---- C:\Users\fantomas\AppData\Roaming\Apple Computer
2014-08-04 18:29:49 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-04 18:29:49 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2014-08-04 18:28:34 ----D---- C:\ProgramData\Apple Computer
2014-08-04 18:27:27 ----D---- C:\Program Files\Apple Software Update
2014-08-04 18:25:00 ----D---- C:\Program Files\Bonjour
2014-08-04 18:24:39 ----D---- C:\ProgramData\Apple
2014-08-04 18:24:39 ----D---- C:\Program Files\Common Files\Apple

======List of files/folders modified in the last 1 month======

2014-08-31 23:30:12 ----D---- C:\Windows\system32\drivers
2014-08-31 23:30:06 ----D---- C:\Windows\System32
2014-08-31 23:30:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-31 23:30:05 ----D---- C:\Windows\inf
2014-08-31 23:25:10 ----D---- C:\Windows
2014-08-31 23:21:32 ----RD---- C:\Program Files
2014-08-31 23:21:31 ----D---- C:\ProgramData
2014-08-31 22:35:38 ----D---- C:\Windows\Prefetch
2014-08-31 22:34:23 ----D---- C:\Windows\system32\catroot
2014-08-31 22:34:04 ----SHD---- C:\System Volume Information
2014-08-31 22:30:50 ----RSD---- C:\Windows\Media
2014-08-31 22:30:44 ----D---- C:\Windows\twain_32
2014-08-31 18:49:17 ----SHD---- C:\Windows\Installer
2014-08-31 17:40:53 ----D---- C:\ProgramData\NVIDIA Corporation
2014-08-31 17:35:29 ----D---- C:\ProgramData\NVIDIA
2014-08-31 17:35:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-31 17:35:05 ----RD---- C:\Users
2014-08-31 17:25:09 ----D---- C:\ProgramData\Oracle
2014-08-31 17:24:58 ----D---- C:\Program Files\Common Files
2014-08-31 17:10:27 ----D---- C:\Windows\rescache
2014-08-31 16:54:55 ----D---- C:\Windows\system32\catroot2
2014-08-31 16:52:05 ----D---- C:\Windows\system32\cs-CZ
2014-08-31 16:18:10 ----D---- C:\Windows\winsxs
2014-08-31 16:10:55 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-08-31 14:15:36 ----RSD---- C:\Windows\assembly
2014-08-31 14:15:36 ----D---- C:\Windows\Microsoft.NET
2014-08-31 13:46:10 ----D---- C:\ProgramData\McAfee
2014-08-31 13:42:32 ----D---- C:\Program Files\Windows Media Player
2014-08-31 13:42:32 ----D---- C:\Program Files\Windows Mail
2014-08-31 13:42:28 ----D---- C:\Windows\PolicyDefinitions
2014-08-31 13:42:28 ----D---- C:\Program Files\Movie Maker
2014-08-31 13:42:26 ----D---- C:\Windows\ehome
2014-08-31 13:42:25 ----D---- C:\Windows\AppPatch
2014-08-31 13:42:24 ----D---- C:\Windows\system32\wbem
2014-08-31 13:42:24 ----D---- C:\Windows\system32\Boot
2014-08-31 13:42:22 ----D---- C:\Windows\system32\manifeststore
2014-08-31 13:42:19 ----RSD---- C:\Windows\Fonts
2014-08-31 13:02:39 ----D---- C:\Windows\Debug
2014-08-31 12:12:19 ----D---- C:\Program Files\Synaptics
2014-08-31 11:36:10 ----D---- C:\Windows\Tasks
2014-08-31 10:34:02 ----A---- C:\Windows\system.ini
2014-08-31 09:49:48 ----D---- C:\Windows\system32\drivers\etc
2014-08-31 09:48:23 ----D---- C:\Windows\system32\config
2014-08-31 00:47:11 ----D---- C:\Program Files\Acer GameZone
2014-08-31 00:39:07 ----D---- C:\PerfLogs
2014-08-31 00:03:24 ----D---- C:\Program Files\Intel
2014-08-30 23:29:53 ----D---- C:\Users\fantomas\AppData\Roaming\dvdcss
2014-08-30 21:49:34 ----D---- C:\Windows\system32\Tasks
2014-08-30 21:15:53 ----SD---- C:\ProgramData\Microsoft
2014-08-29 19:43:33 ----SD---- C:\Users\fantomas\AppData\Roaming\Microsoft
2014-08-29 17:10:01 ----D---- C:\Users\fantomas\AppData\Roaming\TS3Client
2014-08-25 13:20:55 ----D---- C:\Users\fantomas\AppData\Roaming\vlc
2014-08-23 16:23:30 ----D---- C:\Users\fantomas\AppData\Roaming\Adobe
2014-08-22 17:52:45 ----D---- C:\Program Files\Battle.net
2014-08-20 21:56:39 ----D---- C:\Windows\system32\LogFiles
2014-08-16 17:13:56 ----D---- C:\Windows\system32\WDI
2014-08-15 20:51:30 ----D---- C:\Users\fantomas\AppData\Roaming\Guild Wars 2
2014-08-13 16:23:05 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2014-08-12 16:13:44 ----D---- C:\ProgramData\Microsoft Help
2014-08-12 13:32:26 ----D---- C:\Program Files\Common Files\microsoft shared
2014-08-12 13:32:03 ----D---- C:\Windows\ShellNew
2014-08-12 13:31:41 ----A---- C:\Windows\win.ini
2014-08-12 13:31:37 ----D---- C:\Program Files\Common Files\System
2014-08-12 13:25:03 ----D---- C:\Program Files\MSBuild
2014-08-12 13:23:01 ----D---- C:\Program Files\Microsoft.NET
2014-08-12 13:21:55 ----D---- C:\Program Files\Microsoft Works
2014-08-10 17:18:47 ----D---- C:\ProgramData\Adobe
2014-08-10 17:17:58 ----D---- C:\Program Files\Adobe
2014-08-10 17:17:24 ----D---- C:\Program Files\Common Files\Adobe
2014-08-06 19:42:10 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-08-04 19:22:54 ----D---- C:\Windows\Logs
2014-08-04 08:11:46 ----D---- C:\Windows\system32\drivers\UMDF
2014-08-03 17:53:37 ----D---- C:\ProgramData\Blizzard Entertainment

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2014-07-30 43184]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-30 243128]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R1 SSHDRV51;SSHDRV51; \??\C:\Windows\system32\drivers\SSHDRV51.sys [2014-07-31 21504]
R1 SSHDRV58;SSHDRV58; \??\C:\Windows\system32\drivers\SSHDRV58.sys [2014-07-31 33280]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-07-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-12-29 8904632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2014-02-24 1343408]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-08-09 1721800]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 639928]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-11 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-07-31 1044816]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2014-07-30 24064]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-30 138168]
S4 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2014-07-30 3471360]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 553288]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]

-----------------EOF-----------------


+ výpis logu z AdwCleaneru

# AdwCleaner v3.308 - Report created 31/08/2014 at 23:21:30
# Updated 20/08/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Username : fantomas - FANTOMAS-PC
# Running from : D:\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Partner Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files\Convesoft
Folder Deleted : C:\Users\fantomas\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\fantomas\Documents\PCSpeedUp
File Deleted : C:\Windows\system32\roboot.exe

***** [ Scheduled Tasks ] *****

Task Deleted : PC SpeedUp Service Deactivator

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\074A36B543391D44FA16C62EBD65A59E
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\074A36B543391D44FA16C62EBD65A59E
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\074A36B543391D44FA16C62EBD65A59E

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18000


-\\ Google Chrome v37.0.2062.102

[ File : C:\Users\fantomas\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3231 octets] - [31/08/2014 23:18:43]
AdwCleaner[S0].txt - [3220 octets] - [31/08/2014 23:21:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3280 octets] ##########

Zdravim

Muzete mi rict, proc jste spoustel ComboFix? Umite s nim zachazet?

Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

CF smaze veskere stopy pripadne nakazy a ja ted muzu tak akorat varit z vody, jak se rika
Zkusim se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty.




Dejte mi sem log z ComboFixu, je zde
2014-08-31 10:37:16 ----A---- C:\ComboFix.txt

Omlouvám se, jen jsem nezkušený, příště se to nestane. Měl jsem za to, že upravím jen chrom když tam dam řádky jen o chromu :/ (viz následující příspěvek)
Vždy jsem našel ve foru, že mají problem s tim ze jim žere cpu svchost od chromu atp ale me nic takoveho nežere si myslím...

ComboFix 14-08-29.03 - fantomas 31.08.2014 10:13:56.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3036.1760 [GMT 2:00]
Spuštěný z: c:\users\fantomas\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\fantomas\Desktop\CFScript.txt.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-31 )))))))))))))))))))))))))))))))
.
.
2014-08-31 08:33 . 2014-08-31 08:33 -------- d-----w- c:\users\fantomas\AppData\Local\temp
2014-08-31 08:33 . 2014-08-31 08:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-31 08:33 . 2014-08-31 08:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-30 23:28 . 2014-08-30 23:28 -------- d-----w- c:\programdata\Kaspersky Lab
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\fantomas\AppData\Roaming\Intel
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\UpdatusUser\Roaming
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\Public\Roaming
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\fantomas\Roaming
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\Default\Roaming
2014-08-30 22:03 . 2014-08-30 22:03 -------- d-----w- c:\program files\Cisco
2014-08-30 22:03 . 2014-08-30 22:03 -------- d-----w- c:\program files\Common Files\Intel
2014-08-30 22:03 . 2014-08-30 22:03 -------- d-----w- c:\programdata\Intel
2014-08-30 21:51 . 2010-05-04 18:39 248832 ----a-w- c:\windows\system32\msshsq.dll
2014-08-30 21:50 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-08-30 21:50 . 2010-01-25 08:34 511488 ----a-w- c:\windows\system32\RMActivate.exe
2014-08-30 21:50 . 2010-01-25 12:48 472064 ----a-w- c:\windows\system32\secproc.dll
2014-08-30 21:50 . 2010-01-25 08:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-08-30 21:50 . 2010-01-25 08:34 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-08-30 21:50 . 2010-01-25 12:48 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2014-08-30 21:50 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-08-30 21:50 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-08-30 21:50 . 2010-01-25 12:45 329216 ----a-w- c:\windows\system32\msdrm.dll
2014-08-30 19:18 . 2014-08-30 21:09 -------- d-----w- c:\users\fantomas\AppData\Roaming\QuickScan
2014-08-30 19:16 . 2014-08-31 07:14 -------- d-----w- c:\program files\Zrychleni Pocitace
2014-08-30 19:14 . 2014-08-30 19:14 -------- d-----w- c:\program files\Microsoft Silverlight
2014-08-30 19:05 . 2014-08-30 19:05 -------- d-----w- c:\users\fantomas\AppData\Roaming\dll-files.com
2014-08-30 19:05 . 2014-08-30 19:05 -------- d-----w- c:\programdata\Logs
2014-08-30 19:05 . 2014-02-13 15:56 17344 ----a-w- c:\windows\system32\roboot.exe
2014-08-30 19:05 . 2014-08-30 19:05 -------- d-----w- c:\program files\Dll-Files.com Fixer
2014-08-23 21:27 . 1998-02-06 19:37 299520 ----a-w- c:\windows\uninst.exe
2014-08-15 20:29 . 2014-08-15 20:29 -------- d-----w- c:\program files\iPod
2014-08-15 20:29 . 2014-08-15 20:31 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-15 20:29 . 2014-08-15 20:31 -------- d-----w- c:\program files\iTunes
2014-08-15 19:16 . 2014-08-15 19:16 -------- d-----w- c:\users\fantomas\AppData\Local\Blizzard
2014-08-13 14:22 . 2014-08-22 15:56 -------- d-----w- c:\program files\Hearthstone
2014-08-13 13:56 . 2014-08-13 14:16 -------- d-----w- c:\users\fantomas\AppData\Roaming\.minecraft
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\windows\PCHEALTH
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\program files\Microsoft Sync Framework
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2014-08-12 06:00 . 2014-08-20 21:42 -------- d-----w- c:\users\fantomas\AppData\Local\Adobe
2014-08-11 22:03 . 2014-08-12 11:39 446258 ----a-w- c:\windows\AutoKMS.exe
2014-08-11 20:10 . 2014-08-11 20:10 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-11 20:10 . 2014-08-11 20:10 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-10 15:18 . 2014-08-10 15:18 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2014-08-07 20:10 . 2014-08-07 20:10 -------- d-----w- c:\users\fantomas\AppData\Local\Skype
2014-08-07 20:09 . 2014-08-29 18:03 -------- d-----w- c:\users\fantomas\AppData\Roaming\Skype
2014-08-07 20:09 . 2014-08-07 20:09 -------- d-----w- c:\program files\Common Files\Skype
2014-08-07 20:09 . 2014-08-07 20:09 -------- d-----r- c:\program files\Skype
2014-08-07 20:09 . 2014-08-07 20:09 -------- d-----w- c:\programdata\Skype
2014-08-07 13:14 . 2014-08-07 13:14 -------- d-----w- c:\program files\uTorrent
2014-08-07 13:14 . 2014-08-30 22:28 -------- d-----w- c:\users\fantomas\AppData\Roaming\uTorrent
2014-08-04 16:30 . 2014-08-04 16:37 -------- d-----w- c:\users\fantomas\AppData\Roaming\Apple Computer
2014-08-04 16:30 . 2014-08-04 16:30 -------- d-----w- c:\users\fantomas\AppData\Local\Apple Computer
2014-08-04 16:29 . 2014-08-04 16:29 -------- dc----w- c:\windows\system32\DRVSTORE
2014-08-04 16:29 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-08-04 16:28 . 2014-08-15 20:29 -------- d-----w- c:\programdata\Apple Computer
2014-08-04 16:27 . 2014-08-04 16:27 -------- d-----w- c:\users\fantomas\AppData\Local\Apple
2014-08-04 16:27 . 2014-08-04 16:27 -------- d-----w- c:\program files\Apple Software Update
2014-08-04 16:25 . 2014-08-04 16:25 -------- d-----w- c:\program files\Bonjour
2014-08-04 16:24 . 2014-08-15 20:29 -------- d-----w- c:\program files\Common Files\Apple
2014-08-04 16:24 . 2014-08-15 20:25 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-11 21:56 . 2014-07-30 18:59 15823872 ----a-w- c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2014-08-11 21:56 . 2014-07-30 18:59 107008 ----a-w- c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2014-08-11 21:56 . 2014-07-30 18:59 786492 ----a-w- c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2014-07-31 17:34 . 2014-07-31 17:34 33280 ----a-w- c:\windows\system32\drivers\SSHDRV58.sys
2014-07-31 17:14 . 2014-07-31 17:14 21504 ----a-w- c:\windows\system32\drivers\SSHDRV51.sys
2014-07-31 12:29 . 2014-07-31 12:30 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-07-30 19:39 . 2014-07-30 19:39 1548099 ----a-w- c:\windows\system32\VMC3KAPI.dll
2014-07-30 19:39 . 2014-07-30 19:39 114688 ----a-w- c:\windows\system32\VCryptAPI.dll
2014-07-30 19:39 . 2014-07-30 19:39 23040 ----a-w- c:\windows\system32\ShlCmd.exe
2014-07-30 19:39 . 2014-07-30 19:39 5632 ----a-w- c:\windows\system32\biologon.dll
2014-07-30 19:39 . 2014-07-30 19:39 43184 ----a-w- c:\windows\system32\drivers\AlfaFF.sys
2014-07-30 19:39 . 2014-07-30 19:39 331776 ----a-w- c:\windows\system32\DrvCrypt.dll
2014-07-30 19:39 . 2014-07-30 19:39 16384 ----a-w- c:\windows\system32\AlfaFF.dll
2014-07-30 19:38 . 2014-07-30 19:38 208896 ----a-w- c:\windows\system32\ATSC70PBA.dll
2014-07-30 19:38 . 2014-07-30 19:38 189952 ----a-w- c:\windows\system32\PBAGUI.dll
2014-07-30 18:57 . 2014-07-30 18:57 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-30 18:20 . 2014-07-30 18:20 98304 ----a-w- c:\windows\system32\bsreffs.dll
2014-07-30 18:20 . 2014-07-30 18:20 90112 ----a-w- c:\windows\system32\bsrlback.dll
2014-07-30 18:20 . 2014-07-30 18:20 81920 ----a-w- c:\windows\system32\bsrgvas.dll
2014-07-30 18:20 . 2014-07-30 18:20 692224 ----a-w- c:\windows\system32\bsrmgcv.dll
2014-07-30 18:20 . 2014-07-30 18:20 192512 ----a-w- c:\windows\system32\bsrmgps.dll
2014-07-30 18:20 . 2014-07-30 18:20 585728 ----a-w- c:\windows\system32\bsratswf.dll
2014-07-30 18:20 . 2014-07-30 18:20 147456 ----a-w- c:\windows\system32\bsratwmv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2014-07-30 18:03 157168 ----a-w- c:\programdata\Partner\partner.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"="c:\program files\Zrychleni Pocitace\PCSUNotifier.exe" [2014-08-08 300840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2014-07-30 3607040]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2014-07-30 19:39 2972160 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-07-31 10:15 43816 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42 34040 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2014-07-30 19:33 24064 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-08-01 14:18 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-07-02 02:51 821768 ----a-w- c:\progra~1\LAUNCH~1\QtZgAcer.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2007-08-03 20:33 582992 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-30 18:39 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-11 20:10]
.
2014-08-30 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe [2014-08-30 12:43]
.
2014-08-30 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe [2014-08-30 12:43]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-31 08:06]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-31 08:06]
.
2008-04-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-14 13:10]
.
2014-07-31 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-14 13:10]
.
2014-08-30 c:\windows\Tasks\PC SpeedUp Service Deactivator.job
- c:\program files\Zrychleni Pocitace\PCSUSD.exe [2014-08-30 11:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0714&m=aspire_7730g
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0714&m=aspire_7730g
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.24.128.8 81.92.146.5
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-31 10:33
Windows 6.0.6001 Service Pack 1 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5368)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Celkový čas: 2014-08-31 10:37:14
ComboFix-quarantined-files.txt 2014-08-31 08:37
ComboFix2.txt 2014-08-31 07:55
.
Před spuštěním: Volných bajtů: 74 073 128 960
Po spuštění: Volných bajtů: 74 037 264 384
.
- - End Of File - - 121C0D88E2436735C40B1022CE7B009B
4C1C466E0D9E7B73AD314F6E31C2964F

napsal jsem tam toto:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\McDefragTask.job
c:\windows\Tasks\McQcTask.job

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Firefox::
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\yp8mqvye.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

Reboot::

předtím jsem měl ale tento log: proto jsem daval kill all:

ComboFix 14-08-29.03 - fantomas 31.08.2014 9:25.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3036.1931 [GMT 2:00]
Spuštěný z: c:\users\fantomas\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Acer\Acer Bio Protection\PwdFilter.dll
c:\programdata\Roaming
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_PCSUService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-31 )))))))))))))))))))))))))))))))
.
.
2014-08-31 07:49 . 2014-08-31 07:50 -------- d-----w- c:\programdata\AutoKMS
2014-08-31 07:47 . 2014-08-31 07:50 -------- d-----w- c:\users\fantomas\AppData\Local\temp
2014-08-31 07:47 . 2014-08-31 07:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-31 07:47 . 2014-08-31 07:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-30 23:28 . 2014-08-30 23:28 -------- d-----w- c:\programdata\Kaspersky Lab
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\fantomas\AppData\Roaming\Intel
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\UpdatusUser\Roaming
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\Public\Roaming
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\fantomas\Roaming
2014-08-30 22:07 . 2014-08-30 22:07 -------- d-----w- c:\users\Default\Roaming
2014-08-30 22:03 . 2014-08-30 22:03 -------- d-----w- c:\program files\Cisco
2014-08-30 22:03 . 2014-08-30 22:03 -------- d-----w- c:\program files\Common Files\Intel
2014-08-30 22:03 . 2014-08-30 22:03 -------- d-----w- c:\programdata\Intel
2014-08-30 21:51 . 2010-05-04 18:39 248832 ----a-w- c:\windows\system32\msshsq.dll
2014-08-30 21:50 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-08-30 21:50 . 2010-01-25 08:34 511488 ----a-w- c:\windows\system32\RMActivate.exe
2014-08-30 21:50 . 2010-01-25 12:48 472064 ----a-w- c:\windows\system32\secproc.dll
2014-08-30 21:50 . 2010-01-25 08:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-08-30 21:50 . 2010-01-25 08:34 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-08-30 21:50 . 2010-01-25 12:48 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2014-08-30 21:50 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-08-30 21:50 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-08-30 21:50 . 2010-01-25 12:45 329216 ----a-w- c:\windows\system32\msdrm.dll
2014-08-30 19:18 . 2014-08-30 21:09 -------- d-----w- c:\users\fantomas\AppData\Roaming\QuickScan
2014-08-30 19:16 . 2014-08-31 07:14 -------- d-----w- c:\program files\Zrychleni Pocitace
2014-08-30 19:14 . 2014-08-30 19:14 -------- d-----w- c:\program files\Microsoft Silverlight
2014-08-30 19:05 . 2014-08-30 19:05 -------- d-----w- c:\users\fantomas\AppData\Roaming\dll-files.com
2014-08-30 19:05 . 2014-08-30 19:05 -------- d-----w- c:\programdata\Logs
2014-08-30 19:05 . 2014-02-13 15:56 17344 ----a-w- c:\windows\system32\roboot.exe
2014-08-30 19:05 . 2014-08-30 19:05 -------- d-----w- c:\program files\Dll-Files.com Fixer
2014-08-23 21:27 . 1998-02-06 19:37 299520 ----a-w- c:\windows\uninst.exe
2014-08-15 20:29 . 2014-08-15 20:29 -------- d-----w- c:\program files\iPod
2014-08-15 20:29 . 2014-08-15 20:31 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-15 20:29 . 2014-08-15 20:31 -------- d-----w- c:\program files\iTunes
2014-08-15 19:16 . 2014-08-15 19:16 -------- d-----w- c:\users\fantomas\AppData\Local\Blizzard
2014-08-13 14:22 . 2014-08-22 15:56 -------- d-----w- c:\program files\Hearthstone
2014-08-13 13:56 . 2014-08-13 14:16 -------- d-----w- c:\users\fantomas\AppData\Roaming\.minecraft
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\windows\PCHEALTH
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\program files\Microsoft Sync Framework
2014-08-12 11:23 . 2014-08-12 11:23 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2014-08-12 06:00 . 2014-08-20 21:42 -------- d-----w- c:\users\fantomas\AppData\Local\Adobe
2014-08-11 22:03 . 2014-08-12 11:39 446258 ----a-w- c:\windows\AutoKMS.exe
2014-08-11 20:10 . 2014-08-11 20:10 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-11 20:10 . 2014-08-11 20:10 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-10 15:18 . 2014-08-10 15:18 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2014-08-07 20:10 . 2014-08-07 20:10 -------- d-----w- c:\users\fantomas\AppData\Local\Skype
2014-08-07 20:09 . 2014-08-29 18:03 -------- d-----w- c:\users\fantomas\AppData\Roaming\Skype
2014-08-07 20:09 . 2014-08-07 20:09 -------- d-----w- c:\program files\Common Files\Skype
2014-08-07 20:09 . 2014-08-07 20:09 -------- d-----r- c:\program files\Skype
2014-08-07 20:09 . 2014-08-07 20:09 -------- d-----w- c:\programdata\Skype
2014-08-07 13:14 . 2014-08-07 13:14 -------- d-----w- c:\program files\uTorrent
2014-08-07 13:14 . 2014-08-30 22:28 -------- d-----w- c:\users\fantomas\AppData\Roaming\uTorrent
2014-08-04 16:30 . 2014-08-04 16:37 -------- d-----w- c:\users\fantomas\AppData\Roaming\Apple Computer
2014-08-04 16:30 . 2014-08-04 16:30 -------- d-----w- c:\users\fantomas\AppData\Local\Apple Computer
2014-08-04 16:29 . 2014-08-04 16:29 -------- dc----w- c:\windows\system32\DRVSTORE
2014-08-04 16:29 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-08-04 16:28 . 2014-08-15 20:29 -------- d-----w- c:\programdata\Apple Computer
2014-08-04 16:27 . 2014-08-04 16:27 -------- d-----w- c:\users\fantomas\AppData\Local\Apple
2014-08-04 16:27 . 2014-08-04 16:27 -------- d-----w- c:\program files\Apple Software Update
2014-08-04 16:25 . 2014-08-04 16:25 -------- d-----w- c:\program files\Bonjour
2014-08-04 16:24 . 2014-08-15 20:29 -------- d-----w- c:\program files\Common Files\Apple
2014-08-04 16:24 . 2014-08-15 20:25 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-11 21:56 . 2014-07-30 18:59 15823872 ----a-w- c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2014-08-11 21:56 . 2014-07-30 18:59 107008 ----a-w- c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2014-08-11 21:56 . 2014-07-30 18:59 786492 ----a-w- c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2014-07-31 17:34 . 2014-07-31 17:34 33280 ----a-w- c:\windows\system32\drivers\SSHDRV58.sys
2014-07-31 17:14 . 2014-07-31 17:14 21504 ----a-w- c:\windows\system32\drivers\SSHDRV51.sys
2014-07-31 12:29 . 2014-07-31 12:30 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-07-30 19:39 . 2014-07-30 19:39 1548099 ----a-w- c:\windows\system32\VMC3KAPI.dll
2014-07-30 19:39 . 2014-07-30 19:39 114688 ----a-w- c:\windows\system32\VCryptAPI.dll
2014-07-30 19:39 . 2014-07-30 19:39 23040 ----a-w- c:\windows\system32\ShlCmd.exe
2014-07-30 19:39 . 2014-07-30 19:39 5632 ----a-w- c:\windows\system32\biologon.dll
2014-07-30 19:39 . 2014-07-30 19:39 43184 ----a-w- c:\windows\system32\drivers\AlfaFF.sys
2014-07-30 19:39 . 2014-07-30 19:39 331776 ----a-w- c:\windows\system32\DrvCrypt.dll
2014-07-30 19:39 . 2014-07-30 19:39 16384 ----a-w- c:\windows\system32\AlfaFF.dll
2014-07-30 19:38 . 2014-07-30 19:38 208896 ----a-w- c:\windows\system32\ATSC70PBA.dll
2014-07-30 19:38 . 2014-07-30 19:38 189952 ----a-w- c:\windows\system32\PBAGUI.dll
2014-07-30 18:57 . 2014-07-30 18:57 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-30 18:20 . 2014-07-30 18:20 98304 ----a-w- c:\windows\system32\bsreffs.dll
2014-07-30 18:20 . 2014-07-30 18:20 90112 ----a-w- c:\windows\system32\bsrlback.dll
2014-07-30 18:20 . 2014-07-30 18:20 81920 ----a-w- c:\windows\system32\bsrgvas.dll
2014-07-30 18:20 . 2014-07-30 18:20 692224 ----a-w- c:\windows\system32\bsrmgcv.dll
2014-07-30 18:20 . 2014-07-30 18:20 192512 ----a-w- c:\windows\system32\bsrmgps.dll
2014-07-30 18:20 . 2014-07-30 18:20 585728 ----a-w- c:\windows\system32\bsratswf.dll
2014-07-30 18:20 . 2014-07-30 18:20 147456 ----a-w- c:\windows\system32\bsratwmv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2014-07-30 18:03 157168 ----a-w- c:\programdata\Partner\partner.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"="c:\program files\Zrychleni Pocitace\PCSUNotifier.exe" [2014-08-08 300840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2014-07-30 3607040]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2014-07-30 19:39 2972160 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-07-31 10:15 43816 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42 34040 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-07-03 13:16 3673184 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2014-07-30 19:33 24064 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-08-01 14:18 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2008-07-02 02:51 821768 ----a-w- c:\progra~1\LAUNCH~1\QtZgAcer.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
2007-08-03 20:33 582992 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-30 18:39 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-11 20:10]
.
2014-08-30 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe [2014-08-30 12:43]
.
2014-08-30 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe [2014-08-30 12:43]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-31 08:06]
.
2014-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-31 08:06]
.
2008-04-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-14 13:10]
.
2014-07-31 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-04-14 13:10]
.
2014-08-30 c:\windows\Tasks\PC SpeedUp Service Deactivator.job
- c:\program files\Zrychleni Pocitace\PCSUSD.exe [2014-08-30 11:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0714&m=aspire_7730g
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0714&m=aspire_7730g
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 212.24.128.8 81.92.146.5
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
c:\users\fantomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_76984075.lnk - c:\users\fantomas\AppData\Local\Temp\_uninst_76984075.bat
AddRemove-AVerMedia A310 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A310 (MiniCard
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-31 09:50
Windows 6.0.6001 Service Pack 1 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1604)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conime.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Acer\Empowering Technology\Service\ETService.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\RtHDVCpl.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\unsecapp.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2014-08-31 09:55:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-31 07:55
.
Před spuštěním: Volných bajtů: 73 979 768 832
Po spuštění: Volných bajtů: 74 058 973 184
.
- - End Of File - - 2CE0BC51D89959105213B3DF88F5B9C8
4C1C466E0D9E7B73AD314F6E31C2964F

Skript jste blbe pojmenoval, takze CF neprobehl jak mel.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

ten jsem použil dřív než jsem vůbec na tohle forum narazil :/ takže původní první log nedám... ale udělám nový sken

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 1.9.2014
Čas skenování: 16:44:55
Protokol: 1.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.09.01.01
Databáze rootkitů: v2014.08.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows Vista Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: fantomas

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 466295
Uplynulý čas: 1 hod, 7 min, 46 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 4
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6\adobe.photoshop.cs6-patch.exe, Žádná akce od uživatele, [83f2bf29b0cb79bd1614fcb255aba45c],
PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll, Žádná akce od uživatele, [482d1fc92f4cf145d081002640c242be],
Riskware.KG, C:\Program Files\ESET\MiNODLogin\launcher.exe, Žádná akce od uživatele, [caab33b5027943f37adbb7b00df3a759],
Riskware.KG, C:\Program Files\ESET\MiNODLogin\uninst.exe, Žádná akce od uživatele, [3540cf1954277eb8a4b03136c739619f],

Fyzické sektory: 0
(No malicious items detected)


(end)

nemyslím si že je nějaky problem s tema souborama, i dřív jsem je používal a pc bylo v pořádku rychlé...

TOULEN02 píše:nemyslím si že je nějaky problem s tema souborama, i dřív jsem je používal a pc bylo v pořádku rychlé...

Pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

ja ho nainstaloval včera prave kvuli tomu, ze mi blbne pc nepoužívám ho normalně. ale v zoufalých časech děla člověk zoufale činny...



nápravou je myšleno to že si nod smažu? to v planu mam stejně, používat jsem ho nechtěl

Jasne, neni nad to natahat si do pc dalsi bordel a delat hokusy pokusy

Crack na Eset smazat, Eset odinstalovat, nainstalovat Avast free.

Pak dejte novy log z RSIT a budem mazat.

hotovo odinstalovano...

Dejte log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by fantomas at 2014-09-01 19:51:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 79 GB (53%) free of 148 GB
Total RAM: 3036 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:03, on 1.9.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\fantomas\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\fantomas\Desktop\RSIT.exe
C:\Program Files\trend micro\fantomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_7730g
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Aktualizátor aplikace Scrybe (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 8392 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job - C:\Users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job - C:\Users\fantomas\Desktop\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-31 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2014-07-30 2558776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll [2014-07-30 736240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-31 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2014-07-30 2558776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-09 2404296]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-28 6111232]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2014-07-30 3607040]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2014-07-30 24064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-02 821768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcagent_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2014-08-08 300840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-04-28 6111232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2014-08-31 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update ESET's license.lnk]
C:\PROGRA~1\ESET\MINODL~1\launcher.exe [2013-02-16 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2014-07-30 2972160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-09-01 19:37:54 ----D---- C:\Windows\system32\eu-ES
2014-09-01 19:37:54 ----D---- C:\Windows\system32\ca-ES
2014-09-01 19:37:53 ----D---- C:\Windows\system32\vi-VN
2014-09-01 19:22:26 ----D---- C:\FRST
2014-09-01 18:48:14 ----ASH---- C:\hiberfil.sys
2014-09-01 16:35:21 ----A---- C:\Windows\ntbtlog.txt
2014-09-01 12:47:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-09-01 12:46:33 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-09-01 12:46:33 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-09-01 12:46:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-09-01 12:46:32 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-01 00:36:34 ----D---- C:\Windows\system32\EventProviders
2014-09-01 00:21:01 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2014-09-01 00:20:56 ----A---- C:\Windows\system32\SLsvc.exe
2014-09-01 00:20:56 ----A---- C:\Windows\system32\SLCExt.dll
2014-09-01 00:20:53 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2014-09-01 00:20:53 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2014-09-01 00:20:52 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2014-09-01 00:20:49 ----A---- C:\Windows\system32\mssrch.dll
2014-09-01 00:20:47 ----A---- C:\Windows\system32\tquery.dll
2014-09-01 00:20:47 ----A---- C:\Windows\system32\drivers\spsys.sys
2014-09-01 00:20:45 ----A---- C:\Windows\system32\scavenge.dll
2014-09-01 00:20:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2014-09-01 00:20:45 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2014-09-01 00:20:44 ----A---- C:\Windows\system32\mshtml.dll
2014-09-01 00:20:43 ----A---- C:\Windows\system32\msi.dll
2014-09-01 00:20:42 ----A---- C:\Windows\system32\imapi2fs.dll
2014-09-01 00:20:41 ----A---- C:\Windows\system32\WscEapPr.dll
2014-09-01 00:20:41 ----A---- C:\Windows\system32\wcnwiz2.dll
2014-09-01 00:20:41 ----A---- C:\Windows\system32\sysmain.dll
2014-09-01 00:20:41 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-09-01 00:20:40 ----A---- C:\Windows\system32\icardagt.exe
2014-09-01 00:20:39 ----A---- C:\Windows\system32\EhStorShell.dll
2014-09-01 00:20:39 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-09-01 00:20:38 ----A---- C:\Windows\system32\ieframe.dll
2014-09-01 00:20:37 ----A---- C:\Windows\system32\spreview.exe
2014-09-01 00:20:37 ----A---- C:\Windows\system32\spinstall.exe
2014-09-01 00:20:37 ----A---- C:\Windows\system32\drmv2clt.dll
2014-09-01 00:20:36 ----A---- C:\Windows\system32\spwizui.dll
2014-09-01 00:20:36 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-09-01 00:20:35 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-09-01 00:20:35 ----A---- C:\Windows\system32\p2psvc.dll
2014-09-01 00:20:34 ----A---- C:\Windows\system32\mssvp.dll
2014-09-01 00:20:34 ----A---- C:\Windows\system32\mssphtb.dll
2014-09-01 00:20:34 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2014-09-01 00:20:33 ----A---- C:\Windows\system32\sdohlp.dll
2014-09-01 00:20:33 ----A---- C:\Windows\system32\mssph.dll
2014-09-01 00:20:33 ----A---- C:\Windows\system32\imapi2.dll
2014-09-01 00:20:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-09-01 00:20:32 ----A---- C:\Windows\system32\esent.dll
2014-09-01 00:20:32 ----A---- C:\Windows\system32\DevicePairing.dll
2014-09-01 00:20:31 ----A---- C:\Windows\system32\wevtsvc.dll
2014-09-01 00:20:31 ----A---- C:\Windows\system32\sperror.dll
2014-09-01 00:20:31 ----A---- C:\Windows\system32\korwbrkr.dll
2014-09-01 00:20:30 ----A---- C:\Windows\system32\SLC.dll
2014-09-01 00:20:30 ----A---- C:\Windows\system32\msshsq.dll
2014-09-01 00:20:30 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2014-09-01 00:20:28 ----A---- C:\Windows\system32\msjet40.dll
2014-09-01 00:20:28 ----A---- C:\Windows\system32\MPSSVC.dll
2014-09-01 00:20:27 ----A---- C:\Windows\system32\Query.dll
2014-09-01 00:20:27 ----A---- C:\Windows\system32\qmgr.dll
2014-09-01 00:20:26 ----A---- C:\Windows\system32\P2PGraph.dll
2014-09-01 00:20:26 ----A---- C:\Windows\system32\msexch40.dll
2014-09-01 00:20:26 ----A---- C:\Windows\system32\IasMigReader.exe
2014-09-01 00:20:26 ----A---- C:\Windows\system32\diagperf.dll
2014-09-01 00:20:25 ----A---- C:\Windows\system32\srchadmin.dll
2014-09-01 00:20:24 ----A---- C:\Windows\system32\winload.exe
2014-09-01 00:20:24 ----A---- C:\Windows\system32\uDWM.dll
2014-09-01 00:20:24 ----A---- C:\Windows\system32\mmc.exe
2014-09-01 00:20:24 ----A---- C:\Windows\system32\mblctr.exe
2014-09-01 00:20:24 ----A---- C:\Windows\system32\dfsr.exe
2014-09-01 00:20:23 ----A---- C:\Windows\system32\riched20.dll
2014-09-01 00:20:23 ----A---- C:\Windows\system32\RacEngn.dll
2014-09-01 00:20:23 ----A---- C:\Windows\system32\IasMigPlugin.dll
2014-09-01 00:20:23 ----A---- C:\Windows\system32\fdBth.dll
2014-09-01 00:20:22 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-09-01 00:20:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-09-01 00:20:21 ----A---- C:\Windows\system32\spoolss.dll
2014-09-01 00:20:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2014-09-01 00:20:21 ----A---- C:\Windows\system32\milcore.dll
2014-09-01 00:20:21 ----A---- C:\Windows\system32\EhStorAPI.dll
2014-09-01 00:20:21 ----A---- C:\Windows\system32\CertEnroll.dll
2014-09-01 00:20:20 ----A---- C:\Windows\system32\urlmon.dll
2014-09-01 00:20:20 ----A---- C:\Windows\system32\msvcp60.dll
2014-09-01 00:20:20 ----A---- C:\Windows\system32\msjtes40.dll
2014-09-01 00:20:20 ----A---- C:\Windows\system32\fsquirt.exe
2014-09-01 00:20:20 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2014-09-01 00:20:19 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-01 00:20:19 ----A---- C:\Windows\system32\gpedit.dll
2014-09-01 00:20:18 ----A---- C:\Windows\system32\WinSAT.exe
2014-09-01 00:20:18 ----A---- C:\Windows\system32\wininet.dll
2014-09-01 00:20:18 ----A---- C:\Windows\system32\PresentationSettings.exe
2014-09-01 00:20:18 ----A---- C:\Windows\system32\Magnify.exe
2014-09-01 00:20:18 ----A---- C:\Windows\system32\es.dll
2014-09-01 00:20:17 ----A---- C:\Windows\system32\mstext40.dll
2014-09-01 00:20:17 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-01 00:20:17 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-09-01 00:20:17 ----A---- C:\Windows\system32\advapi32.dll
2014-09-01 00:20:16 ----A---- C:\Windows\system32\WMPhoto.dll
2014-09-01 00:20:16 ----A---- C:\Windows\system32\WebClnt.dll
2014-09-01 00:20:16 ----A---- C:\Windows\system32\slwmi.dll
2014-09-01 00:20:16 ----A---- C:\Windows\system32\msexcl40.dll
2014-09-01 00:20:16 ----A---- C:\Windows\system32\comsvcs.dll
2014-09-01 00:20:15 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2014-09-01 00:20:15 ----A---- C:\Windows\system32\vssapi.dll
2014-09-01 00:20:15 ----A---- C:\Windows\system32\msxbde40.dll
2014-09-01 00:20:15 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-01 00:20:15 ----A---- C:\Windows\system32\authui.dll
2014-09-01 00:20:14 ----A---- C:\Windows\system32\propsys.dll
2014-09-01 00:20:14 ----A---- C:\Windows\system32\newdev.dll
2014-09-01 00:20:14 ----A---- C:\Windows\system32\NetProjW.dll
2014-09-01 00:20:14 ----A---- C:\Windows\system32\msrepl40.dll
2014-09-01 00:20:13 ----A---- C:\Windows\system32\rpcss.dll
2014-09-01 00:20:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-01 00:20:13 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-01 00:20:13 ----A---- C:\Windows\system32\iasrecst.dll
2014-09-01 00:20:13 ----A---- C:\Windows\system32\gpsvc.dll
2014-09-01 00:20:13 ----A---- C:\Windows\system32\eudcedit.exe
2014-09-01 00:20:13 ----A---- C:\Windows\system32\crypt32.dll
2014-09-01 00:20:13 ----A---- C:\Windows\explorer.exe
2014-09-01 00:20:12 ----A---- C:\Windows\system32\setupapi.dll
2014-09-01 00:20:12 ----A---- C:\Windows\system32\mspbde40.dll
2014-09-01 00:20:12 ----A---- C:\Windows\system32\d3d9.dll
2014-09-01 00:20:11 ----A---- C:\Windows\system32\msrd3x40.dll
2014-09-01 00:20:11 ----A---- C:\Windows\system32\msltus40.dll
2014-09-01 00:20:11 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2014-09-01 00:20:11 ----A---- C:\Windows\system32\EhStorAuthn.dll
2014-09-01 00:20:11 ----A---- C:\Windows\system32\davclnt.dll
2014-09-01 00:20:10 ----A---- C:\Windows\system32\wevtapi.dll
2014-09-01 00:20:10 ----A---- C:\Windows\system32\photowiz.dll
2014-09-01 00:20:10 ----A---- C:\Windows\system32\nlhtml.dll
2014-09-01 00:20:10 ----A---- C:\Windows\system32\msdtctm.dll
2014-09-01 00:20:10 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-01 00:20:10 ----A---- C:\Windows\system32\browseui.dll
2014-09-01 00:20:09 ----A---- C:\Windows\system32\user32.dll
2014-09-01 00:20:08 ----A---- C:\Windows\system32\win32spl.dll
2014-09-01 00:20:08 ----A---- C:\Windows\system32\SLCommDlg.dll
2014-09-01 00:20:08 ----A---- C:\Windows\system32\samsrv.dll
2014-09-01 00:20:08 ----A---- C:\Windows\system32\ci.dll
2014-09-01 00:20:07 ----A---- C:\Windows\system32\WcnNetsh.dll
2014-09-01 00:20:07 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2014-09-01 00:20:07 ----A---- C:\Windows\system32\netshell.dll
2014-09-01 00:20:07 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-01 00:20:06 ----A---- C:\Windows\system32\xmlfilter.dll
2014-09-01 00:20:06 ----A---- C:\Windows\system32\mswstr10.dll
2014-09-01 00:20:06 ----A---- C:\Windows\system32\drivers\rdbss.sys
2014-09-01 00:20:06 ----A---- C:\Windows\system32\compcln.exe
2014-09-01 00:20:06 ----A---- C:\Windows\system32\audiosrv.dll
2014-09-01 00:20:06 ----A---- C:\Windows\system32\apds.dll
2014-09-01 00:20:05 ----A---- C:\Windows\system32\QAGENTRT.DLL
2014-09-01 00:20:05 ----A---- C:\Windows\system32\msvcrt.dll
2014-09-01 00:20:05 ----A---- C:\Windows\system32\msctf.dll
2014-09-01 00:20:05 ----A---- C:\Windows\system32\gdi32.dll
2014-09-01 00:20:05 ----A---- C:\Windows\system32\emdmgmt.dll
2014-09-01 00:20:05 ----A---- C:\Windows\system32\drivers\netio.sys
2014-09-01 00:20:05 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-09-01 00:20:04 ----A---- C:\Windows\system32\VSSVC.exe
2014-09-01 00:20:04 ----A---- C:\Windows\system32\sqlsrv32.dll
2014-09-01 00:20:04 ----A---- C:\Windows\system32\SLUI.exe
2014-09-01 00:20:04 ----A---- C:\Windows\system32\msrd2x40.dll
2014-09-01 00:20:04 ----A---- C:\Windows\system32\eapphost.dll
2014-09-01 00:20:03 ----A---- C:\Windows\system32\winresume.exe
2014-09-01 00:20:03 ----A---- C:\Windows\system32\propdefs.dll
2014-09-01 00:20:03 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-09-01 00:20:02 ----A---- C:\Windows\system32\wevtutil.exe
2014-09-01 00:20:02 ----A---- C:\Windows\system32\shdocvw.dll
2014-09-01 00:20:02 ----A---- C:\Windows\system32\mssitlb.dll
2014-09-01 00:20:02 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-09-01 00:20:02 ----A---- C:\Windows\system32\dbgeng.dll
2014-09-01 00:20:01 ----A---- C:\Windows\system32\swprv.dll
2014-09-01 00:20:00 ----A---- C:\Windows\system32\wuapi.dll
2014-09-01 00:20:00 ----A---- C:\Windows\system32\vds.exe
2014-09-01 00:20:00 ----A---- C:\Windows\system32\mmcndmgr.dll
2014-09-01 00:20:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\netlogon.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\msscb.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\msctfp.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\fdBthProxy.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\drvinst.exe
2014-09-01 00:19:59 ----A---- C:\Windows\system32\devmgr.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2014-09-01 00:19:59 ----A---- C:\Windows\system32\BFE.DLL
2014-09-01 00:19:59 ----A---- C:\Windows\system32\adsldpc.dll
2014-09-01 00:19:58 ----A---- C:\Windows\system32\Wldap32.dll
2014-09-01 00:19:58 ----A---- C:\Windows\system32\wcnwiz.dll
2014-09-01 00:19:58 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2014-09-01 00:19:58 ----A---- C:\Windows\system32\evr.dll
2014-09-01 00:19:57 ----A---- C:\Windows\system32\WMVSDECD.DLL
2014-09-01 00:19:57 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-09-01 00:19:56 ----A---- C:\Windows\system32\wercon.exe
2014-09-01 00:19:56 ----A---- C:\Windows\system32\wcncsvc.dll
2014-09-01 00:19:56 ----A---- C:\Windows\system32\services.exe
2014-09-01 00:19:56 ----A---- C:\Windows\system32\mimefilt.dll
2014-09-01 00:19:56 ----A---- C:\Windows\system32\iertutil.dll
2014-09-01 00:19:56 ----A---- C:\Windows\system32\comdlg32.dll
2014-09-01 00:19:56 ----A---- C:\Windows\system32\adtschema.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\rtffilt.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\reg.exe
2014-09-01 00:19:55 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\mswdat10.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\msjter40.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\msdtcprx.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\ipsmsnap.dll
2014-09-01 00:19:55 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-09-01 00:19:55 ----A---- C:\Windows\system32\certutil.exe
2014-09-01 00:19:55 ----A---- C:\Windows\system32\certcli.dll
2014-09-01 00:19:54 ----A---- C:\Windows\system32\WMNetMgr.dll
2014-09-01 00:19:54 ----A---- C:\Windows\system32\w32time.dll
2014-09-01 00:19:54 ----A---- C:\Windows\system32\PhotoScreensaver.scr
2014-09-01 00:19:54 ----A---- C:\Windows\system32\msshooks.dll
2014-09-01 00:19:54 ----A---- C:\Windows\system32\msscntrs.dll
2014-09-01 00:19:54 ----A---- C:\Windows\system32\IPSECSVC.DLL
2014-09-01 00:19:54 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-09-01 00:19:54 ----A---- C:\Windows\system32\bcrypt.dll
2014-09-01 00:19:53 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-01 00:19:53 ----A---- C:\Windows\system32\rsaenh.dll
2014-09-01 00:19:53 ----A---- C:\Windows\system32\msstrc.dll
2014-09-01 00:19:53 ----A---- C:\Windows\system32\msihnd.dll
2014-09-01 00:19:53 ----A---- C:\Windows\system32\MMDevAPI.dll
2014-09-01 00:19:53 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-09-01 00:19:53 ----A---- C:\Windows\system32\bthserv.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\termsrv.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\profsvc.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\netapi32.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\mtxclu.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\mscories.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\inetpp.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\hidserv.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\fundisc.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-09-01 00:19:52 ----A---- C:\Windows\system32\cryptsvc.dll
2014-09-01 00:19:51 ----A---- C:\Windows\system32\imapi.dll
2014-09-01 00:19:50 ----A---- C:\Windows\system32\wdc.dll
2014-09-01 00:19:50 ----A---- C:\Windows\system32\rasmans.dll
2014-09-01 00:19:50 ----A---- C:\Windows\system32\pnidui.dll
2014-09-01 00:19:50 ----A---- C:\Windows\system32\msiexec.exe
2014-09-01 00:19:50 ----A---- C:\Windows\system32\iassdo.dll
2014-09-01 00:19:50 ----A---- C:\Windows\system32\chsbrkr.dll
2014-09-01 00:19:50 ----A---- C:\Windows\system32\drivers\pci.sys
2014-09-01 00:19:50 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\wersvc.dll
2014-09-01 00:19:49 ----A---- C:\Windows\system32\slmgr.vbs
2014-09-01 00:19:49 ----A---- C:\Windows\system32\scrrun.dll
2014-09-01 00:19:49 ----A---- C:\Windows\system32\PSHED.DLL
2014-09-01 00:19:49 ----A---- C:\Windows\system32\icardres.dll
2014-09-01 00:19:49 ----A---- C:\Windows\system32\drivers\termdd.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\drivers\Storport.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\drivers\acpi.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\clfs.sys
2014-09-01 00:19:49 ----A---- C:\Windows\system32\autofmt.exe
2014-09-01 00:19:48 ----A---- C:\Windows\system32\pidgenx.dll
2014-09-01 00:19:48 ----A---- C:\Windows\system32\pdh.dll
2014-09-01 00:19:48 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-09-01 00:19:48 ----A---- C:\Windows\system32\dhcpcsvc.dll
2014-09-01 00:19:48 ----A---- C:\Windows\system32\CertEnrollUI.dll
2014-09-01 00:19:48 ----A---- C:\Windows\system32\azroles.dll
2014-09-01 00:19:47 ----A---- C:\Windows\system32\winlogon.exe
2014-09-01 00:19:47 ----A---- C:\Windows\system32\SyncCenter.dll
2014-09-01 00:19:46 ----A---- C:\Windows\system32\SLUINotify.dll
2014-09-01 00:19:46 ----A---- C:\Windows\system32\sethc.exe
2014-09-01 00:19:46 ----A---- C:\Windows\system32\ncrypt.dll
2014-09-01 00:19:46 ----A---- C:\Windows\system32\msjetoledb40.dll
2014-09-01 00:19:46 ----A---- C:\Windows\system32\kd1394.dll
2014-09-01 00:19:46 ----A---- C:\Windows\system32\drivers\mup.sys
2014-09-01 00:19:46 ----A---- C:\Windows\system32\drivers\disk.sys
2014-09-01 00:19:46 ----A---- C:\Windows\system32\comuid.dll
2014-09-01 00:19:46 ----A---- C:\Windows\system32\certmgr.dll
2014-09-01 00:19:45 ----A---- C:\Windows\system32\wisptis.exe
2014-09-01 00:19:45 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-09-01 00:19:45 ----A---- C:\Windows\system32\untfs.dll
2014-09-01 00:19:45 ----A---- C:\Windows\system32\spp.dll
2014-09-01 00:19:45 ----A---- C:\Windows\system32\scrobj.dll
2014-09-01 00:19:45 ----A---- C:\Windows\system32\iassam.dll
2014-09-01 00:19:45 ----A---- C:\Windows\system32\dwm.exe
2014-09-01 00:19:45 ----A---- C:\Windows\system32\drivers\volsnap.sys
2014-09-01 00:19:45 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2014-09-01 00:19:45 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-01 00:19:45 ----A---- C:\Windows\system32\autochk.exe
2014-09-01 00:19:44 ----A---- C:\Windows\system32\printui.dll
2014-09-01 00:19:44 ----A---- C:\Windows\system32\iasnap.dll
2014-09-01 00:19:44 ----A---- C:\Windows\system32\drivers\msrpc.sys
2014-09-01 00:19:44 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2014-09-01 00:19:44 ----A---- C:\Windows\system32\drivers\ecache.sys
2014-09-01 00:19:44 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2014-09-01 00:19:44 ----A---- C:\Windows\system32\autoconv.exe
2014-09-01 00:19:43 ----A---- C:\Windows\system32\kdcom.dll
2014-09-01 00:19:43 ----A---- C:\Windows\system32\cscript.exe
2014-09-01 00:19:42 ----A---- C:\Windows\system32\wow32.dll
2014-09-01 00:19:42 ----A---- C:\Windows\system32\userenv.dll
2014-09-01 00:19:42 ----A---- C:\Windows\system32\osk.exe
2014-09-01 00:19:42 ----A---- C:\Windows\system32\onex.dll
2014-09-01 00:19:42 ----A---- C:\Windows\system32\mswsock.dll
2014-09-01 00:19:42 ----A---- C:\Windows\system32\basecsp.dll
2014-09-01 00:19:42 ----A---- C:\Windows\system32\audiodg.exe
2014-09-01 00:19:41 ----A---- C:\Windows\system32\WinSCard.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\winmm.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\WerFaultSecure.exe
2014-09-01 00:19:41 ----A---- C:\Windows\system32\spcmsg.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\RelMon.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\rdpencom.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\offfilt.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\msftedit.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\kdusb.dll
2014-09-01 00:19:41 ----A---- C:\Windows\system32\drivers\netbt.sys
2014-09-01 00:19:41 ----A---- C:\Windows\system32\drivers\atapi.sys
2014-09-01 00:19:40 ----A---- C:\Windows\system32\wsepno.dll
2014-09-01 00:19:40 ----A---- C:\Windows\system32\WerFault.exe
2014-09-01 00:19:40 ----A---- C:\Windows\system32\Utilman.exe
2014-09-01 00:19:40 ----A---- C:\Windows\system32\stobject.dll
2014-09-01 00:19:40 ----A---- C:\Windows\system32\mfplat.dll
2014-09-01 00:19:40 ----A---- C:\Windows\system32\drivers\bthenum.sys
2014-09-01 00:19:40 ----A---- C:\Windows\system32\diskraid.exe
2014-09-01 00:19:40 ----A---- C:\Windows\system32\apphelp.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\wscript.exe
2014-09-01 00:19:39 ----A---- C:\Windows\system32\wiaservc.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\ulib.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\sysclass.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\SndVol.exe
2014-09-01 00:19:39 ----A---- C:\Windows\system32\prnntfy.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\odbccp32.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\msnetobj.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\mscms.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\mcmde.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\iasdatastore.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\dsound.dll
2014-09-01 00:19:39 ----A---- C:\Windows\system32\adsmsext.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\wscntfy.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\wlangpui.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\rastapi.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\pnpsetup.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\ipsecsnp.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2014-09-01 00:19:38 ----A---- C:\Windows\system32\gpapi.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\fdProxy.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\diskpart.exe
2014-09-01 00:19:38 ----A---- C:\Windows\system32\cryptui.dll
2014-09-01 00:19:38 ----A---- C:\Windows\system32\brcpl.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\zipfldr.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\wusa.exe
2014-09-01 00:19:37 ----A---- C:\Windows\system32\wscsvc.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\WMVENCOD.DLL
2014-09-01 00:19:37 ----A---- C:\Windows\system32\vdsdyn.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\regsvc.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\rasapi32.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\ntprint.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\mscorier.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\logman.exe
2014-09-01 00:19:37 ----A---- C:\Windows\system32\iepeers.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\iasrad.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\iashlpr.dll
2014-09-01 00:19:37 ----A---- C:\Windows\system32\findstr.exe
2014-09-01 00:19:36 ----A---- C:\Windows\system32\wsnmp32.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\wshext.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\wpccpl.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\wer.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\webcheck.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\themecpl.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\rasdlg.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\netcenter.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\iassvcs.dll
2014-09-01 00:19:36 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-09-01 00:19:35 ----A---- C:\Windows\system32\wucltux.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\uxsms.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\slcc.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\scansetting.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\powrprof.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\ntmarta.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\msutb.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\mstlsapi.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\mssprxy.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\iasads.dll
2014-09-01 00:19:35 ----A---- C:\Windows\system32\drivers\ks.sys
2014-09-01 00:19:34 ----A---- C:\Windows\system32\sud.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\powercpl.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\newdev.exe
2014-09-01 00:19:34 ----A---- C:\Windows\system32\networkmap.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\iasacct.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\dot3svc.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\connect.dll
2014-09-01 00:19:34 ----A---- C:\Windows\system32\authz.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\usercpl.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\themeui.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\systemcpl.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\samlib.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\qdvd.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\pcaui.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\mmci.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2014-09-01 00:19:33 ----A---- C:\Windows\system32\autoplay.dll
2014-09-01 00:19:33 ----A---- C:\Windows\system32\accessibilitycpl.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\wpcao.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\wlanpref.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\vdsutil.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\tapisrv.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\scksp.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\rpchttp.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\regapi.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\msinfo32.exe
2014-09-01 00:19:32 ----A---- C:\Windows\system32\mpr.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\ieaksie.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\feclient.dll
2014-09-01 00:19:32 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-09-01 00:19:31 ----A---- C:\Windows\system32\wscisvif.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\scesrv.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\rekeywiz.exe
2014-09-01 00:19:31 ----A---- C:\Windows\system32\psisdecd.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\oleprn.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\imm32.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\iaspolcy.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\Faultrep.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\drivers\exfat.sys
2014-09-01 00:19:31 ----A---- C:\Windows\system32\dpapimig.exe
2014-09-01 00:19:31 ----A---- C:\Windows\system32\dot3msm.dll
2014-09-01 00:19:31 ----A---- C:\Windows\system32\DeviceEject.exe
2014-09-01 00:19:31 ----A---- C:\Windows\system32\AudioSes.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\TSTheme.exe
2014-09-01 00:19:30 ----A---- C:\Windows\system32\tcpipcfg.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\spwinsat.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\scecli.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\rasplap.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\rasgcw.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\qedit.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\PnPUnattend.exe
2014-09-01 00:19:30 ----A---- C:\Windows\system32\pnpui.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\perfdisk.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\ncryptui.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\hdwwiz.exe
2014-09-01 00:19:30 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-01 00:19:30 ----A---- C:\Windows\system32\extmgr.dll
2014-09-01 00:19:30 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-09-01 00:19:30 ----A---- C:\Windows\system32\cmmon32.exe
2014-09-01 00:19:30 ----A---- C:\Windows\system32\certreq.exe
2014-09-01 00:19:29 ----A---- C:\Windows\system32\whealogr.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\tcpmon.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\srcore.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\SnippingTool.exe
2014-09-01 00:19:29 ----A---- C:\Windows\system32\SCardSvr.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\raschap.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\MSVidCtl.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\fontext.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\fdWSD.dll
2014-09-01 00:19:29 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2014-09-01 00:19:29 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2014-09-01 00:19:29 ----A---- C:\Windows\system32\conime.exe
2014-09-01 00:19:29 ----A---- C:\Windows\system32\cmdial32.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\WMVXENCD.DLL
2014-09-01 00:19:28 ----A---- C:\Windows\system32\wlanui.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\wiaaut.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\shwebsvc.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\rasppp.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\PnPutil.exe
2014-09-01 00:19:28 ----A---- C:\Windows\system32\oobefldr.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\dsprop.dll
2014-09-01 00:19:28 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-09-01 00:19:28 ----A---- C:\Windows\system32\drivers\npfs.sys
2014-09-01 00:19:28 ----A---- C:\Windows\system32\dimsroam.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\shsetup.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\rasmontr.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\occache.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\mscandui.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\modemui.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\chtbrkr.dll
2014-09-01 00:19:27 ----A---- C:\Windows\system32\drivers\pacer.sys
2014-09-01 00:19:27 ----A---- C:\Windows\system32\dataclen.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\WSDMon.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\wmpeffects.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\wlgpclnt.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\smss.exe
2014-09-01 00:19:26 ----A---- C:\Windows\system32\rdpwsx.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\networkexplorer.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\netplwiz.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\mstime.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\drivers\rmcast.sys
2014-09-01 00:19:26 ----A---- C:\Windows\system32\drivers\fastfat.sys
2014-09-01 00:19:26 ----A---- C:\Windows\system32\credui.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\certprop.dll
2014-09-01 00:19:26 ----A---- C:\Windows\system32\blackbox.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\wscapi.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\wpcsvc.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\thawbrkr.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\softkbd.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\sendmail.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\msscp.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\msrating.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\msimtf.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\logagent.exe
2014-09-01 00:19:25 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\InkEd.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\ifmon.dll
2014-09-01 00:19:25 ----A---- C:\Windows\system32\gpresult.exe
2014-09-01 00:19:25 ----A---- C:\Windows\system32\drivers\watchdog.sys
2014-09-01 00:19:25 ----A---- C:\Windows\system32\cipher.exe
2014-09-01 00:19:24 ----A---- C:\Windows\system32\wshbth.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\version.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\SLLUA.exe
2014-09-01 00:19:24 ----A---- C:\Windows\system32\puiapi.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\olepro32.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\msisip.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\msctfui.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\mprapi.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\input.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\ExplorerFrame.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\drivers\udfs.sys
2014-09-01 00:19:24 ----A---- C:\Windows\system32\drivers\smb.sys
2014-09-01 00:19:24 ----A---- C:\Windows\system32\drivers\hidusb.sys
2014-09-01 00:19:24 ----A---- C:\Windows\system32\dmsynth.dll
2014-09-01 00:19:24 ----A---- C:\Windows\system32\cdd.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\msjint40.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\l2nacp.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\ftp.exe
2014-09-01 00:19:23 ----A---- C:\Windows\system32\fdSSDP.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\fc.exe
2014-09-01 00:19:23 ----A---- C:\Windows\system32\eapp3hst.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-09-01 00:19:23 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2014-09-01 00:19:23 ----A---- C:\Windows\system32\dmusic.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\cscdll.dll
2014-09-01 00:19:23 ----A---- C:\Windows\system32\cscapi.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\wsdchngr.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\Storprop.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\SMBHelperClass.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\slcinst.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\rasdial.exe
2014-09-01 00:19:22 ----A---- C:\Windows\system32\rasdiag.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\nslookup.exe
2014-09-01 00:19:22 ----A---- C:\Windows\system32\networkitemfactory.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\ipconfig.exe
2014-09-01 00:19:22 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\fdWCN.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\eappcfg.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\drivers\rassstp.sys
2014-09-01 00:19:22 ----A---- C:\Windows\system32\dot3cfg.dll
2014-09-01 00:19:22 ----A---- C:\Windows\system32\bthudtask.exe
2014-09-01 00:19:22 ----A---- C:\Windows\system32\bthci.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\PNPXAssoc.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\ocsetup.exe
2014-09-01 00:19:21 ----A---- C:\Windows\system32\mmcico.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\hbaapi.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\gpupdate.exe
2014-09-01 00:19:21 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\fdeploy.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\eappgnui.dll
2014-09-01 00:19:21 ----A---- C:\Windows\system32\drivers\nwifi.sys
2014-09-01 00:19:21 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-09-01 00:19:21 ----A---- C:\Windows\system32\drivers\cdrom.sys
2014-09-01 00:19:20 ----A---- C:\Windows\system32\NcdProp.dll
2014-09-01 00:19:20 ----A---- C:\Windows\system32\iscsilog.dll
2014-09-01 00:19:20 ----A---- C:\Windows\system32\csrstub.exe
2014-09-01 00:19:20 ----A---- C:\Windows\system32\cbsra.exe
2014-09-01 00:19:20 ----A---- C:\Windows\system32\bitsigd.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\winrnr.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\vdmdbg.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\slwga.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\odbcconf.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\midimap.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\inetppui.dll
2014-09-01 00:19:19 ----A---- C:\Windows\system32\drivers\dxg.sys
2014-09-01 00:19:19 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-09-01 00:19:18 ----A---- C:\Windows\system32\drivers\stream.sys
2014-09-01 00:19:18 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-09-01 00:19:17 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-09-01 00:19:17 ----A---- C:\Windows\system32\drivers\raspppoe.sys
2014-09-01 00:19:17 ----A---- C:\Windows\system32\drivers\bridge.sys
2014-09-01 00:19:16 ----A---- C:\Windows\system32\msimsg.dll
2014-09-01 00:19:16 ----A---- C:\Windows\system32\f3ahvoas.dll
2014-09-01 00:18:24 ----A---- C:\Windows\system32\SmiEngine.dll
2014-09-01 00:17:59 ----A---- C:\Windows\system32\wdscore.dll
2014-09-01 00:17:59 ----A---- C:\Windows\system32\PkgMgr.exe
2014-09-01 00:16:41 ----A---- C:\Windows\system32\drvstore.dll
2014-08-31 23:18:37 ----D---- C:\AdwCleaner
2014-08-31 22:38:59 ----D---- C:\ProgramData\WindowsSearch
2014-08-31 22:35:42 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2014-08-31 22:35:18 ----HD---- C:\ProgramData\CanonBJ
2014-08-31 22:33:17 ----A---- C:\Windows\system32\CNMLMAA.DLL
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280U.dll
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280L.dll
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280I.dll
2014-08-31 22:29:43 ----A---- C:\Windows\system32\CNC280C.dll
2014-08-31 22:29:42 ----A---- C:\Windows\system32\CNHMCA.dll
2014-08-31 20:36:59 ----D---- C:\Program Files\trend micro
2014-08-31 20:36:55 ----D---- C:\rsit
2014-08-31 18:52:08 ----D---- C:\Users\fantomas\AppData\Roaming\ESET
2014-08-31 18:39:18 ----D---- C:\Program Files\ESET
2014-08-31 17:24:58 ----D---- C:\Program Files\Common Files\Java
2014-08-31 17:24:45 ----A---- C:\Windows\system32\javaws.exe
2014-08-31 17:24:08 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-31 17:24:08 ----A---- C:\Windows\system32\javaw.exe
2014-08-31 17:24:08 ----A---- C:\Windows\system32\java.exe
2014-08-31 17:10:42 ----D---- C:\Windows\Sun
2014-08-31 16:16:05 ----D---- C:\ProgramData\Roaming
2014-08-31 16:12:17 ----D---- C:\Program Files\Cisco
2014-08-31 16:12:04 ----D---- C:\Program Files\Common Files\Intel
2014-08-31 16:11:53 ----D---- C:\ProgramData\Intel
2014-08-31 16:04:34 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-31 16:01:14 ----A---- C:\Windows\system32\srvsvc.dll
2014-08-31 16:01:14 ----A---- C:\Windows\system32\netevent.dll
2014-08-31 16:01:03 ----A---- C:\Windows\system32\winhttp.dll
2014-08-31 15:39:48 ----D---- C:\Windows\pss
2014-08-31 13:42:11 ----D---- C:\Windows\system32\WindowsPowerShell
2014-08-31 13:02:40 ----D---- C:\Windows\system32\MRT
2014-08-31 12:16:11 ----A---- C:\Windows\system32\browserchoice.exe
2014-08-31 12:12:19 ----D---- C:\ProgramData\Synaptics
2014-08-31 12:11:54 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-31 12:11:51 ----A---- C:\Windows\system32\SynTPCo9.dll
2014-08-31 12:02:23 ----A---- C:\Windows\system32\nshhttp.dll
2014-08-31 12:02:21 ----A---- C:\Windows\system32\httpapi.dll
2014-08-31 12:02:21 ----A---- C:\Windows\system32\drivers\http.sys
2014-08-31 11:51:36 ----A---- C:\Windows\system32\winrsmgr.dll
2014-08-31 11:51:22 ----A---- C:\Windows\system32\wsmprovhost.exe
2014-08-31 11:51:22 ----A---- C:\Windows\system32\winrshost.exe
2014-08-31 11:51:22 ----A---- C:\Windows\system32\winrs.exe
2014-08-31 11:51:21 ----A---- C:\Windows\system32\wsmplpxy.dll
2014-08-31 11:51:21 ----A---- C:\Windows\system32\winrssrv.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\WsmRes.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wevtfwd.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wecutil.exe
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wecsvc.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\wecapi.dll
2014-08-31 11:51:19 ----A---- C:\Windows\system32\pwrshplugin.dll
2014-08-31 11:51:14 ----A---- C:\Windows\system32\winrm.vbs
2014-08-31 11:51:13 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-08-31 11:51:13 ----A---- C:\Windows\system32\WsmAuto.dll
2014-08-31 11:51:13 ----A---- C:\Windows\system32\winrscmd.dll
2014-08-31 11:51:12 ----A---- C:\Windows\system32\WsmSvc.dll
2014-08-31 11:51:12 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-08-31 11:51:12 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlansvc.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlansec.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlanmsm.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlanhlp.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\wlanapi.dll
2014-08-31 11:48:04 ----A---- C:\Windows\system32\L2SecHC.dll
2014-08-31 11:47:59 ----A---- C:\Windows\system32\msxml6.dll
2014-08-31 11:47:52 ----A---- C:\Windows\system32\odbc32.dll
2014-08-31 11:47:42 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-08-31 11:47:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-08-31 11:47:38 ----A---- C:\Windows\system32\ntdll.dll
2014-08-31 11:47:26 ----A---- C:\Windows\system32\gameux.dll
2014-08-31 11:47:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2014-08-31 11:47:23 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2014-08-31 11:47:05 ----A---- C:\Windows\system32\kbd106n.dll
2014-08-31 11:46:45 ----A---- C:\Windows\system32\mfc42.dll
2014-08-31 11:46:44 ----A---- C:\Windows\system32\mfc42u.dll
2014-08-31 11:46:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-08-31 11:46:38 ----A---- C:\Windows\system32\kerberos.dll
2014-08-31 11:46:37 ----A---- C:\Windows\system32\wdigest.dll
2014-08-31 11:46:36 ----A---- C:\Windows\system32\secur32.dll
2014-08-31 11:46:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-08-31 11:46:35 ----A---- C:\Windows\system32\lsass.exe
2014-08-31 11:46:27 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-08-31 11:46:22 ----A---- C:\Windows\system32\msv1_0.dll
2014-08-31 11:46:17 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-08-31 11:46:16 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-08-31 11:46:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-08-31 11:46:06 ----A---- C:\Windows\system32\usp10.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\lpk.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\fontsub.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\dciman32.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\atmlib.dll
2014-08-31 11:46:03 ----A---- C:\Windows\system32\atmfd.dll
2014-08-31 11:45:58 ----A---- C:\Windows\system32\localspl.dll
2014-08-31 11:45:22 ----A---- C:\Windows\system32\shsvcs.dll
2014-08-31 11:45:11 ----A---- C:\Windows\system32\drivers\srv.sys
2014-08-31 11:45:07 ----A---- C:\Windows\system32\win32k.sys
2014-08-31 11:45:03 ----A---- C:\Windows\system32\drivers\dfsc.sys
2014-08-31 11:44:58 ----A---- C:\Windows\system32\spoolsv.exe
2014-08-31 11:44:54 ----A---- C:\Windows\system32\ole32.dll
2014-08-31 11:44:35 ----A---- C:\Windows\system32\drivers\afd.sys
2014-08-31 11:44:31 ----A---- C:\Windows\system32\wkssvc.dll
2014-08-31 11:44:26 ----A---- C:\Windows\system32\iccvid.dll
2014-08-31 11:44:22 ----A---- C:\Windows\system32\atl.dll
2014-08-31 11:44:18 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-08-31 11:44:18 ----A---- C:\Windows\system32\dnsapi.dll
2014-08-31 11:44:17 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-08-31 11:44:13 ----A---- C:\Windows\system32\asycfilt.dll
2014-08-31 11:44:05 ----A---- C:\Windows\system32\vbscript.dll
2014-08-31 11:44:05 ----A---- C:\Windows\system32\jscript.dll
2014-08-31 11:43:21 ----A---- C:\Windows\system32\wintrust.dll
2014-08-31 11:43:08 ----A---- C:\Windows\system32\wmpmde.dll
2014-08-31 11:20:46 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-08-31 11:20:44 ----A---- C:\Windows\system32\drivers\tunnel.sys
2014-08-31 11:19:37 ----A---- C:\Windows\system32\shell32.dll
2014-08-31 11:19:33 ----A---- C:\Windows\system32\shlwapi.dll
2014-08-31 11:17:23 ----A---- C:\Windows\system32\msxml3.dll
2014-08-31 11:16:06 ----A---- C:\Windows\system32\tzres.dll
2014-08-31 11:14:57 ----A---- C:\Windows\system32\wmpdxm.dll
2014-08-31 10:44:21 ----D---- C:\ProgramData\Malwarebytes
2014-08-31 10:37:18 ----D---- C:\Windows\temp
2014-08-31 10:37:16 ----A---- C:\ComboFix.txt
2014-08-31 10:36:12 ----SHD---- C:\$RECYCLE.BIN
2014-08-31 10:10:07 ----D---- C:\ComboFix
2014-08-31 09:21:40 ----A---- C:\Windows\NIRCMD.exe
2014-08-31 09:21:40 ----A---- C:\Windows\MBR.exe
2014-08-31 09:21:37 ----A---- C:\Windows\SWREG.exe
2014-08-31 09:21:37 ----A---- C:\Windows\PEV.exe
2014-08-31 09:21:36 ----A---- C:\Windows\zip.exe
2014-08-31 09:21:36 ----A---- C:\Windows\SWSC.exe
2014-08-31 09:21:36 ----A---- C:\Windows\sed.exe
2014-08-31 09:21:36 ----A---- C:\Windows\grep.exe
2014-08-31 09:21:09 ----D---- C:\Qoobox
2014-08-31 09:20:29 ----D---- C:\Windows\erdnt
2014-08-31 01:28:49 ----D---- C:\ProgramData\Kaspersky Lab
2014-08-31 00:07:05 ----D---- C:\Users\fantomas\AppData\Roaming\Intel
2014-08-30 23:50:56 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-08-30 23:50:56 ----A---- C:\Windows\system32\RMActivate.exe
2014-08-30 23:50:54 ----A---- C:\Windows\system32\secproc_isv.dll
2014-08-30 23:50:53 ----A---- C:\Windows\system32\secproc.dll
2014-08-30 23:50:52 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-08-30 23:50:52 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-08-30 23:50:51 ----A---- C:\Windows\system32\msdrm.dll
2014-08-30 23:50:50 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-08-30 23:50:48 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-08-30 21:18:05 ----D---- C:\Users\fantomas\AppData\Roaming\QuickScan
2014-08-30 21:16:08 ----D---- C:\Program Files\Zrychleni Pocitace
2014-08-30 21:05:41 ----D---- C:\Users\fantomas\AppData\Roaming\dll-files.com
2014-08-30 21:05:34 ----D---- C:\ProgramData\Logs
2014-08-30 21:05:21 ----D---- C:\Program Files\Dll-Files.com Fixer
2014-08-23 23:27:32 ----A---- C:\Windows\uninst.exe
2014-08-23 23:27:30 ----RASH---- C:\MSDOS.SYS
2014-08-23 23:27:30 ----RASH---- C:\IO.SYS
2014-08-15 22:29:55 ----D---- C:\Program Files\iPod
2014-08-15 22:29:52 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-15 22:29:52 ----D---- C:\Program Files\iTunes
2014-08-13 16:22:46 ----D---- C:\Program Files\Hearthstone
2014-08-13 15:56:41 ----D---- C:\Users\fantomas\AppData\Roaming\.minecraft
2014-08-12 13:23:49 ----D---- C:\Program Files\Microsoft Synchronization Services
2014-08-12 13:23:46 ----D---- C:\Program Files\Common Files\DESIGNER
2014-08-12 13:23:01 ----D---- C:\Windows\PCHEALTH
2014-08-12 13:23:01 ----D---- C:\Program Files\Microsoft Sync Framework
2014-08-12 13:23:01 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2014-08-12 13:18:40 ----D---- C:\Program Files\Microsoft Office
2014-08-11 22:10:45 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-08-10 17:18:47 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-08-07 22:09:55 ----D---- C:\Users\fantomas\AppData\Roaming\Skype
2014-08-07 22:09:32 ----D---- C:\Program Files\Common Files\Skype
2014-08-07 22:09:31 ----RD---- C:\Program Files\Skype
2014-08-07 22:09:14 ----D---- C:\ProgramData\Skype
2014-08-07 15:14:19 ----D---- C:\Program Files\uTorrent
2014-08-07 15:14:06 ----D---- C:\Users\fantomas\AppData\Roaming\uTorrent
2014-08-04 18:30:08 ----D---- C:\Users\fantomas\AppData\Roaming\Apple Computer
2014-08-04 18:29:49 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-04 18:29:49 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2014-08-04 18:28:34 ----D---- C:\ProgramData\Apple Computer
2014-08-04 18:27:27 ----D---- C:\Program Files\Apple Software Update
2014-08-04 18:25:00 ----D---- C:\Program Files\Bonjour
2014-08-04 18:24:39 ----D---- C:\ProgramData\Apple
2014-08-04 18:24:39 ----D---- C:\Program Files\Common Files\Apple

======List of files/folders modified in the last 1 month======

2014-09-01 19:52:04 ----D---- C:\Windows\Prefetch
2014-09-01 19:51:59 ----RSD---- C:\Windows\assembly
2014-09-01 19:50:33 ----D---- C:\Windows\System32
2014-09-01 19:50:33 ----D---- C:\Windows\inf
2014-09-01 19:50:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-01 19:47:47 ----D---- C:\Windows\Microsoft.NET
2014-09-01 19:47:42 ----D---- C:\Windows
2014-09-01 19:47:28 ----SHD---- C:\Boot
2014-09-01 19:47:24 ----D---- C:\Windows\system32\catroot
2014-09-01 19:38:29 ----D---- C:\Program Files\Windows Mail
2014-09-01 19:38:29 ----D---- C:\Program Files\Windows Calendar
2014-09-01 19:38:29 ----D---- C:\Program Files\Movie Maker
2014-09-01 19:38:28 ----D---- C:\Program Files\Windows Sidebar
2014-09-01 19:38:28 ----D---- C:\Program Files\Windows Photo Gallery
2014-09-01 19:38:28 ----D---- C:\Program Files\Windows Media Player
2014-09-01 19:38:28 ----D---- C:\Program Files\Windows Journal
2014-09-01 19:38:28 ----D---- C:\Program Files\Windows Collaboration
2014-09-01 19:38:28 ----D---- C:\Program Files\Internet Explorer
2014-09-01 19:38:27 ----D---- C:\Program Files\Common Files\System
2014-09-01 19:38:26 ----D---- C:\Windows\servicing
2014-09-01 19:38:26 ----D---- C:\Windows\ehome
2014-09-01 19:38:26 ----D---- C:\Program Files\Windows Defender
2014-09-01 19:38:22 ----D---- C:\Windows\system32\XPSViewer
2014-09-01 19:38:22 ----D---- C:\Windows\system32\lv-LV
2014-09-01 19:38:22 ----D---- C:\Windows\IME
2014-09-01 19:38:21 ----D---- C:\Windows\system32\sk-SK
2014-09-01 19:38:21 ----D---- C:\Windows\system32\oobe
2014-09-01 19:38:21 ----D---- C:\Windows\system32\migration
2014-09-01 19:38:21 ----D---- C:\Windows\system32\ko-KR
2014-09-01 19:38:21 ----D---- C:\Windows\system32\it-IT
2014-09-01 19:38:21 ----D---- C:\Windows\system32\hr-HR
2014-09-01 19:38:21 ----D---- C:\Windows\system32\et-EE
2014-09-01 19:38:21 ----D---- C:\Windows\system32\en-US
2014-09-01 19:38:21 ----D---- C:\Windows\system32\el-GR
2014-09-01 19:38:21 ----D---- C:\Windows\system32\de-DE
2014-09-01 19:38:21 ----D---- C:\Windows\system32\da-DK
2014-09-01 19:38:20 ----D---- C:\Windows\system32\sv-SE
2014-09-01 19:38:20 ----D---- C:\Windows\system32\setup
2014-09-01 19:38:20 ----D---- C:\Windows\system32\ru-RU
2014-09-01 19:38:20 ----D---- C:\Windows\system32\he-IL
2014-09-01 19:38:20 ----D---- C:\Windows\system32\fr-FR
2014-09-01 19:38:20 ----D---- C:\Windows\system32\fi-FI
2014-09-01 19:38:20 ----D---- C:\Windows\system32\cs
2014-09-01 19:38:20 ----D---- C:\Windows\system32\AdvancedInstallers
2014-09-01 19:38:19 ----D---- C:\Windows\system32\cs-CZ
2014-09-01 19:38:18 ----D---- C:\Windows\system32\SLUI
2014-09-01 19:38:18 ----D---- C:\Windows\system32\pt-PT
2014-09-01 19:38:18 ----D---- C:\Windows\system32\hu-HU
2014-09-01 19:38:17 ----D---- C:\Windows\system32\zh-TW
2014-09-01 19:38:17 ----D---- C:\Windows\system32\zh-CN
2014-09-01 19:38:17 ----D---- C:\Windows\system32\uk-UA
2014-09-01 19:38:17 ----D---- C:\Windows\system32\sr-Latn-CS
2014-09-01 19:38:17 ----D---- C:\Windows\system32\sl-SI
2014-09-01 19:38:17 ----D---- C:\Windows\system32\ro-RO
2014-09-01 19:38:17 ----D---- C:\Windows\system32\pl-PL
2014-09-01 19:38:17 ----D---- C:\Windows\system32\manifeststore
2014-09-01 19:38:17 ----D---- C:\Windows\system32\ja-JP
2014-09-01 19:38:17 ----D---- C:\Windows\system32\es-ES
2014-09-01 19:38:17 ----D---- C:\Windows\system32\bg-BG
2014-09-01 19:38:16 ----D---- C:\Windows\system32\wbem
2014-09-01 19:38:16 ----D---- C:\Windows\system32\tr-TR
2014-09-01 19:38:16 ----D---- C:\Windows\system32\th-TH
2014-09-01 19:38:16 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-09-01 19:38:16 ----D---- C:\Windows\system32\drivers
2014-09-01 19:38:15 ----D---- C:\Windows\system32\nb-NO
2014-09-01 19:38:14 ----D---- C:\Windows\system32\pt-BR
2014-09-01 19:38:14 ----D---- C:\Windows\system32\nl-NL
2014-09-01 19:38:14 ----D---- C:\Windows\system32\migwiz
2014-09-01 19:38:14 ----D---- C:\Windows\system32\lt-LT
2014-09-01 19:38:14 ----D---- C:\Windows\system32\ar-SA
2014-09-01 19:37:59 ----RSD---- C:\Windows\Fonts
2014-09-01 19:37:58 ----D---- C:\Windows\AppPatch
2014-09-01 19:37:53 ----D---- C:\Windows\system32\Boot
2014-09-01 19:37:02 ----D---- C:\Windows\system32\drivers\UMDF
2014-09-01 19:36:51 ----D---- C:\Windows\system32\RTCOM
2014-09-01 19:28:04 ----D---- C:\Windows\winsxs
2014-09-01 19:25:55 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont
2014-09-01 19:08:22 ----SHD---- C:\Windows\Installer
2014-09-01 19:07:52 ----D---- C:\ProgramData
2014-09-01 18:56:40 ----SHD---- C:\System Volume Information
2014-09-01 16:23:30 ----D---- C:\Windows\system32\catroot2
2014-09-01 12:46:32 ----RD---- C:\Program Files
2014-09-01 12:24:10 ----D---- C:\ProgramData\Microsoft Help
2014-08-31 22:30:50 ----RSD---- C:\Windows\Media
2014-08-31 22:30:44 ----D---- C:\Windows\twain_32
2014-08-31 17:40:53 ----D---- C:\ProgramData\NVIDIA Corporation
2014-08-31 17:35:29 ----D---- C:\ProgramData\NVIDIA
2014-08-31 17:35:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-31 17:35:05 ----RD---- C:\Users
2014-08-31 17:25:09 ----D---- C:\ProgramData\Oracle
2014-08-31 17:24:58 ----D---- C:\Program Files\Common Files
2014-08-31 17:10:27 ----D---- C:\Windows\rescache
2014-08-31 13:46:10 ----D---- C:\ProgramData\McAfee
2014-08-31 13:42:28 ----D---- C:\Windows\PolicyDefinitions
2014-08-31 13:02:39 ----D---- C:\Windows\Debug
2014-08-31 12:12:19 ----D---- C:\Program Files\Synaptics
2014-08-31 11:36:10 ----D---- C:\Windows\Tasks
2014-08-31 10:34:02 ----A---- C:\Windows\system.ini
2014-08-31 09:49:48 ----D---- C:\Windows\system32\drivers\etc
2014-08-31 09:48:23 ----D---- C:\Windows\system32\config
2014-08-31 00:47:11 ----D---- C:\Program Files\Acer GameZone
2014-08-31 00:39:07 ----D---- C:\PerfLogs
2014-08-31 00:03:24 ----D---- C:\Program Files\Intel
2014-08-30 23:29:53 ----D---- C:\Users\fantomas\AppData\Roaming\dvdcss
2014-08-30 21:49:34 ----D---- C:\Windows\system32\Tasks
2014-08-30 21:15:53 ----SD---- C:\ProgramData\Microsoft
2014-08-29 19:43:33 ----SD---- C:\Users\fantomas\AppData\Roaming\Microsoft
2014-08-29 17:10:01 ----D---- C:\Users\fantomas\AppData\Roaming\TS3Client
2014-08-25 13:20:55 ----D---- C:\Users\fantomas\AppData\Roaming\vlc
2014-08-23 16:23:30 ----D---- C:\Users\fantomas\AppData\Roaming\Adobe
2014-08-22 17:52:45 ----D---- C:\Program Files\Battle.net
2014-08-20 21:56:39 ----D---- C:\Windows\system32\LogFiles
2014-08-16 17:13:56 ----D---- C:\Windows\system32\WDI
2014-08-15 20:51:30 ----D---- C:\Users\fantomas\AppData\Roaming\Guild Wars 2
2014-08-13 16:23:05 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2014-08-12 13:32:26 ----D---- C:\Program Files\Common Files\microsoft shared
2014-08-12 13:32:03 ----D---- C:\Windows\ShellNew
2014-08-12 13:31:41 ----A---- C:\Windows\win.ini
2014-08-12 13:25:03 ----D---- C:\Program Files\MSBuild
2014-08-12 13:23:01 ----D---- C:\Program Files\Microsoft.NET
2014-08-12 13:21:55 ----D---- C:\Program Files\Microsoft Works
2014-08-10 17:18:47 ----D---- C:\ProgramData\Adobe
2014-08-10 17:17:58 ----D---- C:\Program Files\Adobe
2014-08-10 17:17:24 ----D---- C:\Program Files\Common Files\Adobe
2014-08-06 19:42:10 ----D---- C:\Program Files\TeamSpeak 3 Client
2014-08-04 19:22:54 ----D---- C:\Windows\Logs
2014-08-03 17:53:37 ----D---- C:\ProgramData\Blizzard Entertainment

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2014-07-30 43184]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-30 243128]
R1 SSHDRV51;SSHDRV51; \??\C:\Windows\system32\drivers\SSHDRV51.sys [2014-07-31 21504]
R1 SSHDRV58;SSHDRV58; \??\C:\Windows\system32\drivers\SSHDRV58.sys [2014-07-31 33280]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-07-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-12-29 8904632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-08-09 1721800]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-12-29 639928]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 ScrybeUpdater;Aktualizátor aplikace Scrybe; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-07-31 1044816]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2014-07-30 24064]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-11 262320]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-30 138168]
S4 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2014-07-30 3471360]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 553288]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]

-----------------EOF-----------------

At koukam jak koukam, nikde tam zadny antivir nevidim. Dejte tam ten Avast, nebo jiny free antivir, jinak se to rychle zaprasi.

Odinstalujte MBAM.

Pouzijte tento odinstalator McAfee http://download.mcafee.com/products/lic ... s/MCPR.exe , jsou tam nejake zbytkove zaznamy.



Presunte ComboFix na plochu!
Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku