VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

problem s help_decrypt

https://forum.viry.cz:443/viewtopic.php?t=143070

Stránka 1 z 1

problem s help_decrypt

Napsal: 17 úno 2015 22:43
od chose72
nejak si s tim uz nevim rady. Avast v testu po restartu toho dost vymazal ale porad je toho tam hodne.Samozrejme ze dokumenty jsou zasifrovane a nemaji zalohu. Kdyby nekdo vedel co s tim budu rad.
Log z FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-02-2015
Ran by Helena (administrator) on N-2539B6D9E7E24 on 17-02-2015 16:40:35
Running from j:\
Loaded Profiles: Helena (Available profiles: Helena)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\System32\cmd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2002-11-21] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-18\...\Policies\Explorer: [CDRAutoRun] 0
AppInit_DLLs: c:\progra~1\musict~1\datamngr\mgrldr.dll => c:\progra~1\musict~1\datamngr\mgrldr.dll File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\music toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libra.cz
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libra.cz
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\Software\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\Software\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
HKU\S-1-5-21-2143807469-3364312836-2860373717-1005\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
URLSearchHook: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - No File
URLSearchHook: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 - (No Name) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - No File
SearchScopes: HKLM -> DefaultScope {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=IPGTDF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=IPGTDF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {23eae5ec-f216-4927-85db-2a63456ff603} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {3AB34739-5CC9-476E-9AE3-D122B22439EA} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {5225a215-5171-4bfb-b78e-8bd3d8aa6f62} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {62603f8a-af5a-42db-a4f1-3477ea2c9084} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain. ... earchTerms}
SearchScopes: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> {d73fb7e4-f402-4d75-bcfe-905970cbd079} URL = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2143807469-3364312836-2860373717-1005 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/C ... 0108217593
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default
FF DefaultSearchEngine: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF NewTab: about:newtab
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF Extension: ICQ Toolbar - C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009-07-24]
FF Extension: Microsoft Default Manager - C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\Extensions\DefaultManager@Microsoft [2011-04-04]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-03-24]
FF Extension: VideoDownloadConverter - C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com [2014-03-19]
FF Extension: FilmFanatic - C:\Documents and Settings\Helena\Data aplikací\Mozilla\Firefox\Profiles\9aueoh19.default\Extensions\paffxtbr@FilmFanatic.com [2014-03-21]
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2009-03-14]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [2003-02-22]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-04-18]

Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "https://www.seznam.cz/"
CHR Profile: C:\Documents and Settings\Helena\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Helena\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Helena\Local Settings\Data aplikací\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2006-12-01] (Autodata Limited) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2003-01-01] (AVAST Software)
S2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-02-02] (Sun Microsystems, Inc.)
S2 Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [73728 2007-08-09] (HP) [File not signed]
S2 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53248 2001-05-01] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2003-01-01] (Meetinghouse Data Communications) [File not signed]
S2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
S2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2003-01-01] ()
S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2003-01-01] (AVAST Software)
S1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2003-01-01] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2003-01-01] ()
S1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2002-11-21] (AVAST Software)
S1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2002-11-21] (AVAST Software)
S1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2003-01-01] (AVAST Software)
S0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2003-01-01] ()
S1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 ENTECH; C:\WINDOWS\System32\DRIVERS\ENTECH.SYS [20400 1999-10-21] (EnTech Taiwan) [File not signed]
S3 FET5X86V; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [43520 2008-09-22] (VIA Technologies, Inc. )
S3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [40960 2002-10-29] (VIA Technologies, Inc. )
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [85969 2008-12-01] (GMER) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51120 2004-09-29] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2004-09-29] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21744 2004-09-29] (HP)
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20576 2005-01-26] (Sonic Solutions) [File not signed]
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [627072 2008-08-28] (Ralink Technology, Corp.) [File not signed]
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
S2 STEC3; C:\WINDOWS\System32\STEC3.sys [2368 2005-04-14] (AntiCracking) [File not signed]
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R0 ViaIde; C:\WINDOWS\System32\DRIVERS\viaidexp.sys [6144 2001-10-18] (VIA Technologies, Inc.)
S3 VIAudio; C:\WINDOWS\System32\drivers\viaudios.sys [369920 2003-06-16] (VIA Technologies, Inc.)
S3 adxapie; \??\C:\DOCUME~1\Helena\LOCALS~1\Temp\adxapie.sys [X]
S2 asapiW2k; \??\C:\WINDOWS\System32\DRIVERS\asapiW2k.sys [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 nmwcd; system32\drivers\ccdcmb.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 Pcouffin; System32\Drivers\Pcouffin.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: Ip6FwHlp -> No Registry Path.

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 16:39 - 2015-02-17 16:39 - 00000000 ____D () C:\FRST
2015-02-17 15:12 - 2015-02-17 15:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 15:12 - 2015-02-17 15:12 - 00108632 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-17 15:12 - 2015-02-17 15:12 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-02-17 14:56 - 2015-02-17 14:54 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Helena\Plocha\mbam-setup-2.0.4.1028.exe
2015-02-17 14:55 - 2015-02-17 14:55 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2015-02-17 14:40 - 2015-02-17 14:40 - 00000000 __SHD () C:\FOUND.006
2015-02-17 14:40 - 2015-02-17 14:24 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-02.dmp
2015-02-17 14:34 - 2015-02-17 14:00 - 16466552 _____ (Malwarebytes Corp.) C:\Documents and Settings\Helena\Plocha\mbar-1.08.3.1004.exe
2015-02-17 14:24 - 2015-02-17 14:24 - 00000000 __SHD () C:\FOUND.005
2015-02-17 14:24 - 2015-02-17 14:12 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021715-01.dmp
2015-02-17 14:18 - 2015-02-17 14:18 - 00000000 ____D () C:\Documents and Settings\Helena\Plocha\mbar
2015-02-16 16:43 - 2015-02-16 16:43 - 00000000 _____ () C:\autoexec.bat
2015-02-16 16:07 - 2014-01-15 14:05 - 00035104 _____ () C:\Documents and Settings\Helena\Plocha\002 Cukrárna.xls
2015-02-12 18:36 - 2015-02-12 18:36 - 00001728 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-02-12 18:36 - 2015-02-12 18:36 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2015-02-12 18:33 - 2015-02-17 16:24 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-12 18:33 - 2015-02-17 13:38 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-12 18:33 - 2015-02-12 18:33 - 00000000 ____D () C:\Program Files\Google
2015-02-12 01:23 - 2015-02-12 01:23 - 00021990 _____ () C:\Documents and Settings\Helena\Dokumenty\cc_20150212_012302.reg
2015-02-11 23:30 - 2015-02-11 23:30 - 00000000 ___HD () C:\WINDOWS\$NtUninstallKB2808679$
2015-02-11 22:26 - 2015-02-11 22:26 - 00000525 _____ () C:\WINDOWS\updspapi.log
2015-02-11 22:25 - 2015-02-11 22:26 - 00007951 _____ () C:\WINDOWS\KB2632503-IE8.log
2015-02-11 22:25 - 2015-02-11 22:25 - 00006846 _____ () C:\WINDOWS\KB2598845-IE8.log
2015-02-11 22:24 - 2015-02-11 23:30 - 00009127 _____ () C:\WINDOWS\KB2808679.log
2015-02-11 22:21 - 2011-08-16 11:45 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2015-02-11 21:42 - 2015-02-11 21:42 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-02-11 20:36 - 2015-02-17 13:39 - 00020970 _____ () C:\WINDOWS\setupapi.log
2015-02-11 20:36 - 2015-02-17 13:39 - 00000116 _____ () C:\WINDOWS\setupact.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00024730 _____ () C:\WINDOWS\FaxSetup.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00011824 _____ () C:\WINDOWS\ocgen.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00009436 _____ () C:\WINDOWS\tsoc.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00008290 _____ () C:\WINDOWS\comsetup.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00005024 _____ () C:\WINDOWS\ntdtcsetup.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00003993 _____ () C:\WINDOWS\iis6.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00001544 _____ () C:\WINDOWS\ocmsn.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00001374 _____ () C:\WINDOWS\imsins.log
2015-02-11 20:36 - 2015-02-11 23:30 - 00001236 _____ () C:\WINDOWS\msgsocm.log
2015-02-11 20:36 - 2015-02-11 22:26 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-02-11 20:36 - 2015-02-11 20:36 - 00000348 _____ () C:\WINDOWS\spupdsvc.log
2015-02-11 20:36 - 2015-02-11 20:36 - 00000000 ___HD () C:\WINDOWS\$NtUninstallXPSEPSCLP$
2015-02-11 20:36 - 2015-02-11 20:36 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-11 20:36 - 2006-06-29 13:07 - 00014048 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg2.dll
2015-02-11 16:09 - 2015-02-11 16:09 - 00010798 _____ () C:\WINDOWS\DPINST.LOG
2015-02-05 21:18 - 2015-02-05 21:18 - 00008632 _____ () C:\Documents and Settings\HELP_DECRYPT.HTML
2015-02-05 21:18 - 2015-02-05 21:18 - 00008632 _____ () C:\Documents and Settings\Helena\HELP_DECRYPT.HTML
2015-02-05 21:18 - 2015-02-05 21:18 - 00008632 _____ () C:\Documents and Settings\Helena\Dokumenty\HELP_DECRYPT.HTML
2015-02-05 21:18 - 2015-02-05 21:18 - 00008632 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 21:18 - 2015-02-05 21:18 - 00004256 _____ () C:\Documents and Settings\HELP_DECRYPT.TXT
2015-02-05 21:18 - 2015-02-05 21:18 - 00004256 _____ () C:\Documents and Settings\Helena\HELP_DECRYPT.TXT
2015-02-05 21:18 - 2015-02-05 21:18 - 00004256 _____ () C:\Documents and Settings\Helena\Dokumenty\HELP_DECRYPT.TXT
2015-02-05 21:18 - 2015-02-05 21:18 - 00004256 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 21:18 - 2015-02-05 21:18 - 00000300 _____ () C:\Documents and Settings\HELP_DECRYPT.URL
2015-02-05 21:18 - 2015-02-05 21:18 - 00000300 _____ () C:\Documents and Settings\Helena\HELP_DECRYPT.URL
2015-02-05 21:18 - 2015-02-05 21:18 - 00000300 _____ () C:\Documents and Settings\Helena\Dokumenty\HELP_DECRYPT.URL
2015-02-05 21:18 - 2015-02-05 21:18 - 00000300 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.URL
2015-02-05 21:02 - 2015-02-05 20:57 - 00004256 _____ () C:\Documents and Settings\Helena\Plocha\HELP_DECRYPT.TXT
2015-02-05 20:56 - 2015-02-05 20:56 - 00008632 _____ () C:\Documents and Settings\Helena\Local Settings\HELP_DECRYPT.HTML
2015-02-05 20:56 - 2015-02-05 20:56 - 00008632 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 20:56 - 2015-02-05 20:56 - 00004256 _____ () C:\Documents and Settings\Helena\Local Settings\HELP_DECRYPT.TXT
2015-02-05 20:56 - 2015-02-05 20:56 - 00004256 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 20:56 - 2015-02-05 20:56 - 00000300 _____ () C:\Documents and Settings\Helena\Local Settings\HELP_DECRYPT.URL
2015-02-05 20:56 - 2015-02-05 20:56 - 00000300 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.URL
2015-02-05 20:54 - 2015-02-05 20:54 - 00008632 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 00008632 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 00008632 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 00008632 _____ () C:\Documents and Settings\All Users\Plocha\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 00008632 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 00008632 _____ () C:\Documents and Settings\All Users\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 00004256 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 00004256 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 00004256 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 00004256 _____ () C:\Documents and Settings\All Users\Plocha\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 00004256 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 00004256 _____ () C:\Documents and Settings\All Users\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 00000300 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.URL
2015-02-05 20:54 - 2015-02-05 20:54 - 00000300 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\HELP_DECRYPT.URL
2015-02-05 20:54 - 2015-02-05 20:54 - 00000300 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.URL
2015-02-05 20:54 - 2015-02-05 20:54 - 00000300 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.URL
2015-02-05 20:54 - 2015-02-05 20:54 - 00000300 _____ () C:\Documents and Settings\All Users\Data aplikací\HELP_DECRYPT.URL
2015-02-05 20:53 - 2015-02-05 20:53 - 00008632 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.HTML
2015-02-05 20:53 - 2015-02-05 20:53 - 00008632 _____ () C:\Documents and Settings\Default User\Local Settings\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 20:53 - 2015-02-05 20:53 - 00008632 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.HTML
2015-02-05 20:53 - 2015-02-05 20:53 - 00008632 _____ () C:\Documents and Settings\Default User\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 20:53 - 2015-02-05 20:53 - 00004256 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.TXT
2015-02-05 20:53 - 2015-02-05 20:53 - 00004256 _____ () C:\Documents and Settings\Default User\Local Settings\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 20:53 - 2015-02-05 20:53 - 00004256 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.TXT
2015-02-05 20:53 - 2015-02-05 20:53 - 00004256 _____ () C:\Documents and Settings\Default User\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 20:53 - 2015-02-05 20:53 - 00000300 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.URL
2015-02-05 20:53 - 2015-02-05 20:53 - 00000300 _____ () C:\Documents and Settings\Default User\Local Settings\Data aplikací\HELP_DECRYPT.URL
2015-02-05 20:53 - 2015-02-05 20:53 - 00000300 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.URL
2015-02-05 20:53 - 2015-02-05 20:53 - 00000300 _____ () C:\Documents and Settings\Default User\Data aplikací\HELP_DECRYPT.URL
2015-02-05 20:06 - 2015-02-05 20:06 - 00000000 ____D () C:\Documents and Settings\Helena\Data aplikací\Local Store
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README9.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README8.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README7.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README6.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README5.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README4.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README3.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README2.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README10.txt
2015-02-02 11:44 - 2015-02-02 11:44 - 00001184 _____ () C:\README1.txt
2015-01-30 21:49 - 2015-01-30 21:49 - 00000000 __SHD () C:\Documents and Settings\All Users\Data aplikací\Windows
2015-01-30 21:48 - 2015-01-30 21:48 - 00000000 __SHD () C:\Documents and Settings\Helena\Data aplikací\SVR-NTWEXPJSBPO
2015-01-29 11:46 - 2015-01-29 11:46 - 00000000 ___HD () C:\Documents and Settings\All Users\Data aplikací\{F6A14B7B-6D9E-41BF-95CC-4083129D68BD}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-17 16:34 - 2003-10-29 09:08 - 00000272 ___SH () C:\Documents and Settings\Helena\ntuser.ini
2015-02-17 16:34 - 2003-09-02 18:09 - 00032438 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-17 16:34 - 2003-09-02 18:00 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-17 16:34 - 2003-09-02 17:55 - 00000216 _____ () C:\WINDOWS\wiadebug.log
2015-02-17 16:34 - 2003-09-02 17:55 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-17 16:34 - 2002-11-21 10:38 - 00611825 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-17 16:31 - 2003-01-01 00:55 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-02-17 16:24 - 2014-07-25 15:07 - 00000437 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-02-17 16:24 - 2014-03-21 09:21 - 00000224 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-02-17 14:42 - 2012-04-02 16:12 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-16 16:13 - 2003-11-26 20:42 - 00002509 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Excel.lnk
2015-02-16 14:46 - 2003-05-01 14:12 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-15 00:24 - 2003-05-01 14:12 - 00000910 _____ () C:\WINDOWS\win.ini
2015-02-11 23:49 - 2003-09-02 17:54 - 01142330 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-11 14:29 - 2008-12-01 14:12 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-05 01:27 - 2003-09-02 18:38 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat

==================== Files in the root of some directories =======

2007-03-22 13:41 - 2007-03-22 13:41 - 0044813 _____ () C:\Documents and Settings\Helena\Data aplikací\Update_HP_RedboxHprblog_HPSU.log
2007-03-22 13:43 - 2007-03-22 13:43 - 0003643 _____ () C:\Documents and Settings\Helena\Data aplikací\PatchUpdate_IZClosingDiscError.log
2007-03-22 13:44 - 2007-03-22 13:44 - 0002834 _____ () C:\Documents and Settings\Helena\Data aplikací\PatchUpdate_InstantShareJPG.log
2007-03-22 13:44 - 2007-03-22 13:44 - 0000353 _____ () C:\Documents and Settings\Helena\Data aplikací\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
2007-03-22 13:44 - 2007-03-22 13:44 - 0000000 _____ () C:\Documents and Settings\Helena\Data aplikací\HelpFilesUpdatePatch_HELPFILEREPLACE.log
2007-03-22 13:45 - 2007-03-22 13:45 - 0026199 _____ () C:\Documents and Settings\Helena\Data aplikací\PatchUpdate_HP_CounterReport_Update_HPSU.log
2015-02-05 21:18 - 2015-02-05 21:18 - 0004256 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 21:18 - 2015-02-05 21:18 - 0008632 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 21:18 - 2015-02-05 21:18 - 0000300 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.URL
2015-02-05 21:18 - 2015-02-05 21:18 - 0045901 _____ () C:\Documents and Settings\Helena\Data aplikací\HELP_DECRYPT.PNG
2003-11-30 19:36 - 2013-05-04 11:53 - 0124416 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-01-17 19:34 - 2007-01-17 19:35 - 0000126 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\fusioncache.dat
2015-02-05 20:56 - 2015-02-05 20:56 - 0004256 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.TXT
2015-02-05 20:56 - 2015-02-05 20:56 - 0008632 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.HTML
2015-02-05 20:56 - 2015-02-05 20:56 - 0000300 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.URL
2015-02-05 20:56 - 2015-02-05 20:56 - 0045901 _____ () C:\Documents and Settings\Helena\Local Settings\Data aplikací\HELP_DECRYPT.PNG
2015-02-05 20:54 - 2015-02-05 20:54 - 0004256 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.TXT
2015-02-05 20:54 - 2015-02-05 20:54 - 0008632 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.HTML
2015-02-05 20:54 - 2015-02-05 20:54 - 0000300 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.URL
2015-02-05 20:54 - 2015-02-05 20:54 - 0045901 _____ () C:\Documents and Settings\All Users\HELP_DECRYPT.PNG

Some content of TEMP:
====================
C:\Documents and Settings\Helena\Local Settings\Temp\MSN29.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
C:\Documents and Settings\Helena\Local Settings\Temp\Uninstall.exe
C:\Documents and Settings\Helena\Local Settings\Temp\GenericWndApi.dll
C:\Documents and Settings\Helena\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
C:\Documents and Settings\Helena\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Helena\Local Settings\Temp\MybabylonTB.exe
C:\Documents and Settings\Helena\Local Settings\Temp\BundleSweetIMSetup.exe
C:\Documents and Settings\Helena\Local Settings\Temp\DeltaTB.exe
C:\Documents and Settings\Helena\Local Settings\Temp\Delta.exe
C:\Documents and Settings\Helena\Local Settings\Temp\WSSetup.exe
C:\Documents and Settings\Helena\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Re: problem s help_decrypt

Napsal: 18 úno 2015 07:21
od JaRon
ahoj,
doporucujem vyuzit sluzbu www.neslape.cz - upozornujem, ze uspesnost decrypt je do 15% ,,, :(
+ drobne smeti vycisti s ADWCleanerom - je ich dost :)

Re: problem s help_decrypt

Napsal: 20 úno 2015 13:06
od chose72
Predlozil jsem Vas navrh na vyuziti sluzby majiteli PC. Ja byl pro uplny reinstal pc se zalohou infikovanych souboru na externi zarizeni. Rozhodnuti je jen na nem. Dekuji za radu a preji hezky den.

Re: problem s help_decrypt

Napsal: 20 úno 2015 13:08
od JaRon
OKi - pekny vikend :thumbsup:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz