Vir policie čr+ stavkujici avast?

Zpráva

dodo677 · #1 Příspěvek od **dodo677** » 08 úno 2013 22:07

Zdravím,
dostal se mi do rukou notebok s klasickým virem Policie čr blokuje vaš PC.......
problém odstraněn pomoci Kaspersky Rescue CD.....
stále ale po stratu vist vyskočí dvě okna ...jedno je od avastu a avast sám neběží.....i po jeho reinstalaci viz. obrázek
log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Katka at 2013-02-08 21:56:19
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 24 GB (15%) free of 153 GB
Total RAM: 3582 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:35, on 8.2.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Katka\Downloads\RSIT.exe
C:\Program Files\trend micro\Katka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=6&barid={2C ... 261872D4C1}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&crg=3.101 ... 261872D4C1}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O3 - Toolbar: (no name) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - (no file)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Startup: runctf.lnk = C:\Windows\System32\rundll32.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7647 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-11 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_P.dll [2012-11-06 183112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{daf5b34c-1aa3-4c33-ae24-766a370635d2}
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_P.dll [2012-11-06 183112]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-01 13756960]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-28 7625248]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-14 496960]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe

C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
runctf.lnk - C:\Windows\System32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-08 21:56:19 ----D---- C:\rsit
2013-02-08 21:56:19 ----D---- C:\Program Files\trend micro
2013-02-08 21:23:20 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-02-08 21:23:20 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-02-08 21:22:58 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-02-08 21:22:58 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2013-02-08 21:22:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-02-08 21:22:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-02-08 21:22:35 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-08 21:22:35 ----A---- C:\Windows\avastSS.scr
2013-02-08 20:55:33 ----D---- C:\Program Files\CCleaner
2013-02-08 18:05:15 ----ASH---- C:\hiberfil.sys
2013-01-31 17:33:25 ----D---- C:\Program Files\Conduit
2013-01-31 17:33:22 ----D---- C:\Program Files\BS_Player
2013-01-31 17:33:12 ----D---- C:\Users\Katka\AppData\Roaming\BSplayer Pro
2013-01-31 17:33:12 ----D---- C:\Users\Katka\AppData\Roaming\BSplayer
2013-01-31 17:33:11 ----D---- C:\Program Files\Webteh
2013-01-29 03:23:29 ----RD---- C:\Program Files\Skype
2013-01-29 03:23:29 ----D---- C:\Program Files\Common Files\Skype
2013-01-28 22:03:06 ----A---- C:\Windows\system32\srvsvc.dll
2013-01-28 22:03:05 ----A---- C:\Windows\system32\netevent.dll
2013-01-28 22:03:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-01-28 22:02:46 ----A---- C:\Windows\system32\DWrite.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d3d10warp.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d3d10_1.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d2d1.dll
2013-01-28 04:21:56 ----D---- C:\Program Files\Windows Portable Devices
2013-01-28 04:21:31 ----D---- C:\Windows\system32\WindowsPowerShell
2013-01-28 03:47:02 ----A---- C:\Windows\system32\UIAnimation.dll
2013-01-28 03:46:59 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-01-28 03:46:58 ----A---- C:\Windows\system32\UIRibbon.dll
2013-01-28 03:45:27 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2013-01-28 03:45:26 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-01-28 03:45:26 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2013-01-28 03:45:20 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2013-01-28 03:45:15 ----A---- C:\Windows\system32\WpdMtpUS.dll
2013-01-28 03:45:15 ----A---- C:\Windows\system32\WpdConns.dll
2013-01-28 03:45:15 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2013-01-28 03:45:14 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\wpdshext.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\WpdMtp.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\wpd_ci.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-01-28 03:45:13 ----A---- C:\Windows\system32\WPDSp.dll
2013-01-28 03:38:15 ----A---- C:\Windows\system32\wmi.dll
2013-01-28 03:38:15 ----A---- C:\Windows\system32\imagehlp.dll
2013-01-28 03:38:15 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-01-28 03:20:03 ----A---- C:\Windows\system32\wininet.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\urlmon.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-01-28 03:20:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-01-28 03:20:03 ----A---- C:\Windows\system32\msrating.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\msls31.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\mshtmler.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\jsproxy.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\ieui.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\iesysprep.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\iertutil.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\wextract.exe
2013-01-28 03:20:02 ----A---- C:\Windows\system32\webcheck.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\vbscript.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\url.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\mshtmled.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\licmgr10.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\inseng.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iexpress.exe
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iesetup.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iernonce.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ieframe.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iedkcs32.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ieapfltr.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ieapfltr.dat
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ie4uinit.exe
2013-01-28 03:20:02 ----A---- C:\Windows\system32\icardie.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\dxtrans.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\dxtmsft.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\pngfilt.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\occache.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\mshtml.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\mshta.exe
2013-01-28 03:20:01 ----A---- C:\Windows\system32\msfeedssync.exe
2013-01-28 03:20:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\jscript9.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\jscript.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\imgutil.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieUnatt.exe
2013-01-28 03:20:01 ----A---- C:\Windows\system32\iepeers.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieakui.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieaksie.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieakeng.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\advpack.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\admparse.dll
2013-01-28 03:19:15 ----A---- C:\Windows\system32\mfmp4src.dll
2013-01-28 03:19:15 ----A---- C:\Windows\system32\MFHEAACdec.dll
2013-01-28 03:19:15 ----A---- C:\Windows\system32\MFH264Dec.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\stobject.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\shdocvw.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mfps.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mfplat.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mf.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\dxgi.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-01-28 03:19:13 ----A---- C:\Windows\system32\d3d10level9.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\d3d10core.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\d3d10.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\cdd.dll
2013-01-28 03:19:12 ----A---- C:\Windows\system32\xpsservices.dll
2013-01-28 03:19:12 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2013-01-28 03:19:12 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2013-01-28 03:19:12 ----A---- C:\Windows\system32\OpcServices.dll
2013-01-28 03:18:35 ----A---- C:\Windows\system32\WMPhoto.dll
2013-01-28 03:18:35 ----A---- C:\Windows\system32\dxdiagn.dll
2013-01-28 03:18:35 ----A---- C:\Windows\system32\dxdiag.exe
2013-01-28 03:18:35 ----A---- C:\Windows\system32\d3d11.dll
2013-01-28 03:18:34 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-01-28 03:18:34 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-01-28 03:18:34 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2013-01-28 03:14:49 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-01-28 03:14:49 ----A---- C:\Windows\system32\PresentationHost.exe
2013-01-28 03:14:49 ----A---- C:\Windows\system32\netfxperf.dll
2013-01-28 03:14:49 ----A---- C:\Windows\system32\mscoree.dll
2013-01-28 03:14:48 ----A---- C:\Windows\system32\dfshim.dll
2013-01-28 03:13:30 ----A---- C:\Windows\system32\browserchoice.exe
2013-01-28 03:07:55 ----A---- C:\Windows\system32\nshhttp.dll
2013-01-28 03:07:53 ----A---- C:\Windows\system32\drivers\http.sys
2013-01-28 03:07:52 ----A---- C:\Windows\system32\httpapi.dll
2013-01-28 03:06:58 ----A---- C:\Windows\system32\Wdfres.dll
2013-01-28 03:06:52 ----A---- C:\Windows\system32\winusb.dll
2013-01-28 03:06:52 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-01-28 03:06:52 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-01-28 03:06:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-01-28 03:06:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-01-28 03:06:50 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-01-28 03:06:50 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-01-28 03:06:47 ----A---- C:\Windows\system32\WUDFx.dll
2013-01-28 03:06:47 ----A---- C:\Windows\system32\WUDFHost.exe
2013-01-28 03:06:47 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-01-28 03:02:50 ----A---- C:\Windows\system32\winrsmgr.dll
2013-01-28 03:02:34 ----A---- C:\Windows\system32\wsmprovhost.exe
2013-01-28 03:02:34 ----A---- C:\Windows\system32\winrshost.exe
2013-01-28 03:02:34 ----A---- C:\Windows\system32\winrs.exe
2013-01-28 03:02:32 ----A---- C:\Windows\system32\wsmplpxy.dll
2013-01-28 03:02:32 ----A---- C:\Windows\system32\winrssrv.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\WsmRes.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wevtfwd.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wecutil.exe
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wecsvc.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wecapi.dll
2013-01-28 03:02:29 ----A---- C:\Windows\system32\pwrshplugin.dll
2013-01-28 03:02:25 ----A---- C:\Windows\system32\winrm.vbs
2013-01-28 03:02:21 ----A---- C:\Windows\system32\WsmWmiPl.dll
2013-01-28 03:02:21 ----A---- C:\Windows\system32\WsmAuto.dll
2013-01-28 03:02:20 ----A---- C:\Windows\system32\WsmSvc.dll
2013-01-28 03:02:20 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2013-01-28 03:02:20 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2013-01-28 03:02:20 ----A---- C:\Windows\system32\winrscmd.dll
2013-01-28 03:01:14 ----A---- C:\Windows\system32\lpk.dll
2013-01-28 03:01:14 ----A---- C:\Windows\system32\dciman32.dll
2013-01-28 03:01:14 ----A---- C:\Windows\system32\atmfd.dll
2013-01-28 03:01:13 ----A---- C:\Windows\system32\fontsub.dll
2013-01-28 03:01:13 ----A---- C:\Windows\system32\atmlib.dll
2013-01-27 23:25:40 ----A---- C:\Windows\system32\wmp.dll
2013-01-27 23:25:36 ----A---- C:\Windows\system32\wmploc.DLL
2013-01-27 23:25:19 ----A---- C:\Windows\system32\usp10.dll
2013-01-27 23:25:13 ----A---- C:\Windows\system32\psisdecd.dll
2013-01-27 23:25:10 ----A---- C:\Windows\system32\odbc32.dll
2013-01-27 23:24:50 ----A---- C:\Windows\system32\netiohlp.dll
2013-01-27 23:24:49 ----A---- C:\Windows\system32\TCPSVCS.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\ROUTE.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\NETSTAT.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\MRINFO.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\HOSTNAME.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\finger.exe
2013-01-27 23:24:49 ----A---- C:\Windows\system32\ARP.EXE
2013-01-27 23:24:14 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-01-27 23:24:11 ----A---- C:\Windows\system32\wlanmsm.dll
2013-01-27 23:24:11 ----A---- C:\Windows\system32\L2SecHC.dll
2013-01-27 23:24:10 ----A---- C:\Windows\system32\wlansvc.dll
2013-01-27 23:24:10 ----A---- C:\Windows\system32\wlansec.dll
2013-01-27 23:24:10 ----A---- C:\Windows\system32\wlanapi.dll
2013-01-27 23:24:08 ----A---- C:\Windows\system32\winmm.dll
2013-01-27 23:24:08 ----A---- C:\Windows\system32\mciseq.dll
2013-01-27 23:24:07 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-01-27 23:23:59 ----A---- C:\Windows\system32\localspl.dll
2013-01-27 23:23:27 ----A---- C:\Windows\system32\mfc42u.dll
2013-01-27 23:23:26 ----A---- C:\Windows\system32\mfc42.dll
2013-01-27 23:23:24 ----A---- C:\Windows\system32\ntdll.dll
2013-01-27 23:23:20 ----A---- C:\Windows\system32\iccvid.dll
2013-01-27 23:22:54 ----A---- C:\Windows\system32\synceng.dll
2013-01-27 23:22:49 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-01-27 23:22:46 ----A---- C:\Windows\system32\drivers\srv.sys
2013-01-27 23:22:44 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-01-27 23:22:44 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-01-27 23:22:44 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-01-27 23:22:41 ----A---- C:\Windows\system32\shell32.dll
2013-01-27 23:22:39 ----A---- C:\Windows\system32\win32k.sys
2013-01-27 23:22:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-01-27 23:22:38 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-01-27 23:22:38 ----A---- C:\Windows\system32\dnsapi.dll
2013-01-27 23:22:36 ----A---- C:\Windows\system32\asycfilt.dll
2013-01-27 23:22:33 ----A---- C:\Windows\system32\atl.dll
2013-01-27 23:22:30 ----A---- C:\Windows\system32\ole32.dll
2013-01-27 23:22:28 ----A---- C:\Windows\system32\EncDec.dll
2013-01-27 23:22:27 ----A---- C:\Windows\system32\spoolsv.exe
2013-01-27 23:22:15 ----A---- C:\Windows\system32\dpnsvr.exe
2013-01-27 23:22:15 ----A---- C:\Windows\system32\dpnet.dll
2013-01-27 23:22:13 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-01-27 23:22:11 ----A---- C:\Windows\system32\wkssvc.dll
2013-01-27 23:22:09 ----A---- C:\Windows\system32\t2embed.dll
2013-01-27 23:22:08 ----A---- C:\Windows\system32\drivers\afd.sys
2013-01-27 23:21:55 ----A---- C:\Windows\system32\shsvcs.dll
2013-01-27 23:21:49 ----A---- C:\Windows\system32\sdclt.exe
2013-01-27 23:21:48 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-01-27 23:21:47 ----A---- C:\Windows\system32\netapi32.dll
2013-01-27 23:21:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-01-27 23:21:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-01-27 23:21:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-01-27 23:21:33 ----A---- C:\Windows\system32\MP4SDECD.DLL
2013-01-27 23:21:21 ----A---- C:\Windows\system32\FntCache.dll
2013-01-27 23:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-01-27 23:21:10 ----A---- C:\Windows\system32\packager.dll
2013-01-27 23:21:08 ----A---- C:\Windows\system32\mfc40u.dll
2013-01-27 23:21:08 ----A---- C:\Windows\system32\mfc40.dll
2013-01-27 23:20:13 ----A---- C:\Windows\system32\rtutils.dll
2013-01-27 23:20:09 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-27 23:19:58 ----A---- C:\Windows\system32\winsrv.dll
2013-01-27 23:19:55 ----A---- C:\Windows\system32\msvcrt.dll
2013-01-27 23:19:50 ----A---- C:\Windows\system32\gameux.dll
2013-01-27 23:19:49 ----A---- C:\Windows\system32\Apphlpdm.dll
2013-01-27 23:19:48 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2013-01-27 23:19:43 ----A---- C:\Windows\system32\kerberos.dll
2013-01-27 23:19:37 ----A---- C:\Windows\system32\kernel32.dll
2013-01-27 23:19:34 ----A---- C:\Windows\system32\crypt32.dll
2013-01-27 23:19:33 ----A---- C:\Windows\system32\cryptsvc.dll
2013-01-27 23:19:33 ----A---- C:\Windows\system32\cryptnet.dll
2013-01-27 23:19:23 ----A---- C:\Windows\system32\wmpmde.dll
2013-01-27 23:19:21 ----A---- C:\Windows\system32\sbe.dll
2013-01-27 23:19:20 ----A---- C:\Windows\system32\sbeio.dll
2013-01-27 23:19:13 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-01-27 23:19:13 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-01-27 23:19:13 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-01-27 23:18:58 ----A---- C:\Windows\system32\taskschd.dll
2013-01-27 23:18:58 ----A---- C:\Windows\system32\schedsvc.dll
2013-01-27 23:18:57 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-01-27 23:18:57 ----A---- C:\Windows\system32\taskeng.exe
2013-01-27 23:18:56 ----A---- C:\Windows\system32\taskcomp.dll
2013-01-27 23:18:54 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-27 23:18:53 ----A---- C:\Windows\system32\wintrust.dll
2013-01-27 23:18:52 ----A---- C:\Windows\system32\inetcomm.dll
2013-01-27 23:18:43 ----A---- C:\Windows\system32\consent.exe
2013-01-27 23:18:40 ----A---- C:\Windows\system32\tzres.dll
2013-01-27 23:18:32 ----A---- C:\Windows\system32\msxml6.dll
2013-01-27 23:18:31 ----A---- C:\Windows\system32\csrsrv.dll
2013-01-27 23:18:23 ----A---- C:\Windows\system32\wmpdxm.dll
2013-01-27 23:18:17 ----A---- C:\Windows\system32\quartz.dll
2013-01-27 23:18:17 ----A---- C:\Windows\system32\qdvd.dll
2013-01-27 23:18:13 ----A---- C:\Windows\system32\secproc_isv.dll
2013-01-27 23:18:12 ----A---- C:\Windows\system32\secproc.dll
2013-01-27 23:18:11 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-01-27 23:18:10 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-01-27 23:18:10 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\RMActivate.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\msdrm.dll
2013-01-27 23:18:06 ----A---- C:\Windows\system32\winhttp.dll
2013-01-27 23:18:01 ----A---- C:\Windows\system32\UIAutomationCore.dll
2013-01-27 23:18:01 ----A---- C:\Windows\system32\oleaccrc.dll
2013-01-27 23:18:01 ----A---- C:\Windows\system32\oleacc.dll
2013-01-27 23:17:58 ----A---- C:\Windows\system32\oleaut32.dll
2013-01-27 23:17:45 ----A---- C:\Windows\system32\msxml3.dll
2013-01-27 23:17:15 ----A---- C:\Windows\system32\xmllite.dll
2013-01-27 23:17:12 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-01-27 23:17:11 ----A---- C:\Windows\system32\msasn1.dll
2013-01-27 23:17:08 ----A---- C:\Windows\system32\rpcrt4.dll
2013-01-27 23:17:03 ----A---- C:\Windows\system32\mstscax.dll
2013-01-27 23:17:02 ----A---- C:\Windows\system32\mstsc.exe
2013-01-27 23:16:41 ----A---- C:\Windows\system32\WSDApi.dll
2013-01-27 23:16:38 ----A---- C:\Windows\system32\rastls.dll
2013-01-27 23:15:49 ----A---- C:\Windows\system32\comctl32.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\wdigest.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\schannel.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\msv1_0.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\lsasrv.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-01-27 23:15:42 ----A---- C:\Windows\system32\secur32.dll
2013-01-27 23:15:42 ----A---- C:\Windows\system32\lsass.exe
2013-01-27 23:15:40 ----A---- C:\Windows\system32\msshsq.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\tsbyuv.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\msyuv.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\msvidc32.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\msrle32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\msvfw32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\mciavi32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\iyuv_32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\avifil32.dll
2013-01-27 23:15:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-01-27 23:15:30 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-01-27 23:15:28 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-01-27 23:15:13 ----A---- C:\Windows\system32\unregmp2.exe
2013-01-27 23:15:08 ----A---- C:\Windows\system32\spwmp.dll
2013-01-27 23:15:08 ----A---- C:\Windows\system32\dxmasf.dll
2013-01-27 22:58:43 ----A---- C:\Windows\system32\cabview.dll
2013-01-27 22:58:31 ----A---- C:\Windows\system32\rdpencom.dll
2013-01-12 12:22:11 ----D---- C:\Program Files\GOG.com

======List of files/folders modified in the last 1 month======

2013-02-08 21:56:25 ----D---- C:\Windows\Temp
2013-02-08 21:56:19 ----RD---- C:\Program Files
2013-02-08 21:54:18 ----D---- C:\Windows\System32
2013-02-08 21:54:18 ----D---- C:\Windows\inf
2013-02-08 21:54:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-08 21:51:17 ----D---- C:\Windows\Prefetch
2013-02-08 21:51:12 ----A---- C:\Windows\system32\agremove.exe
2013-02-08 21:47:51 ----SHD---- C:\Config.Msi
2013-02-08 21:46:56 ----SHD---- C:\Windows\Installer
2013-02-08 21:45:36 ----D---- C:\Windows\Microsoft.NET
2013-02-08 21:43:52 ----RSD---- C:\Windows\assembly
2013-02-08 21:40:54 ----D---- C:\Windows\system32\en-US
2013-02-08 21:23:20 ----D---- C:\Windows\system32\drivers
2013-02-08 21:22:56 ----D---- C:\Windows\system32\Tasks
2013-02-08 21:22:35 ----D---- C:\Windows
2013-02-08 21:22:16 ----D---- C:\ProgramData\AVAST Software
2013-02-08 21:22:16 ----D---- C:\Program Files\AVAST Software
2013-02-08 21:22:14 ----SHD---- C:\System Volume Information
2013-02-08 20:59:26 ----D---- C:\Windows\Panther
2013-02-08 20:59:22 ----D---- C:\Windows\Logs
2013-02-08 20:59:22 ----D---- C:\Windows\Debug
2013-02-07 18:41:33 ----HD---- C:\ProgramData
2013-02-07 12:46:18 ----D---- C:\Program Files\The KMPlayer
2013-01-31 17:19:58 ----D---- C:\Users\Katka\AppData\Roaming\Babylon
2013-01-31 03:15:44 ----D---- C:\Users\Katka\AppData\Roaming\Skype
2013-01-30 03:04:31 ----D---- C:\Windows\system32\cs-CZ
2013-01-30 03:01:36 ----D---- C:\Program Files\Microsoft.NET
2013-01-29 03:35:53 ----D---- C:\Windows\rescache
2013-01-29 03:23:45 ----D---- C:\ProgramData\Skype
2013-01-29 03:23:29 ----D---- C:\Program Files\Common Files
2013-01-29 03:18:27 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-01-29 03:03:07 ----D---- C:\Windows\winsxs
2013-01-29 03:00:40 ----D---- C:\Windows\system32\catroot
2013-01-28 22:02:39 ----D---- C:\Windows\system32\catroot2
2013-01-28 04:21:59 ----D---- C:\Program Files\Windows Media Player
2013-01-28 04:21:58 ----D---- C:\Program Files\Windows Mail
2013-01-28 04:21:56 ----D---- C:\Windows\system32\wbem
2013-01-28 04:21:54 ----D---- C:\Windows\system32\zh-TW
2013-01-28 04:21:54 ----D---- C:\Windows\system32\zh-HK
2013-01-28 04:21:54 ----D---- C:\Windows\system32\zh-CN
2013-01-28 04:21:54 ----D---- C:\Windows\system32\uk-UA
2013-01-28 04:21:54 ----D---- C:\Windows\system32\tr-TR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\th-TH
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sv-SE
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sr-Latn-CS
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sl-SI
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sk-SK
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ru-RU
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ro-RO
2013-01-28 04:21:54 ----D---- C:\Windows\system32\pt-PT
2013-01-28 04:21:54 ----D---- C:\Windows\system32\pt-BR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\pl-PL
2013-01-28 04:21:54 ----D---- C:\Windows\system32\nl-NL
2013-01-28 04:21:54 ----D---- C:\Windows\system32\nb-NO
2013-01-28 04:21:54 ----D---- C:\Windows\system32\lv-LV
2013-01-28 04:21:54 ----D---- C:\Windows\system32\lt-LT
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ko-KR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ja-JP
2013-01-28 04:21:54 ----D---- C:\Windows\system32\it-IT
2013-01-28 04:21:54 ----D---- C:\Windows\system32\hu-HU
2013-01-28 04:21:54 ----D---- C:\Windows\system32\hr-HR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\he-IL
2013-01-28 04:21:54 ----D---- C:\Windows\system32\fr-FR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\fi-FI
2013-01-28 04:21:54 ----D---- C:\Windows\system32\et-EE
2013-01-28 04:21:54 ----D---- C:\Windows\system32\es-ES
2013-01-28 04:21:54 ----D---- C:\Windows\system32\el-GR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\de-DE
2013-01-28 04:21:54 ----D---- C:\Windows\system32\da-DK
2013-01-28 04:21:54 ----D---- C:\Windows\system32\bg-BG
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ar-SA
2013-01-28 04:21:52 ----D---- C:\Program Files\Windows Journal
2013-01-28 04:21:52 ----D---- C:\Program Files\Movie Maker
2013-01-28 04:21:46 ----D---- C:\Windows\ehome
2013-01-28 04:21:46 ----D---- C:\Windows\AppPatch
2013-01-28 04:21:45 ----RSD---- C:\Windows\Fonts
2013-01-28 04:21:44 ----RD---- C:\Windows\Offline Web Pages
2013-01-28 04:21:44 ----D---- C:\Windows\system32\migration
2013-01-28 04:21:44 ----D---- C:\Windows\PolicyDefinitions
2013-01-28 04:21:44 ----D---- C:\Program Files\Internet Explorer
2013-01-28 04:21:43 ----SD---- C:\Windows\Downloaded Program Files
2013-01-28 04:21:35 ----D---- C:\Program Files\Common Files\System
2013-01-28 04:21:31 ----D---- C:\Windows\system32\XPSViewer
2013-01-28 04:21:22 ----D---- C:\Windows\system32\drivers\UMDF
2013-01-28 03:01:08 ----D---- C:\Windows\SoftwareDistribution
2013-01-26 19:17:31 ----D---- C:\ProgramData\Adobe
2013-01-26 19:17:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2008-11-13 146464]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-02-17 1093632]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 113664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-28 2735504]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-01 9845472]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-25 15872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-03-17 140288]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-01 211488]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-14 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-26 251400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-14 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2012-07-09 770008]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

dodo677 · #2 Příspěvek od **dodo677** » 08 úno 2013 22:25

tak jedna hlaška ok....avast stávkuje stále...
log AdwCleaner :
# AdwCleaner v2.111 - Logfile created 02/08/2013 at 22:20:03
# Updated 05/02/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Katka - KATKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Katka\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\aid0il0i.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\aid0il0i.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Katka\Desktop\Search The Web.url
Folder Deleted : C:\Program Files\BS_Player
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Katka\AppData\Local\Conduit
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\Katka\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Katka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Katka\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Katka\AppData\Roaming\Ask.com
Folder Deleted : C:\Users\Katka\AppData\Roaming\Babylon
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Deleted : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registry] *****

Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A1B358F-152F-47CC-8CDE-6235C3BE1C95}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E519F022-F4EC-4686-8DBF-B3F6697A8EA8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\Software\PIP
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=6&barid={2CE72FB0-F4FC-11E1-A887-00261872D4C1} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?st=1&crg=3.1010000.10005&barid={2CE72FB0-F4FC-11E1-A887-00261872D4C1} --> hxxp://www.google.com

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\aid0il0i.default\prefs.js

Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=113932&tt=3512_7&babsrc=NT_ss&mntr[...]
Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=113932&tt=3512_7&babsrc=HP_s[...]
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=113932&tt=3512_[...]
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=113932&tt=3512_7&babsrc=KW_ss&mntrId=b21d[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={2CE7[...]

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Katka\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.8] : homepage = "hxxp://home.sweetim.com/?st=6&barid={2CE72FB0-F4FC-11E1-A887-00261872D4C1}",
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?st=6&barid={2CE72FB0-F4FC-11E1-A8[...]
Deleted [l.39] : keyword = "search.sweetim.com",
Deleted [l.42] : search_url = "hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={2CE72FB0[...]
Deleted [l.1587] : homepage = "hxxp://home.sweetim.com/?st=6&barid={2CE72FB0-F4FC-11E1-A887-00261872D4C1}",
Deleted [l.1708] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?st=6&barid={2CE72FB0-F4FC-11E1-A887-[...]

-\\ Opera v12.12.1707.0

File : C:\Users\Katka\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [23716 octets] - [08/02/2013 22:19:46]
AdwCleaner[S1].txt - [23201 octets] - [08/02/2013 22:20:03]

########## EOF - C:\AdwCleaner[S1].txt - [23262 octets] ##########

dodo677 · #3 Příspěvek od **dodo677** » 08 úno 2013 22:27

+ nové RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Katka at 2013-02-08 22:26:05
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 24 GB (15%) free of 153 GB
Total RAM: 3582 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:26:11, on 8.2.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Katka\Downloads\RSIT.exe
C:\Program Files\trend micro\Katka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6136 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-11 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{daf5b34c-1aa3-4c33-ae24-766a370635d2}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-01 13756960]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-28 7625248]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-14 496960]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-02-08 22:20:03 ----A---- C:\AdwCleaner[S1].txt
2013-02-08 22:19:46 ----A---- C:\AdwCleaner[R1].txt
2013-02-08 21:56:19 ----D---- C:\rsit
2013-02-08 21:56:19 ----D---- C:\Program Files\trend micro
2013-02-08 21:23:20 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-02-08 21:23:20 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-02-08 21:22:58 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-02-08 21:22:58 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2013-02-08 21:22:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-02-08 21:22:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-02-08 21:22:35 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-08 21:22:35 ----A---- C:\Windows\avastSS.scr
2013-02-08 20:55:33 ----D---- C:\Program Files\CCleaner
2013-02-08 18:05:15 ----ASH---- C:\hiberfil.sys
2013-01-31 17:33:12 ----D---- C:\Users\Katka\AppData\Roaming\BSplayer Pro
2013-01-31 17:33:12 ----D---- C:\Users\Katka\AppData\Roaming\BSplayer
2013-01-31 17:33:11 ----D---- C:\Program Files\Webteh
2013-01-29 03:23:29 ----RD---- C:\Program Files\Skype
2013-01-29 03:23:29 ----D---- C:\Program Files\Common Files\Skype
2013-01-28 22:03:06 ----A---- C:\Windows\system32\srvsvc.dll
2013-01-28 22:03:05 ----A---- C:\Windows\system32\netevent.dll
2013-01-28 22:03:00 ----A---- C:\Windows\system32\XpsPrint.dll
2013-01-28 22:02:46 ----A---- C:\Windows\system32\DWrite.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d3d10warp.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d3d10_1.dll
2013-01-28 22:02:45 ----A---- C:\Windows\system32\d2d1.dll
2013-01-28 04:21:56 ----D---- C:\Program Files\Windows Portable Devices
2013-01-28 04:21:31 ----D---- C:\Windows\system32\WindowsPowerShell
2013-01-28 03:47:02 ----A---- C:\Windows\system32\UIAnimation.dll
2013-01-28 03:46:59 ----A---- C:\Windows\system32\UIRibbonRes.dll
2013-01-28 03:46:58 ----A---- C:\Windows\system32\UIRibbon.dll
2013-01-28 03:45:27 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2013-01-28 03:45:26 ----A---- C:\Windows\system32\wpdbusenum.dll
2013-01-28 03:45:26 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2013-01-28 03:45:20 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2013-01-28 03:45:15 ----A---- C:\Windows\system32\WpdMtpUS.dll
2013-01-28 03:45:15 ----A---- C:\Windows\system32\WpdConns.dll
2013-01-28 03:45:15 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2013-01-28 03:45:14 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\wpdshext.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\WpdMtp.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\wpd_ci.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2013-01-28 03:45:14 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2013-01-28 03:45:13 ----A---- C:\Windows\system32\WPDSp.dll
2013-01-28 03:38:15 ----A---- C:\Windows\system32\wmi.dll
2013-01-28 03:38:15 ----A---- C:\Windows\system32\imagehlp.dll
2013-01-28 03:38:15 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-01-28 03:20:03 ----A---- C:\Windows\system32\wininet.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\urlmon.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-01-28 03:20:03 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-01-28 03:20:03 ----A---- C:\Windows\system32\msrating.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\msls31.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\mshtmler.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\jsproxy.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\ieui.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\iesysprep.dll
2013-01-28 03:20:03 ----A---- C:\Windows\system32\iertutil.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\wextract.exe
2013-01-28 03:20:02 ----A---- C:\Windows\system32\webcheck.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\vbscript.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\url.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\mshtmled.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\msfeeds.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\licmgr10.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\inseng.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iexpress.exe
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iesetup.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iernonce.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ieframe.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\iedkcs32.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ieapfltr.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ieapfltr.dat
2013-01-28 03:20:02 ----A---- C:\Windows\system32\ie4uinit.exe
2013-01-28 03:20:02 ----A---- C:\Windows\system32\icardie.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\dxtrans.dll
2013-01-28 03:20:02 ----A---- C:\Windows\system32\dxtmsft.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\pngfilt.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\occache.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\mshtml.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\mshta.exe
2013-01-28 03:20:01 ----A---- C:\Windows\system32\msfeedssync.exe
2013-01-28 03:20:01 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\jscript9.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\jscript.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\imgutil.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieUnatt.exe
2013-01-28 03:20:01 ----A---- C:\Windows\system32\iepeers.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieakui.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieaksie.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\ieakeng.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\advpack.dll
2013-01-28 03:20:01 ----A---- C:\Windows\system32\admparse.dll
2013-01-28 03:19:15 ----A---- C:\Windows\system32\mfmp4src.dll
2013-01-28 03:19:15 ----A---- C:\Windows\system32\MFHEAACdec.dll
2013-01-28 03:19:15 ----A---- C:\Windows\system32\MFH264Dec.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\stobject.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\shdocvw.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mfreadwrite.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mfps.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mfplat.dll
2013-01-28 03:19:14 ----A---- C:\Windows\system32\mf.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\XpsRasterService.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\dxgi.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-01-28 03:19:13 ----A---- C:\Windows\system32\d3d10level9.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\d3d10core.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\d3d10.dll
2013-01-28 03:19:13 ----A---- C:\Windows\system32\cdd.dll
2013-01-28 03:19:12 ----A---- C:\Windows\system32\xpsservices.dll
2013-01-28 03:19:12 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2013-01-28 03:19:12 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2013-01-28 03:19:12 ----A---- C:\Windows\system32\OpcServices.dll
2013-01-28 03:18:35 ----A---- C:\Windows\system32\WMPhoto.dll
2013-01-28 03:18:35 ----A---- C:\Windows\system32\dxdiagn.dll
2013-01-28 03:18:35 ----A---- C:\Windows\system32\dxdiag.exe
2013-01-28 03:18:35 ----A---- C:\Windows\system32\d3d11.dll
2013-01-28 03:18:34 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-01-28 03:18:34 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-01-28 03:18:34 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2013-01-28 03:14:49 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-01-28 03:14:49 ----A---- C:\Windows\system32\PresentationHost.exe
2013-01-28 03:14:49 ----A---- C:\Windows\system32\netfxperf.dll
2013-01-28 03:14:49 ----A---- C:\Windows\system32\mscoree.dll
2013-01-28 03:14:48 ----A---- C:\Windows\system32\dfshim.dll
2013-01-28 03:13:30 ----A---- C:\Windows\system32\browserchoice.exe
2013-01-28 03:07:55 ----A---- C:\Windows\system32\nshhttp.dll
2013-01-28 03:07:53 ----A---- C:\Windows\system32\drivers\http.sys
2013-01-28 03:07:52 ----A---- C:\Windows\system32\httpapi.dll
2013-01-28 03:06:58 ----A---- C:\Windows\system32\Wdfres.dll
2013-01-28 03:06:52 ----A---- C:\Windows\system32\winusb.dll
2013-01-28 03:06:52 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-01-28 03:06:52 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-01-28 03:06:51 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-01-28 03:06:51 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-01-28 03:06:50 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-01-28 03:06:50 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-01-28 03:06:47 ----A---- C:\Windows\system32\WUDFx.dll
2013-01-28 03:06:47 ----A---- C:\Windows\system32\WUDFHost.exe
2013-01-28 03:06:47 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-01-28 03:02:50 ----A---- C:\Windows\system32\winrsmgr.dll
2013-01-28 03:02:34 ----A---- C:\Windows\system32\wsmprovhost.exe
2013-01-28 03:02:34 ----A---- C:\Windows\system32\winrshost.exe
2013-01-28 03:02:34 ----A---- C:\Windows\system32\winrs.exe
2013-01-28 03:02:32 ----A---- C:\Windows\system32\wsmplpxy.dll
2013-01-28 03:02:32 ----A---- C:\Windows\system32\winrssrv.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\WsmRes.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wevtfwd.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wecutil.exe
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wecsvc.dll
2013-01-28 03:02:31 ----A---- C:\Windows\system32\wecapi.dll
2013-01-28 03:02:29 ----A---- C:\Windows\system32\pwrshplugin.dll
2013-01-28 03:02:25 ----A---- C:\Windows\system32\winrm.vbs
2013-01-28 03:02:21 ----A---- C:\Windows\system32\WsmWmiPl.dll
2013-01-28 03:02:21 ----A---- C:\Windows\system32\WsmAuto.dll
2013-01-28 03:02:20 ----A---- C:\Windows\system32\WsmSvc.dll
2013-01-28 03:02:20 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2013-01-28 03:02:20 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2013-01-28 03:02:20 ----A---- C:\Windows\system32\winrscmd.dll
2013-01-28 03:01:14 ----A---- C:\Windows\system32\lpk.dll
2013-01-28 03:01:14 ----A---- C:\Windows\system32\dciman32.dll
2013-01-28 03:01:14 ----A---- C:\Windows\system32\atmfd.dll
2013-01-28 03:01:13 ----A---- C:\Windows\system32\fontsub.dll
2013-01-28 03:01:13 ----A---- C:\Windows\system32\atmlib.dll
2013-01-27 23:25:40 ----A---- C:\Windows\system32\wmp.dll
2013-01-27 23:25:36 ----A---- C:\Windows\system32\wmploc.DLL
2013-01-27 23:25:19 ----A---- C:\Windows\system32\usp10.dll
2013-01-27 23:25:13 ----A---- C:\Windows\system32\psisdecd.dll
2013-01-27 23:25:10 ----A---- C:\Windows\system32\odbc32.dll
2013-01-27 23:24:50 ----A---- C:\Windows\system32\netiohlp.dll
2013-01-27 23:24:49 ----A---- C:\Windows\system32\TCPSVCS.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\ROUTE.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\NETSTAT.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\MRINFO.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\HOSTNAME.EXE
2013-01-27 23:24:49 ----A---- C:\Windows\system32\finger.exe
2013-01-27 23:24:49 ----A---- C:\Windows\system32\ARP.EXE
2013-01-27 23:24:14 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-01-27 23:24:11 ----A---- C:\Windows\system32\wlanmsm.dll
2013-01-27 23:24:11 ----A---- C:\Windows\system32\L2SecHC.dll
2013-01-27 23:24:10 ----A---- C:\Windows\system32\wlansvc.dll
2013-01-27 23:24:10 ----A---- C:\Windows\system32\wlansec.dll
2013-01-27 23:24:10 ----A---- C:\Windows\system32\wlanapi.dll
2013-01-27 23:24:08 ----A---- C:\Windows\system32\winmm.dll
2013-01-27 23:24:08 ----A---- C:\Windows\system32\mciseq.dll
2013-01-27 23:24:07 ----A---- C:\Windows\system32\drivers\dfsc.sys
2013-01-27 23:23:59 ----A---- C:\Windows\system32\localspl.dll
2013-01-27 23:23:27 ----A---- C:\Windows\system32\mfc42u.dll
2013-01-27 23:23:26 ----A---- C:\Windows\system32\mfc42.dll
2013-01-27 23:23:24 ----A---- C:\Windows\system32\ntdll.dll
2013-01-27 23:23:20 ----A---- C:\Windows\system32\iccvid.dll
2013-01-27 23:22:54 ----A---- C:\Windows\system32\synceng.dll
2013-01-27 23:22:49 ----A---- C:\Windows\system32\WMVCORE.DLL
2013-01-27 23:22:46 ----A---- C:\Windows\system32\drivers\srv.sys
2013-01-27 23:22:44 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-01-27 23:22:44 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-01-27 23:22:44 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-01-27 23:22:41 ----A---- C:\Windows\system32\shell32.dll
2013-01-27 23:22:39 ----A---- C:\Windows\system32\win32k.sys
2013-01-27 23:22:38 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-01-27 23:22:38 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-01-27 23:22:38 ----A---- C:\Windows\system32\dnsapi.dll
2013-01-27 23:22:36 ----A---- C:\Windows\system32\asycfilt.dll
2013-01-27 23:22:33 ----A---- C:\Windows\system32\atl.dll
2013-01-27 23:22:30 ----A---- C:\Windows\system32\ole32.dll
2013-01-27 23:22:28 ----A---- C:\Windows\system32\EncDec.dll
2013-01-27 23:22:27 ----A---- C:\Windows\system32\spoolsv.exe
2013-01-27 23:22:15 ----A---- C:\Windows\system32\dpnsvr.exe
2013-01-27 23:22:15 ----A---- C:\Windows\system32\dpnet.dll
2013-01-27 23:22:13 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-01-27 23:22:11 ----A---- C:\Windows\system32\wkssvc.dll
2013-01-27 23:22:09 ----A---- C:\Windows\system32\t2embed.dll
2013-01-27 23:22:08 ----A---- C:\Windows\system32\drivers\afd.sys
2013-01-27 23:21:55 ----A---- C:\Windows\system32\shsvcs.dll
2013-01-27 23:21:49 ----A---- C:\Windows\system32\sdclt.exe
2013-01-27 23:21:48 ----A---- C:\Windows\system32\drivers\volsnap.sys
2013-01-27 23:21:47 ----A---- C:\Windows\system32\netapi32.dll
2013-01-27 23:21:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-01-27 23:21:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-01-27 23:21:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-01-27 23:21:33 ----A---- C:\Windows\system32\MP4SDECD.DLL
2013-01-27 23:21:21 ----A---- C:\Windows\system32\FntCache.dll
2013-01-27 23:21:20 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-01-27 23:21:10 ----A---- C:\Windows\system32\packager.dll
2013-01-27 23:21:08 ----A---- C:\Windows\system32\mfc40u.dll
2013-01-27 23:21:08 ----A---- C:\Windows\system32\mfc40.dll
2013-01-27 23:20:13 ----A---- C:\Windows\system32\rtutils.dll
2013-01-27 23:20:09 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-27 23:19:58 ----A---- C:\Windows\system32\winsrv.dll
2013-01-27 23:19:55 ----A---- C:\Windows\system32\msvcrt.dll
2013-01-27 23:19:50 ----A---- C:\Windows\system32\gameux.dll
2013-01-27 23:19:49 ----A---- C:\Windows\system32\Apphlpdm.dll
2013-01-27 23:19:48 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2013-01-27 23:19:43 ----A---- C:\Windows\system32\kerberos.dll
2013-01-27 23:19:37 ----A---- C:\Windows\system32\kernel32.dll
2013-01-27 23:19:34 ----A---- C:\Windows\system32\crypt32.dll
2013-01-27 23:19:33 ----A---- C:\Windows\system32\cryptsvc.dll
2013-01-27 23:19:33 ----A---- C:\Windows\system32\cryptnet.dll
2013-01-27 23:19:23 ----A---- C:\Windows\system32\wmpmde.dll
2013-01-27 23:19:21 ----A---- C:\Windows\system32\sbe.dll
2013-01-27 23:19:20 ----A---- C:\Windows\system32\sbeio.dll
2013-01-27 23:19:13 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-01-27 23:19:13 ----A---- C:\Windows\system32\drivers\tunnel.sys
2013-01-27 23:19:13 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-01-27 23:18:58 ----A---- C:\Windows\system32\taskschd.dll
2013-01-27 23:18:58 ----A---- C:\Windows\system32\schedsvc.dll
2013-01-27 23:18:57 ----A---- C:\Windows\system32\wmicmiplugin.dll
2013-01-27 23:18:57 ----A---- C:\Windows\system32\taskeng.exe
2013-01-27 23:18:56 ----A---- C:\Windows\system32\taskcomp.dll
2013-01-27 23:18:54 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-27 23:18:53 ----A---- C:\Windows\system32\wintrust.dll
2013-01-27 23:18:52 ----A---- C:\Windows\system32\inetcomm.dll
2013-01-27 23:18:43 ----A---- C:\Windows\system32\consent.exe
2013-01-27 23:18:40 ----A---- C:\Windows\system32\tzres.dll
2013-01-27 23:18:32 ----A---- C:\Windows\system32\msxml6.dll
2013-01-27 23:18:31 ----A---- C:\Windows\system32\csrsrv.dll
2013-01-27 23:18:23 ----A---- C:\Windows\system32\wmpdxm.dll
2013-01-27 23:18:17 ----A---- C:\Windows\system32\quartz.dll
2013-01-27 23:18:17 ----A---- C:\Windows\system32\qdvd.dll
2013-01-27 23:18:13 ----A---- C:\Windows\system32\secproc_isv.dll
2013-01-27 23:18:12 ----A---- C:\Windows\system32\secproc.dll
2013-01-27 23:18:11 ----A---- C:\Windows\system32\RMActivate_isv.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2013-01-27 23:18:10 ----A---- C:\Windows\system32\secproc_ssp.dll
2013-01-27 23:18:10 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\RMActivate.exe
2013-01-27 23:18:10 ----A---- C:\Windows\system32\msdrm.dll
2013-01-27 23:18:06 ----A---- C:\Windows\system32\winhttp.dll
2013-01-27 23:18:01 ----A---- C:\Windows\system32\UIAutomationCore.dll
2013-01-27 23:18:01 ----A---- C:\Windows\system32\oleaccrc.dll
2013-01-27 23:18:01 ----A---- C:\Windows\system32\oleacc.dll
2013-01-27 23:17:58 ----A---- C:\Windows\system32\oleaut32.dll
2013-01-27 23:17:45 ----A---- C:\Windows\system32\msxml3.dll
2013-01-27 23:17:15 ----A---- C:\Windows\system32\xmllite.dll
2013-01-27 23:17:12 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-01-27 23:17:11 ----A---- C:\Windows\system32\msasn1.dll
2013-01-27 23:17:08 ----A---- C:\Windows\system32\rpcrt4.dll
2013-01-27 23:17:03 ----A---- C:\Windows\system32\mstscax.dll
2013-01-27 23:17:02 ----A---- C:\Windows\system32\mstsc.exe
2013-01-27 23:16:41 ----A---- C:\Windows\system32\WSDApi.dll
2013-01-27 23:16:38 ----A---- C:\Windows\system32\rastls.dll
2013-01-27 23:15:49 ----A---- C:\Windows\system32\comctl32.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\wdigest.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\schannel.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\msv1_0.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\lsasrv.dll
2013-01-27 23:15:43 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-01-27 23:15:42 ----A---- C:\Windows\system32\secur32.dll
2013-01-27 23:15:42 ----A---- C:\Windows\system32\lsass.exe
2013-01-27 23:15:40 ----A---- C:\Windows\system32\msshsq.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\tsbyuv.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\msyuv.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\msvidc32.dll
2013-01-27 23:15:36 ----A---- C:\Windows\system32\msrle32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\msvfw32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\mciavi32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\iyuv_32.dll
2013-01-27 23:15:35 ----A---- C:\Windows\system32\avifil32.dll
2013-01-27 23:15:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-01-27 23:15:30 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-01-27 23:15:28 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2013-01-27 23:15:13 ----A---- C:\Windows\system32\unregmp2.exe
2013-01-27 23:15:08 ----A---- C:\Windows\system32\spwmp.dll
2013-01-27 23:15:08 ----A---- C:\Windows\system32\dxmasf.dll
2013-01-27 22:58:43 ----A---- C:\Windows\system32\cabview.dll
2013-01-27 22:58:31 ----A---- C:\Windows\system32\rdpencom.dll
2013-01-12 12:22:11 ----D---- C:\Program Files\GOG.com

======List of files/folders modified in the last 1 month======

2013-02-08 22:26:09 ----D---- C:\Windows\Temp
2013-02-08 22:24:35 ----D---- C:\Windows\System32
2013-02-08 22:24:29 ----A---- C:\Windows\system32\agremove.exe
2013-02-08 22:20:07 ----SHD---- C:\Windows\Installer
2013-02-08 22:20:07 ----RD---- C:\Program Files
2013-02-08 22:20:06 ----HD---- C:\ProgramData
2013-02-08 22:17:19 ----D---- C:\Windows\Microsoft.NET
2013-02-08 22:17:16 ----D---- C:\Users\Katka\AppData\Roaming\Skype
2013-02-08 22:07:19 ----D---- C:\Windows\Prefetch
2013-02-08 22:06:06 ----D---- C:\Windows\inf
2013-02-08 22:06:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-08 21:47:51 ----SHD---- C:\Config.Msi
2013-02-08 21:43:52 ----RSD---- C:\Windows\assembly
2013-02-08 21:40:54 ----D---- C:\Windows\system32\en-US
2013-02-08 21:23:20 ----D---- C:\Windows\system32\drivers
2013-02-08 21:22:56 ----D---- C:\Windows\system32\Tasks
2013-02-08 21:22:35 ----D---- C:\Windows
2013-02-08 21:22:16 ----D---- C:\ProgramData\AVAST Software
2013-02-08 21:22:16 ----D---- C:\Program Files\AVAST Software
2013-02-08 21:22:14 ----SHD---- C:\System Volume Information
2013-02-08 20:59:26 ----D---- C:\Windows\Panther
2013-02-08 20:59:22 ----D---- C:\Windows\Logs
2013-02-08 20:59:22 ----D---- C:\Windows\Debug
2013-02-07 12:46:18 ----D---- C:\Program Files\The KMPlayer
2013-01-30 03:04:31 ----D---- C:\Windows\system32\cs-CZ
2013-01-30 03:01:36 ----D---- C:\Program Files\Microsoft.NET
2013-01-29 03:35:53 ----D---- C:\Windows\rescache
2013-01-29 03:23:45 ----D---- C:\ProgramData\Skype
2013-01-29 03:23:29 ----D---- C:\Program Files\Common Files
2013-01-29 03:18:27 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-01-29 03:03:07 ----D---- C:\Windows\winsxs
2013-01-29 03:00:40 ----D---- C:\Windows\system32\catroot
2013-01-28 22:02:39 ----D---- C:\Windows\system32\catroot2
2013-01-28 04:21:59 ----D---- C:\Program Files\Windows Media Player
2013-01-28 04:21:58 ----D---- C:\Program Files\Windows Mail
2013-01-28 04:21:56 ----D---- C:\Windows\system32\wbem
2013-01-28 04:21:54 ----D---- C:\Windows\system32\zh-TW
2013-01-28 04:21:54 ----D---- C:\Windows\system32\zh-HK
2013-01-28 04:21:54 ----D---- C:\Windows\system32\zh-CN
2013-01-28 04:21:54 ----D---- C:\Windows\system32\uk-UA
2013-01-28 04:21:54 ----D---- C:\Windows\system32\tr-TR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\th-TH
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sv-SE
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sr-Latn-CS
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sl-SI
2013-01-28 04:21:54 ----D---- C:\Windows\system32\sk-SK
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ru-RU
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ro-RO
2013-01-28 04:21:54 ----D---- C:\Windows\system32\pt-PT
2013-01-28 04:21:54 ----D---- C:\Windows\system32\pt-BR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\pl-PL
2013-01-28 04:21:54 ----D---- C:\Windows\system32\nl-NL
2013-01-28 04:21:54 ----D---- C:\Windows\system32\nb-NO
2013-01-28 04:21:54 ----D---- C:\Windows\system32\lv-LV
2013-01-28 04:21:54 ----D---- C:\Windows\system32\lt-LT
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ko-KR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ja-JP
2013-01-28 04:21:54 ----D---- C:\Windows\system32\it-IT
2013-01-28 04:21:54 ----D---- C:\Windows\system32\hu-HU
2013-01-28 04:21:54 ----D---- C:\Windows\system32\hr-HR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\he-IL
2013-01-28 04:21:54 ----D---- C:\Windows\system32\fr-FR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\fi-FI
2013-01-28 04:21:54 ----D---- C:\Windows\system32\et-EE
2013-01-28 04:21:54 ----D---- C:\Windows\system32\es-ES
2013-01-28 04:21:54 ----D---- C:\Windows\system32\el-GR
2013-01-28 04:21:54 ----D---- C:\Windows\system32\de-DE
2013-01-28 04:21:54 ----D---- C:\Windows\system32\da-DK
2013-01-28 04:21:54 ----D---- C:\Windows\system32\bg-BG
2013-01-28 04:21:54 ----D---- C:\Windows\system32\ar-SA
2013-01-28 04:21:52 ----D---- C:\Program Files\Windows Journal
2013-01-28 04:21:52 ----D---- C:\Program Files\Movie Maker
2013-01-28 04:21:46 ----D---- C:\Windows\ehome
2013-01-28 04:21:46 ----D---- C:\Windows\AppPatch
2013-01-28 04:21:45 ----RSD---- C:\Windows\Fonts
2013-01-28 04:21:44 ----RD---- C:\Windows\Offline Web Pages
2013-01-28 04:21:44 ----D---- C:\Windows\system32\migration
2013-01-28 04:21:44 ----D---- C:\Windows\PolicyDefinitions
2013-01-28 04:21:44 ----D---- C:\Program Files\Internet Explorer
2013-01-28 04:21:43 ----SD---- C:\Windows\Downloaded Program Files
2013-01-28 04:21:35 ----D---- C:\Program Files\Common Files\System
2013-01-28 04:21:31 ----D---- C:\Windows\system32\XPSViewer
2013-01-28 04:21:22 ----D---- C:\Windows\system32\drivers\UMDF
2013-01-28 03:01:08 ----D---- C:\Windows\SoftwareDistribution
2013-01-26 19:17:31 ----D---- C:\ProgramData\Adobe
2013-01-26 19:17:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2008-11-13 146464]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-02-17 1093632]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 113664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-28 2735504]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-05-01 9845472]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-25 15872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-03-17 140288]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-01 211488]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-14 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-26 251400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-14 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2012-07-09 770008]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

dodo677 · #4 Příspěvek od **dodo677** » 08 úno 2013 23:06

log z combofixu:
ComboFix 13-02-07.02 - Katka 08.02.2013 22:48:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3582.2214 [GMT 1:00]
Spuštěný z: c:\users\Katka\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\550834028.pad
.
c:\windows\System32\autochk.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-08 do 2013-02-08 )))))))))))))))))))))))))))))))
.
.
2013-02-08 21:58 . 2013-02-08 21:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-08 20:56 . 2013-02-08 21:26 -------- d-----w- c:\program files\trend micro
2013-02-08 20:56 . 2013-02-08 20:56 -------- d-----w- C:\rsit
2013-02-08 20:23 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-08 20:23 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-08 20:22 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-08 20:22 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-08 20:22 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-08 20:22 . 2012-10-30 22:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-08 20:22 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-08 20:22 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-08 20:19 . 2013-02-08 20:21 -------- d-----w- c:\users\Katka\AppData\Local\Nová složka
2013-02-08 20:01 . 2013-02-08 20:01 38452 ----a-w- C:\cc_20130208_210103.reg
2013-02-08 19:55 . 2013-02-08 19:55 -------- d-----w- c:\program files\CCleaner
2013-02-06 07:21 . 2013-02-06 07:21 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4B869C4-60EC-4B62-A943-011F7BC02BBC}\offreg.dll
2013-02-05 21:40 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4B869C4-60EC-4B62-A943-011F7BC02BBC}\mpengine.dll
2013-01-31 16:33 . 2013-01-31 18:34 -------- d-----w- c:\users\Katka\AppData\Roaming\BSplayer
2013-01-31 16:33 . 2013-01-31 16:33 -------- d-----w- c:\users\Katka\AppData\Roaming\BSplayer Pro
2013-01-31 16:33 . 2013-01-31 16:33 -------- d-----w- c:\program files\Webteh
2013-01-29 02:23 . 2013-01-29 02:23 -------- d-----r- c:\program files\Skype
2013-01-29 02:23 . 2013-01-29 02:23 -------- d-----w- c:\program files\Common Files\Skype
2013-01-28 21:03 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2013-01-28 21:03 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2013-01-28 21:03 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-28 21:02 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-01-28 21:02 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-28 21:02 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-28 21:02 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-28 21:02 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-01-28 03:21 . 2013-01-28 03:21 -------- d-----w- c:\program files\Windows Portable Devices
2013-01-28 02:47 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-28 02:46 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2013-01-28 02:46 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2013-01-28 02:38 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2013-01-28 02:38 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-01-28 02:38 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-01-28 02:19 . 2013-01-28 02:19 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-01-28 02:18 . 2013-01-28 02:18 519680 ----a-w- c:\windows\system32\d3d11.dll
2013-01-28 02:18 . 2013-01-28 02:18 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-28 02:18 . 2013-01-28 02:18 252928 ----a-w- c:\windows\system32\dxdiag.exe
2013-01-28 02:18 . 2013-01-28 02:18 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2013-01-28 02:18 . 2013-01-28 02:18 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-28 02:18 . 2013-01-28 02:18 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-01-28 02:18 . 2013-01-28 02:18 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-28 02:14 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-01-28 02:14 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-01-28 02:14 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-01-28 02:14 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-01-28 02:14 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-01-28 02:13 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2013-01-28 02:07 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2013-01-28 02:07 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2013-01-28 02:07 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2013-01-28 02:06 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-28 02:06 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-28 02:06 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-28 02:06 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2013-01-28 02:06 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-28 02:06 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-28 02:06 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-28 02:06 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-28 02:06 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-28 02:06 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-28 02:06 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-28 02:01 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-01-28 02:01 . 2009-06-15 14:52 23552 ----a-w- c:\windows\system32\lpk.dll
2013-01-28 02:01 . 2009-06-15 14:51 10240 ----a-w- c:\windows\system32\dciman32.dll
2013-01-28 02:01 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-28 02:01 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2013-01-27 22:24 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll
2013-01-27 22:23 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2013-01-27 22:23 . 2011-03-10 17:03 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2013-01-27 22:23 . 2011-03-10 17:03 1136640 ----a-w- c:\windows\system32\mfc42.dll
2013-01-27 22:23 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-01-27 22:23 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2013-01-27 22:23 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2013-01-27 22:20 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2013-01-27 22:20 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-27 22:18 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2013-01-27 22:17 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-27 22:17 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2013-01-27 22:17 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-01-27 22:17 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2013-01-27 22:17 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2013-01-27 22:17 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-01-27 22:17 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2013-01-27 22:16 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-01-27 22:16 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2013-01-27 22:16 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2013-01-27 21:58 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2013-01-27 21:58 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-01-12 11:22 . 2013-01-12 11:22 -------- d-----w- c:\program files\GOG.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 21:24 . 2012-08-10 14:08 44544 ----a-w- c:\windows\system32\agremove.exe
2013-01-28 02:18 . 2013-01-28 02:18 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2013-01-26 18:17 . 2012-08-10 14:05 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 18:17 . 2012-08-10 14:05 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28 . 2012-08-15 00:12 232336 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-01 13756960]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-28 7625248]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-14 496960]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2012-8-10 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 20:33 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-10 18:17]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-14 17:17]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-14 17:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-08 22:58
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\users\Katka\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-02-08 23:00:34
ComboFix-quarantined-files.txt 2013-02-08 22:00
.
Před spuštěním: Volných bajtů: 24 506 322 944
Po spuštění: Volných bajtů: 24 495 091 712
.
- - End Of File - - D27FCE458A9356982A594F84001D46EC

dodo677 · #5 Příspěvek od **dodo677** » 08 úno 2013 23:08

a ten mbrscan odmítá spolupracovat.... jak pustim report tak se sekne....

dodo677 · #6 Příspěvek od **dodo677** » 08 úno 2013 23:21

http://leteckaposta.cz/855838753
na + https://www.virustotal.com/file/e210e94 ... 360361825/

VIRY.CZ

Vir policie čr+ stavkujici avast?

Vir policie čr+ stavkujici avast?

Re: Vir policie čr+ stavkujici avast?

Re: Vir policie čr+ stavkujici avast?

Re: Vir policie čr+ stavkujici avast?

Re: Vir policie čr+ stavkujici avast?

Re: Vir policie čr+ stavkujici avast?