prosím o kontrolu výpisu Vyřešeno

[evolution]

zdravím, občas sa mi stane na ploche vidieť šikmo pruhy cez celú obrazovku nechápem tomu predtým som si odinštaloval straré(od výrobcu boli na inú grafiku) a nainštaloval som najnovšie, ide to oveľá lepšie ale nwm nemalo by to robiť..

a mám ďalší problém používam programy na úpravu filesystem SEčiek(Far Manager a A2Uploader) pri 1. spustení programu funguje 2x už nejde, reštart. ntb zase to isté 1x ide, 2x nejde pripojiť k mobilu, dnes som inštaloval MyPhoneExplorer tak myslím že je v tom probém-odinšt. som ho a zase to isté 1x spustí, 2xnejde


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:46:20, on 15. 1. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ppcb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://packardbell.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ppcb&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll (file missing)
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13065 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[evolution]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzia databázy: 5533

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16. 1. 2011 20:55:40
mbam-log-2011-01-16 (20-55-40).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 154742
Uplynutý čas: 42 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

[memphisto]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[evolution]

ComboFix 11-01-15.01 - tomas999 . 01. 2011 21:15:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3959.2650 [GMT 1:00]
Running from: c:\users\tomas999\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Outdated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
SP: Kaspersky Anti-Virus *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\hpe62B8.dll
c:\users\tomas999\AppData\Roaming\chrtmp
E:\install.exe

.
((((((((((((((((((((((((( Files Created from 2010-12-16 to 2011-01-16 )))))))))))))))))))))))))))))))
.

2011-01-16 20:21 . 2011-01-16 20:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-16 19:50 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-16 19:50 . 2011-01-16 19:50 -------- d-----w- c:\programdata\Malwarebytes
2011-01-16 19:50 . 2011-01-16 19:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-16 19:50 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 13:52 . 2011-01-16 13:52 -------- d-----w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2011-01-15 23:42 . 2011-01-15 23:46 -------- d-----w- C:\Setup_SeImageTool_v2.6_Beta_7
2011-01-15 23:20 . 2009-10-15 11:44 809560 ----a-r- c:\windows\SysWow64\tmp3835.tmp
2011-01-15 23:18 . 2011-01-15 23:18 -------- d-----w- c:\program files (x86)\SE Image Tool
2011-01-15 23:18 . 2009-10-15 11:44 809560 ----a-r- c:\windows\SysWow64\tmp3834.tmp
2011-01-15 23:03 . 2011-01-15 23:03 -------- d-----w- c:\program files (x86)\Codemasters
2011-01-15 18:39 . 2011-01-15 18:39 -------- d-----w- c:\program files (x86)\Trend Micro
2011-01-14 20:34 . 2011-01-14 20:34 -------- d-----w- c:\program files (x86)\VideoLAN
2011-01-14 13:32 . 2011-01-14 13:32 -------- d-----w- c:\program files (x86)\oZone3D
2011-01-14 13:03 . 2011-01-14 13:03 -------- d-----w- c:\program files (x86)\OCCT
2011-01-14 12:15 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B21B4567-8F92-4851-BDD1-7FA4373699B5}\mpengine.dll
2011-01-13 02:00 . 2011-01-13 02:00 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-01-12 01:30 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system\FM20.DLL
2011-01-12 01:30 . 2006-10-26 22:10 33088 ----a-w- c:\windows\system\FM20ENU.DLL
2011-01-12 01:30 . 2000-04-04 01:05 118784 ----a-w- c:\windows\system\msstdfmt.dll
2011-01-11 19:17 . 2011-01-16 13:29 -------- d-----w- c:\programdata\Codemasters
2011-01-11 18:31 . 2009-10-15 11:44 809560 ----a-r- c:\windows\SysWow64\tmpF43D.tmp
2011-01-10 18:50 . 2010-06-15 00:49 212240 ----a-w- c:\windows\system32\richtx32.ocx
2011-01-10 18:50 . 2000-04-04 01:05 118784 ----a-w- c:\windows\system32\msstdfmt.dll
2011-01-10 18:50 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2011-01-10 18:50 . 2010-09-12 16:10 1351392 ----a-w- c:\windows\system32\COMCTL32.OCX
2011-01-10 12:18 . 2011-01-10 12:18 -------- d-----w- c:\program files (x86)\2K Games
2011-01-09 00:32 . 2011-01-09 00:32 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-01-07 13:38 . 2011-01-07 13:38 -------- d-----w- C:\Nový priečinok
2011-01-07 11:30 . 2011-01-14 17:00 -------- d-----w- c:\program files (x86)\METRO 2033
2011-01-07 00:21 . 2011-01-13 20:04 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-07 00:04 . 2011-01-16 13:52 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-01-06 23:16 . 2011-01-07 00:56 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-01-06 16:02 . 2011-01-13 20:02 -------- d-----w- C:\NVIDIA
2011-01-06 16:00 . 2011-01-06 16:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-01-06 16:00 . 2011-01-06 16:00 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-01-06 16:00 . 2011-01-06 16:00 -------- d-----w- c:\program files (x86)\Java
2011-01-06 14:27 . 2011-01-06 14:27 0 ----a-w- c:\windows\SysWow64\sho274.tmp
2011-01-05 01:53 . 2011-01-05 01:53 0 ----a-w- c:\windows\SysWow64\sho31A2.tmp
2011-01-04 22:21 . 2011-01-04 22:21 -------- d-sh--w- c:\windows\ftpcache
2011-01-04 20:38 . 2011-01-04 21:10 -------- d-----w- c:\program files (x86)\Left 4 Dead 2
2011-01-04 13:00 . 2011-01-04 13:00 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-01-03 13:17 . 2011-01-03 13:17 -------- d-----w- c:\program files (x86)\SteelSeries
2011-01-02 16:56 . 2010-10-28 11:23 2807936 ----a-w- c:\windows\system32\BootMan.exe
2011-01-02 16:56 . 2010-10-28 11:23 2217088 ----a-w- c:\windows\SysWow64\BootMan.exe
2011-01-02 16:56 . 2010-07-15 07:44 9096 ----a-w- c:\windows\system32\EuGdiDrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 86408 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2011-01-02 16:56 . 2010-07-15 07:44 8456 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 16776 ----a-w- c:\windows\system32\epmntdrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 14216 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 11264 ----a-w- c:\windows\system32\EuEpmGdi.dll
2011-01-02 16:56 . 2010-07-15 07:44 100232 ----a-w- c:\windows\system32\setupempdrvx64.exe
2011-01-02 16:56 . 2010-07-15 07:44 14848 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2011-01-02 16:55 . 2011-01-02 16:55 -------- d-----w- c:\program files (x86)\EASEUS
2011-01-02 15:23 . 2011-01-02 15:23 -------- d-----w- c:\program files (x86)\PowerQuest
2011-01-02 14:21 . 2010-08-16 14:31 19936 ------w- c:\windows\system32\pwdrvio.sys
2011-01-02 14:21 . 2010-08-16 14:31 13280 ------w- c:\windows\system32\pwdspio.sys
2011-01-02 14:05 . 2011-01-02 14:11 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Professional Edition 5.2
2011-01-01 20:40 . 2011-01-01 20:40 0 ----a-w- c:\windows\SysWow64\sho6D87.tmp
2010-12-31 00:49 . 2010-12-31 00:49 0 ----a-w- c:\windows\SysWow64\shoC22C.tmp
2010-12-29 13:35 . 2010-12-29 13:35 0 ----a-w- c:\windows\SysWow64\sho7BE6.tmp
2010-12-29 12:05 . 2011-01-16 13:35 -------- d-----w- c:\program files (x86)\Activision
2010-12-28 23:07 . 2010-12-28 23:07 -------- d-----w- c:\program files (x86)\TeamViewer
2010-12-28 23:00 . 2010-12-28 23:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-28 23:00 . 2010-12-28 23:01 -------- d-----r- c:\program files (x86)\Skype
2010-12-28 23:00 . 2010-12-28 23:00 -------- d-----w- c:\programdata\Skype
2010-12-28 21:09 . 2010-12-28 21:09 -------- d-----w- c:\windows\Blackberry Phone Info Reader
2010-12-28 19:20 . 2010-12-28 19:20 0 ----a-w- c:\windows\SysWow64\sho7BBE.tmp
2010-12-26 21:52 . 2011-01-16 20:10 -------- d-----w- c:\programdata\Kaspersky Lab
2010-12-26 21:52 . 2010-12-26 21:52 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2010-12-26 21:51 . 2010-12-26 21:59 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-12-26 19:53 . 2010-12-26 19:53 -------- d-----w- c:\programdata\Atheros
2010-12-26 16:43 . 2010-10-19 09:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2010-12-26 15:31 . 2010-12-26 17:03 508472 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-12-26 15:14 . 2010-12-26 15:14 -------- d-----w- c:\program files (x86)\Sony Setup
2010-12-26 11:42 . 2010-12-26 11:42 -------- d-----w- c:\program files (x86)\Microsoft.NET
2010-12-26 11:41 . 2008-10-21 08:22 15912 ----a-w- c:\windows\system32\drivers\s0017whnt.sys
2010-12-26 11:41 . 2008-10-21 08:22 15912 ----a-w- c:\windows\system32\drivers\s0017wh.sys
2010-12-26 11:41 . 2008-10-21 08:22 34856 ----a-w- c:\windows\system32\drivers\s0017nd5.sys
2010-12-26 11:41 . 2008-10-21 08:22 145960 ----a-w- c:\windows\system32\drivers\s0017unic.sys
2010-12-26 11:41 . 2008-10-21 08:22 128552 ----a-w- c:\windows\system32\drivers\s0017obex.sys
2010-12-26 11:41 . 2008-10-21 08:22 19496 ----a-w- c:\windows\system32\drivers\s0017mdfl.sys
2010-12-26 11:41 . 2008-10-21 08:22 152616 ----a-w- c:\windows\system32\drivers\s0017mdm.sys
2010-12-26 11:41 . 2008-10-21 08:22 133160 ----a-w- c:\windows\system32\drivers\s0017mgmt.sys
2010-12-26 11:41 . 2008-10-21 08:22 14888 ----a-w- c:\windows\system32\drivers\s0017cmnt.sys
2010-12-26 11:41 . 2008-10-21 08:22 14888 ----a-w- c:\windows\system32\drivers\s0017cm.sys
2010-12-26 11:41 . 2008-10-21 08:22 13864 ----a-w- c:\windows\system32\drivers\s0017cr.sys
2010-12-26 11:41 . 2008-10-21 08:22 113704 ----a-w- c:\windows\system32\drivers\s0017bus.sys
2010-12-25 19:55 . 2011-01-16 19:45 -------- d-----w- c:\programdata\boost_interprocess
2010-12-25 19:17 . 2010-12-25 19:22 -------- d-----w- c:\programdata\VirtualizedApplications
2010-12-25 18:17 . 2010-12-25 18:17 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-25 18:17 . 2010-12-25 18:17 -------- d-----w- c:\windows\sk
2010-12-25 18:15 . 2010-12-25 18:15 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-25 18:15 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-12-25 18:15 . 2010-12-25 18:15 -------- d-----w- c:\program files\Windows Live
2010-12-25 18:14 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2010-12-25 18:14 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2010-12-25 18:14 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2010-12-25 18:14 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-12-25 17:30 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-12-25 17:30 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2010-12-25 17:30 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-25 17:30 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-25 17:30 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-12-25 17:30 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2010-12-25 17:30 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-24 17:01 . 2010-12-24 17:01 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2010-12-24 12:27 . 2010-12-24 12:27 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-24 12:27 . 2010-12-24 12:27 -------- d-----w- c:\windows\system32\Wat
2010-12-24 10:48 . 2010-12-24 10:48 -------- d-----w- c:\users\Public\OEM
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----w- C:\189551ccb481c7cb84
2010-12-24 10:15 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-24 10:15 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-24 10:15 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2010-12-24 10:15 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-24 10:15 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-24 10:15 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-24 10:15 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-12-24 10:15 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2010-12-24 10:15 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2010-12-24 10:15 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2010-12-24 10:15 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2010-12-24 10:11 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-24 10:11 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-23 20:48 . 2010-12-23 20:48 -------- d--h--w- c:\windows\PIF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 14:52 . 2010-11-18 14:52 2560 ----a-w- c:\windows\SysWow64\drivers\sk-SK\scfilter.sys.mui
2010-11-18 14:52 . 2010-11-18 14:52 47616 ----a-w- c:\windows\SysWow64\drivers\sk-SK\tcpip.sys.mui
2010-11-18 14:00 . 2010-09-16 11:56 6 ----a-w- c:\windows\system32\PLD_Framework.cmd
2010-11-02 05:16 . 2010-12-23 19:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-23 19:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:34 . 2010-12-23 19:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2009-12-08 774144]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-05-07 26211624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi5"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-07-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-07-29 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-07-29 295072]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-07-29 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-07-29 51872]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-07-29 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-12-09 13352]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-08-16 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-08-16 13280]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-24 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-26 508472]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-11-03 27152]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-07-29 28832]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.facemoods.com/?a=ppcb
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} -
FF - ProfilePath - c:\users\tomas999\AppData\Roaming\Mozilla\Firefox\Profiles\jdnodliz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.sk/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Auto Shutdown: amin.eft_Shutdown@gmail.com - %profile%\extensions\amin.eft_Shutdown@gmail.com
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
AddRemove-L4D2SP - c:\program files (x86)\Left 4 Dead 2\Uninstall.exe
AddRemove-Lišta Centrum.cz Toolbar_is1 - c:\program files (x86)\CentrumczToolbar\unins000.exe


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2081554988-1301133977-3948776033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-2081554988-1301133977-3948776033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-01-16 21:23:00
ComboFix-quarantined-files.txt 2011-01-16 20:22

Pre-Run: 18 733 445 120 bytes free
Post-Run: 18 954 518 528 bytes free

- - End Of File - - 8D1CC0B4376FD6B5BC8B21A5F48AE4E7

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\SysWow64\tmp3835.tmp
c:\windows\SysWow64\tmpF43D.tmp
c:\windows\SysWow64\sho274.tmp
c:\windows\SysWow64\sho31A2.tmp
c:\windows\SysWow64\sho6D87.tmp
c:\windows\SysWow64\shoC22C.tmp
c:\windows\SysWow64\sho7BE6.tmp
c:\windows\SysWow64\sho7BBE.tmp

DirLook::
c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
C:\189551ccb481c7cb84

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableUIADesktopToggle"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000

DDS::
uStart Page = hxxp://start.facemoods.com/?a=ppcb
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} -

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\system32\BootMan.exe
c:\windows\SysWow64\BootMan.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[evolution]

ďakujem za snahu

c:\windows\system32\BootMan.exe, http://www.virustotal.com/file-scan/rep ... 1295212062

c:\windows\SysWow64\BootMan.exe, http://www.virustotal.com/file-scan/rep ... 1295212325

ComboFix 11-01-16.02 - tomas999 . 01. 2011 22:16:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3959.2413 [GMT 1:00]
Running from: c:\users\tomas999\Desktop\ComboFix.exe
Command switches used :: c:\users\tomas999\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Outdated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
SP: Kaspersky Anti-Virus *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\SysWow64\sho274.tmp"
"c:\windows\SysWow64\sho31A2.tmp"
"c:\windows\SysWow64\sho6D87.tmp"
"c:\windows\SysWow64\sho7BBE.tmp"
"c:\windows\SysWow64\sho7BE6.tmp"
"c:\windows\SysWow64\shoC22C.tmp"
"c:\windows\SysWow64\tmp3835.tmp"
"c:\windows\SysWow64\tmpF43D.tmp"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\SysWow64\sho274.tmp
c:\windows\SysWow64\sho31A2.tmp
c:\windows\SysWow64\sho6D87.tmp
c:\windows\SysWow64\sho7BBE.tmp
c:\windows\SysWow64\sho7BE6.tmp
c:\windows\SysWow64\shoC22C.tmp
c:\windows\SysWow64\tmp3835.tmp
c:\windows\SysWow64\tmpF43D.tmp

.
((((((((((((((((((((((((( Files Created from 2010-12-16 to 2011-01-16 )))))))))))))))))))))))))))))))
.

2011-01-16 19:50 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-16 19:50 . 2011-01-16 19:50 -------- d-----w- c:\programdata\Malwarebytes
2011-01-16 19:50 . 2011-01-16 19:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-16 19:50 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 13:52 . 2011-01-16 13:52 -------- d-----w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2011-01-15 23:42 . 2011-01-15 23:46 -------- d-----w- C:\Setup_SeImageTool_v2.6_Beta_7
2011-01-15 23:18 . 2011-01-15 23:18 -------- d-----w- c:\program files (x86)\SE Image Tool
2011-01-15 23:18 . 2009-10-15 11:44 809560 ----a-r- c:\windows\SysWow64\tmp3834.tmp
2011-01-15 23:03 . 2011-01-15 23:03 -------- d-----w- c:\program files (x86)\Codemasters
2011-01-15 18:39 . 2011-01-15 18:39 -------- d-----w- c:\program files (x86)\Trend Micro
2011-01-14 20:34 . 2011-01-14 20:34 -------- d-----w- c:\program files (x86)\VideoLAN
2011-01-14 13:32 . 2011-01-14 13:32 -------- d-----w- c:\program files (x86)\oZone3D
2011-01-14 13:03 . 2011-01-14 13:03 -------- d-----w- c:\program files (x86)\OCCT
2011-01-14 12:15 . 2010-11-16 11:01 8199504 begin_of_the_skype_highlighting              01 8199504      end_of_the_skype_highlighting begin_of_the_skype_highlighting              01 8199504      end_of_the_skype_highlighting begin_of_the_skype_highlighting              01 8199504      end_of_the_skype_highlighting ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B21B4567-8F92-4851-BDD1-7FA4373699B5}\mpengine.dll
2011-01-13 02:00 . 2011-01-13 02:00 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-01-12 01:30 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system\FM20.DLL
2011-01-12 01:30 . 2006-10-26 22:10 33088 ----a-w- c:\windows\system\FM20ENU.DLL
2011-01-12 01:30 . 2000-04-04 01:05 118784 ----a-w- c:\windows\system\msstdfmt.dll
2011-01-11 19:17 . 2011-01-16 13:29 -------- d-----w- c:\programdata\Codemasters
2011-01-10 18:50 . 2010-06-15 00:49 212240 ----a-w- c:\windows\system32\richtx32.ocx
2011-01-10 18:50 . 2000-04-04 01:05 118784 ----a-w- c:\windows\system32\msstdfmt.dll
2011-01-10 18:50 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2011-01-10 18:50 . 2010-09-12 16:10 1351392 ----a-w- c:\windows\system32\COMCTL32.OCX
2011-01-10 12:18 . 2011-01-10 12:18 -------- d-----w- c:\program files (x86)\2K Games
2011-01-09 00:32 . 2011-01-09 00:32 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-01-07 13:38 . 2011-01-07 13:38 -------- d-----w- C:\Nový priečinok
2011-01-07 11:30 . 2011-01-14 17:00 -------- d-----w- c:\program files (x86)\METRO 2033
2011-01-07 00:21 . 2011-01-13 20:04 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-07 00:04 . 2011-01-16 13:52 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-01-06 23:16 . 2011-01-07 00:56 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-01-06 16:02 . 2011-01-13 20:02 -------- d-----w- C:\NVIDIA
2011-01-06 16:00 . 2011-01-06 16:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-01-06 16:00 . 2011-01-06 16:00 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-01-06 16:00 . 2011-01-06 16:00 -------- d-----w- c:\program files (x86)\Java
2011-01-04 22:21 . 2011-01-04 22:21 -------- d-sh--w- c:\windows\ftpcache
2011-01-04 20:38 . 2011-01-04 21:10 -------- d-----w- c:\program files (x86)\Left 4 Dead 2
2011-01-04 13:00 . 2011-01-04 13:00 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-01-03 13:17 . 2011-01-03 13:17 -------- d-----w- c:\program files (x86)\SteelSeries
2011-01-02 16:56 . 2010-10-28 11:23 2807936 ----a-w- c:\windows\system32\BootMan.exe
2011-01-02 16:56 . 2010-10-28 11:23 2217088 ----a-w- c:\windows\SysWow64\BootMan.exe
2011-01-02 16:56 . 2010-07-15 07:44 9096 ----a-w- c:\windows\system32\EuGdiDrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 86408 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2011-01-02 16:56 . 2010-07-15 07:44 8456 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 16776 ----a-w- c:\windows\system32\epmntdrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 14216 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 11264 ----a-w- c:\windows\system32\EuEpmGdi.dll
2011-01-02 16:56 . 2010-07-15 07:44 100232 ----a-w- c:\windows\system32\setupempdrvx64.exe
2011-01-02 16:56 . 2010-07-15 07:44 14848 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2011-01-02 16:55 . 2011-01-02 16:55 -------- d-----w- c:\program files (x86)\EASEUS
2011-01-02 15:23 . 2011-01-02 15:23 -------- d-----w- c:\program files (x86)\PowerQuest
2011-01-02 14:21 . 2010-08-16 14:31 19936 ------w- c:\windows\system32\pwdrvio.sys
2011-01-02 14:21 . 2010-08-16 14:31 13280 ------w- c:\windows\system32\pwdspio.sys
2011-01-02 14:05 . 2011-01-02 14:11 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Professional Edition 5.2
2010-12-29 12:38 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-12-29 12:05 . 2011-01-16 13:35 -------- d-----w- c:\program files (x86)\Activision
2010-12-28 23:07 . 2010-12-28 23:07 -------- d-----w- c:\program files (x86)\TeamViewer
2010-12-28 23:00 . 2010-12-28 23:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-28 23:00 . 2010-12-28 23:01 -------- d-----r- c:\program files (x86)\Skype
2010-12-28 23:00 . 2010-12-28 23:00 -------- d-----w- c:\programdata\Skype
2010-12-28 21:09 . 2010-12-28 21:09 -------- d-----w- c:\windows\Blackberry Phone Info Reader
2010-12-26 21:52 . 2011-01-16 20:10 -------- d-----w- c:\programdata\Kaspersky Lab
2010-12-26 21:52 . 2010-12-26 21:52 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2010-12-26 21:51 . 2010-12-26 21:59 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-12-26 19:53 . 2010-12-26 19:53 -------- d-----w- c:\programdata\Atheros
2010-12-26 16:43 . 2010-10-19 09:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2010-12-26 15:31 . 2010-12-26 17:03 508472 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-12-26 15:14 . 2010-12-26 15:14 -------- d-----w- c:\program files (x86)\Sony Setup
2010-12-26 11:42 . 2010-12-26 11:42 -------- d-----w- c:\program files (x86)\Microsoft.NET
2010-12-26 11:41 . 2008-10-21 08:22 15912 ----a-w- c:\windows\system32\drivers\s0017whnt.sys
2010-12-26 11:41 . 2008-10-21 08:22 15912 ----a-w- c:\windows\system32\drivers\s0017wh.sys
2010-12-26 11:41 . 2008-10-21 08:22 34856 ----a-w- c:\windows\system32\drivers\s0017nd5.sys
2010-12-26 11:41 . 2008-10-21 08:22 145960 ----a-w- c:\windows\system32\drivers\s0017unic.sys
2010-12-26 11:41 . 2008-10-21 08:22 128552 ----a-w- c:\windows\system32\drivers\s0017obex.sys
2010-12-26 11:41 . 2008-10-21 08:22 19496 ----a-w- c:\windows\system32\drivers\s0017mdfl.sys
2010-12-26 11:41 . 2008-10-21 08:22 152616 ----a-w- c:\windows\system32\drivers\s0017mdm.sys
2010-12-26 11:41 . 2008-10-21 08:22 133160 ----a-w- c:\windows\system32\drivers\s0017mgmt.sys
2010-12-26 11:41 . 2008-10-21 08:22 14888 ----a-w- c:\windows\system32\drivers\s0017cmnt.sys
2010-12-26 11:41 . 2008-10-21 08:22 14888 ----a-w- c:\windows\system32\drivers\s0017cm.sys
2010-12-26 11:41 . 2008-10-21 08:22 13864 ----a-w- c:\windows\system32\drivers\s0017cr.sys
2010-12-26 11:41 . 2008-10-21 08:22 113704 ----a-w- c:\windows\system32\drivers\s0017bus.sys
2010-12-25 19:55 . 2011-01-16 19:45 -------- d-----w- c:\programdata\boost_interprocess
2010-12-25 19:17 . 2010-12-25 19:22 -------- d-----w- c:\programdata\VirtualizedApplications
2010-12-25 18:17 . 2010-12-25 18:17 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-25 18:17 . 2010-12-25 18:17 -------- d-----w- c:\windows\sk
2010-12-25 18:15 . 2010-12-25 18:15 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-25 18:15 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-12-25 18:15 . 2010-12-25 18:15 -------- d-----w- c:\program files\Windows Live
2010-12-25 18:14 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2010-12-25 18:14 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2010-12-25 18:14 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2010-12-25 18:14 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-12-25 17:30 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-12-25 17:30 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2010-12-25 17:30 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-25 17:30 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-25 17:30 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-12-25 17:30 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2010-12-25 17:30 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-24 17:01 . 2010-12-24 17:01 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2010-12-24 12:27 . 2010-12-24 12:27 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-24 12:27 . 2010-12-24 12:27 -------- d-----w- c:\windows\system32\Wat
2010-12-24 10:48 . 2010-12-24 10:48 -------- d-----w- c:\users\Public\OEM
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----w- C:\189551ccb481c7cb84
2010-12-24 10:15 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-24 10:15 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-24 10:15 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2010-12-24 10:15 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-24 10:15 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-24 10:15 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-24 10:15 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-12-24 10:15 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2010-12-24 10:15 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2010-12-24 10:15 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2010-12-24 10:15 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2010-12-24 10:11 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-24 10:11 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-23 20:48 . 2010-12-23 20:48 -------- d--h--w- c:\windows\PIF
2010-12-23 20:47 . 2010-12-26 21:48 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2010-12-23 19:48 . 2010-08-16 14:31 801352 ----a-w- c:\windows\system32\pwNative.exe
2010-12-23 19:34 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-23 19:34 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-23 19:34 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2010-12-23 19:34 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2010-12-23 19:32 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2010-12-23 19:31 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 14:52 . 2010-11-18 14:52 2560 ----a-w- c:\windows\SysWow64\drivers\sk-SK\scfilter.sys.mui
2010-11-18 14:52 . 2010-11-18 14:52 47616 ----a-w- c:\windows\SysWow64\drivers\sk-SK\tcpip.sys.mui
2010-11-18 14:00 . 2010-09-16 11:56 6 ----a-w- c:\windows\system32\PLD_Framework.cmd
2010-11-02 05:16 . 2010-12-23 19:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-23 19:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:34 . 2010-12-23 19:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\189551ccb481c7cb84 ----


---- Directory of c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP ----

2011-01-16 13:52 . 2011-01-16 13:52 200704 ----a-w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP\WiseCustomCalla.dll


((((((((((((((((((((((((((((( SnapShot@2011-01-16_20.21.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-16 21:20 . 2011-01-16 21:20 13354 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-01-16 18:42 . 2011-01-16 18:42 13354 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 04:54 . 2011-01-16 21:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-01-16 21:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-16 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-16 21:21 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-16 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-23 19:18 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-23 19:18 . 2011-01-16 21:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-23 19:18 . 2011-01-16 21:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-23 19:18 . 2011-01-16 19:45 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-23 19:18 . 2011-01-16 21:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-23 19:18 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-23 06:04 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-23 06:04 . 2011-01-16 21:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-23 06:04 . 2011-01-16 21:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-23 06:04 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-16 19:44 . 2011-01-16 19:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-16 21:21 . 2011-01-16 21:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-16 21:21 . 2011-01-16 21:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-01-16 19:44 . 2011-01-16 19:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-01-16 18:42 234628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-01-16 21:20 234628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2009-12-08 774144]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-05-07 26211624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi5"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-07-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-07-29 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-07-29 295072]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-07-29 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-07-29 51872]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-07-29 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-12-09 13352]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-08-16 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-08-16 13280]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-24 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-26 508472]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-11-03 27152]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-07-29 28832]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://packardbell.msn.com
mLocal Page = %SystemRoot%\system32\blank.htm
FF - ProfilePath - c:\users\tomas999\AppData\Roaming\Mozilla\Firefox\Profiles\jdnodliz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.sk/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Auto Shutdown: amin.eft_Shutdown@gmail.com - %profile%\extensions\amin.eft_Shutdown@gmail.com
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2081554988-1301133977-3948776033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-2081554988-1301133977-3948776033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Completion time: 2011-01-16 22:26:22 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-16 21:26
ComboFix2.txt 2011-01-16 20:23

Pre-Run: 18 970 345 472 bytes free
Post-Run: 18 767 044 608 bytes free

- - End Of File - - 91DF26852E49337AA6DB9B5B8F85B564

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP

File::
c:\windows\SysWow64\tmp3834.tmp


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[evolution]

ComboFix 11-01-16.03 - tomas999 . 01. 2011 11:10:49.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3959.2576 [GMT 1:00]
Running from: c:\users\tomas999\Desktop\ComboFix.exe
Command switches used :: c:\users\tomas999\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Outdated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
SP: Kaspersky Anti-Virus *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\SysWow64\tmp3834.tmp"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP\WiseCustomCalla.dll
c:\windows\SysWow64\tmp3834.tmp

.
((((((((((((((((((((((((( Files Created from 2010-12-17 to 2011-01-17 )))))))))))))))))))))))))))))))
.

2011-01-17 10:15 . 2011-01-17 10:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-16 19:50 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-16 19:50 . 2011-01-16 19:50 -------- d-----w- c:\programdata\Malwarebytes
2011-01-16 19:50 . 2011-01-16 19:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-16 19:50 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-15 23:42 . 2011-01-15 23:46 -------- d-----w- C:\Setup_SeImageTool_v2.6_Beta_7
2011-01-15 23:18 . 2011-01-15 23:18 -------- d-----w- c:\program files (x86)\SE Image Tool
2011-01-15 23:03 . 2011-01-15 23:03 -------- d-----w- c:\program files (x86)\Codemasters
2011-01-15 18:39 . 2011-01-15 18:39 -------- d-----w- c:\program files (x86)\Trend Micro
2011-01-14 20:34 . 2011-01-14 20:34 -------- d-----w- c:\program files (x86)\VideoLAN
2011-01-14 13:32 . 2011-01-14 13:32 -------- d-----w- c:\program files (x86)\oZone3D
2011-01-14 13:03 . 2011-01-14 13:03 -------- d-----w- c:\program files (x86)\OCCT
2011-01-14 12:15 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B21B4567-8F92-4851-BDD1-7FA4373699B5}\mpengine.dll
2011-01-13 02:00 . 2011-01-13 02:00 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2011-01-12 01:30 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system\FM20.DLL
2011-01-12 01:30 . 2006-10-26 22:10 33088 ----a-w- c:\windows\system\FM20ENU.DLL
2011-01-12 01:30 . 2000-04-04 01:05 118784 ----a-w- c:\windows\system\msstdfmt.dll
2011-01-11 19:17 . 2011-01-16 13:29 -------- d-----w- c:\programdata\Codemasters
2011-01-10 18:50 . 2010-06-15 00:49 212240 ----a-w- c:\windows\system32\richtx32.ocx
2011-01-10 18:50 . 2000-04-04 01:05 118784 ----a-w- c:\windows\system32\msstdfmt.dll
2011-01-10 18:50 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2011-01-10 18:50 . 2010-09-12 16:10 1351392 ----a-w- c:\windows\system32\COMCTL32.OCX
2011-01-10 12:18 . 2011-01-10 12:18 -------- d-----w- c:\program files (x86)\2K Games
2011-01-09 00:32 . 2011-01-09 00:32 -------- d-----w- c:\program files (x86)\GIMP-2.0
2011-01-07 13:38 . 2011-01-07 13:38 -------- d-----w- C:\Nový priečinok
2011-01-07 11:30 . 2011-01-14 17:00 -------- d-----w- c:\program files (x86)\METRO 2033
2011-01-07 00:21 . 2011-01-13 20:04 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-01-07 00:04 . 2011-01-16 13:52 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-01-06 23:16 . 2011-01-07 00:56 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-01-06 16:02 . 2011-01-13 20:02 -------- d-----w- C:\NVIDIA
2011-01-06 16:00 . 2011-01-06 16:00 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-01-06 16:00 . 2011-01-06 16:00 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-01-06 16:00 . 2011-01-06 16:00 -------- d-----w- c:\program files (x86)\Java
2011-01-04 22:21 . 2011-01-04 22:21 -------- d-sh--w- c:\windows\ftpcache
2011-01-04 20:38 . 2011-01-04 21:10 -------- d-----w- c:\program files (x86)\Left 4 Dead 2
2011-01-04 13:00 . 2011-01-04 13:00 -------- d-----w- c:\program files (x86)\The KMPlayer
2011-01-03 13:17 . 2011-01-03 13:17 -------- d-----w- c:\program files (x86)\SteelSeries
2011-01-02 16:56 . 2010-10-28 11:23 2807936 ----a-w- c:\windows\system32\BootMan.exe
2011-01-02 16:56 . 2010-10-28 11:23 2217088 ----a-w- c:\windows\SysWow64\BootMan.exe
2011-01-02 16:56 . 2010-07-15 07:44 9096 ----a-w- c:\windows\system32\EuGdiDrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 86408 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2011-01-02 16:56 . 2010-07-15 07:44 8456 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 16776 ----a-w- c:\windows\system32\epmntdrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 14216 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2011-01-02 16:56 . 2010-07-15 07:44 11264 ----a-w- c:\windows\system32\EuEpmGdi.dll
2011-01-02 16:56 . 2010-07-15 07:44 100232 ----a-w- c:\windows\system32\setupempdrvx64.exe
2011-01-02 16:56 . 2010-07-15 07:44 14848 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2011-01-02 16:55 . 2011-01-02 16:55 -------- d-----w- c:\program files (x86)\EASEUS
2011-01-02 15:23 . 2011-01-02 15:23 -------- d-----w- c:\program files (x86)\PowerQuest
2011-01-02 14:21 . 2010-08-16 14:31 19936 ------w- c:\windows\system32\pwdrvio.sys
2011-01-02 14:21 . 2010-08-16 14:31 13280 ------w- c:\windows\system32\pwdspio.sys
2011-01-02 14:05 . 2011-01-02 14:11 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Professional Edition 5.2
2010-12-29 12:38 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-12-29 12:05 . 2011-01-16 13:35 -------- d-----w- c:\program files (x86)\Activision
2010-12-28 23:07 . 2010-12-28 23:07 -------- d-----w- c:\program files (x86)\TeamViewer
2010-12-28 23:00 . 2010-12-28 23:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2010-12-28 23:00 . 2010-12-28 23:01 -------- d-----r- c:\program files (x86)\Skype
2010-12-28 23:00 . 2010-12-28 23:00 -------- d-----w- c:\programdata\Skype
2010-12-28 21:09 . 2010-12-28 21:09 -------- d-----w- c:\windows\Blackberry Phone Info Reader
2010-12-26 21:52 . 2011-01-17 10:02 -------- d-----w- c:\programdata\Kaspersky Lab
2010-12-26 21:52 . 2010-12-26 21:52 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2010-12-26 21:51 . 2010-12-26 21:59 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-12-26 19:53 . 2010-12-26 19:53 -------- d-----w- c:\programdata\Atheros
2010-12-26 16:43 . 2010-10-19 09:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2010-12-26 15:31 . 2010-12-26 17:03 508472 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-12-26 15:14 . 2010-12-26 15:14 -------- d-----w- c:\program files (x86)\Sony Setup
2010-12-26 11:42 . 2010-12-26 11:42 -------- d-----w- c:\program files (x86)\Microsoft.NET
2010-12-26 11:41 . 2008-10-21 08:22 15912 ----a-w- c:\windows\system32\drivers\s0017whnt.sys
2010-12-26 11:41 . 2008-10-21 08:22 15912 ----a-w- c:\windows\system32\drivers\s0017wh.sys
2010-12-26 11:41 . 2008-10-21 08:22 34856 ----a-w- c:\windows\system32\drivers\s0017nd5.sys
2010-12-26 11:41 . 2008-10-21 08:22 145960 ----a-w- c:\windows\system32\drivers\s0017unic.sys
2010-12-26 11:41 . 2008-10-21 08:22 128552 ----a-w- c:\windows\system32\drivers\s0017obex.sys
2010-12-26 11:41 . 2008-10-21 08:22 19496 ----a-w- c:\windows\system32\drivers\s0017mdfl.sys
2010-12-26 11:41 . 2008-10-21 08:22 152616 ----a-w- c:\windows\system32\drivers\s0017mdm.sys
2010-12-26 11:41 . 2008-10-21 08:22 133160 ----a-w- c:\windows\system32\drivers\s0017mgmt.sys
2010-12-26 11:41 . 2008-10-21 08:22 14888 ----a-w- c:\windows\system32\drivers\s0017cmnt.sys
2010-12-26 11:41 . 2008-10-21 08:22 14888 ----a-w- c:\windows\system32\drivers\s0017cm.sys
2010-12-26 11:41 . 2008-10-21 08:22 13864 ----a-w- c:\windows\system32\drivers\s0017cr.sys
2010-12-26 11:41 . 2008-10-21 08:22 113704 ----a-w- c:\windows\system32\drivers\s0017bus.sys
2010-12-25 19:55 . 2011-01-16 19:45 -------- d-----w- c:\programdata\boost_interprocess
2010-12-25 19:17 . 2010-12-25 19:22 -------- d-----w- c:\programdata\VirtualizedApplications
2010-12-25 18:17 . 2010-12-25 18:17 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-25 18:17 . 2010-12-25 18:17 -------- d-----w- c:\windows\sk
2010-12-25 18:15 . 2010-12-25 18:15 -------- dc----w- c:\windows\system32\DRVSTORE
2010-12-25 18:15 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-12-25 18:15 . 2010-12-25 18:15 -------- d-----w- c:\program files\Windows Live
2010-12-25 18:14 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2010-12-25 18:14 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2010-12-25 18:14 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2010-12-25 18:14 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-12-25 17:30 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-12-25 17:30 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2010-12-25 17:30 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-25 17:30 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-25 17:30 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-12-25 17:30 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2010-12-25 17:30 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-24 17:01 . 2010-12-24 17:01 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2010-12-24 12:27 . 2010-12-24 12:27 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-24 12:27 . 2010-12-24 12:27 -------- d-----w- c:\windows\system32\Wat
2010-12-24 10:48 . 2010-12-24 10:48 -------- d-----w- c:\users\Public\OEM
2010-12-24 10:17 . 2010-12-24 10:17 -------- d-----w- C:\189551ccb481c7cb84
2010-12-24 10:15 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-24 10:15 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-24 10:15 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2010-12-24 10:15 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-24 10:15 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-24 10:15 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-24 10:15 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-12-24 10:15 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2010-12-24 10:15 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2010-12-24 10:15 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2010-12-24 10:15 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2010-12-24 10:11 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-24 10:11 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-23 20:48 . 2010-12-23 20:48 -------- d--h--w- c:\windows\PIF
2010-12-23 20:47 . 2010-12-26 21:48 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2010-12-23 19:48 . 2010-08-16 14:31 801352 ----a-w- c:\windows\system32\pwNative.exe
2010-12-23 19:34 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-23 19:34 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-23 19:34 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2010-12-23 19:34 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2010-12-23 19:32 . 2010-10-20 03:09 3124224 ----a-w- c:\windows\system32\win32k.sys
2010-12-23 19:31 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-12-23 19:31 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 14:52 . 2010-11-18 14:52 2560 ----a-w- c:\windows\SysWow64\drivers\sk-SK\scfilter.sys.mui
2010-11-18 14:52 . 2010-11-18 14:52 47616 ----a-w- c:\windows\SysWow64\drivers\sk-SK\tcpip.sys.mui
2010-11-18 14:00 . 2010-09-16 11:56 6 ----a-w- c:\windows\system32\PLD_Framework.cmd
2010-11-02 05:16 . 2010-12-23 19:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-23 19:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:34 . 2010-12-23 19:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
.

((((((((((((((((((((((((((((( SnapShot@2011-01-16_20.21.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-17 10:15 . 2011-01-17 10:15 13354 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-01-16 18:42 . 2011-01-16 18:42 13354 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
+ 2009-07-14 04:54 . 2011-01-17 10:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-01-16 19:45 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-17 10:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-17 10:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-16 19:45 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 11:47 . 2011-01-17 09:56 51676 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-17 09:56 31324 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-01-16 19:46 31324 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-11-18 14:28 . 2011-01-17 10:03 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-11-18 14:28 . 2011-01-15 23:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-11-18 14:28 . 2011-01-17 10:03 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-11-18 14:28 . 2011-01-15 23:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-15 23:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-17 10:03 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-23 19:18 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-23 19:18 . 2011-01-17 10:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-01-17 10:18 78512 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2011-01-16 19:48 78512 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-12-23 19:18 . 2011-01-16 19:45 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-23 19:18 . 2011-01-17 10:18 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-23 19:18 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-23 19:18 . 2011-01-17 10:18 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-23 06:04 . 2011-01-17 10:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-23 06:04 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-23 06:04 . 2011-01-17 10:18 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-23 06:04 . 2011-01-16 19:45 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-22 15:09 . 2011-01-16 19:46 9202 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2081554988-1301133977-3948776033-1000_UserData.bin
+ 2010-12-22 15:09 . 2011-01-17 09:56 9202 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2081554988-1301133977-3948776033-1000_UserData.bin
- 2011-01-16 19:44 . 2011-01-16 19:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-17 10:16 . 2011-01-17 10:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-16 19:44 . 2011-01-16 19:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-01-17 10:16 . 2011-01-17 10:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-01-16 18:42 234628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-01-17 10:15 234628 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-01-16 19:47 3801160 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-01-17 10:18 3801160 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 02:34 . 2011-01-17 10:13 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2011-01-16 19:58 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-06-28 263936]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"VideoWebCamera"="c:\program files (x86)\VideoWebCamera\VideoWebCamera.exe" [2010-05-26 1545568]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi5"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-07-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-07-29 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-07-29 295072]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-07-29 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-07-29 51872]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-07-29 154272]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-07-29 270496]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 16776]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 9096]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-12-09 13352]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-08-16 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-08-16 13280]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-24 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 KLBG;Kaspersky Lab Boot Guard Driver;c:\windows\system32\DRIVERS\klbg.sys [2009-10-14 40464]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-26 508472]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-11-03 27152]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2010-07-29 52896]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-06-28 255744]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-28 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-07-29 28832]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-02 21008]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-07-29 594080]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-07-29 377504]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://packardbell.msn.com
mLocal Page = %SystemRoot%\system32\blank.htm
FF - ProfilePath - c:\users\tomas999\AppData\Roaming\Mozilla\Firefox\Profiles\jdnodliz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.sk/
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?tool ... m-1.0.0&q=
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Auto Shutdown: amin.eft_Shutdown@gmail.com - %profile%\extensions\amin.eft_Shutdown@gmail.com
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: FxIF: {11483926-db67-4190-91b1-ef20fcec5f33} - %profile%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2081554988-1301133977-3948776033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-2081554988-1301133977-3948776033-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Completion time: 2011-01-17 11:27:32 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-17 10:27
ComboFix2.txt 2011-01-16 21:26
ComboFix3.txt 2011-01-16 20:23

Pre-Run: 18 201 432 064 bytes free
Post-Run: 18 006 384 640 bytes free

- - End Of File - - A1C45C06AC7667F8C29A3E0B6D0D35EA

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall


vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Vlož nový log z HJT + problémy zda-li jsou.

[evolution]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:33, on 18. 1. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11364 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://packardbell.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

popiš problémy..