Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Insider_cze · Příspěvekod **Insider_cze** » 08 úno 2011 21:19

Dobrý den, mám problém s vyskakováním chybových hlášek typu FsUsbExService.Exe a nvcpl.dll. Mám pocit, že se jedná o nějaký vir, použil jsem Malware i CCleaner. Hledal jsem na netu, co s tím, bohužel nic přesnějšího a zatím bez úspěchu. Zde dávám log z Hijacku:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:02, on 8.2.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\System32\rundll32.exe
C:\Users\Insider\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Insider\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (file missing)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13328 bytes

Reklama

Příspěvekod **Žbeky** » 08 úno 2011 21:32

Máš tam Avast! a Norton IS - jedno z toho odinstaluj.

Odinstaluj:
ICQ ToolBar
Yahoo! Toolbar
DAEMON Tools Toolbar
Norton Toolbar

V HJT fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll (file missing)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll (file missing)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKCU\..\Run: [Google Update] "C:\Users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Insider_cze · Příspěvekod **Insider_cze** » 09 úno 2011 00:11

No tak jsem to udělal a zde je log z Malweru...

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 5715

Windows 6.0.6000
Internet Explorer 7.0.6000.16982

9.2.2011 0:10:12
mbam-log-2011-02-09 (00-10-12).txt

Typ kontroly: Rychlý test
Testované objekty: 139982
Uplynulý čas: 3 minut, 53 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Příspěvekod **memphisto** » 09 úno 2011 00:21

Který z těch dvou antivirů jsi ponechal?

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Insider_cze · Příspěvekod **Insider_cze** » 09 úno 2011 00:30

Nechal jsem si Avast, Norton už mi dávno nefunguje..navíc se ani nespustil, chyběl mu nějaký modul.
Jinak koukám, od rána mám v karanténě Malwaru tohle: RiskWare.TOOL.CK (c:\Users......\keygenof12.exe)

Teď zkusím ComboFix.

Insider_cze · Příspěvekod **Insider_cze** » 09 úno 2011 00:57

ComboFix 11-02-08.02 - Insider 09.02.2011 0:40.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.3069.1952 [GMT 1:00]
Spuštěný z: c:\users\Insider\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\drv\Tuner\Yuan\Resources\_desktop.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera
c:\programdata\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam Video Class Camera \Uninstall.lnk
c:\users\Insider\AppData\Roaming\Local
c:\users\Insider\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Insider\AppData\Roaming\Local\Temp\DDM\Settings\jclktwynnaav.avi.ddr
c:\users\Insider\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Insider\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\jclktwynnaav.avi

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-08 do 2011-02-08 )))))))))))))))))))))))))))))))
.

2011-02-08 23:51 . 2011-02-08 23:52 -------- d-----w- c:\users\Insider\AppData\Local\temp
2011-02-08 23:51 . 2011-02-08 23:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-08 20:24 . 2011-02-08 20:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-08 20:22 . 2011-01-08 03:27 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-02-08 20:22 . 2011-01-08 03:27 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-02-08 20:22 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-08 20:22 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-08 20:22 . 2011-01-08 03:27 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-08 20:22 . 2011-01-08 03:27 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-08 20:22 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-08 20:22 . 2011-01-08 03:27 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-08 20:22 . 2011-01-08 03:27 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-08 20:22 . 2011-01-08 03:27 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-08 20:21 . 2011-02-08 20:28 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-08 20:20 . 2011-02-08 20:20 -------- d-----w- C:\NVIDIA
2011-02-08 19:50 . 2011-02-08 19:50 -------- d-----w- c:\program files\CCleaner
2011-02-08 19:42 . 2011-02-08 19:42 -------- d-----w- c:\users\Insider\AppData\Roaming\Malwarebytes
2011-02-08 19:41 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-08 19:41 . 2011-02-08 19:41 -------- d-----w- c:\programdata\Malwarebytes
2011-02-08 19:41 . 2011-02-08 19:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-08 19:41 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 11:45 . 2011-02-08 11:45 5194 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-02-08 11:35 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-02-08 11:35 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-02-08 11:35 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-02-08 11:32 . 2011-02-08 11:32 -------- d-----w- c:\programdata\Samsung
2011-02-08 11:32 . 2010-07-04 18:07 238952 ------w- c:\windows\system32\FsUsbExService.Exe
2011-02-08 11:30 . 2011-02-08 11:30 -------- d-----w- c:\users\Insider\AppData\Roaming\Samsung
2011-02-08 11:29 . 2011-02-08 11:29 -------- d-----w- c:\program files\MarkAny
2011-02-08 11:28 . 2011-02-08 11:33 -------- d-----w- c:\program files\Samsung
2011-02-08 11:27 . 2011-02-08 11:27 -------- d-----w- c:\users\Insider\AppData\Local\Downloaded Installations
2011-02-08 10:24 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1772DA2-262E-499E-8FD3-9B7D1777A3C0}\mpengine.dll
2011-02-07 22:40 . 2011-02-07 22:45 -------- d-----w- c:\users\Insider\AppData\Roaming\DivX
2011-02-07 22:40 . 2011-02-07 22:40 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-02-07 22:38 . 2011-02-07 22:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-02-07 22:34 . 2011-02-07 22:41 -------- d-----w- c:\program files\DivX
2011-02-07 22:33 . 2011-02-07 22:41 -------- d-----w- c:\programdata\DivX
2011-01-23 22:05 . 2011-01-23 22:06 -------- d-----w- c:\program files\VirtualDJ
2011-01-23 21:22 . 2011-01-23 21:22 -------- d-----w- c:\program files\make-bootable-USB
2011-01-23 21:21 . 2011-01-23 21:21 -------- d-----w- c:\program files\new
2011-01-21 10:21 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\windows\PCHEALTH
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\program files\Microsoft.NET
2011-01-18 21:25 . 2011-01-18 21:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-01-18 21:22 . 2011-01-18 21:22 -------- d-----r- C:\MSOCache
2011-01-14 14:07 . 2011-01-14 14:07 -------- d-----w- c:\program files\Microsoft WSE
2011-01-14 08:11 . 2011-01-14 08:11 -------- d-----w- c:\users\Insider\Bluetooth Software
2011-01-13 22:04 . 2011-01-20 15:15 -------- d-----w- c:\users\Insider\AppData\Roaming\Audacity
2011-01-13 14:32 . 2011-01-13 14:32 -------- d-----w- c:\program files\Morph
2011-01-13 10:54 . 2011-01-13 10:54 -------- d-----w- c:\users\Insider\eTeks
2011-01-13 10:39 . 2011-01-13 10:39 -------- d-----w- c:\program files\Magic Morph
2011-01-13 10:37 . 2011-01-13 10:37 -------- d-----w- c:\program files\Sweet Home 3D
2011-01-13 10:31 . 2011-01-13 10:31 -------- d-----w- c:\program files\uTorrent
2011-01-13 10:30 . 2011-01-28 10:43 -------- d-----w- c:\users\Insider\AppData\Roaming\uTorrent
2011-01-11 11:22 . 2011-01-11 11:22 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-11 11:22 . 2011-02-08 22:52 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-11 11:22 . 2011-01-11 11:23 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:24 -------- d-----w- c:\users\Insider\AppData\Roaming\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:22 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-10 20:02 . 2010-12-31 19:56 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-10 20:02 . 2010-12-31 20:00 293968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-10 20:02 . 2010-12-31 19:56 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-10 20:02 . 2010-12-31 19:59 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-10 20:02 . 2010-12-31 19:56 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-10 20:01 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr
2011-01-10 20:01 . 2010-12-31 20:06 188216 ------w- c:\windows\system32\aswBoot.exe
2011-01-10 13:10 . 2011-01-10 13:14 -------- d-----w- c:\users\Insider\AppData\Local\Microsoft Games
2011-01-10 13:08 . 2011-01-10 13:10 -------- d-----w- c:\users\Insider\bluej
2011-01-10 07:42 . 2011-01-10 07:42 -------- d-----w- c:\programdata\Alwil Software
2011-01-10 07:42 . 2011-01-10 07:42 -------- d-----w- c:\program files\Alwil Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2011-02-08 20:22 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-08 03:27 . 2008-01-15 04:02 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2008-01-15 04:02 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-07 20:06 . 2011-01-07 20:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 20:06 . 2011-01-07 20:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06 288872 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-07 20:06 . 2011-01-07 20:06 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 20:06 . 2011-01-07 20:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-01 15:48 . 2011-01-01 15:48 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-01-01 15:48 . 2011-01-01 15:48 268800 ----a-w- c:\windows\system32\es.dll
2011-01-01 15:48 . 2011-01-01 15:48 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-01-01 02:06 . 2011-01-01 02:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-01 02:06 . 2011-01-01 02:06 696832 ----a-w- c:\windows\system32\localspl.dll
2011-01-01 02:05 . 2011-01-01 02:05 2923520 ----a-w- c:\windows\explorer.exe
2011-01-01 02:04 . 2011-01-01 02:04 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-01-01 02:03 . 2011-01-01 02:03 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-01-01 02:03 . 2011-01-01 02:03 272384 ----a-w- c:\windows\system32\schannel.dll
2011-01-01 02:03 . 2011-01-01 02:03 24064 ----a-w- c:\windows\system32\netcfg.exe
2010-12-31 09:40 . 2010-12-31 09:40 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
2010-12-31 09:40 . 2010-12-31 09:40 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1965056 ----a-w- c:\windows\system32\NlsData0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 3464704 ----a-w- c:\windows\system32\NlsData0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 2655232 ----a-w- c:\windows\system32\NlsData0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4495360 ----a-w- c:\windows\system32\NlsData0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 1523200 ----a-w- c:\windows\system32\NlsData0000.dll
2010-12-31 09:40 . 2010-12-31 09:40 2597888 ----a-w- c:\windows\system32\NlsData0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 2241024 ----a-w- c:\windows\system32\NlsData0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 4874240 ----a-w- c:\windows\system32\NlsData0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9845248 ----a-w- c:\windows\system32\NlsData000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 2641408 ----a-w- c:\windows\system32\NlsData000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 2340864 ----a-w- c:\windows\system32\NlsData000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 797696 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData081a.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-12-31 1232896]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 107112]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-12-05 200704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-12-31 3395600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-1-14 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
R3 GarenaPEngine;GarenaPEngine;c:\users\Insider\AppData\Local\Temp\BEUC426.tmp [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-11 218176]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20101230.002\IDSvix86.sys [2010-12-15 287792]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2007-12-05 41456]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-31 51280]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
S3 GGSAFERDriver;GGSAFER Driver;d:\programy\Garena\safedrv.sys [x]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'

2011-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000Core.job
- c:\users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-30 22:20]

2011-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000UA.job
- c:\users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-30 22:20]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-Acer Tour - (no file)
HKLM-Run-osCheck - c:\program files\Norton Internet Security\osCheck.exe
HKLM-Run-SetPanel - c:\acer\APanel\APanel.cmd
HKLM-Run-NPSStartup - (no file)
AddRemove-{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1 - h:\minitool partition wizard home edition 5.2\unins000.exe
AddRemove-{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} - c:\windows\System32\Imsmudlg.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 00:52
Windows 6.0.6000 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\Insider\AppData\Local\Temp\BEUC426.tmp"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-02-09 00:55:00
ComboFix-quarantined-files.txt 2011-02-08 23:54

Před spuštěním: Volných bajtů: 55 223 717 888
Po spuštění: Volných bajtů: 55 208 140 800

- - End Of File - - 980591F3C355C1E1D37812418D556EBA

Příspěvekod **jaro3** » 09 úno 2011 12:18

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\program files\Common Files\Symantec Shared\ccApp.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\windows\system32\FsUsbExDisk.SYS
c:\windows\system32\FsUsbExService.Exe

Folder::
c:\program files\DAEMON Tools Toolbar
c:\program files\Common Files\Symantec Shared

Driver::
FsUsbExDisk
GarenaPEngine
FsUsbExService

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=-
"Symantec PIF AlertEng"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000000
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\GarenaPEngine]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

Insider_cze · Příspěvekod **Insider_cze** » 09 úno 2011 13:56

Z ComboFixu:

ComboFix 11-02-08.02 - Insider 09.02.2011 13:26:40.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.3069.2043 [GMT 1:00]
Spuštěný z: c:\users\Insider\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Insider\Desktop\CFScript.txt

FILE ::
"c:\program files\Common Files\Symantec Shared\ccApp.exe"
"c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe"
"c:\windows\system32\FsUsbExDisk.SYS"
"c:\windows\system32\FsUsbExService.Exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\AntiVirus\AVCMPCTL.DLL
c:\program files\Common Files\Symantec Shared\AntiVirus\AVDEFMGR.DLL
c:\program files\Common Files\Symantec Shared\AntiVirus\AVEXCLU.DLL
c:\program files\Common Files\Symantec Shared\AntiVirus\AVIFC.DLL
c:\program files\Common Files\Symantec Shared\AntiVirus\AVMAIL.DLL
c:\program files\Common Files\Symantec Shared\AntiVirus\AVMODULE.DLL
c:\program files\Common Files\Symantec Shared\AntiVirus\AVSCAN.DLL
c:\program files\Common Files\Symantec Shared\AppCore\AppMgr32.dll
c:\program files\Common Files\Symantec Shared\AppCore\AppPlg32.dll
c:\program files\Common Files\Symantec Shared\AppCore\AppReg32.dll
c:\program files\Common Files\Symantec Shared\AppCore\AppSet32.dll
c:\program files\Common Files\Symantec Shared\AppCore\AppSch32.dll
c:\program files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
c:\program files\Common Files\Symantec Shared\AppCore\AppTrc32.dll
c:\program files\Common Files\Symantec Shared\ccALEng.dll
c:\program files\Common Files\Symantec Shared\ccAlert.dll
c:\program files\Common Files\Symantec Shared\ccApp.exe
c:\program files\Common Files\Symantec Shared\ccEmlPxy.dll
c:\program files\Common Files\Symantec Shared\ccErrDsp.dll
c:\program files\Common Files\Symantec Shared\ccEvtCli.dll
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtPlg.dll
c:\program files\Common Files\Symantec Shared\ccInst.dll
c:\program files\Common Files\Symantec Shared\ccL60.dll
c:\program files\Common Files\Symantec Shared\ccL60U.dll
c:\program files\Common Files\Symantec Shared\ccLgView.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\ez_log.html
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlctnk.dll
c:\program files\Common Files\Symantec Shared\ccProd.dll
c:\program files\Common Files\Symantec Shared\ccProSub.dll
c:\program files\Common Files\Symantec Shared\ccScanW.dll
c:\program files\Common Files\Symantec Shared\ccSet.dll
c:\program files\Common Files\Symantec Shared\ccSetEvt.dll
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccSetPlg.dll
c:\program files\Common Files\Symantec Shared\ccSvc.dll
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Common Files\Symantec Shared\ccVrTrst.dll
c:\program files\Common Files\Symantec Shared\ccWebWnd.dll
c:\program files\Common Files\Symantec Shared\CF\cfEPack.dll
c:\program files\Common Files\Symantec Shared\CF\cfLUCbk.dll
c:\program files\Common Files\Symantec Shared\CF\cfV2Pack.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\AVCFREG.DLL
c:\program files\Common Files\Symantec Shared\CF\Manifests\cfReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\cltCFReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\FWCFREG.DLL
c:\program files\Common Files\Symantec Shared\CF\Manifests\ISCFReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\ISCOReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\ISFWReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\ISVAReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\uiCFReg.dll
c:\program files\Common Files\Symantec Shared\CF\Manifests\VACFReg.dll
c:\program files\Common Files\Symantec Shared\CF\PEP2.dll
c:\program files\Common Files\Symantec Shared\CF\PEP2S.dll
c:\program files\Common Files\Symantec Shared\coArbtr.dll
c:\program files\Common Files\Symantec Shared\COH\AHS.dll
c:\program files\Common Files\Symantec Shared\COH\sesHlp.dll
c:\program files\Common Files\Symantec Shared\coShared\Browser\1.0\BrCore.dll
c:\program files\Common Files\Symantec Shared\coShared\Browser\1.0\BrRules.dll
c:\program files\Common Files\Symantec Shared\coShared\Browser\1.0\coVisPrx.exe
c:\program files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
c:\program files\Common Files\Symantec Shared\coShared\Common\1.0\coFSPCtl.dll
c:\program files\Common Files\Symantec Shared\coShared\Common\1.0\coFSPReg.dll
c:\program files\Common Files\Symantec Shared\coShared\Common\1.0\PackMgr.dll
c:\program files\Common Files\Symantec Shared\coShared\Common\1.0\Patch25d.dll
c:\program files\Common Files\Symantec Shared\coShared\Common\1.0\WALuCbk.dll
c:\program files\Common Files\Symantec Shared\coShared\WP\1.0\nppw.dll
c:\program files\Common Files\Symantec Shared\coShared\WP\1.0\nppwBHO.dll
c:\program files\Common Files\Symantec Shared\coShared\WP\1.0\nppwUI.dll
c:\program files\Common Files\Symantec Shared\dec_abi.dll
c:\program files\Common Files\Symantec Shared\DefUtDCD.dll
c:\program files\Common Files\Symantec Shared\ecmldr32.DLL
c:\program files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\Firewall\FWAGENT.DLL
c:\program files\Common Files\Symantec Shared\Firewall\FWALEIO.DLL
c:\program files\Common Files\Symantec Shared\Firewall\FWCFG.EXE
c:\program files\Common Files\Symantec Shared\Firewall\FWCMPCTL.DLL
c:\program files\Common Files\Symantec Shared\Firewall\FWHELPER.DLL
c:\program files\Common Files\Symantec Shared\Firewall\FWRULEIO.DLL
c:\program files\Common Files\Symantec Shared\Firewall\FWRULMTN.DLL
c:\program files\Common Files\Symantec Shared\Firewall\FWSETUP.DLL
c:\program files\Common Files\Symantec Shared\Firewall\ICFMGR.DLL
c:\program files\Common Files\Symantec Shared\Help\disable.dll
c:\program files\Common Files\Symantec Shared\Help\faq.dll
c:\program files\Common Files\Symantec Shared\Help\feat_sum.dll
c:\program files\Common Files\Symantec Shared\Help\LU_006.dll
c:\program files\Common Files\Symantec Shared\Help\LU_PC.dll
c:\program files\Common Files\Symantec Shared\Help\LU_Sub.dll
c:\program files\Common Files\Symantec Shared\Help\NAV_001.dll
c:\program files\Common Files\Symantec Shared\Help\NPCacct.dll
c:\program files\Common Files\Symantec Shared\Help\options.dll
c:\program files\Common Files\Symantec Shared\Help\Supt_CPD.dll
c:\program files\Common Files\Symantec Shared\Help\SYM_cust.dll
c:\program files\Common Files\Symantec Shared\Help\SYM_FD.dll
c:\program files\Common Files\Symantec Shared\Help\SYM_IA.dll
c:\program files\Common Files\Symantec Shared\Help\SYM_mon.dll
c:\program files\Common Files\Symantec Shared\Help\SYM_resp.dll
c:\program files\Common Files\Symantec Shared\Help\symhelp.dll
c:\program files\Common Files\Symantec Shared\Help\SYMstart.dll
c:\program files\Common Files\Symantec Shared\Help\unin.dll
c:\program files\Common Files\Symantec Shared\IDS\DefUtDCD.dll
c:\program files\Common Files\Symantec Shared\IDS\IDSAux.dll
c:\program files\Common Files\Symantec Shared\IDS\IdsInst.exe
c:\program files\Common Files\Symantec Shared\IDS\IPSPlug.dll
c:\program files\Common Files\Symantec Shared\IDS\Patch25.dll
c:\program files\Common Files\Symantec Shared\ISArbit.dll
c:\program files\Common Files\Symantec Shared\MceAddIn\MceEULA.dll
c:\program files\Common Files\Symantec Shared\MceAddIn\MceRes.dll
c:\program files\Common Files\Symantec Shared\MceAddIn\SymAdLog.dll
c:\program files\Common Files\Symantec Shared\MceAddIn\SymMcCmd.dll
c:\program files\Common Files\Symantec Shared\MSL\msl.dll
c:\program files\Common Files\Symantec Shared\NCOItf.dll
c:\program files\Common Files\Symantec Shared\NPC\DataPvdr.dll
c:\program files\Common Files\Symantec Shared\NPC\LoadOpts.exe
c:\program files\Common Files\Symantec Shared\NPC\npcTRAY.dll
c:\program files\Common Files\Symantec Shared\NPC\npcWmiCl.dll
c:\program files\Common Files\Symantec Shared\NPC\npcWmiDt.dll
c:\program files\Common Files\Symantec Shared\NPC\npcWmiMn.dll
c:\program files\Common Files\Symantec Shared\NPC\NSCEXT.DLL
c:\program files\Common Files\Symantec Shared\NPC\NSCPLUG2.dll
c:\program files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL
c:\program files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll
c:\program files\Common Files\Symantec Shared\NPC\Options.dll
c:\program files\Common Files\Symantec Shared\NPC\pcStatus.dll
c:\program files\Common Files\Symantec Shared\NPC\PEPEvnt.dll
c:\program files\Common Files\Symantec Shared\NPC\uiBtPlg.dll
c:\program files\Common Files\Symantec Shared\NPC\UICntnr.dll
c:\program files\Common Files\Symantec Shared\NPC\uiLicPlg.dll
c:\program files\Common Files\Symantec Shared\NPC\uiStub.exe
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\ActComp.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CfgWiz.exe
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CfgWiz.tlb
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\clt06PIN.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltBTPgS.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltBTPlg.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltEndPt.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CLTNetCN.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltPIPlg.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CLTSComp.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUAC.exe
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CUWUtils.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\EULAComp.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\ewoc.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\LicPlug.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SSAutoRN.exe
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SubComp.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SubStats.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymCAbt.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SYMCUW.exe
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymHost.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymLCUI.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymLTCOM.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymSubWz.dll
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymUIAx2.ocx
c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\SymUIHlp.dll
c:\program files\Common Files\Symantec Shared\Options\CLTWrap2.dll
c:\program files\Common Files\Symantec Shared\Options\VTCache.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertUi.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcGlobal.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcmhSvar.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\dcProd.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\Languages\09\01\AlertEng.loc
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\Languages\fallback.dat
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\lun.ico
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhDSA.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhSched.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\mhUpgr.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\pifCrawl.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifPep06.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifPep07.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollMgr.dll
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\readme.txt
c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SymHTML.dll
c:\program files\Common Files\Symantec Shared\QBACKUP.DLL
c:\program files\Common Files\Symantec Shared\rcAlert.dll
c:\program files\Common Files\Symantec Shared\rcApp.dll
c:\program files\Common Files\Symantec Shared\rcEmlPxy.dll
c:\program files\Common Files\Symantec Shared\rcErrDsp.dll
c:\program files\Common Files\Symantec Shared\rcLgView.dll
c:\program files\Common Files\Symantec Shared\rcSvcHst.dll
c:\program files\Common Files\Symantec Shared\SecurityHistory\MCMGR32.dll
c:\program files\Common Files\Symantec Shared\SecurityHistory\MCUI32.exe
c:\program files\Common Files\Symantec Shared\SEVINST.EXE
c:\program files\Common Files\Symantec Shared\SMNLnch.exe
c:\program files\Common Files\Symantec Shared\SNDSvc.dll
c:\program files\Common Files\Symantec Shared\SNDunin.dll
c:\program files\Common Files\Symantec Shared\SPBBC\bbRGen.dll
c:\program files\Common Files\Symantec Shared\SPBBC\ccTrstPc.dll
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.CAT
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.inf
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll
c:\program files\Common Files\Symantec Shared\SPBBC\SPLVPlug.dll
c:\program files\Common Files\Symantec Shared\SPBBC\SPLVPRes.dll
c:\program files\Common Files\Symantec Shared\SPBBC\TProcPlg.dll
c:\program files\Common Files\Symantec Shared\SPBBC\UpdMgr.exe
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.grd
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.sig
c:\program files\Common Files\Symantec Shared\SPManifests\AlertEng.spm
c:\program files\Common Files\Symantec Shared\SPManifests\AppCore.spm
c:\program files\Common Files\Symantec Shared\SPManifests\AV.spm
c:\program files\Common Files\Symantec Shared\SPManifests\BHOFrame.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ccCommon.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ccOEH.spm
c:\program files\Common Files\Symantec Shared\SPManifests\CfgWiz.spm
c:\program files\Common Files\Symantec Shared\SPManifests\CfgWzRes.spm
c:\program files\Common Files\Symantec Shared\SPManifests\CfgWzTLB.spm
c:\program files\Common Files\Symantec Shared\SPManifests\cfLUCbk.spm
c:\program files\Common Files\Symantec Shared\SPManifests\CIDS.SPM
c:\program files\Common Files\Symantec Shared\SPManifests\CLTNetCn.spm
c:\program files\Common Files\Symantec Shared\SPManifests\CLTWrap.spm
c:\program files\Common Files\Symantec Shared\SPManifests\COHCfg.spm
c:\program files\Common Files\Symantec Shared\SPManifests\comHost.spm
c:\program files\Common Files\Symantec Shared\SPManifests\dec_abi.spm
c:\program files\Common Files\Symantec Shared\SPManifests\DefAlert.spm
c:\program files\Common Files\Symantec Shared\SPManifests\DRMCOMMD.spm
c:\program files\Common Files\Symantec Shared\SPManifests\eraser.grd
c:\program files\Common Files\Symantec Shared\SPManifests\eraser.sig
c:\program files\Common Files\Symantec Shared\SPManifests\eraser.spm
c:\program files\Common Files\Symantec Shared\SPManifests\FWINST.SPM
c:\program files\Common Files\Symantec Shared\SPManifests\fwPlugin.spm
c:\program files\Common Files\Symantec Shared\SPManifests\IDSDefs.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISArbit.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISCfgWiz.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISCUWReg.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISGlobal.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISLAlert.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISLUClbk.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISMCEAdd.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISNmObj.spm
c:\program files\Common Files\Symantec Shared\SPManifests\isPwd.spm
c:\program files\Common Files\Symantec Shared\SPManifests\isPwdSvc.spm
c:\program files\Common Files\Symantec Shared\SPManifests\isRes.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISSTE.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ISUAC.spm
c:\program files\Common Files\Symantec Shared\SPManifests\MsgCntr.spm
c:\program files\Common Files\Symantec Shared\SPManifests\MSLight.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAV.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAV_Dirs.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAV_Krnl.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAVError.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAVEvent.spm
c:\program files\Common Files\Symantec Shared\SPManifests\navlucbk.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAVOpts.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAVParen.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAVPatch.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NAVUI.spm
c:\program files\Common Files\Symantec Shared\SPManifests\Navw32.spm
c:\program files\Common Files\Symantec Shared\SPManifests\NISProd.spm
c:\program files\Common Files\Symantec Shared\SPManifests\npc2007.spm
c:\program files\Common Files\Symantec Shared\SPManifests\OEM.spm
c:\program files\Common Files\Symantec Shared\SPManifests\OpenCmd.spm
c:\program files\Common Files\Symantec Shared\SPManifests\osCheck.spm
c:\program files\Common Files\Symantec Shared\SPManifests\PEP2.spm
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.grd
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.sig
c:\program files\Common Files\Symantec Shared\SPManifests\PifCore.spm
c:\program files\Common Files\Symantec Shared\SPManifests\PtchInst.spm
c:\program files\Common Files\Symantec Shared\SPManifests\Scnrs.spm
c:\program files\Common Files\Symantec Shared\SPManifests\ShrdRent.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SMNLnch.spm
c:\program files\Common Files\Symantec Shared\SPManifests\Snd.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SPBBC.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SPLVPlug.spm
c:\program files\Common Files\Symantec Shared\SPManifests\srt.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SubInst.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SyKnAppS.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SymCAbt.spm
c:\program files\Common Files\Symantec Shared\SPManifests\symcleng.spm
c:\program files\Common Files\Symantec Shared\SPManifests\Symcuw.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SYMEVNT.SPM
c:\program files\Common Files\Symantec Shared\SPManifests\SymHtml.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SYMLCUI.spm
c:\program files\Common Files\Symantec Shared\SPManifests\symsetup.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SymSHAx.spm
c:\program files\Common Files\Symantec Shared\SPManifests\SymTheme.spm
c:\program files\Common Files\Symantec Shared\SPManifests\Toolbar.spm
c:\program files\Common Files\Symantec Shared\SPManifests\VA.spm
c:\program files\Common Files\Symantec Shared\SPManifests\VTCache.spm
c:\program files\Common Files\Symantec Shared\SPManifests\Webprot.spm
c:\program files\Common Files\Symantec Shared\SPManifests\WPWALU.spm
c:\program files\Common Files\Symantec Shared\SRTSP\SavRT32.dll
c:\program files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll
c:\program files\Common Files\Symantec Shared\SRTSP\srtUnin.dll
c:\program files\Common Files\Symantec Shared\SubmissionEngine\SUBCONN.dll
c:\program files\Common Files\Symantec Shared\SubmissionEngine\subeng.dll
c:\program files\Common Files\Symantec Shared\SubmissionEngine\SUBUPDT.exe
c:\program files\Common Files\Symantec Shared\SymHTML\1.0\SymHTML.dll
c:\program files\Common Files\Symantec Shared\SymHTML\shtmbase.dll
c:\program files\Common Files\Symantec Shared\SymNeti.dll
c:\program files\Common Files\Symantec Shared\SymRedir.dll
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\ccL60U.dll
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\msvcp71.dll
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\msvcr71.dll
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\Setup\Setup\APP\isRes.dll
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\Support\Reporter\Reporter.exe
c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\SymHTML.dll
c:\program files\Common Files\Symantec Shared\SymSHAx.dll
c:\program files\Common Files\Symantec Shared\SymTheme\sthmbase.dll
c:\program files\Common Files\Symantec Shared\VAScanner\comHost.exe
c:\program files\Common Files\Symantec Shared\VAScanner\SAM.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VACmpCtl.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VACtrl.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VACtrlRs.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VAEngn.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VAEngnPS.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VAMngr.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VAMngrPS.dll
c:\program files\Common Files\Symantec Shared\VAScanner\VAScanPS.dll
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\windows\system32\FsUsbExService.Exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GARENAPENGINE
-------\Service_FsUsbExDisk
-------\Service_FsUsbExService
-------\Service_GarenaPEngine
-------\Legacy_comHost
-------\Legacy_eeCtrl
-------\Legacy_SPBBCDrv
-------\Legacy_comHost
-------\Legacy_eeCtrl
-------\Legacy_SPBBCDrv
-------\Service_CLTNetCnService
-------\Service_comHost
-------\Service_eeCtrl
-------\Service_LiveUpdate Notice Ex
-------\Service_LiveUpdate Notice Service
-------\Service_SPBBCDrv
-------\Service_SymAppCore
-------\Service_CLTNetCnService
-------\Service_comHost
-------\Service_eeCtrl
-------\Service_LiveUpdate Notice Ex
-------\Service_LiveUpdate Notice Service
-------\Service_SPBBCDrv
-------\Service_SymAppCore

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-09 do 2011-02-09 )))))))))))))))))))))))))))))))
.

2011-02-09 12:34 . 2011-02-09 12:51 -------- d-----w- c:\users\Insider\AppData\Local\temp
2011-02-08 20:24 . 2011-02-08 20:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-08 20:22 . 2011-01-08 03:27 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-02-08 20:22 . 2011-01-08 03:27 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-02-08 20:22 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-08 20:22 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-08 20:22 . 2011-01-08 03:27 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-08 20:22 . 2011-01-08 03:27 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-08 20:22 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-08 20:22 . 2011-01-08 03:27 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-08 20:22 . 2011-01-08 03:27 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-08 20:22 . 2011-01-08 03:27 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-08 20:21 . 2011-02-08 20:28 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-08 20:20 . 2011-02-08 20:20 -------- d-----w- C:\NVIDIA
2011-02-08 19:50 . 2011-02-08 19:50 -------- d-----w- c:\program files\CCleaner
2011-02-08 19:42 . 2011-02-08 19:42 -------- d-----w- c:\users\Insider\AppData\Roaming\Malwarebytes
2011-02-08 19:41 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-08 19:41 . 2011-02-08 19:41 -------- d-----w- c:\programdata\Malwarebytes
2011-02-08 19:41 . 2011-02-08 19:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-08 19:41 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 11:45 . 2011-02-08 11:45 5194 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-02-08 11:35 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-02-08 11:35 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-02-08 11:35 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-02-08 11:32 . 2011-02-08 11:32 -------- d-----w- c:\programdata\Samsung
2011-02-08 11:30 . 2011-02-08 11:30 -------- d-----w- c:\users\Insider\AppData\Roaming\Samsung
2011-02-08 11:29 . 2011-02-08 11:29 -------- d-----w- c:\program files\MarkAny
2011-02-08 11:28 . 2011-02-08 11:33 -------- d-----w- c:\program files\Samsung
2011-02-08 11:27 . 2011-02-08 11:27 -------- d-----w- c:\users\Insider\AppData\Local\Downloaded Installations
2011-02-08 10:24 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1772DA2-262E-499E-8FD3-9B7D1777A3C0}\mpengine.dll
2011-02-07 22:40 . 2011-02-07 22:45 -------- d-----w- c:\users\Insider\AppData\Roaming\DivX
2011-02-07 22:40 . 2011-02-07 22:40 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-02-07 22:38 . 2011-02-07 22:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-02-07 22:34 . 2011-02-07 22:41 -------- d-----w- c:\program files\DivX
2011-02-07 22:33 . 2011-02-07 22:41 -------- d-----w- c:\programdata\DivX
2011-01-23 22:05 . 2011-01-23 22:06 -------- d-----w- c:\program files\VirtualDJ
2011-01-23 21:22 . 2011-01-23 21:22 -------- d-----w- c:\program files\make-bootable-USB
2011-01-23 21:21 . 2011-01-23 21:21 -------- d-----w- c:\program files\new
2011-01-21 10:21 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\windows\PCHEALTH
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\program files\Microsoft.NET
2011-01-18 21:25 . 2011-01-18 21:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-01-18 21:22 . 2011-01-18 21:22 -------- d-----r- C:\MSOCache
2011-01-14 14:07 . 2011-01-14 14:07 -------- d-----w- c:\program files\Microsoft WSE
2011-01-14 08:11 . 2011-01-14 08:11 -------- d-----w- c:\users\Insider\Bluetooth Software
2011-01-13 22:04 . 2011-01-20 15:15 -------- d-----w- c:\users\Insider\AppData\Roaming\Audacity
2011-01-13 14:32 . 2011-01-13 14:32 -------- d-----w- c:\program files\Morph
2011-01-13 10:54 . 2011-01-13 10:54 -------- d-----w- c:\users\Insider\eTeks
2011-01-13 10:39 . 2011-01-13 10:39 -------- d-----w- c:\program files\Magic Morph
2011-01-13 10:37 . 2011-01-13 10:37 -------- d-----w- c:\program files\Sweet Home 3D
2011-01-13 10:31 . 2011-01-13 10:31 -------- d-----w- c:\program files\uTorrent
2011-01-13 10:30 . 2011-01-28 10:43 -------- d-----w- c:\users\Insider\AppData\Roaming\uTorrent
2011-01-11 11:22 . 2011-01-11 11:22 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-11 11:22 . 2011-01-11 11:23 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:24 -------- d-----w- c:\users\Insider\AppData\Roaming\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:22 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-10 20:02 . 2010-12-31 19:56 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-10 20:02 . 2010-12-31 20:00 293968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-10 20:02 . 2010-12-31 19:56 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-10 20:02 . 2010-12-31 19:59 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-10 20:02 . 2010-12-31 19:56 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-10 20:01 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr
2011-01-10 20:01 . 2010-12-31 20:06 188216 ------w- c:\windows\system32\aswBoot.exe
2011-01-10 13:10 . 2011-01-10 13:14 -------- d-----w- c:\users\Insider\AppData\Local\Microsoft Games
2011-01-10 13:08 . 2011-01-10 13:10 -------- d-----w- c:\users\Insider\bluej

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2011-02-08 20:22 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-08 03:27 . 2008-01-15 04:02 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2008-01-15 04:02 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-07 20:06 . 2011-01-07 20:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 20:06 . 2011-01-07 20:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06 288872 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-07 20:06 . 2011-01-07 20:06 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 20:06 . 2011-01-07 20:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-01 15:48 . 2011-01-01 15:48 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-01-01 15:48 . 2011-01-01 15:48 268800 ----a-w- c:\windows\system32\es.dll
2011-01-01 15:48 . 2011-01-01 15:48 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-01-01 02:06 . 2011-01-01 02:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-01 02:06 . 2011-01-01 02:06 696832 ----a-w- c:\windows\system32\localspl.dll
2011-01-01 02:05 . 2011-01-01 02:05 2923520 ----a-w- c:\windows\explorer.exe
2011-01-01 02:04 . 2011-01-01 02:04 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-01-01 02:03 . 2011-01-01 02:03 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-01-01 02:03 . 2011-01-01 02:03 272384 ----a-w- c:\windows\system32\schannel.dll
2011-01-01 02:03 . 2011-01-01 02:03 24064 ----a-w- c:\windows\system32\netcfg.exe
2010-12-31 09:40 . 2010-12-31 09:40 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
2010-12-31 09:40 . 2010-12-31 09:40 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1965056 ----a-w- c:\windows\system32\NlsData0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 3464704 ----a-w- c:\windows\system32\NlsData0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 2655232 ----a-w- c:\windows\system32\NlsData0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4495360 ----a-w- c:\windows\system32\NlsData0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 1523200 ----a-w- c:\windows\system32\NlsData0000.dll
2010-12-31 09:40 . 2010-12-31 09:40 2597888 ----a-w- c:\windows\system32\NlsData0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 2241024 ----a-w- c:\windows\system32\NlsData0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 4874240 ----a-w- c:\windows\system32\NlsData0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9845248 ----a-w- c:\windows\system32\NlsData000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 2641408 ----a-w- c:\windows\system32\NlsData000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 2340864 ----a-w- c:\windows\system32\NlsData000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 797696 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData081a.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-12-31 1232896]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-12-05 200704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-12-31 3395600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-1-14 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R3 CFcatchme;CFcatchme;c:\users\Insider\AppData\Local\Temp\CFcatchme.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;d:\programy\Garena\safedrv.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-11 218176]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20101230.002\IDSvix86.sys [2010-12-15 287792]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2007-12-05 41456]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-31 51280]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Obsah adresáře 'Naplánované úlohy'

2011-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000Core.job
- c:\users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-30 22:20]

2011-02-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000UA.job
- c:\users\Insider\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-30 22:20]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B} - c:\program files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 13:51
Windows 6.0.6000 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3652)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\users\Insider\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\windows\system32\msiexec.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2011-02-09 13:54:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-09 12:54
ComboFix2.txt 2011-02-08 23:55

Před spuštěním: Volných bajtů: 55 665 979 392
Po spuštění: Volných bajtů: 55 327 551 488

- - End Of File - - A1F310437B8498F847B7865B97F97F51

Z HiJacku:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:56:12, on 9.2.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Users\Insider\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Insider\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Unknown owner - C:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7692 bytes

Příspěvekod **memphisto** » 09 úno 2011 14:40

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Driver::
GGSAFERDriver
SYMNDISV
IDSvix86

File::
d:\programy\Garena\safedrv.sys
c:\windows\System32\Drivers\SYMNDISV.SYS
c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20101230.002\IDSvix86.sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000UA.job

Folder::
c:\progra~2\Symantec
C:\Program Files\Norton Internet Security

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Insider_cze · Příspěvekod **Insider_cze** » 09 úno 2011 15:18

ComboFix 11-02-08.02 - Insider 09.02.2011 15:02:12.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.3069.1970 [GMT 1:00]
Spuštěný z: c:\users\Insider\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Insider\Desktop\CFScript.txt

FILE ::
"c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20101230.002\IDSvix86.sys"
"c:\windows\System32\Drivers\SYMNDISV.SYS"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000UA.job"
"d:\programy\Garena\safedrv.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~2\Symantec
c:\progra~2\Symantec\Common Client\settings.bak
c:\progra~2\Symantec\Common Client\settings.dat
c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20101230.002\IDSvix86.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDS9xx86.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSVia64.cat
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSVia64.INF
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSviA64.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSVix86.cat
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSVix86.INF
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSvix86.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\IDSxpx86.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\SymIDSCo.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\SymIDSCo.vxd
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101215.003\SymIDSI.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDS9xx86.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSVia64.cat
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSVia64.INF
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSviA64.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSVix86.cat
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSVix86.INF
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSvix86.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\IDSxpx86.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\SymIDSCo.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\SymIDSCo.vxd
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\20101230.002\SymIDSI.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\ids9xx86.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSVia64.cat
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSVia64.inf
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSviA64.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSVix86.CAT
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSVix86.INF
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSvix86.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\idsxpx86.dll
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\symidsco.sys
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\symidsco.vxd
c:\progra~2\Symantec\Definitions\SymcData\idsdefs\BinHub\SymIDSI.dll
c:\progra~2\Symantec\Definitions\SymcData\nco1.0defs\20110109.002\hub.scr
c:\progra~2\Symantec\Definitions\SymcData\nco1.0defs\20110109.003\hub.scr
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\CATALOG.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\ERASER.GRD
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\ERASER.SIG
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\ESRDEF.BIN
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\HH
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\NAVENG.EXP
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\NAVEX15.EXP
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\NCSACERT.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\SCRAUTH.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\SYMAVENG.INF
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\SYMERASE.INF
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TCDEFS.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TCSCAN7.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TCSCAN8.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TCSCAN9.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TECHNOTE.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TINF.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TINFIDX.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TINFL.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TSCAN1.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\TSCAN1HD.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\V.GRD
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\V.SIG
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN1.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN2.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN3.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN4.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN5.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN6.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN7.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN8.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCAN9.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\VIRSCANT.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\WHATSNEW.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110106.003\ZDONE.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\CATALOG.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\ERASER.GRD
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\ERASER.SIG
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\ESRDEF.BIN
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\HH
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\NAVENG.EXP
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\NAVEX15.EXP
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\NCSACERT.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\SCRAUTH.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\SYMAVENG.INF
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\SYMERASE.INF
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TCDEFS.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TCSCAN7.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TCSCAN8.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TCSCAN9.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TECHNOTE.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TINF.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TINFIDX.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TINFL.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TSCAN1.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\TSCAN1HD.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\V.GRD
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\V.SIG
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN1.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN2.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN3.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN4.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN5.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN6.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN7.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN8.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCAN9.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\VIRSCANT.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\WHATSNEW.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110108.002\ZDONE.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\CATALOG.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\ERASER.GRD
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\ERASER.SIG
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\ESRDEF.BIN
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\HH
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\NAVENG.EXP
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\NAVEX15.EXP
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\NCSACERT.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\SCRAUTH.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\SYMAVENG.INF
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\SYMERASE.INF
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TCDEFS.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TCSCAN7.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TCSCAN8.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TCSCAN9.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TECHNOTE.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TINF.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TINFIDX.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TINFL.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TSCAN1.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\TSCAN1HD.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\V.GRD
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\V.SIG
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN1.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN2.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN3.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN4.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN5.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN6.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN7.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN8.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCAN9.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\VIRSCANT.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\WHATSNEW.TXT
c:\progra~2\Symantec\Definitions\VirusDefs\20110109.003\ZDONE.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\catalog.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\ERASER.grd
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\ERASER.sig
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\esrdef.bin
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\hh
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\ncsacert.txt
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\scrauth.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\symaveng.inf
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\SymErase.inf
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tcdefs.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tcscan7.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tcscan8.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tcscan9.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\technote.txt
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tinf.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tinfidx.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tinfl.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tscan1.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\tscan1hd.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\v.grd
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\v.sig
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan1.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan2.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan3.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan4.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan5.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan6.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan7.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan8.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\virscan9.dat
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\VIRSCANT.DAT
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\whatsnew.txt
c:\progra~2\Symantec\Definitions\VirusDefs\BinHub\zdone.dat
c:\progra~2\Symantec\Definitions\VirusDefs\Cat.DB
c:\progra~2\Symantec\Definitions\VirusDefs\definfo.dat
c:\progra~2\Symantec\Definitions\VirusDefs\TextHub\virscant.dat
c:\progra~2\Symantec\Definitions\VirusDefs\usage.dat
c:\progra~2\Symantec\LiveUpdate\Product.Inventory.LiveUpdate
c:\progra~2\Symantec\LiveUpdate\Settings.LiveUpdate
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\HBPep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.dat
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\HBPep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.tmp
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\Pep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.dat
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\System_.dat
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\System_.tmp
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Current.dat
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Job.dat
c:\progra~2\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\SVAR\SVAR_{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}.dat
c:\progra~2\Symantec\SyKnAppS\patch25.dll
c:\progra~2\Symantec\SyKnAppS\SyKnAppS.dll
c:\progra~2\Symantec\SyKnAppS\SyKnAppS.spm
c:\progra~2\Symantec\wcid0.log
c:\program files\Norton Internet Security
c:\program files\Norton Internet Security\IMCfg.dll
c:\program files\Norton Internet Security\ISDataCl.dll
c:\program files\Norton Internet Security\ISDataSv.dll
c:\program files\Norton Internet Security\isRes.dll
c:\program files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
c:\program files\Norton Internet Security\SetEvtHp.dll
c:\windows\System32\Drivers\SYMNDISV.SYS
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3449686052-3578472080-416520541-1000UA.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GGSAFERDRIVER
-------\Legacy_IDSVIX86
-------\Legacy_SYMNDISV
-------\Service_GGSAFERDriver
-------\Service_IDSvix86
-------\Service_SYMNDISV
-------\Service_ISPwdSvc

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-09 do 2011-02-09 )))))))))))))))))))))))))))))))
.

2011-02-09 14:08 . 2011-02-09 14:12 -------- d-----w- c:\users\Insider\AppData\Local\temp
2011-02-09 14:08 . 2011-02-09 14:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-08 20:24 . 2011-02-08 20:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-08 20:22 . 2011-01-08 03:27 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-02-08 20:22 . 2011-01-08 03:27 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-02-08 20:22 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-08 20:22 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-08 20:22 . 2011-01-08 03:27 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-08 20:22 . 2011-01-08 03:27 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-08 20:22 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-08 20:22 . 2011-01-08 03:27 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-08 20:22 . 2011-01-08 03:27 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-08 20:22 . 2011-01-08 03:27 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-08 20:21 . 2011-02-08 20:28 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-08 20:20 . 2011-02-08 20:20 -------- d-----w- C:\NVIDIA
2011-02-08 19:50 . 2011-02-08 19:50 -------- d-----w- c:\program files\CCleaner
2011-02-08 19:42 . 2011-02-08 19:42 -------- d-----w- c:\users\Insider\AppData\Roaming\Malwarebytes
2011-02-08 19:41 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-08 19:41 . 2011-02-08 19:41 -------- d-----w- c:\programdata\Malwarebytes
2011-02-08 19:41 . 2011-02-08 19:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-08 19:41 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 11:45 . 2011-02-08 11:45 5194 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-02-08 11:35 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-02-08 11:35 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-02-08 11:35 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-02-08 11:32 . 2011-02-08 11:32 -------- d-----w- c:\programdata\Samsung
2011-02-08 11:30 . 2011-02-08 11:30 -------- d-----w- c:\users\Insider\AppData\Roaming\Samsung
2011-02-08 11:29 . 2011-02-08 11:29 -------- d-----w- c:\program files\MarkAny
2011-02-08 11:28 . 2011-02-08 11:33 -------- d-----w- c:\program files\Samsung
2011-02-08 11:27 . 2011-02-08 11:27 -------- d-----w- c:\users\Insider\AppData\Local\Downloaded Installations
2011-02-08 10:24 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1772DA2-262E-499E-8FD3-9B7D1777A3C0}\mpengine.dll
2011-02-07 22:40 . 2011-02-07 22:45 -------- d-----w- c:\users\Insider\AppData\Roaming\DivX
2011-02-07 22:40 . 2011-02-07 22:40 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-02-07 22:38 . 2011-02-07 22:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-02-07 22:34 . 2011-02-07 22:41 -------- d-----w- c:\program files\DivX
2011-02-07 22:33 . 2011-02-07 22:41 -------- d-----w- c:\programdata\DivX
2011-01-23 22:05 . 2011-01-23 22:06 -------- d-----w- c:\program files\VirtualDJ
2011-01-23 21:22 . 2011-01-23 21:22 -------- d-----w- c:\program files\make-bootable-USB
2011-01-23 21:21 . 2011-01-23 21:21 -------- d-----w- c:\program files\new
2011-01-21 10:21 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\windows\PCHEALTH
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\program files\Microsoft.NET
2011-01-18 21:25 . 2011-01-18 21:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-01-18 21:22 . 2011-01-18 21:22 -------- d-----r- C:\MSOCache
2011-01-14 14:07 . 2011-01-14 14:07 -------- d-----w- c:\program files\Microsoft WSE
2011-01-14 08:11 . 2011-01-14 08:11 -------- d-----w- c:\users\Insider\Bluetooth Software
2011-01-13 22:04 . 2011-01-20 15:15 -------- d-----w- c:\users\Insider\AppData\Roaming\Audacity
2011-01-13 14:32 . 2011-01-13 14:32 -------- d-----w- c:\program files\Morph
2011-01-13 10:54 . 2011-01-13 10:54 -------- d-----w- c:\users\Insider\eTeks
2011-01-13 10:39 . 2011-01-13 10:39 -------- d-----w- c:\program files\Magic Morph
2011-01-13 10:37 . 2011-01-13 10:37 -------- d-----w- c:\program files\Sweet Home 3D
2011-01-13 10:31 . 2011-01-13 10:31 -------- d-----w- c:\program files\uTorrent
2011-01-13 10:30 . 2011-01-28 10:43 -------- d-----w- c:\users\Insider\AppData\Roaming\uTorrent
2011-01-11 11:22 . 2011-01-11 11:22 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-11 11:22 . 2011-01-11 11:23 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:24 -------- d-----w- c:\users\Insider\AppData\Roaming\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:22 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-10 20:02 . 2010-12-31 19:56 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-10 20:02 . 2010-12-31 20:00 293968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-10 20:02 . 2010-12-31 19:56 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-10 20:02 . 2010-12-31 19:59 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-10 20:02 . 2010-12-31 19:56 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-10 20:01 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr
2011-01-10 20:01 . 2010-12-31 20:06 188216 ------w- c:\windows\system32\aswBoot.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2011-02-08 20:22 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-08 03:27 . 2008-01-15 04:02 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2008-01-15 04:02 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-07 20:06 . 2011-01-07 20:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 20:06 . 2011-01-07 20:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06 288872 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-07 20:06 . 2011-01-07 20:06 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 20:06 . 2011-01-07 20:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-01 15:48 . 2011-01-01 15:48 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-01-01 15:48 . 2011-01-01 15:48 268800 ----a-w- c:\windows\system32\es.dll
2011-01-01 15:48 . 2011-01-01 15:48 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-01-01 02:06 . 2011-01-01 02:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-01 02:06 . 2011-01-01 02:06 696832 ----a-w- c:\windows\system32\localspl.dll
2011-01-01 02:05 . 2011-01-01 02:05 2923520 ----a-w- c:\windows\explorer.exe
2011-01-01 02:04 . 2011-01-01 02:04 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-01-01 02:03 . 2011-01-01 02:03 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-01-01 02:03 . 2011-01-01 02:03 272384 ----a-w- c:\windows\system32\schannel.dll
2011-01-01 02:03 . 2011-01-01 02:03 24064 ----a-w- c:\windows\system32\netcfg.exe
2010-12-31 09:40 . 2010-12-31 09:40 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
2010-12-31 09:40 . 2010-12-31 09:40 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1965056 ----a-w- c:\windows\system32\NlsData0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 3464704 ----a-w- c:\windows\system32\NlsData0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 2655232 ----a-w- c:\windows\system32\NlsData0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4495360 ----a-w- c:\windows\system32\NlsData0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 1523200 ----a-w- c:\windows\system32\NlsData0000.dll
2010-12-31 09:40 . 2010-12-31 09:40 2597888 ----a-w- c:\windows\system32\NlsData0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 2241024 ----a-w- c:\windows\system32\NlsData0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 4874240 ----a-w- c:\windows\system32\NlsData0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9845248 ----a-w- c:\windows\system32\NlsData000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 2641408 ----a-w- c:\windows\system32\NlsData000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 2340864 ----a-w- c:\windows\system32\NlsData000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 797696 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData081a.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-12-31 1232896]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-12-05 200704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-12-31 3395600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-1-14 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R3 CFcatchme;CFcatchme;c:\users\Insider\AppData\Local\Temp\CFcatchme.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-11 218176]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2007-12-05 41456]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-31 51280]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 15:11
Windows 6.0.6000 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2532)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\system32\conime.exe
c:\users\Insider\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\WerFault.exe
.
**************************************************************************
.
Celkový čas: 2011-02-09 15:16:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-09 14:16
ComboFix2.txt 2011-02-09 12:54
ComboFix3.txt 2011-02-08 23:55

Před spuštěním: Volných bajtů: 55 152 922 624
Po spuštění: Volných bajtů: 55 142 879 232

- - End Of File - - 7F6D8C229A29751DB23E82BF57465144

Příspěvekod **memphisto** » 09 úno 2011 15:35

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000000

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Insider_cze · Příspěvekod **Insider_cze** » 09 úno 2011 16:54

ComboFix 11-02-08.02 - Insider 09.02.2011 16:21:50.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.3069.2008 [GMT 1:00]
Spuštěný z: c:\users\Insider\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Insider\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-09 do 2011-02-09 )))))))))))))))))))))))))))))))
.

2011-02-09 15:27 . 2011-02-09 15:31 -------- d-----w- c:\users\Insider\AppData\Local\temp
2011-02-09 15:27 . 2011-02-09 15:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-08 20:24 . 2011-02-08 20:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-02-08 20:22 . 2011-01-08 03:27 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-02-08 20:22 . 2011-01-08 03:27 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-02-08 20:22 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-08 20:22 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-08 20:22 . 2011-01-08 03:27 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-02-08 20:22 . 2011-01-08 03:27 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-02-08 20:22 . 2011-01-08 03:27 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-02-08 20:22 . 2011-01-08 03:27 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-02-08 20:22 . 2011-01-08 03:27 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-02-08 20:22 . 2011-01-08 03:27 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-02-08 20:21 . 2011-02-08 20:28 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-08 20:20 . 2011-02-08 20:20 -------- d-----w- C:\NVIDIA
2011-02-08 19:50 . 2011-02-08 19:50 -------- d-----w- c:\program files\CCleaner
2011-02-08 19:42 . 2011-02-08 19:42 -------- d-----w- c:\users\Insider\AppData\Roaming\Malwarebytes
2011-02-08 19:41 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-08 19:41 . 2011-02-08 19:41 -------- d-----w- c:\programdata\Malwarebytes
2011-02-08 19:41 . 2011-02-08 19:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-08 19:41 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 11:45 . 2011-02-08 11:45 5194 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-02-08 11:35 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-02-08 11:35 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-02-08 11:35 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-02-08 11:35 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-02-08 11:32 . 2011-02-08 11:32 -------- d-----w- c:\programdata\Samsung
2011-02-08 11:30 . 2011-02-08 11:30 -------- d-----w- c:\users\Insider\AppData\Roaming\Samsung
2011-02-08 11:29 . 2011-02-08 11:29 -------- d-----w- c:\program files\MarkAny
2011-02-08 11:28 . 2011-02-08 11:33 -------- d-----w- c:\program files\Samsung
2011-02-08 11:27 . 2011-02-08 11:27 -------- d-----w- c:\users\Insider\AppData\Local\Downloaded Installations
2011-02-08 10:24 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1772DA2-262E-499E-8FD3-9B7D1777A3C0}\mpengine.dll
2011-02-07 22:40 . 2011-02-07 22:45 -------- d-----w- c:\users\Insider\AppData\Roaming\DivX
2011-02-07 22:40 . 2011-02-07 22:40 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-02-07 22:38 . 2011-02-07 22:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-02-07 22:34 . 2011-02-07 22:41 -------- d-----w- c:\program files\DivX
2011-02-07 22:33 . 2011-02-07 22:41 -------- d-----w- c:\programdata\DivX
2011-01-23 22:05 . 2011-01-23 22:06 -------- d-----w- c:\program files\VirtualDJ
2011-01-23 21:22 . 2011-01-23 21:22 -------- d-----w- c:\program files\make-bootable-USB
2011-01-23 21:21 . 2011-01-23 21:21 -------- d-----w- c:\program files\new
2011-01-21 10:21 . 2007-12-28 07:22 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\windows\PCHEALTH
2011-01-18 21:29 . 2011-01-18 21:29 -------- d-----w- c:\program files\Microsoft.NET
2011-01-18 21:25 . 2011-01-18 21:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-01-18 21:22 . 2011-01-18 21:22 -------- d-----r- C:\MSOCache
2011-01-14 14:07 . 2011-01-14 14:07 -------- d-----w- c:\program files\Microsoft WSE
2011-01-14 08:11 . 2011-01-14 08:11 -------- d-----w- c:\users\Insider\Bluetooth Software
2011-01-13 22:04 . 2011-01-20 15:15 -------- d-----w- c:\users\Insider\AppData\Roaming\Audacity
2011-01-13 14:32 . 2011-01-13 14:32 -------- d-----w- c:\program files\Morph
2011-01-13 10:54 . 2011-01-13 10:54 -------- d-----w- c:\users\Insider\eTeks
2011-01-13 10:39 . 2011-01-13 10:39 -------- d-----w- c:\program files\Magic Morph
2011-01-13 10:37 . 2011-01-13 10:37 -------- d-----w- c:\program files\Sweet Home 3D
2011-01-13 10:31 . 2011-01-13 10:31 -------- d-----w- c:\program files\uTorrent
2011-01-13 10:30 . 2011-01-28 10:43 -------- d-----w- c:\users\Insider\AppData\Roaming\uTorrent
2011-01-11 11:22 . 2011-01-11 11:22 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-11 11:22 . 2011-01-11 11:23 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:24 -------- d-----w- c:\users\Insider\AppData\Roaming\DAEMON Tools Lite
2011-01-11 11:22 . 2011-01-11 11:22 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-01-10 20:02 . 2010-12-31 19:56 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-10 20:02 . 2010-12-31 20:00 293968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-10 20:02 . 2010-12-31 19:56 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-10 20:02 . 2010-12-31 19:59 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-10 20:02 . 2010-12-31 19:56 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-10 20:01 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr
2011-01-10 20:01 . 2010-12-31 20:06 188216 ------w- c:\windows\system32\aswBoot.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2011-02-08 20:22 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-01-08 03:27 . 2008-01-15 04:02 1965672 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2008-01-15 04:02 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2011-01-07 20:06 . 2011-01-07 20:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 20:06 . 2011-01-07 20:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 20:06 . 2011-01-07 20:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll
2011-01-07 20:06 . 2011-01-07 20:06 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-01-07 20:06 . 2011-01-07 20:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe
2011-01-07 20:06 . 2011-01-07 20:06 288872 ----a-w- c:\windows\system32\nvhotkey.dll
2011-01-07 20:06 . 2011-01-07 20:06 2558568 ----a-w- c:\windows\system32\nvsvcr.dll
2011-01-07 20:06 . 2011-01-07 20:06 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-01 15:48 . 2011-01-01 15:48 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-01-01 15:48 . 2011-01-01 15:48 268800 ----a-w- c:\windows\system32\es.dll
2011-01-01 15:48 . 2011-01-01 15:48 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2011-01-01 02:06 . 2011-01-01 02:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-01 02:06 . 2011-01-01 02:06 696832 ----a-w- c:\windows\system32\localspl.dll
2011-01-01 02:05 . 2011-01-01 02:05 2923520 ----a-w- c:\windows\explorer.exe
2011-01-01 02:04 . 2011-01-01 02:04 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-01-01 02:03 . 2011-01-01 02:03 494592 ----a-w- c:\windows\system32\kerberos.dll
2011-01-01 02:03 . 2011-01-01 02:03 272384 ----a-w- c:\windows\system32\schannel.dll
2011-01-01 02:03 . 2011-01-01 02:03 24064 ----a-w- c:\windows\system32\netcfg.exe
2010-12-31 09:40 . 2010-12-31 09:40 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
2010-12-31 09:40 . 2010-12-31 09:40 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0047.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0046.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0045.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0049.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0039.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData0020.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0024.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0022.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData0021.dll
2010-12-31 09:40 . 2010-12-31 09:40 1965056 ----a-w- c:\windows\system32\NlsData0027.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0026.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0010.dll
2010-12-31 09:40 . 2010-12-31 09:40 3464704 ----a-w- c:\windows\system32\NlsData0013.dll
2010-12-31 09:40 . 2010-12-31 09:40 2655232 ----a-w- c:\windows\system32\NlsData0011.dll
2010-12-31 09:40 . 2010-12-31 09:40 4495360 ----a-w- c:\windows\system32\NlsData0019.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0018.dll
2010-12-31 09:40 . 2010-12-31 09:40 1523200 ----a-w- c:\windows\system32\NlsData0000.dll
2010-12-31 09:40 . 2010-12-31 09:40 2597888 ----a-w- c:\windows\system32\NlsData0001.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0003.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData0002.dll
2010-12-31 09:40 . 2010-12-31 09:40 2241024 ----a-w- c:\windows\system32\NlsData0007.dll
2010-12-31 09:40 . 2010-12-31 09:40 4874240 ----a-w- c:\windows\system32\NlsData0009.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004a.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004e.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004c.dll
2010-12-31 09:40 . 2010-12-31 09:40 3102720 ----a-w- c:\windows\system32\NlsData004b.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData003e.dll
2010-12-31 09:40 . 2010-12-31 09:40 1799168 ----a-w- c:\windows\system32\NlsData002a.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData001b.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData001d.dll
2010-12-31 09:40 . 2010-12-31 09:40 9845248 ----a-w- c:\windows\system32\NlsData000a.dll
2010-12-31 09:40 . 2010-12-31 09:40 2641408 ----a-w- c:\windows\system32\NlsData000c.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0414.dll
2010-12-31 09:40 . 2010-12-31 09:40 2340864 ----a-w- c:\windows\system32\NlsData000d.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData000f.dll
2010-12-31 09:40 . 2010-12-31 09:40 797696 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0416.dll
2010-12-31 09:40 . 2010-12-31 09:40 4493312 ----a-w- c:\windows\system32\NlsData0816.dll
2010-12-31 09:40 . 2010-12-31 09:40 1963520 ----a-w- c:\windows\system32\NlsData081a.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-12-31 1232896]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
"AutoStartNPSAgent"="c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-10-17 768520]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-12-05 200704]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-12-31 3395600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-08-01 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-1-14 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

R3 CFcatchme;CFcatchme;c:\users\Insider\AppData\Local\Temp\CFcatchme.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-11 218176]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2007-12-05 41456]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-31 51280]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 16:31
Windows 6.0.6000 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1284)
c:\windows\system32\btncopy.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2011-02-09 16:35:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-09 15:35
ComboFix2.txt 2011-02-09 14:16
ComboFix3.txt 2011-02-09 12:54
ComboFix4.txt 2011-02-08 23:55

Před spuštěním: Volných bajtů: 54 940 504 064
Po spuštění: Volných bajtů: 55 016 235 008

- - End Of File - - D2E36818E8CCBBB9A558B1AB04D4AC06

Log z HJT(FsUsbExService.Exe,nvcpl.dll) Vyřešeno

Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Re: Log z HJT(FsUsbExService.Exe,nvcpl.dll)

Kdo je online