Poprosím o kontrolu logu + Vyřešeno

[Clutch]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:46, on 7.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [InstantBurn] C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (CCTVUpdateInstall) - http://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

--
End of file - 8884 bytes

problém je v tom, že procesor ide niekedy z ničoho nič na 100%, vtedy sa s PC prakticky nedá pracovať. celkovo mám pociť že PC ide pomalšie. dúfal som, že analýza logu by mohla odhaliť, ktorý súbor to spôsobuje alebo aspoň to trochu prečistiť od nepotrebných. veľká vďaka za akúkoľvek pomoc :)

preskenované antivírom avast premium
Malwarebytes Anti Malware
vyčistené registre v Ccleaner
včera defragmentované v O&O Defrag Professional

mám Windows XP

[Reklama]

[Žbeky]

Když se to vytíží, tak se podívej do správce procesů, co to vytěžuje.
Ty barvičky a "code" si odpusť. Blbě se to čte

V HJT fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[Clutch]

ComboFix 11-04-07.01 - Miso 07.04.2011 20:53:30.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2375 [GMT 2:00]
Running from: c:\documents and settings\Miso\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\Toolbar4
c:\documents and settings\Miso\Application Data\chrtmp
c:\documents and settings\Miso\Desktop\ComboFix.exe
c:\documents and settings\Miso\WINDOWS
c:\progra~1\WINDOW~2\wmpband.dll
c:\program files\Adobe\Reader 10.0\Esl\AiodLite.dll
c:\program files\Adobe\Reader 10.0\Reader\A3DUtils.dll
c:\program files\Adobe\Reader 10.0\Reader\AcroBroker.exe
c:\program files\Adobe\Reader 10.0\Reader\Acrofx32.dll
c:\program files\Adobe\Reader 10.0\Reader\AcroRd32Info.exe
c:\program files\Adobe\Reader 10.0\Reader\AcroTextExtractor.exe
c:\program files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
c:\program files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
c:\program files\Adobe\Reader 10.0\Reader\Eula.exe
c:\program files\Adobe\Reader 10.0\Reader\JP2KLib.dll
c:\program files\Adobe\Reader 10.0\Reader\PDFPrevHndlr.dll
c:\program files\Adobe\Reader 10.0\Reader\PDFPrevHndlrShim.exe
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Accessibility.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\DVA.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\eBook.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Checkers.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\IA32.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\PDDom.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\ReadOutLoud.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\reflow.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\SaveAsRTF.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Search.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\SendMail.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Spelling.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\Updater.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins\weblink.api
c:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\2d.x3d
c:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\3difr.x3d
c:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvDX8.x3d
c:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvDX9.x3d
c:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvSOFT.x3d
c:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\tesselate.x3d
c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
c:\program files\Avira\AntiVir Desktop\FAILSAFE\unacev2.dll
c:\program files\Avira\AntiVir Desktop\libdb44.dll
c:\program files\Avira\AntiVir Desktop\unacev2.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
c:\program files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
c:\program files\Common Files\Apple\Apple Application Support\icuin40.dll
c:\program files\Common Files\Apple\Apple Application Support\icuuc40.dll
c:\program files\Common Files\Apple\Apple Application Support\libdispatch.dll
c:\program files\Common Files\Apple\Apple Application Support\objc.dll
c:\program files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
c:\program files\Common Files\Microsoft Shared\MSInfo\MSIOFF10.OCX
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files\Common Files\Microsoft Shared\Web Folders\PKMTRACE.DLL
c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
c:\program files\CyberLink\PowerDVD\Language\Language.exe
c:\program files\ICQ7.2\MCompressLib.dll
c:\program files\Internet Explorer\Plugins\nppdf32.dll
c:\program files\Messenger\custsat.dll
c:\program files\Mozilla Firefox\D3DCompiler_42.dll
c:\program files\Mozilla Firefox\d3dx9_42.dll
c:\program files\Mozilla Firefox\freebl3.dll
c:\program files\Mozilla Firefox\nss3.dll
c:\program files\Mozilla Firefox\nssdbm3.dll
c:\program files\Mozilla Firefox\Plugins\np-mswmp.dll
c:\program files\Mozilla Firefox\Plugins\nppdf32.dll
c:\program files\Mozilla Firefox\smime3.dll
c:\program files\Mozilla Firefox\softokn3.dll
c:\program files\Mozilla Firefox\ssl3.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Windows Media Player\dlimport.exe
c:\program files\Windows Media Player\LegitLibM.dll
c:\program files\Windows Media Player\wmdbexport.exe
c:\program files\Windows Media Player\wmlaunch.exe
c:\program files\Windows Media Player\wmpenc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnssci.dll
c:\program files\Windows Media Player\wmpshare.exe
c:\program files\Windows Media Player\wmpvis.dll
c:\program files\Windows Media Player\wmsetsdk.exe
c:\program files\Windows NT\Accessories\mswrd6.wpc
c:\program files\Windows NT\Accessories\mswrd8.wpc
c:\program files\Windows NT\Accessories\write.wpc
c:\program files\Windows NT\hypertrm.exe
c:\windows\apppatch\acadproc.dll
c:\windows\Ctregrun.exe
c:\windows\Downloaded Program Files\CCTVUpdateInstall.dll
c:\windows\iun6002.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\READREG.EXE
c:\windows\Setup1.exe
c:\windows\ST6UNST.EXE
c:\windows\system32\acelpdec.ax
c:\windows\system32\actskin4.ocx
c:\windows\system32\AegisI5Installer.exe
c:\windows\system32\audiodev.dll
c:\windows\system32\browserchoice.exe
c:\windows\system32\btnplus1.ocx
c:\windows\system32\CmdLineExt.dll
c:\windows\system32\comct232.ocx
c:\windows\system32\comsdupd.exe
c:\windows\system32\cPopMenu6.ocx
c:\windows\system32\CTHELPER.EXE
c:\windows\system32\CTSVCCTL.EXE
c:\windows\system32\D3DCompiler_33.dll
c:\windows\system32\D3DCompiler_34.dll
c:\windows\system32\D3DCompiler_35.dll
c:\windows\system32\D3DCompiler_36.dll
c:\windows\system32\D3DCompiler_37.dll
c:\windows\system32\D3DCompiler_38.dll
c:\windows\system32\D3DCompiler_39.dll
c:\windows\system32\D3DCompiler_40.dll
c:\windows\system32\D3DCompiler_41.dll
c:\windows\system32\d3dx10_33.dll
c:\windows\system32\d3dx10_34.dll
c:\windows\system32\d3dx10_35.dll
c:\windows\system32\d3dx10_36.dll
c:\windows\system32\d3dx10_37.dll
c:\windows\system32\d3dx10_38.dll
c:\windows\system32\d3dx10_39.dll
c:\windows\system32\d3dx10_40.dll
c:\windows\system32\d3dx10_41.dll
c:\windows\system32\d3dx10_42.dll
c:\windows\system32\d3dx9_26.dll
c:\windows\system32\d3dx9_31.dll
c:\windows\system32\d3dx9_32.dll
c:\windows\system32\d3dx9_33.dll
c:\windows\system32\d3dx9_34.dll
c:\windows\system32\d3dx9_35.dll
c:\windows\system32\d3dx9_36.dll
c:\windows\system32\D3DX9_37.dll
c:\windows\system32\D3DX9_38.dll
c:\windows\system32\D3DX9_39.dll
c:\windows\system32\D3DX9_40.dll
c:\windows\system32\D3DX9_41.dll
c:\windows\system32\D3DX9_42.dll
c:\windows\system32\dfshim.dll
c:\windows\system32\diskcomp.com
c:\windows\system32\diskcopy.com
c:\windows\system32\DRIVERS\AegisP.sys
c:\windows\system32\DRIVERS\avgntflt.sys
c:\windows\system32\DRIVERS\avipbb.sys
c:\windows\system32\DRIVERS\bbcap.sys
c:\windows\system32\driVERs\CLBStor.sys
c:\windows\system32\driVERs\CLBUDF.sys
c:\windows\system32\drivers\ctac32k.sys
c:\windows\system32\drivers\ctaud2k.sys
c:\windows\system32\drivers\ctdvda2k.sys
c:\windows\system32\drivers\ctoss2k.sys
c:\windows\system32\drivers\ctprxy2k.sys
c:\windows\system32\drivers\ctsfm2k.sys
c:\windows\system32\drivers\emupia2k.sys
c:\windows\system32\DRIVERS\GEARAspiWDM.sys
c:\windows\system32\drivers\ha10kx2k.sys
c:\windows\system32\drivers\hap16v2k.sys
c:\windows\system32\DRIVERS\HDAudBus.sys
c:\windows\system32\DRIVERS\M2500.sys
c:\windows\system32\DRIVERS\pccsmcfd.sys
c:\windows\system32\DRIVERS\RTL8192su.sys
c:\windows\system32\DRIVERS\secdrv.sys
c:\windows\system32\Drivers\sptd.sys
c:\windows\system32\driVERs\TPkd.sys
c:\windows\system32\Drivers\usbaapl.sys
c:\windows\system32\DRIVERS\viamraid.sys
c:\windows\system32\DRIVERS\wpdusb.sys
c:\windows\system32\DRIVERS\WudfPf.sys
c:\windows\system32\DRIVERS\wudfrd.sys
c:\windows\system32\drmupgds.exe
c:\windows\system32\dxva2.dll
c:\windows\system32\evr.dll
c:\windows\system32\faxpatch.exe
c:\windows\system32\format.com
c:\windows\system32\fraplus1.ocx
c:\windows\system32\graftabl.com
c:\windows\system32\chcp.com
c:\windows\system32\icardagt.exe
c:\windows\system32\icardres.dll
c:\windows\system32\icardres.dll.mui
c:\windows\system32\imaadp32.acm
c:\windows\system32\infocardapi.dll
c:\windows\system32\infocardcpl.cpl
c:\windows\system32\ivfsrc.ax
c:\windows\system32\keystone.exe
c:\windows\system32\lhacm.acm
c:\windows\system32\MFCUIA32.DLL
c:\windows\system32\MFPLAT.dll
c:\windows\system32\migpwd.exe
c:\windows\system32\mindex.dll
c:\windows\system32\mode.com
c:\windows\system32\more.com
c:\windows\system32\MP43DECD.dll
c:\windows\system32\mp4sdecd.dll
c:\windows\system32\MPG4DECD.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\MSADODC.ocx
c:\windows\system32\msadp32.acm
c:\windows\system32\msaud32.acm
c:\windows\system32\MSCC2FR.DLL
c:\windows\system32\MSCOMCT2.OCX
c:\windows\system32\mscoree.dll
c:\windows\system32\msdelta.dll
c:\windows\system32\MSFLXGRD.OCX
c:\windows\system32\msg711.acm
c:\windows\system32\msg723.acm
c:\windows\system32\msgsm32.acm
c:\windows\system32\msh261.drv
c:\windows\system32\msh263.drv
c:\windows\system32\msidcrl40.dll
c:\windows\system32\MSINET.OCX
c:\windows\system32\msjava.dll
c:\windows\system32\MSRDO20.DLL
c:\windows\system32\msstdfmt.dll
c:\windows\system32\MSSTTFTTM.ocx
c:\windows\system32\NCTAudioFile2.dll
c:\windows\system32\NCTAudioInformation2.dll
c:\windows\system32\NCTAudioPlayer2.dll
c:\windows\system32\NCTWMAFile2.dll
c:\windows\system32\netfxperf.dll
c:\windows\System32\nvapi.dll
c:\windows\system32\nvcolor.exe
c:\windows\system32\nvcpl.cpl
c:\windows\system32\nvcpl.dll
c:\windows\system32\nvcplui.exe
c:\windows\system32\nvcuda.dll
c:\windows\system32\nvcuvid.dll
c:\windows\system32\nvgames.dll
c:\windows\system32\nvmctray.dll
c:\windows\system32\NvPVEnc.ax
c:\windows\system32\nvsvc32.exe
c:\windows\system32\nvtuicpl.cpl
c:\windows\system32\nvwdmcpl.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\PortableDeviceClassExtension.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceWiaCompat.dll
c:\windows\system32\PortableDeviceWMDRM.dll
c:\windows\system32\prntvpt.dll
c:\windows\system32\ptpusb.dll
c:\windows\system32\ptpusd.dll
c:\windows\system32\RDOCURS.DLL
c:\windows\system32\rgb9rast_2.dll
c:\windows\system32\SCP32.DLL
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA7.tmp
c:\windows\system32\SETAF.tmp
c:\windows\system32\SETF7.tmp
c:\windows\system32\spdwnwxp.exe
c:\windows\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
c:\windows\system32\spupdsvc.exe
c:\windows\system32\spupdwxp.exe
c:\windows\system32\tabctl32.ocx
c:\windows\system32\taskman.exe
c:\windows\system32\tree.com
c:\windows\system32\tscupgrd.exe
c:\windows\system32\tssoft32.acm
c:\windows\system32\TsWpfWrp.exe
c:\windows\system32\TWAIN_32.DLL
c:\windows\system32\UIAutomationCore.dll
c:\windows\system32\ur.dll
c:\windows\system32\uwdf.exe
c:\windows\system32\VB6FR.DLL
c:\windows\system32\VB6KO.DLL
c:\windows\system32\Vb6stkit.dll
c:\windows\system32\VBAEN32.OLB
c:\windows\system32\VBAEND32.OLB
c:\windows\system32\vbalExpBar6.ocx
c:\windows\system32\VBAME.DLL
c:\windows\system32\VEN2232.OLB
c:\windows\system32\verclsid.exe
c:\windows\system32\vp6dec.ax
c:\windows\system32\wdfapi.dll
c:\windows\system32\wdfmgr.exe
c:\windows\system32\win.com
c:\windows\system32\wmdrmdev.dll
c:\windows\system32\wmdrmnet.dll
c:\windows\system32\wmidx.ocx
c:\windows\system32\wmpeffects.dll
c:\windows\system32\wmpencen.dll
c:\windows\system32\wmpmde.dll
c:\windows\system32\wmpps.dll
c:\windows\system32\wmpsrcwp.dll
c:\windows\system32\wmpstub.exe
c:\windows\system32\wmv9dmod.dll
c:\windows\system32\wmv9vcm.dll
c:\windows\system32\WMVADVD.dll
c:\windows\system32\WMVADVE.DLL
c:\windows\system32\wmvcore2.dll
c:\windows\system32\WMVDECOD.dll
c:\windows\system32\wmvdmoe.dll
c:\windows\system32\WMVENCOD.dll
c:\windows\system32\WMVSDECD.dll
c:\windows\system32\WMVSENCD.dll
c:\windows\system32\WMVXENCD.dll
c:\windows\system32\wpdconns.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\WUDFPlatform.dll
c:\windows\System32\WUDFSvc.dll
f:\miso\iTunes\iTunesHelper.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_avipbb
-------\Legacy_CLBUDF
-------\Legacy_ctac32k
-------\Legacy_ctdvda2k
-------\Legacy_ctprxy2k
-------\Legacy_ctsfm2k
-------\Legacy_emupia
-------\Legacy_NVSvc
-------\Legacy_ossrv
-------\Legacy_sptd
-------\Legacy_TPkd
-------\Service_avipbb
-------\Service_bbcap
-------\Service_CLBStor
-------\Service_CLBUDF
-------\Service_ctac32k
-------\Service_ctaud2k
-------\Service_ctdvda2k
-------\Service_ctprxy2k
-------\Service_ctsfm2k
-------\Service_emupia
-------\Service_M2500
-------\Service_NVSvc
-------\Service_ossrv
-------\Service_pccsmcfd
-------\Service_RTL8192su
-------\Service_sptd
-------\Service_SwitchBoard
-------\Service_TPkd
-------\Service_USBAAPL
-------\Service_viamraid
-------\Service_WpdUsb
.
.
((((((((((((((((((((((((( Files Created from 2011-03-07 to 2011-04-07 )))))))))))))))))))))))))))))))
.
.
2011-04-07 17:04 . 2011-04-07 17:04 388096 ----a-r- c:\documents and settings\Miso\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-07 17:04 . 2011-04-07 17:04 -------- d-----w- c:\program files\Trend Micro
2011-04-07 13:20 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-07 13:19 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-07 13:19 . 2011-04-07 13:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-01 17:12 . 2011-04-01 17:12 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-04-01 17:12 . 2011-04-01 17:12 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-04-01 17:12 . 2011-04-01 17:12 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-04-01 17:12 . 2011-04-01 17:12 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-04-01 17:12 . 2011-04-01 17:12 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-04-01 17:12 . 2011-04-01 17:12 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-30 18:26 . 2011-03-31 17:14 -------- d-----w- c:\windows\system32\oodag
2011-03-30 16:52 . 2011-03-30 16:52 -------- d-----w- c:\documents and settings\Miso\Local Settings\Application Data\O&O
2011-03-30 16:51 . 2011-03-30 16:51 -------- d-----w- c:\program files\OO Software
2011-03-30 16:51 . 2011-03-30 16:51 -------- d-----w- c:\documents and settings\Miso\Local Settings\Application Data\Downloaded Installations
2011-03-28 21:34 . 2001-04-06 11:57 238080 ----a-w- c:\windows\system32\OOD2000.exe
2011-03-28 21:34 . 2001-04-05 15:40 598016 ----a-w- c:\windows\system32\OOD2KCRS.dll
2011-03-28 21:34 . 2001-04-05 15:21 29272 ----a-w- c:\windows\system32\OOD2KBS.exe
2011-03-28 21:34 . 2000-11-01 12:12 16384 ----a-w- c:\windows\system32\ood2kmsg.dll
2011-03-28 21:33 . 2011-03-29 21:27 -------- d-----w- c:\program files\OOD2KFRE
2011-03-28 21:33 . 2000-11-09 17:31 24576 ----a-w- c:\windows\system32\OODCSPRO.dll
2011-03-27 13:41 . 2011-03-27 13:41 -------- d-----w- c:\program files\Playlist Creator 3.6.2
2011-03-23 04:47 . 2011-03-23 04:47 -------- d-----w- c:\documents and settings\Peter\Application Data\Apple Computer
2011-03-23 04:47 . 2011-03-23 04:47 -------- d-----w- c:\documents and settings\Peter\Local Settings\Application Data\FLVService
2011-03-11 12:29 . 2011-03-11 12:29 -------- d-----w- c:\program files\Common Files\Java
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-17 14:07 . 2011-02-17 14:07 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-09 13:53 . 2003-03-31 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-03-31 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-07-04 13:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2009-07-26 14:35 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2009-04-22 20:26 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-04-22 20:26 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 09:41 . 2011-01-25 09:41 1627976 ----a-w- c:\windows\system32\ooscrsav.scr
2011-01-25 09:40 . 2011-01-25 09:40 275784 ----a-w- c:\windows\system32\oodbs.exe
2011-01-25 09:39 . 2011-01-25 09:39 535880 ----a-w- c:\windows\system32\oodssrs.dll
2011-01-25 09:38 . 2011-01-25 09:38 9544 ----a-w- c:\windows\system32\oodbsrs.dll
2011-01-21 14:44 . 2003-03-31 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-04-01 17:12 . 2011-04-01 17:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2009-03-27 1657376]
"CTDVDDET"="c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-17 45056]
"SBDrvDet"="c:\program files\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2007-11-16 91432]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-10-28 72736]
"InstantBurn"="c:\progra~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2007-06-04 599600]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-26 281768]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-25 2781000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
2010-06-26 18:09 167936 ----a-w- c:\program files\Freecorder\FLVSrvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 10:53 1483264 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"f:\\Tomas\\cs 1.6\\Counter-Strike\\hl.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"f:\\Tomas\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Samsung\\SAMSUNG PC Share Manager\\WiselinkPro.exe"=
"c:\\Program Files\\Samsung\\SAMSUNG PC Share Manager\\http_ss_win_pro.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"\\\\Server\\Datovy sklad\\Tomas\\Hry\\WoW z xp\\Launcher.patch.exe"=
"\\\\Server\\Datovy sklad\\Tomas\\Hry\\WoW z xp\\Temp\\wow-4.0.0.1807-to-4.0.0.1987-enUS-tools-downloader.exe"=
"\\\\Server\\Datovy sklad\\Tomas\\Hry\\WoW z xp\\Blizzard Downloader.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\REALTEK\\11n USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\Program Files\\Counter-Strike\\hl.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Miso\\iTunes\\iTunes.exe"=
"\\\\Server\\Datovy sklad\\Tomas\\Hry\\WoW z xp\\Launcher.exe"=
"c:\\games\\WoW z xp\\Launcher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6.3.2011 19:50 135336]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7.4.2011 15:20 363344]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [25.1.2011 11:41 2398536]
R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [23.4.2009 21:41 15840]
R2 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [8.1.2009 10:38 4136960]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7.4.2011 15:19 20952]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [6.3.2011 19:50 339624]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [6.3.2011 19:50 421032]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24.8.2010 19:23 136176]
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-13 c:\windows\Tasks\AdobeAAMUpdater-1.0-DOMA-Tomas.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-05-18 01:44]
.
2011-03-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-24 17:23]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-24 17:23]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - hxxp://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
FF - ProfilePath - c:\documents and settings\Miso\Application Data\Mozilla\Firefox\Profiles\sfyyygqg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.realraptalk.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.7&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-AdobeBridge - (no file)
HKLM-Run-NvCplDaemon - c:\windows\System32\NvCpl.dll
HKLM-Run-NvMediaCenter - c:\windows\System32\NvMcTray.dll
HKLM-Run-CTSysVol - c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
HKLM-Run-CTHelper - CTHELPER.EXE
HKLM-Run-SwitchBoard - c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM-Run-AdobeCS5ServiceManager - c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
HKLM-Run-LanguageShortcut - c:\program files\CyberLink\PowerDVD\Language\Language.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-iTunesHelper - f:\miso\iTunes\iTunesHelper.exe
AddRemove-Warcraft III - c:\windows\War3Unin.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-07 21:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="5DC0F6AA57D025F79D556C7DD740044801738AE3072C66FEF0EE0BF2C9888F5D75DC401B42933BDB3FD92F2EB546C21BD3224EC66B9462ACB8FB4A69AD7A8324B66DD90B55E39CFE3048A7D65ED4235782FEC74E98F1816774CFBBB0DD48AF5F3EBB0C425D76C98A964F704AFA9743425CBCFEF9AF84A3B1FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CA9C6AECB7A5D1407A9C6AECB7A5D1407671DE6689F724DD85E12482ACEAF4915451760D69569946096E70DB29ADAF30D73D240525C446BC3CC51B67B9EAC7BC70DF23ECCE0706D8DE3958C40EBA7341C126BA671E9CEDC44CD5555BD13CB07A2398AAFAFE83F7B78DC132C3DFA214249BF8CC950C7B456570BC7C7A8A64764E0B9AC6A83BD4217B8D873D11A1009752B602FE16F19AC53AF0FA73369F2E94E7063FAA44115FA5C9A189DE53E1BB66C093920263F240411B2C945C39F3994C2736E6D9A57C67F2C1D39CFD502AC9387DE75FED5AA549713798C47275E5BBB86C077CE8CA4D077A973C39711B57B1FECDEA3C2B10938DB9D521027102EE3E79F637EBDBC00D3A13C86A0DA0D1BE06A856CB4B100AB03D7BCBDEFB1B48C7DB4D999E82CF332144E126F1C4FC1E5DA9B7D2001E90A548CA73D71AC0B5067F751C3557DE2FCF7FBE39A80E702AC420B6EC5C5425C9D3A4D78B257A6A6A2A4480431BE6A7A2802965A0ABA9A514E4DB7AF16DF16CD0D89E58F710DA74FEB1B84A4B9AE3E6248F495C0D6D72D73AA194A42642100D52DDF99C394E3DA23F496691FB6B36F5E366BCEB640C17C6DC92C529B70F36562D7D04D80FAE04F14075757F3481254844D7139F0C3194B9C3A807F48B9F291B36AE38EC445BD77E5F1125236D13E2BBE6C87F33B2630BC310C04A8E3856F335FC6930B24DA69AC35876E018FFAE393CCF6243E7171905B2ED297C822DDED5BCD524E14C4E584A9ED9E08AF3CADE190C2D6AEFD04EEF2946AA8137B498F2701BAF7F823E253638C5292EF508C1AC90D04F406BA7931493B14A9C005332B07FEB824E852CDD5115A77402974643362544E43F8A2EA0A368129F5DB494F07AE132BC8E8DFE8E3CA78C80BABD33BAFA596AF34CE86859490047D3298D39D3BF2E04BDB392FAB3802B582DB644C9F8AC3E70ABEBEDA89AA65BDB9089CD1B5255B6C26D58C479FCF5C3E389A325CAF831EC194DF77B8CDEB731258A3039542E5A4239B360A52E5EDB2A64D36EAA8A01ECB7FDA97985DBBBE2DC52BB4D7148163C050627CCC20311792667D22D4F7BA2017E23B67B7A94E4A3B80D3719DE7C546522901B0E1A24917BE58D4D5ACB759967D8E68585DA1997AF9D14B91CACEF3FAB2C2555A50F2097C2BBD374A22766E4FB20C6877086E410078"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(776)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(2716)
c:\progra~1\WINDOW~2\wmpband.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-04-07 21:46:59 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-07 19:46
.
Pre-Run: 75 728 465 920 bytes free
Post-Run: 77 721 464 832 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 11957B1872CE4E17115EBDDED231903E

Je tu jeden problém, zrazu mi nejde Firefox a ukazuje to túto správu:

pozerám, že combofix ten súbor zmazal (snáď nezmazal aj ďalšie dôležité súbory)

tiež mi nejde zapnúť ochranný štít v avire

[bledulka]

Ahoj, vypadá to, že se nám combofix trochu zbláznil
Prosím Tě, najdi složku c:\qoobox\qarantine, odtud vytáhni nějaký soubor a ulož si ho někde na ploše, at víš cestu k němu. Ten otestuj na www.virustotal.com.

Pokud bude čistý, tak je chyba v combofixu a všechno dáme do pořádku

[Clutch]

v tom qarantine som mal len tieto zložky:



vybral som náhodný súbor a nič nenašlo

[bledulka]

Zkusím to vrátit do původnho stavu, vydrž chvilku

[bledulka]

Combofix přesuň na plochu
-otevři si Poznámkový blok
-Do něj zkopíruj text z tohoto okénka

Kód: Vybrat vše

DeQuarantine::
C:\Qoobox\Quarantine\C\documents and settings\All Users\Application Data\Toolbar4
C:\Qoobox\Quarantine\C\documents and settings\Miso\Application Data\chrtmp
C:\Qoobox\Quarantine\C\documents and settings\Miso\WINDOWS
C:\Qoobox\Quarantine\C\progra~1\WINDOW~2\wmpband.dll.vir
C:\Qoobox\Quarantine\C\program files
C:\Qoobox\Quarantine\C\windows
C:\Qoobox\Quarantine\f\miso

Quit::

 


-vytvořený TXT soubor ulož jako CFScript.txt na plochu a levým myšítkem přesuň nad ikonu Combofixu, kde ho upustíš

-Po proběhnutí skenu a ukončení combofixu by se měl objevit log, vlož ho zde.

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.




Pak napiš, co Ti funguje a co ne, možná budeš muset udělat obnovu systému, koukám že Ti toho combofix pomazal dost. Zrovna jsi stahl nejnovější verzi, mohla být na netu tak hodinku a asi má nějaký bug.

[Clutch]

0 File(s) copied
0 File(s) copied
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Esl\AiodLite.dll -> C:\program files\Adobe\Reader 10.0\Esl\AiodLite.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\A3DUtils.dll -> C:\program files\Adobe\Reader 10.0\Reader\A3DUtils.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\AcroBroker.exe -> C:\program files\Adobe\Reader 10.0\Reader\AcroBroker.exe
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\Acrofx32.dll -> C:\program files\Adobe\Reader 10.0\Reader\Acrofx32.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\AcroRd32Info.exe -> C:\program files\Adobe\Reader 10.0\Reader\AcroRd32Info.exe
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\AcroTextExtractor.exe -> C:\program files\Adobe\Reader 10.0\Reader\AcroTextExtractor.exe
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\Eula.exe -> C:\program files\Adobe\Reader 10.0\Reader\Eula.exe
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\JP2KLib.dll -> C:\program files\Adobe\Reader 10.0\Reader\JP2KLib.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\PDFPrevHndlr.dll -> C:\program files\Adobe\Reader 10.0\Reader\PDFPrevHndlr.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\PDFPrevHndlrShim.exe -> C:\program files\Adobe\Reader 10.0\Reader\PDFPrevHndlrShim.exe
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\reader_sl.exe -> C:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -> C:\program files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll -> C:\program files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Accessibility.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Accessibility.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Checkers.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Checkers.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\DVA.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\DVA.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\eBook.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\eBook.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\IA32.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\IA32.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\PDDom.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\PDDom.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\ReadOutLoud.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\ReadOutLoud.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\reflow.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\reflow.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\SaveAsRTF.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\SaveAsRTF.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Search.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Search.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\SendMail.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\SendMail.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Spelling.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Spelling.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Updater.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Updater.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\weblink.api -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\weblink.api
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\Flash.mpp
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\MCIMPP.mpp
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\QuickTime.mpp
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins\Multimedia\MPP\WindowsMedia.mpp
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins3d\2d.x3d -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\2d.x3d
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins3d\3difr.x3d -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\3difr.x3d
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvDX8.x3d -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvDX8.x3d
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvDX9.x3d -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvDX9.x3d
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvSOFT.x3d -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\drvSOFT.x3d
C:\Qoobox\Quarantine\C\program files\Adobe\Reader 10.0\Reader\plug_ins3d\tesselate.x3d -> C:\program files\Adobe\Reader 10.0\Reader\plug_ins3d\tesselate.x3d
C:\Qoobox\Quarantine\C\program files\Avira\AntiVir Desktop\libdb44.dll -> C:\program files\Avira\AntiVir Desktop\libdb44.dll
C:\Qoobox\Quarantine\C\program files\Avira\AntiVir Desktop\unacev2.dll -> C:\program files\Avira\AntiVir Desktop\unacev2.dll
C:\Qoobox\Quarantine\C\program files\Avira\AntiVir Desktop\_libdb44_.dll.zip -> C:\program files\Avira\AntiVir Desktop\_libdb44_.dll.zip
C:\Qoobox\Quarantine\C\program files\Avira\AntiVir Desktop\_unacev2_.dll.zip -> C:\program files\Avira\AntiVir Desktop\_unacev2_.dll.zip
C:\Qoobox\Quarantine\C\program files\Avira\AntiVir Desktop\FAILSAFE\unacev2.dll -> C:\program files\Avira\AntiVir Desktop\FAILSAFE\unacev2.dll
C:\Qoobox\Quarantine\C\program files\Avira\AntiVir Desktop\FAILSAFE\_unacev2_.dll.zip -> C:\program files\Avira\AntiVir Desktop\FAILSAFE\_unacev2_.dll.zip
Access denied
Unable to create directory - C:\program files\Common Files\Adobe\Acrobat\ActiveX
C:\Qoobox\Quarantine\C\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -> C:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Qoobox\Quarantine\C\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -> C:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Qoobox\Quarantine\C\program files\Common Files\Apple\Apple Application Support\CoreFoundation.dll -> C:\program files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
C:\Qoobox\Quarantine\C\program files\Common Files\Apple\Apple Application Support\icuin40.dll -> C:\program files\Common Files\Apple\Apple Application Support\icuin40.dll
C:\Qoobox\Quarantine\C\program files\Common Files\Apple\Apple Application Support\icuuc40.dll -> C:\program files\Common Files\Apple\Apple Application Support\icuuc40.dll
C:\Qoobox\Quarantine\C\program files\Common Files\Apple\Apple Application Support\libdispatch.dll -> C:\program files\Common Files\Apple\Apple Application Support\libdispatch.dll
C:\Qoobox\Quarantine\C\program files\Common Files\Apple\Apple Application Support\objc.dll -> C:\program files\Common Files\Apple\Apple Application Support\objc.dll
C:\Qoobox\Quarantine\C\program files\Common Files\Apple\Apple Application Support\pthreadVC2.dll -> C:\program files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
C:\Qoobox\Quarantine\C\program files\Common Files\Microsoft Shared\MSInfo\MSIOFF10.OCX -> C:\program files\Common Files\Microsoft Shared\MSInfo\MSIOFF10.OCX
C:\Qoobox\Quarantine\C\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> C:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Qoobox\Quarantine\C\program files\Common Files\Microsoft Shared\Web Folders\PKMTRACE.DLL -> C:\program files\Common Files\Microsoft Shared\Web Folders\PKMTRACE.DLL
C:\Qoobox\Quarantine\C\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe -> C:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Qoobox\Quarantine\C\program files\CyberLink\PowerDVD\Language\Language.exe -> C:\program files\CyberLink\PowerDVD\Language\Language.exe
C:\Qoobox\Quarantine\C\program files\ICQ7.2\MCompressLib.dll -> C:\program files\ICQ7.2\MCompressLib.dll
C:\Qoobox\Quarantine\C\program files\Internet Explorer\PLUGINS\nppdf32.dll -> C:\program files\Internet Explorer\PLUGINS\nppdf32.dll
C:\Qoobox\Quarantine\C\program files\Messenger\custsat.dll -> C:\program files\Messenger\custsat.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\D3DCompiler_42.dll -> C:\program files\Mozilla Firefox\D3DCompiler_42.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\d3dx9_42.dll -> C:\program files\Mozilla Firefox\d3dx9_42.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\freebl3.dll -> C:\program files\Mozilla Firefox\freebl3.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\nss3.dll -> C:\program files\Mozilla Firefox\nss3.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\nssdbm3.dll -> C:\program files\Mozilla Firefox\nssdbm3.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\smime3.dll -> C:\program files\Mozilla Firefox\smime3.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\softokn3.dll -> C:\program files\Mozilla Firefox\softokn3.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\ssl3.dll -> C:\program files\Mozilla Firefox\ssl3.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\plugins\np-mswmp.dll -> C:\program files\Mozilla Firefox\plugins\np-mswmp.dll
C:\Qoobox\Quarantine\C\program files\Mozilla Firefox\plugins\nppdf32.dll -> C:\program files\Mozilla Firefox\plugins\nppdf32.dll
C:\Qoobox\Quarantine\C\program files\Nokia\Nokia PC Suite 7\NGSCM.dll -> C:\program files\Nokia\Nokia PC Suite 7\NGSCM.dll
C:\Qoobox\Quarantine\C\program files\Windows Media Player\dlimport.exe -> C:\program files\Windows Media Player\dlimport.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\LegitLibM.dll -> C:\program files\Windows Media Player\LegitLibM.dll
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmdbexport.exe -> C:\program files\Windows Media Player\wmdbexport.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmlaunch.exe -> C:\program files\Windows Media Player\wmlaunch.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmpenc.exe -> C:\program files\Windows Media Player\wmpenc.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmpnetwk.exe -> C:\program files\Windows Media Player\wmpnetwk.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmpnscfg.exe -> C:\program files\Windows Media Player\wmpnscfg.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmpnssci.dll -> C:\program files\Windows Media Player\wmpnssci.dll
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmpshare.exe -> C:\program files\Windows Media Player\wmpshare.exe
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmpvis.dll -> C:\program files\Windows Media Player\wmpvis.dll
C:\Qoobox\Quarantine\C\program files\Windows Media Player\wmsetsdk.exe -> C:\program files\Windows Media Player\wmsetsdk.exe
C:\Qoobox\Quarantine\C\program files\Windows NT\hypertrm.exe -> C:\program files\Windows NT\hypertrm.exe
C:\Qoobox\Quarantine\C\program files\Windows NT\Accessories\mswrd6.wpc -> C:\program files\Windows NT\Accessories\mswrd6.wpc
C:\Qoobox\Quarantine\C\program files\Windows NT\Accessories\mswrd8.wpc -> C:\program files\Windows NT\Accessories\mswrd8.wpc
C:\Qoobox\Quarantine\C\program files\Windows NT\Accessories\write.wpc -> C:\program files\Windows NT\Accessories\write.wpc
85 File(s) copied
C:\Qoobox\Quarantine\C\windows\Ctregrun.exe -> C:\windows\Ctregrun.exe
C:\Qoobox\Quarantine\C\windows\iun6002.exe -> C:\windows\iun6002.exe
C:\Qoobox\Quarantine\C\windows\READREG.EXE -> C:\windows\READREG.EXE
C:\Qoobox\Quarantine\C\windows\Setup1.exe -> C:\windows\Setup1.exe
C:\Qoobox\Quarantine\C\windows\ST6UNST.EXE -> C:\windows\ST6UNST.EXE
C:\Qoobox\Quarantine\C\windows\AppPatch\acadproc.dll -> C:\windows\AppPatch\acadproc.dll
C:\Qoobox\Quarantine\C\windows\Downloaded Program Files\CCTVUpdateInstall.dll -> C:\windows\Downloaded Program Files\CCTVUpdateInstall.dll
C:\Qoobox\Quarantine\C\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
C:\Qoobox\Quarantine\C\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Qoobox\Quarantine\C\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Qoobox\Quarantine\C\windows\system32\acelpdec.ax -> C:\windows\system32\acelpdec.ax
C:\Qoobox\Quarantine\C\windows\system32\actskin4.ocx -> C:\windows\system32\actskin4.ocx
C:\Qoobox\Quarantine\C\windows\system32\AegisI5Installer.exe -> C:\windows\system32\AegisI5Installer.exe
C:\Qoobox\Quarantine\C\windows\system32\audiodev.dll -> C:\windows\system32\audiodev.dll
C:\Qoobox\Quarantine\C\windows\system32\browserchoice.exe -> C:\windows\system32\browserchoice.exe
C:\Qoobox\Quarantine\C\windows\system32\btnplus1.ocx -> C:\windows\system32\btnplus1.ocx
C:\Qoobox\Quarantine\C\windows\system32\chcp.com -> C:\windows\system32\chcp.com
C:\Qoobox\Quarantine\C\windows\system32\CmdLineExt.dll -> C:\windows\system32\CmdLineExt.dll
C:\Qoobox\Quarantine\C\windows\system32\comct232.ocx -> C:\windows\system32\comct232.ocx
C:\Qoobox\Quarantine\C\windows\system32\comsdupd.exe -> C:\windows\system32\comsdupd.exe
C:\Qoobox\Quarantine\C\windows\system32\cPopMenu6.ocx -> C:\windows\system32\cPopMenu6.ocx
C:\Qoobox\Quarantine\C\windows\system32\CTHELPER.EXE -> C:\windows\system32\CTHELPER.EXE
C:\Qoobox\Quarantine\C\windows\system32\CTSVCCTL.EXE -> C:\windows\system32\CTSVCCTL.EXE
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_33.dll -> C:\windows\system32\D3DCompiler_33.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_34.dll -> C:\windows\system32\D3DCompiler_34.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_35.dll -> C:\windows\system32\D3DCompiler_35.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_36.dll -> C:\windows\system32\D3DCompiler_36.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_37.dll -> C:\windows\system32\D3DCompiler_37.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_38.dll -> C:\windows\system32\D3DCompiler_38.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_39.dll -> C:\windows\system32\D3DCompiler_39.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_40.dll -> C:\windows\system32\D3DCompiler_40.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DCompiler_41.dll -> C:\windows\system32\D3DCompiler_41.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_33.dll -> C:\windows\system32\d3dx10_33.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_34.dll -> C:\windows\system32\d3dx10_34.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_35.dll -> C:\windows\system32\d3dx10_35.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_36.dll -> C:\windows\system32\d3dx10_36.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_37.dll -> C:\windows\system32\d3dx10_37.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_38.dll -> C:\windows\system32\d3dx10_38.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_39.dll -> C:\windows\system32\d3dx10_39.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_40.dll -> C:\windows\system32\d3dx10_40.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_41.dll -> C:\windows\system32\d3dx10_41.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx10_42.dll -> C:\windows\system32\d3dx10_42.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_26.dll -> C:\windows\system32\d3dx9_26.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_31.dll -> C:\windows\system32\d3dx9_31.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_32.dll -> C:\windows\system32\d3dx9_32.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_33.dll -> C:\windows\system32\d3dx9_33.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_34.dll -> C:\windows\system32\d3dx9_34.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_35.dll -> C:\windows\system32\d3dx9_35.dll
C:\Qoobox\Quarantine\C\windows\system32\d3dx9_36.dll -> C:\windows\system32\d3dx9_36.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DX9_37.dll -> C:\windows\system32\D3DX9_37.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DX9_38.dll -> C:\windows\system32\D3DX9_38.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DX9_39.dll -> C:\windows\system32\D3DX9_39.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DX9_40.dll -> C:\windows\system32\D3DX9_40.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DX9_41.dll -> C:\windows\system32\D3DX9_41.dll
C:\Qoobox\Quarantine\C\windows\system32\D3DX9_42.dll -> C:\windows\system32\D3DX9_42.dll
C:\Qoobox\Quarantine\C\windows\system32\dfshim.dll -> C:\windows\system32\dfshim.dll
C:\Qoobox\Quarantine\C\windows\system32\diskcomp.com -> C:\windows\system32\diskcomp.com
C:\Qoobox\Quarantine\C\windows\system32\diskcopy.com -> C:\windows\system32\diskcopy.com
C:\Qoobox\Quarantine\C\windows\system32\drmupgds.exe -> C:\windows\system32\drmupgds.exe
C:\Qoobox\Quarantine\C\windows\system32\dxva2.dll -> C:\windows\system32\dxva2.dll
C:\Qoobox\Quarantine\C\windows\system32\evr.dll -> C:\windows\system32\evr.dll
C:\Qoobox\Quarantine\C\windows\system32\faxpatch.exe -> C:\windows\system32\faxpatch.exe
C:\Qoobox\Quarantine\C\windows\system32\format.com -> C:\windows\system32\format.com
C:\Qoobox\Quarantine\C\windows\system32\fraplus1.ocx -> C:\windows\system32\fraplus1.ocx
C:\Qoobox\Quarantine\C\windows\system32\graftabl.com -> C:\windows\system32\graftabl.com
C:\Qoobox\Quarantine\C\windows\system32\icardagt.exe -> C:\windows\system32\icardagt.exe
C:\Qoobox\Quarantine\C\windows\system32\icardres.dll -> C:\windows\system32\icardres.dll
C:\Qoobox\Quarantine\C\windows\system32\icardres.dll.mui -> C:\windows\system32\icardres.dll.mui
C:\Qoobox\Quarantine\C\windows\system32\imaadp32.acm -> C:\windows\system32\imaadp32.acm
C:\Qoobox\Quarantine\C\windows\system32\infocardapi.dll -> C:\windows\system32\infocardapi.dll
C:\Qoobox\Quarantine\C\windows\system32\infocardcpl.cpl -> C:\windows\system32\infocardcpl.cpl
C:\Qoobox\Quarantine\C\windows\system32\ivfsrc.ax -> C:\windows\system32\ivfsrc.ax
C:\Qoobox\Quarantine\C\windows\system32\keystone.exe -> C:\windows\system32\keystone.exe
C:\Qoobox\Quarantine\C\windows\system32\lhacm.acm -> C:\windows\system32\lhacm.acm
C:\Qoobox\Quarantine\C\windows\system32\MFCUIA32.DLL -> C:\windows\system32\MFCUIA32.DLL
C:\Qoobox\Quarantine\C\windows\system32\MFPLAT.dll -> C:\windows\system32\MFPLAT.dll
C:\Qoobox\Quarantine\C\windows\system32\migpwd.exe -> C:\windows\system32\migpwd.exe
C:\Qoobox\Quarantine\C\windows\system32\mindex.dll -> C:\windows\system32\mindex.dll
C:\Qoobox\Quarantine\C\windows\system32\mode.com -> C:\windows\system32\mode.com
C:\Qoobox\Quarantine\C\windows\system32\more.com -> C:\windows\system32\more.com
C:\Qoobox\Quarantine\C\windows\system32\MP43DECD.dll -> C:\windows\system32\MP43DECD.dll
C:\Qoobox\Quarantine\C\windows\system32\mp4sdecd.dll -> C:\windows\system32\mp4sdecd.dll
C:\Qoobox\Quarantine\C\windows\system32\MPG4DECD.dll -> C:\windows\system32\MPG4DECD.dll
C:\Qoobox\Quarantine\C\windows\system32\msacm32.drv -> C:\windows\system32\msacm32.drv
C:\Qoobox\Quarantine\C\windows\system32\MSADODC.ocx -> C:\windows\system32\MSADODC.ocx
C:\Qoobox\Quarantine\C\windows\system32\msadp32.acm -> C:\windows\system32\msadp32.acm
C:\Qoobox\Quarantine\C\windows\system32\msaud32.acm -> C:\windows\system32\msaud32.acm
C:\Qoobox\Quarantine\C\windows\system32\MSCC2FR.DLL -> C:\windows\system32\MSCC2FR.DLL
C:\Qoobox\Quarantine\C\windows\system32\MSCOMCT2.OCX -> C:\windows\system32\MSCOMCT2.OCX
C:\Qoobox\Quarantine\C\windows\system32\mscoree.dll -> C:\windows\system32\mscoree.dll
C:\Qoobox\Quarantine\C\windows\system32\msdelta.dll -> C:\windows\system32\msdelta.dll
C:\Qoobox\Quarantine\C\windows\system32\MSFLXGRD.OCX -> C:\windows\system32\MSFLXGRD.OCX
C:\Qoobox\Quarantine\C\windows\system32\msg711.acm -> C:\windows\system32\msg711.acm
C:\Qoobox\Quarantine\C\windows\system32\msg723.acm -> C:\windows\system32\msg723.acm
C:\Qoobox\Quarantine\C\windows\system32\msgsm32.acm -> C:\windows\system32\msgsm32.acm
C:\Qoobox\Quarantine\C\windows\system32\msh261.drv -> C:\windows\system32\msh261.drv
C:\Qoobox\Quarantine\C\windows\system32\msh263.drv -> C:\windows\system32\msh263.drv
C:\Qoobox\Quarantine\C\windows\system32\msidcrl40.dll -> C:\windows\system32\msidcrl40.dll
C:\Qoobox\Quarantine\C\windows\system32\MSINET.OCX -> C:\windows\system32\MSINET.OCX
C:\Qoobox\Quarantine\C\windows\system32\msjava.dll -> C:\windows\system32\msjava.dll
C:\Qoobox\Quarantine\C\windows\system32\MSRDO20.DLL -> C:\windows\system32\MSRDO20.DLL
C:\Qoobox\Quarantine\C\windows\system32\msstdfmt.dll -> C:\windows\system32\msstdfmt.dll
C:\Qoobox\Quarantine\C\windows\system32\MSSTTFTTM.ocx -> C:\windows\system32\MSSTTFTTM.ocx
C:\Qoobox\Quarantine\C\windows\system32\NCTAudioFile2.dll -> C:\windows\system32\NCTAudioFile2.dll
C:\Qoobox\Quarantine\C\windows\system32\NCTAudioInformation2.dll -> C:\windows\system32\NCTAudioInformation2.dll
C:\Qoobox\Quarantine\C\windows\system32\NCTAudioPlayer2.dll -> C:\windows\system32\NCTAudioPlayer2.dll
C:\Qoobox\Quarantine\C\windows\system32\NCTWMAFile2.dll -> C:\windows\system32\NCTWMAFile2.dll
C:\Qoobox\Quarantine\C\windows\system32\netfxperf.dll -> C:\windows\system32\netfxperf.dll
C:\Qoobox\Quarantine\C\windows\system32\nvapi.dll -> C:\windows\system32\nvapi.dll
C:\Qoobox\Quarantine\C\windows\system32\nvcolor.exe -> C:\windows\system32\nvcolor.exe
C:\Qoobox\Quarantine\C\windows\system32\nvcpl.cpl -> C:\windows\system32\nvcpl.cpl
C:\Qoobox\Quarantine\C\windows\system32\nvcpl.dll -> C:\windows\system32\nvcpl.dll
C:\Qoobox\Quarantine\C\windows\system32\nvcplui.exe -> C:\windows\system32\nvcplui.exe
C:\Qoobox\Quarantine\C\windows\system32\nvcuda.dll -> C:\windows\system32\nvcuda.dll
C:\Qoobox\Quarantine\C\windows\system32\nvcuvid.dll -> C:\windows\system32\nvcuvid.dll
C:\Qoobox\Quarantine\C\windows\system32\nvgames.dll -> C:\windows\system32\nvgames.dll
C:\Qoobox\Quarantine\C\windows\system32\nvmctray.dll -> C:\windows\system32\nvmctray.dll
C:\Qoobox\Quarantine\C\windows\system32\NvPVEnc.ax -> C:\windows\system32\NvPVEnc.ax
C:\Qoobox\Quarantine\C\windows\system32\nvsvc32.exe -> C:\windows\system32\nvsvc32.exe
C:\Qoobox\Quarantine\C\windows\system32\nvtuicpl.cpl -> C:\windows\system32\nvtuicpl.cpl
C:\Qoobox\Quarantine\C\windows\system32\nvwdmcpl.dll -> C:\windows\system32\nvwdmcpl.dll
C:\Qoobox\Quarantine\C\windows\system32\PortableDeviceApi.dll -> C:\windows\system32\PortableDeviceApi.dll
C:\Qoobox\Quarantine\C\windows\system32\PortableDeviceClassExtension.dll -> C:\windows\system32\PortableDeviceClassExtension.dll
C:\Qoobox\Quarantine\C\windows\system32\PortableDeviceTypes.dll -> C:\windows\system32\PortableDeviceTypes.dll
C:\Qoobox\Quarantine\C\windows\system32\PortableDeviceWiaCompat.dll -> C:\windows\system32\PortableDeviceWiaCompat.dll
C:\Qoobox\Quarantine\C\windows\system32\PortableDeviceWMDRM.dll -> C:\windows\system32\PortableDeviceWMDRM.dll
C:\Qoobox\Quarantine\C\windows\system32\prntvpt.dll -> C:\windows\system32\prntvpt.dll
C:\Qoobox\Quarantine\C\windows\system32\ptpusb.dll -> C:\windows\system32\ptpusb.dll
C:\Qoobox\Quarantine\C\windows\system32\ptpusd.dll -> C:\windows\system32\ptpusd.dll
C:\Qoobox\Quarantine\C\windows\system32\RDOCURS.DLL -> C:\windows\system32\RDOCURS.DLL
C:\Qoobox\Quarantine\C\windows\system32\rgb9rast_2.dll -> C:\windows\system32\rgb9rast_2.dll
C:\Qoobox\Quarantine\C\windows\system32\SCP32.DLL -> C:\windows\system32\SCP32.DLL
C:\Qoobox\Quarantine\C\windows\system32\SETA3.tmp -> C:\windows\system32\SETA3.tmp
C:\Qoobox\Quarantine\C\windows\system32\SETA7.tmp -> C:\windows\system32\SETA7.tmp
C:\Qoobox\Quarantine\C\windows\system32\SETAF.tmp -> C:\windows\system32\SETAF.tmp
C:\Qoobox\Quarantine\C\windows\system32\SETF7.tmp -> C:\windows\system32\SETF7.tmp
C:\Qoobox\Quarantine\C\windows\system32\spdwnwxp.exe -> C:\windows\system32\spdwnwxp.exe
C:\Qoobox\Quarantine\C\windows\system32\spupdsvc.exe -> C:\windows\system32\spupdsvc.exe
C:\Qoobox\Quarantine\C\windows\system32\spupdwxp.exe -> C:\windows\system32\spupdwxp.exe
C:\Qoobox\Quarantine\C\windows\system32\tabctl32.ocx -> C:\windows\system32\tabctl32.ocx
C:\Qoobox\Quarantine\C\windows\system32\taskman.exe -> C:\windows\system32\taskman.exe
C:\Qoobox\Quarantine\C\windows\system32\tree.com -> C:\windows\system32\tree.com
C:\Qoobox\Quarantine\C\windows\system32\tscupgrd.exe -> C:\windows\system32\tscupgrd.exe
C:\Qoobox\Quarantine\C\windows\system32\tssoft32.acm -> C:\windows\system32\tssoft32.acm
C:\Qoobox\Quarantine\C\windows\system32\TsWpfWrp.exe -> C:\windows\system32\TsWpfWrp.exe
C:\Qoobox\Quarantine\C\windows\system32\TWAIN_32.DLL -> C:\windows\system32\TWAIN_32.DLL
C:\Qoobox\Quarantine\C\windows\system32\UIAutomationCore.dll -> C:\windows\system32\UIAutomationCore.dll
C:\Qoobox\Quarantine\C\windows\system32\ur.dll -> C:\windows\system32\ur.dll
C:\Qoobox\Quarantine\C\windows\system32\uwdf.exe -> C:\windows\system32\uwdf.exe
C:\Qoobox\Quarantine\C\windows\system32\VB6FR.DLL -> C:\windows\system32\VB6FR.DLL
C:\Qoobox\Quarantine\C\windows\system32\VB6KO.DLL -> C:\windows\system32\VB6KO.DLL
C:\Qoobox\Quarantine\C\windows\system32\Vb6stkit.dll -> C:\windows\system32\Vb6stkit.dll
C:\Qoobox\Quarantine\C\windows\system32\VBAEN32.OLB -> C:\windows\system32\VBAEN32.OLB
C:\Qoobox\Quarantine\C\windows\system32\VBAEND32.OLB -> C:\windows\system32\VBAEND32.OLB
C:\Qoobox\Quarantine\C\windows\system32\vbalExpBar6.ocx -> C:\windows\system32\vbalExpBar6.ocx
C:\Qoobox\Quarantine\C\windows\system32\VBAME.DLL -> C:\windows\system32\VBAME.DLL
C:\Qoobox\Quarantine\C\windows\system32\VEN2232.OLB -> C:\windows\system32\VEN2232.OLB
C:\Qoobox\Quarantine\C\windows\system32\verclsid.exe -> C:\windows\system32\verclsid.exe
C:\Qoobox\Quarantine\C\windows\system32\vp6dec.ax -> C:\windows\system32\vp6dec.ax
C:\Qoobox\Quarantine\C\windows\system32\wdfapi.dll -> C:\windows\system32\wdfapi.dll
C:\Qoobox\Quarantine\C\windows\system32\wdfmgr.exe -> C:\windows\system32\wdfmgr.exe
C:\Qoobox\Quarantine\C\windows\system32\win.com -> C:\windows\system32\win.com
C:\Qoobox\Quarantine\C\windows\system32\wmdrmdev.dll -> C:\windows\system32\wmdrmdev.dll
C:\Qoobox\Quarantine\C\windows\system32\wmdrmnet.dll -> C:\windows\system32\wmdrmnet.dll
C:\Qoobox\Quarantine\C\windows\system32\wmidx.ocx -> C:\windows\system32\wmidx.ocx
C:\Qoobox\Quarantine\C\windows\system32\wmpeffects.dll -> C:\windows\system32\wmpeffects.dll
C:\Qoobox\Quarantine\C\windows\system32\wmpencen.dll -> C:\windows\system32\wmpencen.dll
C:\Qoobox\Quarantine\C\windows\system32\wmpmde.dll -> C:\windows\system32\wmpmde.dll
C:\Qoobox\Quarantine\C\windows\system32\wmpps.dll -> C:\windows\system32\wmpps.dll
C:\Qoobox\Quarantine\C\windows\system32\wmpsrcwp.dll -> C:\windows\system32\wmpsrcwp.dll
C:\Qoobox\Quarantine\C\windows\system32\wmpstub.exe -> C:\windows\system32\wmpstub.exe
C:\Qoobox\Quarantine\C\windows\system32\wmv9dmod.dll -> C:\windows\system32\wmv9dmod.dll
C:\Qoobox\Quarantine\C\windows\system32\wmv9vcm.dll -> C:\windows\system32\wmv9vcm.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVADVD.dll -> C:\windows\system32\WMVADVD.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVADVE.DLL -> C:\windows\system32\WMVADVE.DLL
C:\Qoobox\Quarantine\C\windows\system32\wmvcore2.dll -> C:\windows\system32\wmvcore2.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVDECOD.dll -> C:\windows\system32\WMVDECOD.dll
C:\Qoobox\Quarantine\C\windows\system32\wmvdmoe.dll -> C:\windows\system32\wmvdmoe.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVENCOD.dll -> C:\windows\system32\WMVENCOD.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVSDECD.dll -> C:\windows\system32\WMVSDECD.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVSENCD.dll -> C:\windows\system32\WMVSENCD.dll
C:\Qoobox\Quarantine\C\windows\system32\WMVXENCD.dll -> C:\windows\system32\WMVXENCD.dll
C:\Qoobox\Quarantine\C\windows\system32\wpdconns.dll -> C:\windows\system32\wpdconns.dll
C:\Qoobox\Quarantine\C\windows\system32\WPDShServiceObj.dll -> C:\windows\system32\WPDShServiceObj.dll
C:\Qoobox\Quarantine\C\windows\system32\WudfPlatform.dll -> C:\windows\system32\WudfPlatform.dll
C:\Qoobox\Quarantine\C\windows\system32\WudfSvc.dll -> C:\windows\system32\WudfSvc.dll
C:\Qoobox\Quarantine\C\windows\system32\drivers\AegisP.sys -> C:\windows\system32\drivers\AegisP.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\avgntflt.sys -> C:\windows\system32\drivers\avgntflt.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\avipbb.sys -> C:\windows\system32\drivers\avipbb.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\bbcap.sys -> C:\windows\system32\drivers\bbcap.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\CLBStor.sys -> C:\windows\system32\drivers\CLBStor.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\CLBUDF.sys -> C:\windows\system32\drivers\CLBUDF.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ctac32k.sys -> C:\windows\system32\drivers\ctac32k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ctaud2k.sys -> C:\windows\system32\drivers\ctaud2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ctdvda2k.sys -> C:\windows\system32\drivers\ctdvda2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ctoss2k.sys -> C:\windows\system32\drivers\ctoss2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ctprxy2k.sys -> C:\windows\system32\drivers\ctprxy2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ctsfm2k.sys -> C:\windows\system32\drivers\ctsfm2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\emupia2k.sys -> C:\windows\system32\drivers\emupia2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\GEARAspiWDM.sys -> C:\windows\system32\drivers\GEARAspiWDM.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\ha10kx2k.sys -> C:\windows\system32\drivers\ha10kx2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\haP16v2k.sys -> C:\windows\system32\drivers\haP16v2k.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\hdaudbus.sys -> C:\windows\system32\drivers\hdaudbus.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\M2500.sys -> C:\windows\system32\drivers\M2500.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\pccsmcfd.sys -> C:\windows\system32\drivers\pccsmcfd.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\RTL8192su.sys -> C:\windows\system32\drivers\RTL8192su.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\secdrv.sys -> C:\windows\system32\drivers\secdrv.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\sptd.sys -> C:\windows\system32\drivers\sptd.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\TPkd.sys -> C:\windows\system32\drivers\TPkd.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\usbaapl.sys -> C:\windows\system32\drivers\usbaapl.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\viamraid.sys -> C:\windows\system32\drivers\viamraid.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\wpdusb.sys -> C:\windows\system32\drivers\wpdusb.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\WudfPf.sys -> C:\windows\system32\drivers\WudfPf.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\WudfRd.sys -> C:\windows\system32\drivers\WudfRd.sys
C:\Qoobox\Quarantine\C\windows\system32\drivers\_avgntflt_.sys.zip -> C:\windows\system32\drivers\_avgntflt_.sys.zip
C:\Qoobox\Quarantine\C\windows\system32\drivers\_avipbb_.sys.zip -> C:\windows\system32\drivers\_avipbb_.sys.zip
C:\Qoobox\Quarantine\C\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll -> C:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
217 File(s) copied
C:\Qoobox\Quarantine\f\miso\iTunes\iTunesHelper.exe -> F:\miso\iTunes\iTunesHelper.exe
1 File(s) copied


tak som ho reštartol:

Mozilla už ide
avšak stále nejde avira a hlavne iTunes mi blbne



Uploaded with ImageShack.us

[bledulka]

Aviru a iTunes asi budeš muset přeinstalovat .
Žbeky s tebou bude zítra pokračovat.
Vyzkoušej, co nefunguje, případně programy přeinstaluj, přece jen combofix určitě mazal i v registrech a služby.

[Clutch]

problém nie je len v itunes ale všeobecne zvuk nejde.

problém bude asi tu, akoby boli odinštalované zvukové zariadenia.


Uploaded with ImageShack.us

EDIT: problém som vyriešil stiahnutím drivera. takže už ide aj itunes. aviru som peinstaloval tá tiež ide. zatial ďalšie problémy som nenašiel. uvidím zajtra.

Chcem sa teda spýtať či to pomazalo okrem tých dobrých súborov aj tie problémové. Stále neviem či som tým niečo získal.

[Žbeky]

Mu prostě ruplo v kouli a začal mazat i správné soubory. nVidia soubory, directX, ovladače zvuku a chipsetu, součásti Aviry, součásti Adobe...

Je tam pár souborů, u kterých by kontrola byla zavhodno, ale bojím se, že to udělá zas to samé... Máš zaplé body obnovy? Že bys to obnovil před CF (tedy i ovladače atd.) a pak bychom místo CF udělali OTL

[Clutch]

Prosím ťa kde zistím či sú body kontroly zapnuté? Moc sa v týchto veciach nevyznám.