Pc sa sám vypína

[Pavuk29]

radce počuj stahol som si proti sprajverom program Spyware Terminator
a može byt program proti Malwerom vola sa Malwarebytes Anti-Malware Free

Sprajveri su ti, co, striekaju po stenach?
Ja som sa pytal na antivirak.

[dusan612]

pavuk29 antivirusovy program mam microsoft security essentials

[Pavuk29]

pavuk29 antivirusovy program mam microsoft security essentials

Řekl bych že Microsoft Security Essentials, ....

Deja vu....

[tuvok07]

Pán si asi neuvědomovat, jak bít toprá čežtyň....

[dusan612]

neviete čo je to za proces csrss.exe ? može to byt virus ?

[Roli]

TOHLE si přečti

[dusan612]

co mysliš ?

[Ervd]

Klini na

TOHLE

je tam text o csrss.exe.

omlouvam se za vstup.

[Roli]

Klini na

TOHLE

je tam text o csrss.exe.

omlouvam se za vstup.

Omlouvat se nemusíš, poznámka byla na místě

[dusan612]

Ahoj te mam problem dal som rychlu kontrolu s Malwarebytes' Anti Malware a našiel 6 virusov PUP.Dealio.TB virusov už po tretí krat ale tie virusy mi nerobia asi zatial nič

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verzia databázy: 7593

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

28. 8. 2011 11:39:23
mbam-log-2011-08-28 (11-39-23).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 166550
Uplynutý čas: 3 min, 41 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 3
Infikované registračné hodnoty: 2
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 1

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Quarantined and deleted successfully.

Infikované registračné hodnoty:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> Quarantined and deleted successfully.

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
c:\program files\youtube downloader toolbar\IE\4.6\youtubedownloadertoolbarie.dll (PUP.Dealio.TB) -> Quarantined and deleted successfully.

[Roli]

Pokud se tam ti šmejdi objevují stále dokola asi bude něco špatně ne ?

Asi by bylo dobré abys použil Rsit z mého podpisu a dal sem z něho log.txt

[dusan612]

tu je log.txt

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dušan at 2011-08-30 20:58:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 69 GB (69%) free of 100 GB
Total RAM: 2047 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:58:58, on 30. 8. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\vsnp2std.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Dušan\Desktop\RSIT.exe
C:\Program Files\trend micro\Dušan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14780&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D29B24BE-E87B-452D-A296-5EC66F041B1E}: NameServer = 192.168.100.2,192.168.0.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{D29B24BE-E87B-452D-A296-5EC66F041B1E}: NameServer = 192.168.100.2,192.168.0.200
O17 - HKLM\System\CS2\Services\Tcpip\..\{D29B24BE-E87B-452D-A296-5EC66F041B1E}: NameServer = 192.168.100.2,192.168.0.200
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 6414 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2077639707-384719932-3077192631-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2077639707-384719932-3077192631-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-07-14 1237240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
CescrtHlpr Object - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [2010-11-07 225720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-07-14 1237240]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll [2010-11-07 184760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-25 98304]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-07-06 1047656]
"BabylonToolbar"=C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe [2010-11-07 286720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"ALLUpdate"=C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-08-16 1379840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-30 20:58:49 ----D---- C:\rsit
2011-08-30 20:58:49 ----D---- C:\Program Files\trend micro
2011-08-24 09:53:05 ----A---- C:\Windows\system32\tzres.dll
2011-08-22 12:35:17 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-08-22 12:35:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-22 12:35:12 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-18 13:28:27 ----SHD---- C:\ProgramData\DSS
2011-08-13 22:56:25 ----D---- C:\ProgramData\YouTube Downloader
2011-08-13 22:56:14 ----D---- C:\Program Files\YouTube Downloader
2011-08-10 11:03:26 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 11:03:25 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 11:03:24 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 11:03:23 ----A---- C:\Windows\system32\jscript.dll
2011-08-10 11:03:22 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 11:03:22 ----A---- C:\Windows\system32\jscript9.dll
2011-08-10 11:03:21 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 11:03:20 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 11:03:20 ----A---- C:\Windows\system32\url.dll
2011-08-10 11:03:20 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 11:03:17 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 10:49:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 10:49:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 10:49:42 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 10:49:42 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 10:49:42 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 10:49:42 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 10:49:41 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 10:49:40 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 10:49:40 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 10:49:40 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 10:49:40 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 10:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 10:49:38 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 10:49:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 10:49:38 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 10:49:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 10:49:38 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 10:49:38 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 10:49:28 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 10:49:28 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 10:49:20 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-10 10:49:20 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 10:49:19 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 10:49:19 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 10:49:19 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-10 10:49:17 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-06 21:55:38 ----A---- C:\Windows\system32\xvidcore.dll
2011-08-06 21:55:38 ----A---- C:\Windows\system32\libFLAC.dll
2011-08-05 17:00:40 ----D---- C:\Program Files\BabylonToolbar
2011-08-04 12:32:54 ----D---- C:\Users\Dušan\AppData\Roaming\Malwarebytes
2011-08-04 12:32:40 ----D---- C:\ProgramData\Malwarebytes
2011-08-03 20:14:31 ----D---- C:\Program Files\Crawler
2011-08-03 20:14:19 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2011-08-03 20:14:16 ----D---- C:\Users\Dušan\AppData\Roaming\Spyware Terminator
2011-08-03 20:14:01 ----D---- C:\ProgramData\Spyware Terminator
2011-08-03 20:13:49 ----D---- C:\Program Files\Spyware Terminator

======List of files/folders modified in the last 1 month======

2011-08-30 20:58:58 ----D---- C:\Windows\Prefetch
2011-08-30 20:58:49 ----D---- C:\Program Files
2011-08-30 20:56:43 ----D---- C:\Windows\Temp
2011-08-30 20:51:07 ----D---- C:\Users\Dušan\AppData\Roaming\Skype
2011-08-30 14:14:58 ----D---- C:\Windows\system32\config
2011-08-30 10:22:54 ----D---- C:\Windows
2011-08-29 16:33:45 ----D---- C:\Program Files\ALLPlayer
2011-08-29 16:33:28 ----D---- C:\Windows\System32
2011-08-28 19:05:15 ----SHD---- C:\Windows\Installer
2011-08-28 19:05:14 ----D---- C:\Program Files\Common Files
2011-08-28 19:04:35 ----SHD---- C:\System Volume Information
2011-08-28 14:49:03 ----D---- C:\Windows\system32\directx
2011-08-28 14:48:53 ----D---- C:\ProgramData\Media Center Programs
2011-08-28 14:37:20 ----HD---- C:\ProgramData
2011-08-28 11:40:31 ----D---- C:\Windows\system32\drivers
2011-08-28 11:40:31 ----D---- C:\Windows\Downloaded Program Files
2011-08-27 18:59:09 ----D---- C:\Windows\system32\Tasks
2011-08-27 18:59:03 ----RD---- C:\Program Files\Skype
2011-08-27 18:58:48 ----D---- C:\ProgramData\Skype
2011-08-27 00:46:08 ----D---- C:\Windows\inf
2011-08-27 00:46:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-26 21:34:35 ----D---- C:\mobile_video
2011-08-26 11:29:19 ----D---- C:\Windows\Logs
2011-08-25 16:37:57 ----D---- C:\Windows\rescache
2011-08-25 11:56:53 ----A---- C:\cmdlog.txt
2011-08-25 11:55:41 ----RSD---- C:\Windows\assembly
2011-08-24 11:32:51 ----D---- C:\Windows\winsxs
2011-08-24 11:32:46 ----D---- C:\Windows\system32\sk-SK
2011-08-24 09:51:23 ----D---- C:\Windows\system32\catroot
2011-08-22 13:12:30 ----D---- C:\Windows\en-US
2011-08-22 10:11:55 ----D---- C:\Windows\system32\catroot2
2011-08-18 20:30:39 ----AD---- C:\ProgramData\TEMP
2011-08-18 13:12:43 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-15 11:49:21 ----D---- C:\ProgramData\Electronic Arts
2011-08-11 00:23:27 ----D---- C:\Windows\Microsoft.NET
2011-08-10 11:15:56 ----D---- C:\Windows\system32\migration
2011-08-10 11:15:56 ----D---- C:\Program Files\Internet Explorer
2011-08-10 11:13:38 ----D---- C:\ProgramData\Microsoft Help
2011-08-10 10:57:01 ----A---- C:\Windows\system32\MRT.exe
2011-08-08 20:58:47 ----SHD---- C:\Boot
2011-08-08 20:45:29 ----D---- C:\ProgramData\DivX
2011-08-08 20:45:29 ----D---- C:\Program Files\DivX
2011-08-08 20:44:50 ----D---- C:\Program Files\Common Files\DivX Shared
2011-08-08 13:36:36 ----D---- C:\Windows\Setup
2011-08-04 20:16:05 ----D---- C:\Users\Dušan\AppData\Roaming\Vso
2011-08-04 20:16:05 ----A---- C:\Users\Dušan\AppData\Roaming\inst.exe
2011-08-04 16:31:45 ----D---- C:\Windows\Panther
2011-08-04 13:54:51 ----D---- C:\Windows\debug
2011-08-04 12:51:42 ----D---- C:\Windows\sk-SK
2011-08-02 21:29:29 ----SD---- C:\ProgramData\Microsoft
2011-08-01 09:38:21 ----D---- C:\Program Files\Microsoft Security Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-14 691696]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-10 218688]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl8bee57e2;MpKsl8bee57e2; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E646F625-395B-436A-98AF-F14F47165B22}\MpKsl8bee57e2.sys [2011-08-30 28752]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-08-03 142592]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface; C:\Windows\system32\drivers\c6501.sys [2010-10-12 1517056]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 22712]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2009-07-14 429056]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 12039552]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
S1 MpKsl03c4e6ac;MpKsl03c4e6ac; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{69E2B319-0F37-4E4C-A714-7FC9F6D51339}\MpKsl03c4e6ac.sys []
S1 MpKsl0c28b09d;MpKsl0c28b09d; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{12FB8358-DFF3-4D60-B420-9FEED1D9D487}\MpKsl0c28b09d.sys []
S1 MpKsl11c1134d;MpKsl11c1134d; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DE675892-7F89-420D-B425-9DF88A08B458}\MpKsl11c1134d.sys []
S1 MpKsl12062f92;MpKsl12062f92; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB60907F-28C0-44B8-A9A3-37463BE015E6}\MpKsl12062f92.sys []
S1 MpKsl170d11de;MpKsl170d11de; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8302F8EA-649A-4E31-8E4C-9950A040EE39}\MpKsl170d11de.sys []
S1 MpKsl172f0ca7;MpKsl172f0ca7; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CE6D4A8-7542-4D64-A9B4-5F0AD7607BB1}\MpKsl172f0ca7.sys []
S1 MpKsl18a1eda5;MpKsl18a1eda5; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{12BB1603-7823-42E5-BA6A-ABB495D05336}\MpKsl18a1eda5.sys []
S1 MpKsl1988829c;MpKsl1988829c; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2E8B68E-7B32-465A-AA16-75D5D53D08FD}\MpKsl1988829c.sys []
S1 MpKsl1a9e966e;MpKsl1a9e966e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{090AA2A8-CE9E-4761-B931-7391028B36A5}\MpKsl1a9e966e.sys []
S1 MpKsl3295b8c2;MpKsl3295b8c2; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DA302088-8FDA-4B48-9024-7B3094E7BDDE}\MpKsl3295b8c2.sys []
S1 MpKsl36614ce2;MpKsl36614ce2; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7001CD0C-B9BC-4781-9DA2-B02D17C09616}\MpKsl36614ce2.sys []
S1 MpKsl3d393658;MpKsl3d393658; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{24E2202A-1CE0-4FAD-B3BE-2D278A6FFED5}\MpKsl3d393658.sys []
S1 MpKsl3dccb04d;MpKsl3dccb04d; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKsl3dccb04d.sys []
S1 MpKsl433fa0ed;MpKsl433fa0ed; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{53173D2C-2261-4AE0-83A6-1CE23D7EA4AA}\MpKsl433fa0ed.sys []
S1 MpKsl460649c2;MpKsl460649c2; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49286B8D-34BB-4DD1-8B85-5756EF242215}\MpKsl460649c2.sys []
S1 MpKsl500aeef6;MpKsl500aeef6; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F690FF61-0429-4E94-920F-9F8DC5F1E489}\MpKsl500aeef6.sys []
S1 MpKsl52763898;MpKsl52763898; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B5116658-67BD-4448-A902-26101280424F}\MpKsl52763898.sys []
S1 MpKsl69e78aea;MpKsl69e78aea; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7001CD0C-B9BC-4781-9DA2-B02D17C09616}\MpKsl69e78aea.sys []
S1 MpKsl6b7cad75;MpKsl6b7cad75; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E6969BE-728E-466D-A32E-1F9FDDB6B457}\MpKsl6b7cad75.sys []
S1 MpKsl6d981125;MpKsl6d981125; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{752ADD2A-3C50-4C08-AB84-C6B78EBE8E29}\MpKsl6d981125.sys []
S1 MpKsl7085f062;MpKsl7085f062; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3986A4DF-C1CD-4927-B7BD-D42A278940C0}\MpKsl7085f062.sys []
S1 MpKsl79d69de6;MpKsl79d69de6; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1EA33B73-861C-44DB-895C-9664763E6316}\MpKsl79d69de6.sys []
S1 MpKsl85cca17d;MpKsl85cca17d; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BCC8B18E-BD2C-4E6A-A001-125CF1FD3FEA}\MpKsl85cca17d.sys []
S1 MpKsl8d71438d;MpKsl8d71438d; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{12BB1603-7823-42E5-BA6A-ABB495D05336}\MpKsl8d71438d.sys []
S1 MpKsl8e72935a;MpKsl8e72935a; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7F526401-E667-484E-95B1-5A9EC99DE802}\MpKsl8e72935a.sys []
S1 MpKsla3a0e9c1;MpKsla3a0e9c1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18384657-D054-4096-889D-CC8F9C03B9D7}\MpKsla3a0e9c1.sys []
S1 MpKsla3bd7dbc;MpKsla3bd7dbc; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63852031-BB2B-4752-85B4-BDE630D8AAB6}\MpKsla3bd7dbc.sys []
S1 MpKsla4fb4f9a;MpKsla4fb4f9a; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{69E2B319-0F37-4E4C-A714-7FC9F6D51339}\MpKsla4fb4f9a.sys []
S1 MpKsla8453b9f;MpKsla8453b9f; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{161340BA-5442-4532-B3D3-400311324D33}\MpKsla8453b9f.sys []
S1 MpKslaaae1338;MpKslaaae1338; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3986A4DF-C1CD-4927-B7BD-D42A278940C0}\MpKslaaae1338.sys []
S1 MpKslb08e7532;MpKslb08e7532; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2B5FDAE-404A-4F1B-9163-E381D662EBFE}\MpKslb08e7532.sys []
S1 MpKslb17b5ddd;MpKslb17b5ddd; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A7EEE9BC-5D0F-404E-B0FE-D28B87B6D92A}\MpKslb17b5ddd.sys []
S1 MpKslb571f52e;MpKslb571f52e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A5908B6-832D-4D57-99F3-F7C2BE6C3E67}\MpKslb571f52e.sys []
S1 MpKslbcca1e30;MpKslbcca1e30; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EFA2217A-BE34-413C-94E0-7CFDDDD64E87}\MpKslbcca1e30.sys []
S1 MpKslc08678a8;MpKslc08678a8; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKslc08678a8.sys []
S1 MpKslca8f1572;MpKslca8f1572; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EFA2217A-BE34-413C-94E0-7CFDDDD64E87}\MpKslca8f1572.sys []
S1 MpKslcb79496f;MpKslcb79496f; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B4035BC-B4FA-4415-9A75-40A20240572F}\MpKslcb79496f.sys []
S1 MpKsld418d5ff;MpKsld418d5ff; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE6284D1-342A-4435-BB8C-ECDD042430D7}\MpKsld418d5ff.sys []
S1 MpKsld4c9a884;MpKsld4c9a884; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DFBB518-995A-4F1B-8BFB-AB450611229F}\MpKsld4c9a884.sys []
S1 MpKsld6e15be5;MpKsld6e15be5; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30E00535-D9A1-431A-8C4A-CF19F71A6C68}\MpKsld6e15be5.sys []
S1 MpKsld93e4e4a;MpKsld93e4e4a; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E311586E-D45B-4152-87F8-33214875E7B8}\MpKsld93e4e4a.sys []
S1 MpKsldb26f16c;MpKsldb26f16c; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6FC6B59F-C708-49B8-98AB-4F31C530655F}\MpKsldb26f16c.sys []
S1 MpKslde413246;MpKslde413246; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9CB1C2C1-8290-4E6C-957E-EC26E645F87D}\MpKslde413246.sys []
S1 MpKsle16423d1;MpKsle16423d1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{47441456-1F56-4ADE-B39A-9AA5954D3EAF}\MpKsle16423d1.sys []
S1 MpKsle23fdec6;MpKsle23fdec6; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18ABFD77-897E-4C4D-BE9F-88C66F12B321}\MpKsle23fdec6.sys []
S1 MpKsle5d1bb20;MpKsle5d1bb20; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{890D40F1-98CD-4645-81FB-F77324D94FBC}\MpKsle5d1bb20.sys []
S1 MpKsle96de0b1;MpKsle96de0b1; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{14B0724C-727B-4D94-BCEC-ECE1B56D7801}\MpKsle96de0b1.sys []
S1 MpKslf547cb09;MpKslf547cb09; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FA212CE-B59F-43D9-8A49-9D7ACD31F329}\MpKslf547cb09.sys []
S1 MpKslfbcba3cc;MpKslfbcba3cc; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1CE6D4A8-7542-4D64-A9B4-5F0AD7607BB1}\MpKslfbcba3cc.sys []
S1 MpKslfc1b8d3b;MpKslfc1b8d3b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1FA212CE-B59F-43D9-8A49-9D7ACD31F329}\MpKslfc1b8d3b.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\Windows\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM106.sys []
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-03-17 75136]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-08-03 496128]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-30 1523008]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-12 1343400]

[Roli]

Tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14780&l=dis
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"

HJT najdeš zde :

C:\Program Files\trend micro\Dušan.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Ovládací panely >> Odebrat programy odinstaluj BabylonToolbar a Malwarebytes' Anti-Malware


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Nyní použijeme větší kalibr tak že pozorně čti, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[dusan612]

ahoj mam to ešte urobit to čo si mi kazal ? lebo daval som kontroval s malwarebytes a už to tie hrozby nenašlo

[dusan612]

a toto som nemohol najst v tom hjt O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep"