Vyléčeno?

Zpráva

attacted · #1 Příspěvek od **attacted** » 14 zář 2011 19:34

Dobrý den - nevím jestli postupuji správně, ale nějak nevím jak navázat na nějakou rozjetou diskuzi. Nastal mi s PC obdobný problém jako dotyčnému z tohoto vlákna (nějaký MBR rootkit, který Avast sice detekoval , ale nedokázal jej odstranit) http://www.viry.cz/forum/viewtopic.php?f=13&t=109700. Použil jsem stejný návod a "snad" vše proběhlo úspěšně. Chtěl bych se pouze ujistit, že jsem se onoho "xindlu" opravdu zbavil. Posílám proto Log vytvořený bootkit_removerem před a po léčení.

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 4a2741aac2e4a920531fa9e67a047c8b

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>

Done;
Press any key to quit...

----------------------

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

Done;
Press any key to quit...

je pro Vás tato informace dostačující nebo k tomu potřebujete ten veliký dlouhý Log, který je popsán na úvodu fóra?
za odpověď děkuji.

#2 Příspěvek od **vyosek** » 14 zář 2011 19:39

Zdravim a pekny vecer preji

Log z bootkitu vypada cisty, ale proverime to - mbr rootkity jsou pekny mrchy

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

attacted · #3 Příspěvek od **attacted** » 14 zář 2011 19:48

Tak jsem provedl, co jsem měl a TDSSKiller se tváří, že nenašel nic. Připojuji výsledný Log:

2011/09/14 20:43:48.0734 2712 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/14 20:43:50.0734 2712 ================================================================================
2011/09/14 20:43:50.0734 2712 SystemInfo:
2011/09/14 20:43:50.0734 2712
2011/09/14 20:43:50.0734 2712 OS Version: 5.1.2600 ServicePack: 3.0
2011/09/14 20:43:50.0734 2712 Product type: Workstation
2011/09/14 20:43:50.0734 2712 ComputerName: RADEK
2011/09/14 20:43:50.0734 2712 UserName: RADEK
2011/09/14 20:43:50.0734 2712 Windows directory: C:\WINDOWS
2011/09/14 20:43:50.0734 2712 System windows directory: C:\WINDOWS
2011/09/14 20:43:50.0750 2712 Processor architecture: Intel x86
2011/09/14 20:43:50.0750 2712 Number of processors: 2
2011/09/14 20:43:50.0750 2712 Page size: 0x1000
2011/09/14 20:43:50.0750 2712 Boot type: Normal boot
2011/09/14 20:43:50.0750 2712 ================================================================================
2011/09/14 20:43:53.0312 2712 Initialize success
2011/09/14 20:44:10.0828 5548 ================================================================================
2011/09/14 20:44:10.0828 5548 Scan started
2011/09/14 20:44:10.0828 5548 Mode: Manual;
2011/09/14 20:44:10.0828 5548 ================================================================================
2011/09/14 20:44:11.0109 5548 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
2011/09/14 20:44:11.0156 5548 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/09/14 20:44:11.0265 5548 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/14 20:44:11.0312 5548 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/14 20:44:11.0421 5548 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/14 20:44:11.0484 5548 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/14 20:44:11.0531 5548 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/09/14 20:44:11.0687 5548 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2011/09/14 20:44:11.0750 5548 ALCXWDM (4dd2c10fc6434fedcb7c71fbdc1f107a) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/09/14 20:44:11.0906 5548 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/14 20:44:12.0062 5548 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/09/14 20:44:12.0125 5548 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/09/14 20:44:12.0171 5548 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/09/14 20:44:12.0218 5548 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/09/14 20:44:12.0265 5548 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/09/14 20:44:12.0328 5548 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
2011/09/14 20:44:12.0390 5548 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/09/14 20:44:12.0437 5548 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/14 20:44:12.0484 5548 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/14 20:44:12.0671 5548 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/14 20:44:12.0828 5548 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/14 20:44:12.0875 5548 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/14 20:44:12.0953 5548 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
2011/09/14 20:44:13.0015 5548 basic2 (1b9c81ab9a456eabd9f8335f04b5f495) C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
2011/09/14 20:44:13.0062 5548 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/14 20:44:13.0140 5548 C-Dilla (8970813a3d73e390047d0b17e4af852c) C:\WINDOWS\System32\drivers\CDANT.SYS
2011/09/14 20:44:13.0203 5548 Cap7134 (da674a868ff251b580e291d90d3caa15) C:\WINDOWS\system32\DRIVERS\Cap7134.sys
2011/09/14 20:44:13.0265 5548 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/14 20:44:13.0312 5548 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/14 20:44:13.0390 5548 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/14 20:44:13.0437 5548 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/14 20:44:13.0500 5548 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/14 20:44:13.0750 5548 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/14 20:44:13.0828 5548 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/14 20:44:13.0906 5548 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/14 20:44:13.0937 5548 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/14 20:44:14.0015 5548 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/14 20:44:14.0109 5548 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/14 20:44:14.0171 5548 EL2000 (9d356817b223067ff6f7f9eb867585ef) C:\WINDOWS\system32\DRIVERS\EL2K_XP.sys
2011/09/14 20:44:14.0250 5548 Fallback (c823debe2548656549f84a875d65237b) C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
2011/09/14 20:44:14.0296 5548 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/14 20:44:14.0359 5548 fasttx2k (5d95724d3c3923449c02be1106657bcd) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
2011/09/14 20:44:14.0406 5548 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/14 20:44:14.0453 5548 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/14 20:44:14.0500 5548 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/14 20:44:14.0562 5548 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/14 20:44:14.0609 5548 FlyPCI (93f7e288350460e4bae8807283dd4e6e) C:\WINDOWS\system32\drivers\FlyPCI.sys
2011/09/14 20:44:14.0671 5548 Fsks (6483414841d4cab6c3b4db2ac6edd70b) C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
2011/09/14 20:44:14.0703 5548 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/14 20:44:14.0828 5548 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/14 20:44:14.0953 5548 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/14 20:44:15.0046 5548 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/14 20:44:15.0140 5548 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/14 20:44:15.0187 5548 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/14 20:44:15.0218 5548 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/14 20:44:15.0281 5548 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
2011/09/14 20:44:15.0421 5548 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
2011/09/14 20:44:15.0546 5548 hsf_msft (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
2011/09/14 20:44:15.0625 5548 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/14 20:44:15.0750 5548 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/14 20:44:15.0796 5548 imagedrv (0a7c49b48c772591a2d362daa00246c8) C:\WINDOWS\system32\Drivers\imagedrv.sys
2011/09/14 20:44:15.0828 5548 imagesrv (549ba4f539e7b8d8129500b96dd7b27a) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
2011/09/14 20:44:15.0890 5548 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/14 20:44:16.0031 5548 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/14 20:44:16.0078 5548 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/14 20:44:16.0125 5548 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/14 20:44:16.0171 5548 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/14 20:44:16.0218 5548 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/14 20:44:16.0281 5548 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/14 20:44:16.0328 5548 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/14 20:44:16.0375 5548 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/14 20:44:16.0453 5548 ISWKL (ca1971e21609f22e07a95cc3147b6ced) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
2011/09/14 20:44:16.0531 5548 K56 (9c5e3fdbfcc30cf71a49ca178b9ad442) C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
2011/09/14 20:44:16.0609 5548 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/14 20:44:16.0687 5548 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/14 20:44:16.0750 5548 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/14 20:44:16.0875 5548 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/09/14 20:44:16.0953 5548 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/14 20:44:17.0046 5548 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/14 20:44:17.0093 5548 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/14 20:44:17.0156 5548 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/14 20:44:17.0203 5548 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/14 20:44:17.0312 5548 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/14 20:44:17.0390 5548 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/14 20:44:17.0453 5548 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
2011/09/14 20:44:17.0515 5548 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/14 20:44:17.0578 5548 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/14 20:44:17.0625 5548 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/14 20:44:17.0687 5548 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/14 20:44:17.0750 5548 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/14 20:44:17.0828 5548 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/14 20:44:17.0890 5548 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/14 20:44:17.0953 5548 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/14 20:44:18.0031 5548 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/14 20:44:18.0093 5548 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/14 20:44:18.0171 5548 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/14 20:44:18.0281 5548 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/14 20:44:18.0359 5548 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/14 20:44:18.0484 5548 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/14 20:44:18.0593 5548 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/14 20:44:18.0734 5548 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/14 20:44:18.0937 5548 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/14 20:44:19.0093 5548 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/14 20:44:19.0312 5548 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/14 20:44:19.0734 5548 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/14 20:44:19.0906 5548 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/14 20:44:19.0984 5548 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/14 20:44:20.0156 5548 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/14 20:44:20.0250 5548 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/14 20:44:20.0343 5548 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/14 20:44:20.0421 5548 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/14 20:44:20.0531 5548 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/14 20:44:20.0703 5548 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/14 20:44:20.0781 5548 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/14 20:44:21.0109 5548 PhTVTune (7501124dabaca0c87b1375012a17c7fb) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
2011/09/14 20:44:21.0171 5548 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/14 20:44:21.0218 5548 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2011/09/14 20:44:21.0265 5548 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/14 20:44:21.0328 5548 prodrv06 (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
2011/09/14 20:44:21.0359 5548 prohlp02 (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
2011/09/14 20:44:21.0406 5548 prosync1 (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
2011/09/14 20:44:21.0468 5548 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/14 20:44:21.0500 5548 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/14 20:44:21.0546 5548 PxHelp20 (fd9d44ec6d99edfa3782f870b7e00682) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2011/09/14 20:44:21.0750 5548 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/14 20:44:21.0796 5548 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/14 20:44:21.0843 5548 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/14 20:44:21.0875 5548 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/14 20:44:21.0921 5548 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/14 20:44:21.0953 5548 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/14 20:44:22.0015 5548 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/14 20:44:22.0109 5548 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/14 20:44:22.0156 5548 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/14 20:44:22.0218 5548 Rksample (bb7549bd94d1aac3599c7606c50c48a0) C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
2011/09/14 20:44:22.0296 5548 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/14 20:44:22.0375 5548 rttfsfilt (a6c55937a96013aab661320ab7ae79e4) C:\WINDOWS\system32\DRIVERS\rttfsfilt.sys
2011/09/14 20:44:22.0421 5548 rttmntr (b3f06f191cf0ced57d935978e5237488) C:\WINDOWS\system32\DRIVERS\rttmntr.sys
2011/09/14 20:44:22.0500 5548 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/14 20:44:22.0546 5548 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/14 20:44:22.0593 5548 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/14 20:44:22.0656 5548 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
2011/09/14 20:44:22.0703 5548 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/09/14 20:44:22.0765 5548 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/14 20:44:22.0875 5548 snaprtt (df17ef21df192f7dcf85e3e9a2d12ac5) C:\WINDOWS\system32\DRIVERS\snaprtt.sys
2011/09/14 20:44:22.0937 5548 SoftFax (d9e8e0ce154a2f6430d9efabdf730867) C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
2011/09/14 20:44:23.0015 5548 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/14 20:44:23.0078 5548 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/14 20:44:23.0203 5548 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/14 20:44:23.0296 5548 st3wolf (1e9a652d898cc96038e5e5554f79c49f) C:\WINDOWS\system32\DRIVERS\st3wolf.sys
2011/09/14 20:44:23.0359 5548 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/14 20:44:23.0406 5548 stwlfbus (24e09d134304fbc605626fced3e4cb50) C:\WINDOWS\system32\DRIVERS\stwlfbus.sys
2011/09/14 20:44:23.0453 5548 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/14 20:44:23.0500 5548 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/14 20:44:23.0671 5548 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/14 20:44:23.0734 5548 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/14 20:44:23.0796 5548 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/14 20:44:23.0828 5548 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/14 20:44:23.0875 5548 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/14 20:44:23.0953 5548 Tones (8021a499db46b2961c285168671cb9af) C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
2011/09/14 20:44:24.0031 5548 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/14 20:44:24.0078 5548 UlSata (b37c465ec8029d732cd572b347dacc2e) C:\WINDOWS\system32\DRIVERS\ulsata.sys
2011/09/14 20:44:24.0203 5548 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/14 20:44:24.0281 5548 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/14 20:44:24.0328 5548 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/14 20:44:24.0375 5548 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/14 20:44:24.0421 5548 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/14 20:44:24.0468 5548 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/14 20:44:24.0515 5548 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/14 20:44:24.0546 5548 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/14 20:44:24.0593 5548 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/09/14 20:44:24.0656 5548 V124 (269c0ade94b90029b12497747be408cb) C:\WINDOWS\system32\DRIVERS\HSF_V124.sys
2011/09/14 20:44:24.0734 5548 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/14 20:44:24.0812 5548 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/14 20:44:24.0875 5548 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
2011/09/14 20:44:25.0000 5548 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/14 20:44:25.0062 5548 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/14 20:44:25.0156 5548 winachsf (1225ebea76aac3c84df6c54fe5e5d8be) C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
2011/09/14 20:44:25.0281 5548 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/09/14 20:44:25.0375 5548 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/14 20:44:25.0437 5548 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/14 20:44:25.0468 5548 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/14 20:44:25.0546 5548 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
2011/09/14 20:44:25.0718 5548 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk1\DR1
2011/09/14 20:44:25.0859 5548 MBR (0x1B8) (35fb015cc001342c00298136544ed201) \Device\Harddisk3\DR9
2011/09/14 20:44:36.0796 5548 Boot (0x1200) (c96e62c01a76c3890ee9a4ab14cf8417) \Device\Harddisk0\DR0\Partition0
2011/09/14 20:44:36.0812 5548 Boot (0x1200) (958236c47b2d57369284ec47e51a735d) \Device\Harddisk0\DR0\Partition1
2011/09/14 20:44:36.0843 5548 Boot (0x1200) (4803db809471316eab3cf251dc53f55a) \Device\Harddisk0\DR0\Partition2
2011/09/14 20:44:36.0843 5548 Boot (0x1200) (1d35c13aadf6f274eb38fbbc81d45634) \Device\Harddisk1\DR1\Partition0
2011/09/14 20:44:36.0875 5548 Boot (0x1200) (b9c79fd6862c7f8a31579213ff89b101) \Device\Harddisk3\DR9\Partition0
2011/09/14 20:44:36.0875 5548 ================================================================================
2011/09/14 20:44:36.0875 5548 Scan finished
2011/09/14 20:44:36.0875 5548 ================================================================================
2011/09/14 20:44:36.0890 0708 Detected object count: 0
2011/09/14 20:44:36.0890 0708 Actual detected object count: 0
2011/09/14 20:45:23.0703 2912 ================================================================================
2011/09/14 20:45:23.0703 2912 Scan started
2011/09/14 20:45:23.0703 2912 Mode: Manual;
2011/09/14 20:45:23.0703 2912 ================================================================================
2011/09/14 20:45:24.0343 2912 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
2011/09/14 20:45:24.0421 2912 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/09/14 20:45:24.0593 2912 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/14 20:45:24.0671 2912 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/14 20:45:24.0812 2912 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/14 20:45:24.0890 2912 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/14 20:45:24.0968 2912 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/09/14 20:45:25.0187 2912 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2011/09/14 20:45:25.0312 2912 ALCXWDM (4dd2c10fc6434fedcb7c71fbdc1f107a) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/09/14 20:45:25.0468 2912 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/09/14 20:45:25.0640 2912 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/09/14 20:45:25.0687 2912 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/09/14 20:45:25.0734 2912 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/09/14 20:45:25.0781 2912 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/09/14 20:45:25.0843 2912 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/09/14 20:45:25.0890 2912 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
2011/09/14 20:45:25.0953 2912 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/09/14 20:45:26.0000 2912 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/14 20:45:26.0046 2912 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/14 20:45:26.0265 2912 ati2mtag (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/09/14 20:45:26.0421 2912 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/14 20:45:26.0468 2912 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/14 20:45:26.0546 2912 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
2011/09/14 20:45:26.0593 2912 basic2 (1b9c81ab9a456eabd9f8335f04b5f495) C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
2011/09/14 20:45:26.0640 2912 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/14 20:45:26.0703 2912 C-Dilla (8970813a3d73e390047d0b17e4af852c) C:\WINDOWS\System32\drivers\CDANT.SYS
2011/09/14 20:45:26.0765 2912 Cap7134 (da674a868ff251b580e291d90d3caa15) C:\WINDOWS\system32\DRIVERS\Cap7134.sys
2011/09/14 20:45:26.0828 2912 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/14 20:45:26.0875 2912 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/14 20:45:26.0937 2912 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/14 20:45:26.0968 2912 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/14 20:45:27.0031 2912 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/14 20:45:27.0296 2912 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/14 20:45:27.0375 2912 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/14 20:45:27.0453 2912 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/14 20:45:27.0484 2912 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/14 20:45:27.0546 2912 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/14 20:45:27.0625 2912 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/14 20:45:27.0687 2912 EL2000 (9d356817b223067ff6f7f9eb867585ef) C:\WINDOWS\system32\DRIVERS\EL2K_XP.sys
2011/09/14 20:45:27.0765 2912 Fallback (c823debe2548656549f84a875d65237b) C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
2011/09/14 20:45:27.0812 2912 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/14 20:45:27.0875 2912 fasttx2k (5d95724d3c3923449c02be1106657bcd) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
2011/09/14 20:45:27.0921 2912 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/14 20:45:27.0968 2912 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/14 20:45:28.0000 2912 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/14 20:45:28.0062 2912 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/14 20:45:28.0125 2912 FlyPCI (93f7e288350460e4bae8807283dd4e6e) C:\WINDOWS\system32\drivers\FlyPCI.sys
2011/09/14 20:45:28.0187 2912 Fsks (6483414841d4cab6c3b4db2ac6edd70b) C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
2011/09/14 20:45:28.0234 2912 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/14 20:45:28.0265 2912 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/14 20:45:28.0312 2912 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/14 20:45:28.0390 2912 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/14 20:45:28.0500 2912 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/09/14 20:45:28.0546 2912 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/09/14 20:45:28.0578 2912 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/09/14 20:45:28.0625 2912 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
2011/09/14 20:45:28.0703 2912 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
2011/09/14 20:45:28.0796 2912 hsf_msft (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
2011/09/14 20:45:28.0875 2912 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/14 20:45:29.0000 2912 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/14 20:45:29.0046 2912 imagedrv (0a7c49b48c772591a2d362daa00246c8) C:\WINDOWS\system32\Drivers\imagedrv.sys
2011/09/14 20:45:29.0078 2912 imagesrv (549ba4f539e7b8d8129500b96dd7b27a) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
2011/09/14 20:45:29.0140 2912 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/14 20:45:29.0281 2912 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/14 20:45:29.0328 2912 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/14 20:45:29.0375 2912 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/14 20:45:29.0421 2912 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/14 20:45:29.0468 2912 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/14 20:45:29.0515 2912 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/14 20:45:29.0562 2912 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/14 20:45:29.0609 2912 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/14 20:45:29.0671 2912 ISWKL (ca1971e21609f22e07a95cc3147b6ced) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
2011/09/14 20:45:29.0765 2912 K56 (9c5e3fdbfcc30cf71a49ca178b9ad442) C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
2011/09/14 20:45:29.0828 2912 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/14 20:45:29.0906 2912 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/14 20:45:29.0968 2912 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/14 20:45:30.0125 2912 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/09/14 20:45:30.0312 2912 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/14 20:45:30.0375 2912 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/14 20:45:30.0406 2912 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/14 20:45:30.0453 2912 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/14 20:45:30.0515 2912 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/14 20:45:30.0593 2912 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/14 20:45:30.0656 2912 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/14 20:45:30.0718 2912 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
2011/09/14 20:45:30.0765 2912 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/14 20:45:30.0812 2912 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/14 20:45:30.0843 2912 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/14 20:45:30.0906 2912 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/14 20:45:30.0937 2912 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/14 20:45:31.0015 2912 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/14 20:45:31.0046 2912 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/14 20:45:31.0093 2912 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/14 20:45:31.0156 2912 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/14 20:45:31.0203 2912 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/14 20:45:31.0250 2912 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/14 20:45:31.0312 2912 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/14 20:45:31.0375 2912 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/14 20:45:31.0421 2912 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/14 20:45:31.0468 2912 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/14 20:45:31.0515 2912 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/14 20:45:31.0593 2912 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/09/14 20:45:31.0656 2912 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/14 20:45:31.0734 2912 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/14 20:45:31.0812 2912 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/14 20:45:31.0859 2912 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/14 20:45:31.0890 2912 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/14 20:45:31.0953 2912 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/09/14 20:45:32.0015 2912 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/14 20:45:32.0062 2912 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/14 20:45:32.0093 2912 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/14 20:45:32.0140 2912 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/14 20:45:32.0218 2912 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/14 20:45:32.0265 2912 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/14 20:45:32.0546 2912 PhTVTune (7501124dabaca0c87b1375012a17c7fb) C:\WINDOWS\system32\DRIVERS\PhTVTune.sys
2011/09/14 20:45:32.0593 2912 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/14 20:45:32.0656 2912 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2011/09/14 20:45:32.0703 2912 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/14 20:45:32.0765 2912 prodrv06 (18d9789a4664bf417eea944d2776091a) C:\WINDOWS\System32\drivers\prodrv06.sys
2011/09/14 20:45:32.0812 2912 prohlp02 (8cc9671a7ed2902e747ee0892e1c8575) C:\WINDOWS\system32\drivers\prohlp02.sys
2011/09/14 20:45:32.0859 2912 prosync1 (960bce3ed38761b446aabac06c76badf) C:\WINDOWS\system32\drivers\prosync1.sys
2011/09/14 20:45:32.0906 2912 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/14 20:45:32.0937 2912 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/14 20:45:33.0000 2912 PxHelp20 (fd9d44ec6d99edfa3782f870b7e00682) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2011/09/14 20:45:33.0171 2912 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/14 20:45:33.0234 2912 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/14 20:45:33.0281 2912 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/14 20:45:33.0359 2912 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/14 20:45:33.0421 2912 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/14 20:45:33.0453 2912 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/14 20:45:33.0515 2912 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/14 20:45:33.0578 2912 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/14 20:45:33.0640 2912 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/14 20:45:33.0703 2912 Rksample (bb7549bd94d1aac3599c7606c50c48a0) C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
2011/09/14 20:45:33.0750 2912 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/14 20:45:33.0796 2912 rttfsfilt (a6c55937a96013aab661320ab7ae79e4) C:\WINDOWS\system32\DRIVERS\rttfsfilt.sys
2011/09/14 20:45:33.0843 2912 rttmntr (b3f06f191cf0ced57d935978e5237488) C:\WINDOWS\system32\DRIVERS\rttmntr.sys
2011/09/14 20:45:33.0921 2912 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/14 20:45:33.0968 2912 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/14 20:45:34.0015 2912 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/14 20:45:34.0078 2912 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
2011/09/14 20:45:34.0125 2912 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/09/14 20:45:34.0203 2912 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/14 20:45:34.0296 2912 snaprtt (df17ef21df192f7dcf85e3e9a2d12ac5) C:\WINDOWS\system32\DRIVERS\snaprtt.sys
2011/09/14 20:45:34.0359 2912 SoftFax (d9e8e0ce154a2f6430d9efabdf730867) C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
2011/09/14 20:45:34.0437 2912 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/14 20:45:34.0515 2912 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/14 20:45:34.0625 2912 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/14 20:45:34.0703 2912 st3wolf (1e9a652d898cc96038e5e5554f79c49f) C:\WINDOWS\system32\DRIVERS\st3wolf.sys
2011/09/14 20:45:34.0765 2912 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/14 20:45:34.0812 2912 stwlfbus (24e09d134304fbc605626fced3e4cb50) C:\WINDOWS\system32\DRIVERS\stwlfbus.sys
2011/09/14 20:45:34.0859 2912 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/14 20:45:34.0906 2912 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/14 20:45:35.0078 2912 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/14 20:45:35.0140 2912 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/14 20:45:35.0203 2912 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/14 20:45:35.0250 2912 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/14 20:45:35.0296 2912 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/14 20:45:35.0375 2912 Tones (8021a499db46b2961c285168671cb9af) C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
2011/09/14 20:45:35.0453 2912 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/14 20:45:35.0500 2912 UlSata (b37c465ec8029d732cd572b347dacc2e) C:\WINDOWS\system32\DRIVERS\ulsata.sys
2011/09/14 20:45:35.0609 2912 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/14 20:45:35.0671 2912 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/14 20:45:35.0734 2912 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/14 20:45:35.0781 2912 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/14 20:45:35.0828 2912 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/14 20:45:35.0859 2912 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/14 20:45:35.0906 2912 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/14 20:45:35.0937 2912 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/14 20:45:36.0000 2912 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/09/14 20:45:36.0062 2912 V124 (269c0ade94b90029b12497747be408cb) C:\WINDOWS\system32\DRIVERS\HSF_V124.sys
2011/09/14 20:45:36.0125 2912 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/14 20:45:36.0203 2912 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/14 20:45:36.0281 2912 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
2011/09/14 20:45:36.0406 2912 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/14 20:45:36.0484 2912 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/14 20:45:36.0562 2912 winachsf (1225ebea76aac3c84df6c54fe5e5d8be) C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
2011/09/14 20:45:36.0687 2912 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/09/14 20:45:36.0750 2912 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/14 20:45:36.0812 2912 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/14 20:45:36.0843 2912 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/14 20:45:36.0921 2912 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
2011/09/14 20:45:37.0109 2912 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk1\DR1
2011/09/14 20:45:37.0218 2912 MBR (0x1B8) (35fb015cc001342c00298136544ed201) \Device\Harddisk3\DR9
2011/09/14 20:45:48.0187 2912 Boot (0x1200) (c96e62c01a76c3890ee9a4ab14cf8417) \Device\Harddisk0\DR0\Partition0
2011/09/14 20:45:48.0203 2912 Boot (0x1200) (958236c47b2d57369284ec47e51a735d) \Device\Harddisk0\DR0\Partition1
2011/09/14 20:45:48.0234 2912 Boot (0x1200) (4803db809471316eab3cf251dc53f55a) \Device\Harddisk0\DR0\Partition2
2011/09/14 20:45:48.0234 2912 Boot (0x1200) (1d35c13aadf6f274eb38fbbc81d45634) \Device\Harddisk1\DR1\Partition0
2011/09/14 20:45:48.0265 2912 Boot (0x1200) (b9c79fd6862c7f8a31579213ff89b101) \Device\Harddisk3\DR9\Partition0
2011/09/14 20:45:48.0265 2912 ================================================================================
2011/09/14 20:45:48.0265 2912 Scan finished
2011/09/14 20:45:48.0265 2912 ================================================================================
2011/09/14 20:45:48.0281 2340 Detected object count: 0
2011/09/14 20:45:48.0281 2340 Actual detected object count: 0

muhu být tedy snad klidnější?

#4 Příspěvek od **vyosek** » 14 zář 2011 19:50

vypada to dobre, jeste poprosim o log z RSIT - at se podivame ci tam nejsou nejake zbytecnosti a jina havet...ale mbr rootkit by tam byt nemel

attacted · #5 Příspěvek od **attacted** » 14 zář 2011 20:00

To by mělo být asi tohleto, že? No tam už to asi bude slabší...

Logfile of random's system information tool 1.09 (written by random/random)
Run by RADEK at 2011-09-14 20:07:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (8%) free of 17 GB
Total RAM: 1023 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:01, on 14.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17098)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\36pdlxrypt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\MMTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Restore Desktop\RestoreDesktop.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\FLY2000TV\FlyAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Avant Browser\avant.exe
D:\INTERNET\Skype\Phone\Skype.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mass Downloader\massdown.exe
D:\PRENOS\RSIT.exe
C:\Program Files\trend micro\RADEK.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://v73.us/10095/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://v73.us/10095/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.autosport.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://v73.us/10095/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://v73.us/10095/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://v73.us/10095/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://v73.us/10095/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://v73.us/10095/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://v73.us/10095/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://v73.us/10095/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = http://v73.us/10095/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://v73.us/10095/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O2 - BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\INTERNET\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: IECatcher Class - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - C:\Program Files\Mass Downloader\MDHELPER.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [pdlxSZH] C:\WINDOWS\system32\36pdlxrypt.exe
O4 - HKLM\..\Run: [decatm] C:\WINDOWS\system32\dview.exe
O4 - HKLM\..\Run: [vcoxvwcf] C:\WINDOWS\system32\leerilt.exe
O4 - HKLM\..\Run: [ledsfevv] C:\WINDOWS\system32\ti3autap.exe
O4 - HKLM\..\Run: [AVIZom] C:\WINDOWS\system32\oktiAvha.exe
O4 - HKLM\..\Run: [ivctx] C:\WINDOWS\system32\ivicn.exe
O4 - HKLM\..\Run: [decii] C:\WINDOWS\system32\vxudibv.exe
O4 - HKLM\..\Run: [ti2MGRkvma] C:\WINDOWS\system32\dvapZLIB.exe
O4 - HKLM\..\Run: [mtsti] C:\WINDOWS\system32\34ASC3nEx.exe
O4 - HKLM\..\Run: [ditpvcn] C:\WINDOWS\system32\lietremsex.exe
O4 - HKLM\..\Run: [o4sAVG] C:\WINDOWS\system32\pc2dTIDD.exe
O4 - HKLM\..\Run: [tiodsldvcc] C:\WINDOWS\system32\gnExnds.exe
O4 - HKLM\..\Run: [ctre1a] C:\WINDOWS\system32\salieerv.exe
O4 - HKLM\..\Run: [sldpTIDE] C:\WINDOWS\system32\4conpmgr.exe
O4 - HKLM\..\Run: [dlrov] C:\WINDOWS\system32\hlipv.exe
O4 - HKLM\..\Run: [comcal] C:\WINDOWS\system32\aaati3car.exe
O4 - HKLM\..\Run: [ivalase] C:\WINDOWS\system32\resqati2.exe
O4 - HKLM\..\Run: [parlr2d] C:\WINDOWS\system32\acpph.exe
O4 - HKLM\..\Run: [C321ag] C:\WINDOWS\system32\trvag1ag.exe
O4 - HKLM\..\Run: [ivxmgrkv] C:\WINDOWS\system32\kvccmsvc.exe
O4 - HKLM\..\Run: [dsmxapor] C:\WINDOWS\system32\C32tii.exe
O4 - HKLM\..\Run: [leZimxx] C:\WINDOWS\system32\upschk.exe
O4 - HKLM\..\Run: [C3reaxx] C:\WINDOWS\system32\resdsnpnso.exe
O4 - HKLM\..\Run: [accexxod] C:\WINDOWS\system32\codlctp.exe
O4 - HKLM\..\Run: [dmpti] C:\WINDOWS\system32\34co365.exe
O4 - HKLM\..\Run: [C3dpti] C:\WINDOWS\system32\ppmo32.exe
O4 - HKLM\..\Run: [6to4ent] C:\WINDOWS\system32\ticalrkvm.exe
O4 - HKLM\..\Run: [co3dTID] C:\WINDOWS\system32\tiogvcox.exe
O4 - HKLM\..\Run: [adspph] C:\WINDOWS\system32\callrttkct.exe
O4 - HKLM\..\Run: [ivedti3] C:\WINDOWS\system32\fWCoitsbox.exe
O4 - HKLM\..\Run: [svtiok] C:\WINDOWS\system32\to4stvtml.exe
O4 - HKLM\..\Run: [ilsrcfgn] C:\WINDOWS\system32\ivdsnt.exe
O4 - HKLM\..\Run: [uptihc] C:\WINDOWS\system32\icnignEio.exe
O4 - HKLM\..\Run: [ditcoarc] C:\WINDOWS\system32\cSigdmpa.exe
O4 - HKLM\..\Run: [RePRTIvw] C:\WINDOWS\system32\mgmapes.exe
O4 - HKLM\..\Run: [ledsrvps] C:\WINDOWS\system32\xVfWdmDEM.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [upATHP] C:\WINDOWS\system32\34tklac.exe
O4 - HKLM\..\Run: [DDCDEMtip] C:\WINDOWS\system32\AVIAVI.exe
O4 - HKLM\..\Run: [esrbidelc] C:\WINDOWS\system32\kvmvu.exe
O4 - HKLM\..\Run: [iscmdmcon] C:\WINDOWS\system32\acdldpcdv.exe
O4 - HKLM\..\Run: [lxwsocx] C:\WINDOWS\system32\resSV2ace.exe
O4 - HKLM\..\Run: [arclctipd] C:\WINDOWS\system32\luidmp32.exe
O4 - HKLM\..\Run: [SASlcl] C:\WINDOWS\system32\aa3d1.exe
O4 - HKLM\..\Run: [acctapti2e] C:\WINDOWS\system32\helplxx.exe
O4 - HKLM\..\Run: [edssfer] C:\WINDOWS\system32\icndims.exe
O4 - HKLM\..\Run: [comCR1ap] C:\WINDOWS\system32\6tiiexoxx.exe
O4 - HKLM\..\Run: [comxpcf] C:\WINDOWS\system32\nExti3ti.exe
O4 - HKLM\..\Run: [packms] C:\WINDOWS\system32\tifdsl.exe
O4 - HKLM\..\Run: [rciode] C:\WINDOWS\system32\v12vic.exe
O4 - HKLM\..\Run: [rsemg2evx] C:\WINDOWS\system32\icnived.exe
O4 - HKLM\..\Run: [34cfil] C:\WINDOWS\system32\VGASV1tp.exe
O4 - HKLM\..\Run: [tksc1] C:\WINDOWS\system32\ti2vi.exe
O4 - HKLM\..\Run: [svcatmf] C:\WINDOWS\system32\C3cadf.exe
O4 - HKLM\..\Run: [ppmuagtr] C:\WINDOWS\system32\dsndvar.exe
O4 - HKLM\..\Run: [o4svlipar] C:\WINDOWS\system32\tiogvva.exe
O4 - HKLM\..\Run: [adlmfdVI] C:\WINDOWS\system32\sycfMSZH.exe
O4 - HKLM\..\Run: [dmpdslnds] C:\WINDOWS\system32\ivdxx.exe
O4 - HKLM\..\Run: [4coctxTI] C:\WINDOWS\system32\comivive.exe
O4 - HKLM\..\Run: [ad2dv] C:\WINDOWS\system32\6toti.exe
O4 - HKLM\..\Run: [ditti2] C:\WINDOWS\system32\ad3d1.exe
O4 - HKLM\..\Run: [C3snt] C:\WINDOWS\system32\sftitiv.exe
O4 - HKLM\..\Run: [adscnvie] C:\WINDOWS\system32\rectxp.exe
O4 - HKLM\..\Run: [sycfATHP] C:\WINDOWS\system32\dptppSUSA.exe
O4 - HKLM\..\Run: [qagpvcn] C:\WINDOWS\system32\cSitivuto.exe
O4 - HKLM\..\Run: [4svg32] C:\WINDOWS\system32\ctvhatt.exe
O4 - HKLM\..\Run: [dvplclmin] C:\WINDOWS\system32\dsntaxx.exe
O4 - HKLM\..\Run: [dmerrkc] C:\WINDOWS\system32\dstiti.exe
O4 - HKLM\..\Run: [dlgscdll] C:\WINDOWS\system32\MGvvati.exe
O4 - HKLM\..\Run: [hlibdf] C:\WINDOWS\system32\2cqudio.exe
O4 - HKLM\..\Run: [4cbres2cqa] C:\WINDOWS\system32\ivxdecde.exe
O4 - HKLM\..\Run: [leZdpti] C:\WINDOWS\system32\tifadpp.exe
O4 - HKLM\..\Run: [to4sxprx] C:\WINDOWS\system32\lieupelp.exe
O4 - HKLM\..\Run: [pctmfd] C:\WINDOWS\system32\devpory.exe
O4 - HKLM\..\Run: [packre3d] C:\WINDOWS\system32\icncodeMSZH.exe
O4 - HKLM\..\Run: [dslavm] C:\WINDOWS\system32\cfdxvcAvh.exe
O4 - HKLM\..\Run: [lecluipa] C:\WINDOWS\system32\cdTIDex.exe
O4 - HKLM\..\Run: [adtitipd] C:\WINDOWS\system32\ctxptr.exe
O4 - HKLM\..\Run: [dimg2dva] C:\WINDOWS\system32\lrsiod.exe
O4 - HKLM\..\Run: [ogll3] C:\WINDOWS\system32\trctqavaa.exe
O4 - HKLM\..\Run: [ivxl3] C:\WINDOWS\system32\dni5edds.exe
O4 - HKLM\..\Run: [tiogmf] C:\WINDOWS\system32\dsnSV2.exe
O4 - HKLM\..\Run: [desnt] C:\WINDOWS\system32\sycTIud.exe
O4 - HKLM\..\Run: [dmpadsn] C:\WINDOWS\system32\apAVIZap.exe
O4 - HKLM\..\Run: [clrxAVI] C:\WINDOWS\system32\34coacl.exe
O4 - HKLM\..\Run: [4coeamTI] C:\WINDOWS\system32\chlMGti.exe
O4 - HKLM\..\Run: [rcherro] C:\WINDOWS\system32\ctictx.exe
O4 - HKLM\..\Run: [mttivatl] C:\WINDOWS\system32\sferti2e.exe
O4 - HKLM\..\Run: [ditcSi] C:\WINDOWS\system32\ivcdbrompo.exe
O4 - HKLM\..\Run: [ivvaatkc] C:\WINDOWS\system32\cctcSi.exe
O4 - HKLM\..\Run: [codeignE] C:\WINDOWS\system32\34cldp.exe
O4 - HKLM\..\Run: [ctivph] C:\WINDOWS\system32\igntival.exe
O4 - HKLM\..\Run: [monl3jmon] C:\WINDOWS\system32\adslxrole.exe
O4 - HKLM\..\Run: [3d2mdmnvfa] C:\WINDOWS\system32\aclu2dv.exe
O4 - HKLM\..\Run: [tiMSAvwi] C:\WINDOWS\system32\adlxAV.exe
O4 - HKLM\..\Run: [tl7disp] C:\WINDOWS\system32\cSMGvcmxx.exe
O4 - HKLM\..\Run: [lxxtitvica] C:\WINDOWS\system32\dniC32.exe
O4 - HKLM\..\Run: [dvpatitv] C:\WINDOWS\system32\qagcalr.exe
O4 - HKLM\..\Run: [ivxSV1] C:\WINDOWS\system32\deccttii.exe
O4 - HKLM\..\Run: [attdis] C:\WINDOWS\system32\cnoAvwiapi.exe
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [nExcatml] C:\WINDOWS\system32\C32AA.exe
O4 - HKLM\..\Run: [libg32] C:\WINDOWS\system32\ivent.exe
O4 - HKLM\..\Run: [ivxresdm] C:\WINDOWS\system32\DDututod.exe
O4 - HKLM\..\Run: [4svcalr] C:\WINDOWS\system32\trea3d.exe
O4 - HKLM\..\Run: [vahal3ases] C:\WINDOWS\system32\ticaaceVIW.exe
O4 - HKLM\..\Run: [rxMGios] C:\WINDOWS\system32\nExxpr.exe
O4 - HKLM\..\Run: [utodlack] C:\WINDOWS\system32\adppmg.exe
O4 - HKLM\..\Run: [svcrsemts] C:\WINDOWS\system32\mstr2c.exe
O4 - HKLM\..\Run: [snwdxxtic] C:\WINDOWS\system32\C3AAVG.exe
O4 - HKLM\..\Run: [lderro] C:\WINDOWS\system32\tiusaptsv.exe
O4 - HKLM\..\Run: [4sendec] C:\WINDOWS\system32\ivectxpnet.exe
O4 - HKLM\..\Run: [vicaviZLIB] C:\WINDOWS\system32\vxxcol.exe
O4 - HKLM\..\Run: [C32cti] C:\WINDOWS\system32\ASC3resycf.exe
O4 - HKLM\..\Run: [nIco1a] C:\WINDOWS\system32\AAdpti.exe
O4 - HKLM\..\Run: [oxxvieui] C:\WINDOWS\system32\o32ZLIB.exe
O4 - HKLM\..\Run: [dsnIVCR] C:\WINDOWS\system32\ti2evc.exe
O4 - HKLM\..\Run: [ciscam] C:\WINDOWS\system32\lrsvcr2avme.exe
O4 - HKLM\..\Run: [acRXY] C:\WINDOWS\system32\4codetivc.exe
O4 - HKLM\..\Run: [lxxVIC3dxo] C:\WINDOWS\system32\qagvaa.exe
O4 - HKLM\..\Run: [utovi] C:\WINDOWS\system32\vvaxticmp.exe
O4 - HKLM\..\Run: [ivxaclcS] C:\WINDOWS\system32\cluedZL.exe
O4 - HKLM\..\Run: [dsntiog] C:\WINDOWS\system32\kvmtio.exe
O4 - HKLM\..\Run: [ledevx3d1] C:\WINDOWS\system32\catedi.exe
O4 - HKLM\..\Run: [svl32eta] C:\WINDOWS\system32\npiorypt.exe
O4 - HKLM\..\Run: [ignedsrxy] C:\WINDOWS\system32\C32dva.exe
O4 - HKLM\..\Run: [ivxdec] C:\WINDOWS\system32\ogmmdl.exe
O4 - HKLM\..\Run: [rxi322a] C:\WINDOWS\system32\thk3dr.exe
O4 - HKLM\..\Run: [ndavmeotvi] C:\WINDOWS\system32\vxo32.exe
O4 - HKLM\..\Run: [ASSVvxx] C:\WINDOWS\system32\svmtsSUSA.exe
O4 - HKLM\..\Run: [lddsmskc] C:\WINDOWS\system32\monmfdrd.exe
O4 - HKLM\..\Run: [AcSwsews] C:\WINDOWS\system32\34codit.exe
O4 - HKLM\..\Run: [mdsfIWRA] C:\WINDOWS\system32\snttitpan.exe
O4 - HKLM\..\Run: [pvcocx] C:\WINDOWS\system32\toacdpti.exe
O4 - HKLM\..\Run: [ivpp2dbthc] C:\WINDOWS\system32\ivxdecdv.exe
O4 - HKLM\..\Run: [ASCdmpsl] C:\WINDOWS\system32\5dnC32.exe
O4 - HKLM\..\Run: [co2dmpr] C:\WINDOWS\system32\ivxaaatre.exe
O4 - HKLM\..\Run: [4comer] C:\WINDOWS\system32\ocxcatemu.exe
O4 - HKLM\..\Run: [rxcaoglx] C:\WINDOWS\system32\dptiRAP.exe
O4 - HKLM\..\Run: [ASCitomdl] C:\WINDOWS\system32\fWCoackap.exe
O4 - HKLM\..\Run: [svifilro] C:\WINDOWS\system32\2cqamag.exe
O4 - HKLM\..\Run: [dsncalmx] C:\WINDOWS\system32\vaavagbth.exe
O4 - HKLM\..\Run: [o4svod] C:\WINDOWS\system32\dbldIWdos.exe
O4 - HKLM\..\Run: [coatter_3] C:\WINDOWS\system32\lietiodmdm.exe
O4 - HKLM\..\Run: [tiext2cq] C:\WINDOWS\system32\dptds.exe
O4 - HKLM\..\Run: [leZictiv] C:\WINDOWS\system32\to4sfws.exe
O4 - HKLM\..\Run: [exertmpt32] C:\WINDOWS\system32\6toms.exe
O4 - HKLM\..\Run: [comex] C:\WINDOWS\system32\ivctxdsl.exe
O4 - HKLM\..\Run: [basvcp32] C:\WINDOWS\system32\hl2eti2.exe
O4 - HKLM\..\Run: [hliAVrows] C:\WINDOWS\system32\VGArcbt.exe
O4 - HKLM\..\Run: [2cq1a] C:\WINDOWS\system32\apiaclu.exe
O4 - HKLM\..\Run: [apecr] C:\WINDOWS\system32\dsnwDEM.exe
O4 - HKLM\..\Run: [adadcal71] C:\WINDOWS\system32\cotreZLIB.exe
O4 - HKLM\..\Run: [ppti2dlc] C:\WINDOWS\system32\4comcled.exe
O4 - HKLM\..\Run: [ticavcox] C:\WINDOWS\system32\mtDDudpanu.exe
O4 - HKLM\..\Run: [LIBmdm] C:\WINDOWS\system32\leZico.exe
O4 - HKLM\..\Run: [ivxhel] C:\WINDOWS\system32\tmvic.exe
O4 - HKLM\..\Run: [nExtctdpti] C:\WINDOWS\system32\condlcryp.exe
O4 - HKLM\..\Run: [o4cctraclu] C:\WINDOWS\system32\o4lietica.exe
O4 - HKLM\..\Run: [dpcod] C:\WINDOWS\system32\baldsntatsr.exe
O4 - HKLM\..\Run: [dpapine] C:\WINDOWS\system32\reptdl.exe
O4 - HKLM\..\Run: [mfdattil] C:\WINDOWS\system32\amace.exe
O4 - HKLM\..\Run: [vhanui] C:\WINDOWS\system32\titiyatkc.exe
O4 - HKLM\..\Run: [ctxptia] C:\WINDOWS\system32\dsattomca.exe
O4 - HKLM\..\Run: [ldsvc2d] C:\WINDOWS\system32\pheo32.exe
O4 - HKLM\..\Run: [rxyRXti] C:\WINDOWS\system32\C32dsms.exe
O4 - HKLM\..\Run: [acdlrsv] C:\WINDOWS\system32\qag2dva.exe
O4 - HKLM\..\Run: [packti2e] C:\WINDOWS\system32\xtexxvidA.exe
O4 - HKLM\..\Run: [lcllddp32] C:\WINDOWS\system32\pcutio.exe
O4 - HKLM\..\Run: [ad3dca] C:\WINDOWS\system32\vcoxVI.exe
O4 - HKLM\..\Run: [o4cttmif] C:\WINDOWS\system32\balapi.exe
O4 - HKLM\..\Run: [balsflcl] C:\WINDOWS\system32\o4dxvmet.exe
O4 - HKLM\..\Run: [Zipocx] C:\WINDOWS\system32\i32advp.exe
O4 - HKLM\..\Run: [34cocS] C:\WINDOWS\system32\365ddp.exe
O4 - HKLM\..\Run: [ldlrs] C:\WINDOWS\system32\amAVleZ.exe
O4 - HKLM\..\Run: [ckbompbk] C:\WINDOWS\system32\edsxpr.exe
O4 - HKLM\..\Run: [igeleqc] C:\WINDOWS\system32\api4co.exe
O4 - HKLM\..\Run: [addva] C:\WINDOWS\system32\lenExtIVC.exe
O4 - HKLM\..\Run: [luieds] C:\WINDOWS\system32\vpacppm.exe
O4 - HKLM\..\Run: [dpvcr] C:\WINDOWS\system32\cldleqc.exe
O4 - HKLM\..\Run: [ASeditMGR] C:\WINDOWS\system32\lrsvexxatk.exe
O4 - HKLM\..\Run: [bale2eti2e] C:\WINDOWS\system32\adsmgm.exe
O4 - HKLM\..\Run: [titrs] C:\WINDOWS\system32\65dleZi.exe
O4 - HKLM\..\Run: [vagti2] C:\WINDOWS\system32\SASVti3.exe
O4 - HKLM\..\Run: [aafileview] C:\WINDOWS\system32\pccald.exe
O4 - HKLM\..\Run: [acived] C:\WINDOWS\system32\gnsrv.exe
O4 - HKLM\..\Run: [cttilcl71] C:\WINDOWS\system32\Codsnw.exe
O4 - HKLM\..\Run: [SAlibl3] C:\WINDOWS\system32\dptiti.exe
O4 - HKLM\..\Run: [4svccod] C:\WINDOWS\system32\leZlepack.exe
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [Disk Keeper DeliveryManager] C:\WINDOWS\system32\csvhost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RestoreDesktop] C:\Program Files\Restore Desktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [reiveddsn] C:\WINDOWS\system32\apisvcsn.exe
O4 - HKCU\..\Run: [monmstCR1] C:\WINDOWS\system32\VGAnExt.exe
O4 - HKCU\..\Run: [6tpars] C:\WINDOWS\system32\RXY3x2.exe
O4 - HKCU\..\Run: [dsntre] C:\WINDOWS\system32\adcfildss.exe
O4 - HKCU\..\Run: [6troSAS] C:\WINDOWS\system32\magmxx.exe
O4 - HKCU\..\Run: [vil32comr] C:\WINDOWS\system32\34ati2elx.exe
O4 - HKCU\..\Run: [dsmgwser] C:\WINDOWS\system32\mcomrtdl.exe
O4 - HKCU\..\Run: [MGRtml] C:\WINDOWS\system32\AVGAcfil.exe
O4 - HKCU\..\Run: [o4elvwav] C:\WINDOWS\system32\dvapne.exe
O4 - HKCU\..\Run: [ivxdvppmg] C:\WINDOWS\system32\resmtace.exe
O4 - HKCU\..\Run: [SUSAti] C:\WINDOWS\system32\edppmtical.exe
O4 - HKCU\..\Run: [pchel3d] C:\WINDOWS\system32\DDcdsmo.exe
O4 - HKCU\..\Run: [vpaSU] C:\WINDOWS\system32\MGtivval32.exe
O4 - HKCU\..\Run: [luierti] C:\WINDOWS\system32\5dnio4sv.exe
O4 - HKCU\..\Run: [dptdsld] C:\WINDOWS\system32\fWleZi.exe
O4 - HKCU\..\Run: [balecS] C:\WINDOWS\system32\leattnpn.exe
O4 - HKCU\..\Run: [nIcms] C:\WINDOWS\system32\tretivtatl7.exe
O4 - HKCU\..\Run: [tiatt] C:\WINDOWS\system32\ivomHPR.exe
O4 - HKCU\..\Run: [mtsbth] C:\WINDOWS\system32\msexhli.exe
O4 - HKCU\..\Run: [aaami32] C:\WINDOWS\system32\dvtiad.exe
O4 - HKCU\..\Run: [psscc] C:\WINDOWS\system32\4archl.exe
O4 - HKCU\..\Run: [acltivv] C:\WINDOWS\system32\sntvp2ed.exe
O4 - HKCU\..\Run: [SUStkcatm] C:\WINDOWS\system32\34adpc.exe
O4 - HKCU\..\Run: [rowscui] C:\WINDOWS\system32\ctivndsTIDE.exe
O4 - HKCU\..\Run: [acludsm] C:\WINDOWS\system32\vathzmp.exe
O4 - HKCU\..\Run: [vpaerro] C:\WINDOWS\system32\libavrx.exe
O4 - HKCU\..\Run: [sldpSUS] C:\WINDOWS\system32\4apmontre.exe
O4 - HKCU\..\Run: [cSlxx] C:\WINDOWS\system32\AVIits.exe
O4 - HKCU\..\Run: [aclums] C:\WINDOWS\system32\mgrvifrx.exe
O4 - HKCU\..\Run: [svclr] C:\WINDOWS\system32\ednpacl.exe
O4 - HKCU\..\Run: [tiivcrtiy] C:\WINDOWS\system32\dmpadoglx.exe
O4 - HKCU\..\Run: [34par] C:\WINDOWS\system32\acctAcSi.exe
O4 - HKCU\..\Run: [Ziatbr] C:\WINDOWS\system32\xVsvcode.exe
O4 - HKCU\..\Run: [balatldi] C:\WINDOWS\system32\ni5o4AVcdfv.exe
O4 - HKCU\..\Run: [2evrownbjm] C:\WINDOWS\system32\Codesvc.exe
O4 - HKCU\..\Run: [ctxdmplib] C:\WINDOWS\system32\occatonso.exe
O4 - HKCU\..\Run: [dsnSV2] C:\WINDOWS\system32\desldptr.exe
O4 - HKCU\..\Run: [v1dlgtui] C:\WINDOWS\system32\SASVtilxx.exe
O4 - HKCU\..\Run: [ATIsssrpc] C:\WINDOWS\system32\viZLIB.exe
O4 - HKCU\..\Run: [boxmset] C:\WINDOWS\system32\kvavwagnt.exe
O4 - HKCU\..\Run: [svccle] C:\WINDOWS\system32\mdpmstrlcl.exe
O4 - HKCU\..\Run: [3x2iler] C:\WINDOWS\system32\decdpdsm.exe
O4 - HKCU\..\Run: [nExtdsl] C:\WINDOWS\system32\apibaleDEM.exe
O4 - HKCU\..\Run: [xprxpars] C:\WINDOWS\system32\34coDDATIV.exe
O4 - HKCU\..\Run: [mogntnet] C:\WINDOWS\system32\edsxpr.exe
O4 - HKCU\..\Run: [gnExeds] C:\WINDOWS\system32\dspprorter.exe
O4 - HKCU\..\Run: [titvbo] C:\WINDOWS\system32\svcl3ifil.exe
O4 - HKCU\..\Run: [ti2tex] C:\WINDOWS\system32\dectictra.exe
O4 - HKCU\..\Run: [4coignld] C:\WINDOWS\system32\entackti2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: FLY Agent.lnk = C:\Program Files\FLY2000TV\FlyAgent.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Blokovat všechny obrázky ze stejného serveru - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít v nové instanci programu - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Otevřít všechny odkazy na této stránce... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Přidat do seznamu blokovaných reklam - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Stáhnout &Mass Downloaderem - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: Stáhnout &vše Mass Downloaderem - C:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Zvýraznit - C:\Program Files\Avant Browser\Highlight.htm
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\INTERNET\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\INTERNET\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.seznam.cz
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} - http://www.t058.com/b/Click_Yes_to_Continue.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6798108468
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://zllin.info/n/us00/00.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - http://66.117.37.13/cza1229.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0AEB4F29-3672-4625-A93F-A87CFB59259E}: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFAA05AA-36C3-4A3E-819D-E089CD8B8FEB}: NameServer = 85.255.114.58,85.255.112.196
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0AEB4F29-3672-4625-A93F-A87CFB59259E}: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{0AEB4F29-3672-4625-A93F-A87CFB59259E}: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{0AEB4F29-3672-4625-A93F-A87CFB59259E}: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\INTERNET\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
O23 - Service: Autodesk EDM Server - - C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 29576 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Miranda2.job
C:\WINDOWS\tasks\Vyroci.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-01-05 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar1.dll [2008-10-16 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-09-02 591352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - D:\INTERNET\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B930BA63-9E5A-11D3-A288-0000E80E2EDE}]
IECatcher Class - C:\Program Files\Mass Downloader\MDHELPER.DLL [2005-06-16 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-17 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-01-05 399352]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - ZoneAlarm Spy Blocker Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar1.dll [2008-10-16 333192]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-09-02 591352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-30 344064]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2003-04-27 77824]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"Nero DriveSpeed"=C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE [2004-12-19 593920]
"PtiuPbmd"=ptipbm.dll,SetWriteBack []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-09-02 1043968]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-10-02 413696]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-09-06 3722416]
"pdlxSZH"=C:\WINDOWS\system32\36pdlxrypt.exe [2009-03-21 16783]
"decatm"=C:\WINDOWS\system32\dview.exe [2009-03-21 18222]
"vcoxvwcf"=C:\WINDOWS\system32\leerilt.exe [2009-03-21 20640]
"ledsfevv"=C:\WINDOWS\system32\ti3autap.exe [2009-03-21 17500]
"AVIZom"=C:\WINDOWS\system32\oktiAvha.exe [2009-03-21 19274]
"ivctx"=C:\WINDOWS\system32\ivicn.exe [2009-03-21 17282]
"decii"=C:\WINDOWS\system32\vxudibv.exe [2009-03-21 18390]
"ti2MGRkvma"=C:\WINDOWS\system32\dvapZLIB.exe [2009-03-21 18908]
"mtsti"=C:\WINDOWS\system32\34ASC3nEx.exe [2009-03-21 18246]
"ditpvcn"=C:\WINDOWS\system32\lietremsex.exe [2009-03-21 19724]
"o4sAVG"=C:\WINDOWS\system32\pc2dTIDD.exe [2009-03-21 17530]
"tiodsldvcc"=C:\WINDOWS\system32\gnExnds.exe [2009-03-21 18672]
"ctre1a"=C:\WINDOWS\system32\salieerv.exe [2009-03-21 18550]
"sldpTIDE"=C:\WINDOWS\system32\4conpmgr.exe [2009-03-21 19862]
"dlrov"=C:\WINDOWS\system32\hlipv.exe [2009-03-21 17870]
"comcal"=C:\WINDOWS\system32\aaati3car.exe [2009-03-21 19850]
"ivalase"=C:\WINDOWS\system32\resqati2.exe [2009-03-21 17270]
"parlr2d"=C:\WINDOWS\system32\acpph.exe [2009-03-21 18764]
"C321ag"=C:\WINDOWS\system32\trvag1ag.exe [2009-03-21 19222]
"ivxmgrkv"=C:\WINDOWS\system32\kvccmsvc.exe [2009-03-21 19324]
"dsmxapor"=C:\WINDOWS\system32\C32tii.exe [2009-03-21 17808]
"leZimxx"=C:\WINDOWS\system32\upschk.exe [2009-03-21 24661]
"C3reaxx"=C:\WINDOWS\system32\resdsnpnso.exe [2009-03-21 20450]
"accexxod"=C:\WINDOWS\system32\codlctp.exe [2009-03-21 17012]
"dmpti"=C:\WINDOWS\system32\34co365.exe [2009-03-21 17242]
"C3dpti"=C:\WINDOWS\system32\ppmo32.exe [2009-03-21 19986]
"6to4ent"=C:\WINDOWS\system32\ticalrkvm.exe [2009-03-21 20414]
"co3dTID"=C:\WINDOWS\system32\tiogvcox.exe [2009-03-21 19035]
"adspph"=C:\WINDOWS\system32\callrttkct.exe [2009-03-21 22783]
"ivedti3"=C:\WINDOWS\system32\fWCoitsbox.exe [2009-03-21 20447]
"svtiok"=C:\WINDOWS\system32\to4stvtml.exe [2009-03-21 17630]
"ilsrcfgn"=C:\WINDOWS\system32\ivdsnt.exe [2009-03-21 17600]
"uptihc"=C:\WINDOWS\system32\icnignEio.exe [2009-03-21 19178]
"ditcoarc"=C:\WINDOWS\system32\cSigdmpa.exe [2009-03-21 20216]
"RePRTIvw"=C:\WINDOWS\system32\mgmapes.exe [2009-03-21 18364]
"ledsrvps"=C:\WINDOWS\system32\xVfWdmDEM.exe [2009-03-21 18944]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"upATHP"=C:\WINDOWS\system32\34tklac.exe [2009-03-21 17406]
"DDCDEMtip"=C:\WINDOWS\system32\AVIAVI.exe [2009-03-21 20692]
"esrbidelc"=C:\WINDOWS\system32\kvmvu.exe [2009-03-21 20776]
"iscmdmcon"=C:\WINDOWS\system32\acdldpcdv.exe [2009-03-21 19104]
"lxwsocx"=C:\WINDOWS\system32\resSV2ace.exe [2009-03-21 17088]
"arclctipd"=C:\WINDOWS\system32\luidmp32.exe [2009-03-21 17864]
"SASlcl"=C:\WINDOWS\system32\aa3d1.exe [2009-03-21 17186]
"acctapti2e"=C:\WINDOWS\system32\helplxx.exe [2009-03-21 18731]
"edssfer"=C:\WINDOWS\system32\icndims.exe [2009-03-21 18846]
"comCR1ap"=C:\WINDOWS\system32\6tiiexoxx.exe [2009-03-21 19059]
"comxpcf"=C:\WINDOWS\system32\nExti3ti.exe [2009-03-21 17308]
"packms"=C:\WINDOWS\system32\tifdsl.exe [2009-03-21 20170]
"rciode"=C:\WINDOWS\system32\v12vic.exe [2009-03-21 20682]
"rsemg2evx"=C:\WINDOWS\system32\icnived.exe [2009-03-21 17708]
"34cfil"=C:\WINDOWS\system32\VGASV1tp.exe [2009-03-21 19850]
"tksc1"=C:\WINDOWS\system32\ti2vi.exe [2009-03-21 20774]
"svcatmf"=C:\WINDOWS\system32\C3cadf.exe [2009-03-21 19882]
"ppmuagtr"=C:\WINDOWS\system32\dsndvar.exe [2009-03-21 19084]
"o4svlipar"=C:\WINDOWS\system32\tiogvva.exe [2009-03-21 19699]
"adlmfdVI"=C:\WINDOWS\system32\sycfMSZH.exe [2009-03-21 20104]
"dmpdslnds"=C:\WINDOWS\system32\ivdxx.exe [2009-03-21 16944]
"4coctxTI"=C:\WINDOWS\system32\comivive.exe [2009-03-21 17172]
"ad2dv"=C:\WINDOWS\system32\6toti.exe [2009-03-21 18889]
"ditti2"=C:\WINDOWS\system32\ad3d1.exe [2009-03-21 19486]
"C3snt"=C:\WINDOWS\system32\sftitiv.exe [2009-03-21 18226]
"adscnvie"=C:\WINDOWS\system32\rectxp.exe [2009-03-21 17300]
"sycfATHP"=C:\WINDOWS\system32\dptppSUSA.exe [2009-03-21 19332]
"qagpvcn"=C:\WINDOWS\system32\cSitivuto.exe [2009-03-21 18918]
"4svg32"=C:\WINDOWS\system32\ctvhatt.exe [2009-03-21 19974]
"dvplclmin"=C:\WINDOWS\system32\dsntaxx.exe [2009-03-21 17540]
"dmerrkc"=C:\WINDOWS\system32\dstiti.exe [2009-03-21 17532]
"dlgscdll"=C:\WINDOWS\system32\MGvvati.exe [2009-03-21 16972]
"hlibdf"=C:\WINDOWS\system32\2cqudio.exe [2009-03-21 18801]
"4cbres2cqa"=C:\WINDOWS\system32\ivxdecde.exe [2009-03-21 16848]
"leZdpti"=C:\WINDOWS\system32\tifadpp.exe [2009-03-21 20622]
"to4sxprx"=C:\WINDOWS\system32\lieupelp.exe [2009-03-21 19936]
"pctmfd"=C:\WINDOWS\system32\devpory.exe [2009-03-21 21991]
"packre3d"=C:\WINDOWS\system32\icncodeMSZH.exe [2009-03-21 21899]
"dslavm"=C:\WINDOWS\system32\cfdxvcAvh.exe [2009-03-21 21453]
"lecluipa"=C:\WINDOWS\system32\cdTIDex.exe [2009-03-21 20784]
"adtitipd"=C:\WINDOWS\system32\ctxptr.exe [2009-03-21 19850]
"dimg2dva"=C:\WINDOWS\system32\lrsiod.exe [2009-03-21 18356]
"ogll3"=C:\WINDOWS\system32\trctqavaa.exe [2009-03-21 19714]
"ivxl3"=C:\WINDOWS\system32\dni5edds.exe [2009-03-21 18074]
"tiogmf"=C:\WINDOWS\system32\dsnSV2.exe [2009-03-21 16934]
"desnt"=C:\WINDOWS\system32\sycTIud.exe [2009-03-21 17906]
"dmpadsn"=C:\WINDOWS\system32\apAVIZap.exe [2009-03-21 19842]
"clrxAVI"=C:\WINDOWS\system32\34coacl.exe [2009-03-21 20284]
"4coeamTI"=C:\WINDOWS\system32\chlMGti.exe [2009-03-21 20004]
"rcherro"=C:\WINDOWS\system32\ctictx.exe [2009-03-21 22071]
"mttivatl"=C:\WINDOWS\system32\sferti2e.exe [2009-03-21 20584]
"ditcSi"=C:\WINDOWS\system32\ivcdbrompo.exe [2009-03-21 18282]
"ivvaatkc"=C:\WINDOWS\system32\cctcSi.exe [2009-03-21 20270]
"codeignE"=C:\WINDOWS\system32\34cldp.exe [2009-03-21 18452]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RestoreDesktop"=C:\Program Files\Restore Desktop\RestoreDesktop.exe [2003-03-11 45056]
"reiveddsn"=C:\WINDOWS\system32\apisvcsn.exe [2009-03-21 18084]
"monmstCR1"=C:\WINDOWS\system32\VGAnExt.exe [2009-03-21 20828]
"6tpars"=C:\WINDOWS\system32\RXY3x2.exe [2009-03-21 18030]
"dsntre"=C:\WINDOWS\system32\adcfildss.exe [2009-03-21 18778]
"6troSAS"=C:\WINDOWS\system32\magmxx.exe [2009-03-21 20408]
"vil32comr"=C:\WINDOWS\system32\34ati2elx.exe [2009-03-21 18616]
"dsmgwser"=C:\WINDOWS\system32\mcomrtdl.exe [2009-03-21 17882]
"MGRtml"=C:\WINDOWS\system32\AVGAcfil.exe [2009-03-21 21197]
"o4elvwav"=C:\WINDOWS\system32\dvapne.exe [2009-03-21 18730]
"ivxdvppmg"=C:\WINDOWS\system32\resmtace.exe [2009-03-21 19488]
"SUSAti"=C:\WINDOWS\system32\edppmtical.exe [2009-03-21 19982]
"pchel3d"=C:\WINDOWS\system32\DDcdsmo.exe [2009-03-21 16952]
"vpaSU"=C:\WINDOWS\system32\MGtivval32.exe [2009-03-21 18398]
"luierti"=C:\WINDOWS\system32\5dnio4sv.exe [2009-03-21 19052]
"dptdsld"=C:\WINDOWS\system32\fWleZi.exe [2009-03-21 20174]
"balecS"=C:\WINDOWS\system32\leattnpn.exe [2009-03-21 17190]
"nIcms"=C:\WINDOWS\system32\tretivtatl7.exe [2009-03-21 17962]
"tiatt"=C:\WINDOWS\system32\ivomHPR.exe [2009-03-21 19534]
"mtsbth"=C:\WINDOWS\system32\msexhli.exe [2009-03-21 23297]
"aaami32"=C:\WINDOWS\system32\dvtiad.exe [2009-03-21 18960]
"psscc"=C:\WINDOWS\system32\4archl.exe [2009-03-21 19758]
"acltivv"=C:\WINDOWS\system32\sntvp2ed.exe [2009-03-21 18604]
"SUStkcatm"=C:\WINDOWS\system32\34adpc.exe [2009-03-21 17036]
"rowscui"=C:\WINDOWS\system32\ctivndsTIDE.exe [2009-03-21 20330]
"acludsm"=C:\WINDOWS\system32\vathzmp.exe [2009-03-21 20550]
"vpaerro"=C:\WINDOWS\system32\libavrx.exe [2009-03-21 17742]
"sldpSUS"=C:\WINDOWS\system32\4apmontre.exe [2009-03-21 21029]
"cSlxx"=C:\WINDOWS\system32\AVIits.exe [2009-03-21 17470]
"aclums"=C:\WINDOWS\system32\mgrvifrx.exe [2009-03-21 20566]
"svclr"=C:\WINDOWS\system32\ednpacl.exe [2009-03-21 19526]
"tiivcrtiy"=C:\WINDOWS\system32\dmpadoglx.exe [2009-03-21 20000]
"34par"=C:\WINDOWS\system32\acctAcSi.exe [2009-03-21 20134]
"Ziatbr"=C:\WINDOWS\system32\xVsvcode.exe [2009-03-21 20614]
"balatldi"=C:\WINDOWS\system32\ni5o4AVcdfv.exe [2009-03-21 20684]
"2evrownbjm"=C:\WINDOWS\system32\Codesvc.exe [2009-03-21 20715]
"ctxdmplib"=C:\WINDOWS\system32\occatonso.exe [2009-03-21 17460]
"dsnSV2"=C:\WINDOWS\system32\desldptr.exe [2009-03-21 20842]
"v1dlgtui"=C:\WINDOWS\system32\SASVtilxx.exe [2009-03-21 17956]
"ATIsssrpc"=C:\WINDOWS\system32\viZLIB.exe [2009-03-21 19844]
"boxmset"=C:\WINDOWS\system32\kvavwagnt.exe [2009-03-21 17560]
"svccle"=C:\WINDOWS\system32\mdpmstrlcl.exe [2009-03-21 20698]
"3x2iler"=C:\WINDOWS\system32\decdpdsm.exe [2009-03-21 20312]
"nExtdsl"=C:\WINDOWS\system32\apibaleDEM.exe [2009-03-21 18594]
"xprxpars"=C:\WINDOWS\system32\34coDDATIV.exe [2009-03-21 17270]
"mogntnet"=C:\WINDOWS\system32\edsxpr.exe [2009-03-21 22011]
"gnExeds"=C:\WINDOWS\system32\dspprorter.exe [2009-03-21 16802]
"titvbo"=C:\WINDOWS\system32\svcl3ifil.exe [2009-03-21 19918]
"ti2tex"=C:\WINDOWS\system32\dectictra.exe [2009-03-21 19914]
"4coignld"=C:\WINDOWS\system32\entackti2.exe [2009-03-21 20484]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tweak UI]
TWEAKUI.CPL,TweakMeUp []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Documents and Settings\RADEK\Nabídka Start\Programy\SYSTÉM\Po spuštění
FLY Agent.lnk - C:\Program Files\FLY2000TV\FlyAgent.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=C:\WINDOWS\system32\lsass.exe [2008-04-14 13312]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\MSI\i-Speeder\i-Speeder.exe"="C:\Program Files\MSI\i-Speeder\i-Speeder.exe:*:Enabled:i-Speeder"
"C:\Program Files\Miranda IM2\miranda32.exe"="C:\Program Files\Miranda IM2\miranda32.exe:*:Enabled:Miranda IM"
"D:\INTERNET\Miranda IM\miranda32.exe"="D:\INTERNET\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"D:\INTERNET\ICQ\Icq.exe"="D:\INTERNET\ICQ\Icq.exe:*:Enabled:ICQ"
"D:\INTERNET\Miranda\miranda32.exe"="D:\INTERNET\Miranda\miranda32.exe:*:Enabled:Miranda IM"
"D:\INTERNET\Miranda1\miranda32.exe"="D:\INTERNET\Miranda1\miranda32.exe:*:Enabled:Miranda IM"
"D:\INTERNET\Miranda2\miranda32.exe"="D:\INTERNET\Miranda2\miranda32.exe:*:Enabled:Miranda IM"
"J:\Miranda\miranda32.exe"="J:\Miranda\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Mass Downloader\massdown.exe"="C:\Program Files\Mass Downloader\massdown.exe:*:Enabled:Mass Downloader executable"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\INTERNET\Skype\Plugin Manager\skypePM.exe"="D:\INTERNET\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"K:\Skype\Phone\Skype.exe"="K:\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\INTERNET\Skype\Phone\Skype.exe"="D:\INTERNET\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\WINDOWS\System32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\System32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.lameacm"=lameACM.acm
"vidc.MJPG"=m3jpeg32.dll
"vidc.dmb1"=m3jpeg32.dll
"VIDC.HFYU"=huffyuv.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.I420"=msh263.drv
"VIDC.IYUV"=iyuv_32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll

======File associations======

.scr - open - "" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2011-09-14 20:07:06 ----D---- C:\Program Files\trend micro
2011-09-14 20:07:03 ----D---- C:\rsit
2011-09-14 18:03:48 ----D---- C:\WINDOWS\LastGood

======List of files/folders modified in the last 1 month======

2011-09-14 20:08:00 ----D---- C:\Documents and Settings\RADEK\Data aplikací\Skype
2011-09-14 20:07:23 ----D---- C:\WINDOWS\Internet Logs
2011-09-14 20:07:06 ----AD---- C:\Program Files
2011-09-14 19:21:23 ----D---- C:\Documents and Settings\RADEK\Data aplikací\HPAppData
2011-09-14 18:06:44 ----A---- C:\WINDOWS\wincmd.ini
2011-09-14 18:04:07 ----D---- C:\WINDOWS\Temp
2011-09-14 18:04:07 ----D---- C:\WINDOWS\system32\drivers
2011-09-14 18:04:07 ----D---- C:\WINDOWS\system32
2011-09-14 18:03:48 ----D---- C:\WINDOWS
2011-09-14 17:21:42 ----D---- C:\Documents and Settings\RADEK\Data aplikací\Avant Browser
2011-09-14 17:19:52 ----A---- C:\WINDOWS\system32\SECURITY_DeliveryManager.DLL
2011-09-14 17:19:52 ----A---- C:\WINDOWS\system32\bot_body.exe
2011-09-14 17:16:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-13 23:56:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-13 23:56:09 ----D---- C:\Documents and Settings\RADEK\Data aplikací\BitTorrent
2011-09-13 22:47:39 ----D---- C:\Program Files\Mass Downloader
2011-09-13 22:37:42 ----SHD---- C:\WINDOWS\Installer
2011-09-13 22:37:41 ----HD---- C:\Config.Msi
2011-09-13 22:37:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-09-13 22:15:11 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-13 21:42:37 ----D---- C:\WINDOWS\system32\oodag
2011-09-13 21:42:06 ----HD---- C:\WINDOWS\inf
2011-09-06 22:45:29 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-08-06 159744]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2004-03-03 5504]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2004-03-03 125184]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2009-12-22 17136]
R0 rttmntr;R-TT Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\rttmntr.sys [2004-11-19 200512]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 snaprtt;R-TT Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snaprtt.sys [2004-11-19 78624]
R0 stwlfbus;stwlfbus; C:\WINDOWS\System32\DRIVERS\stwlfbus.sys [2003-04-27 8704]
R0 UlSata;UlSata; C:\WINDOWS\system32\DRIVERS\ulsata.sys [2003-06-03 73984]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 rttfsfilt;R-TT FS Filter; C:\WINDOWS\system32\DRIVERS\rttfsfilt.sys [2004-11-19 27936]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-12 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-19 610988]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 Cap7134;Philips SAA7134 WDM Capture; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2004-11-05 334816]
R3 FlyPCI;FlyPCI; \??\C:\WINDOWS\system32\drivers\FlyPCI.sys []
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
R3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 PhTVTune;TCL2002 TV Tuner; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2004-11-05 19904]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 st3wolf;st3wolf; C:\WINDOWS\System32\DRIVERS\st3wolf.sys [2003-04-27 99360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys []
S0x02000000 OMSCAN;OMSCAN; \Sys []
S3 61883;61883 Unit Device; C:\WINDOWS\System32\DRIVERS\61883.sys [2008-04-14 48128]
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys []
S3 Avc;AVC Device; C:\WINDOWS\System32\DRIVERS\avc.sys [2008-04-14 38912]
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\System32\drivers\CDANT.SYS []
S3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINDOWS\system32\DRIVERS\EL2K_XP.sys [2003-07-31 147456]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\System32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-10-16 464264]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 Autodesk Data Management Job Dispatch;Autodesk Data Management Job Dispatch; C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe [2006-03-09 40960]
R2 Autodesk EDM Server;Autodesk EDM Server; C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe [2006-03-09 49152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-09-06 44768]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2006-06-14 46080]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-09-02 493048]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-17 152984]
R2 MSSQL$AUTODESKVAULT;MSSQL$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe [2005-05-04 9150464]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-03-21 225280]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-09-02 2435592]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-10-09 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 SQLAgent$AUTODESKVAULT;SQLAgent$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE [2005-05-03 323584]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

pokud jsem to tedy pochopil správně ...

#6 Příspěvek od **vyosek** » 14 zář 2011 20:07

Boha jeho

Cela zoo i s babkou pokladni

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost 2 a potvrte enterem
Utilita provede svou cinnost a da log - ten sem vlozte
Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

attacted · #7 Příspěvek od **attacted** » 14 zář 2011 20:12

Všechny programy - tím je myšleno přesně co? Mám puštěný jen internet, antivir a firewall. To vše tedy povypínat?

#8 Příspěvek od **vyosek** » 14 zář 2011 20:14

Ne to muzete nechat...Mysleno je spise prehravac hudby, word atd...RogueKiller je ukoncuje

attacted · #9 Příspěvek od **attacted** » 14 zář 2011 20:19

Dobrá tedy - proběhla dvojka

RogueKiller V5.3.4 [08/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: RADEK [Admin rights]
Mode: Remove -- Date : 09/14/2011 21:17:57

Bad processes: 0

Registry Entries: 3
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

HOSTS File:
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]

Finished : << RKreport[1].txt >>
RKreport[1].txt

...jdu na trojku...

attacted · #10 Příspěvek od **attacted** » 14 zář 2011 20:25

trojka...

RogueKiller V5.3.4 [08/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: RADEK [Admin rights]
Mode: HOSTSFix -- Date : 09/14/2011 21:20:57

Bad processes: 0

HOSTS File:
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]

Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

čtverka...

RogueKiller V5.3.4 [08/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: RADEK [Admin rights]
Mode: ProxyFix -- Date : 09/14/2011 21:22:42

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

no jo no

, musím vysvětlit, že je tady instalace snad už nějakých šest let :-I, ale když ono vše pořád funguje...

#11 Příspěvek od **vyosek** » 14 zář 2011 20:27

Snad to dame do kupy

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

attacted · #12 Příspěvek od **attacted** » 14 zář 2011 22:04

No páni, trochu "bojím bojím" takovýchto čistek. Ale snad všechno pojede, uvidíme. Nechtělo mi to dovolit připojit soubor_txt a spoustu dalších, tak jsem ho nakonec jen "přejmenoval" na _zip, přepsat zpět a snad to bude znova fungovat.

#13 Příspěvek od **vyosek** » 15 zář 2011 06:36

Jeste nez se dame do mazani, je tam toho jeste spousty

Tyhle IP adresy znate, jedna ukazuje do Ameriky, druha do Ukrainy

208.67.220.220 USA
85.255.114.58 Ukraina

#14 Příspěvek od **vyosek** » 15 zář 2011 06:45

A jelikoz CF nesplnil me ocekavani a na rucni mazani by mi zatim asi cvoklo, tak zkusime MBAM

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

attacted · #15 Příspěvek od **attacted** » 15 zář 2011 19:54

Dobrý večer. Dorazil jsem domů až nyní. K první otázce - ani jedna z těch IP adres tam rozhodně není úmyslně. No a teď jdu tedy na ten MBAM.

VIRY.CZ

Vyléčeno?

Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?

Re: Vyléčeno?