kontrola plus wormsík

Zpráva

jacktenrek · #1 Příspěvek od **jacktenrek** » 01 bře 2012 08:39

zdravím potřeboval bych kontrolu logu je tu nejaka zaludnost

networm.win32 kido.a@132026498 něco takoveho možná toho je víc díky za pomoc

Logfile of random's system information tool 1.09 (written by random/random)
Run by jnovosad at 2012-03-01 08:35:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 202 GB (86%) free of 234 GB
Total RAM: 2038 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:35:26, on 1.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe
C:\WINDOWS\system32\mstsc.exe
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Program Files\Opera\opera.exe
C:\SAPSPROW19\sapsw.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\eDrawings2008\EModelViewer.exe
C:\DOCUME~1\jnovosad\LOCALS~1\Temp\SolidWorksLicTemp.0001
C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\jnovosad\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\jnovosad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cz_z1_srv001
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cz_z1_srv001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by ANYXO, s.r.o.
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/AcDcToday.ocx
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ANYXO.LOCAL
O17 - HKLM\Software\..\Telephony: DomainName = ANYXO.LOCAL
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ANYXO.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ANYXO.LOCAL
O17 - HKLM\System\CS2\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: acaptuser32.dll C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

--
End of file - 13049 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ccf53a2694c3f6.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ccf53a28196344.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
C:\WINDOWS\tasks\Připomenutí registrace 1.job
C:\WINDOWS\tasks\SystemToolsDailyTest.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A004CE68-97CE-438B-A0A4-5221277B79E6}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-27 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-27 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-27 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 349640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2009-07-23 185688]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2012-01-03 40376]
""= []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-03-21 141848]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"LPMailChecker"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"COMODO"=C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [2011-11-23 208184]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-19 6676808]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-02-02 122940]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe [2012-02-15 17146504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-05-18 196696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-03-21 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser32.dll C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-03-17 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe"="C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-03-01 08:35:15 ----D---- C:\rsit
2012-03-01 08:35:15 ----D---- C:\Program Files\trend micro
2012-02-29 11:27:23 ----D---- C:\skype uložit
2012-02-29 11:20:54 ----D---- C:\Program Files\STPViewer
2012-02-29 10:15:00 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Windows Search
2012-02-29 08:53:08 ----HD---- C:\VritualRoot
2012-02-29 08:06:28 ----D---- C:\Program Files\Opera
2012-02-28 15:59:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
2012-02-28 15:56:33 ----A---- C:\WINDOWS\system32\drivers\sfi.dat
2012-02-28 15:54:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2012-02-28 15:53:51 ----D---- C:\Program Files\Comodo
2012-02-28 15:53:48 ----A---- C:\WINDOWS\system32\gdiplus.dll
2012-02-28 15:37:02 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\TeamViewer
2012-02-28 15:36:54 ----D---- C:\Program Files\TeamViewer
2012-02-28 12:38:03 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-02-28 12:20:28 ----D---- C:\Program Files\VS Revo Group
2012-02-28 11:59:36 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\DassaultSystemes
2012-02-28 11:59:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
2012-02-28 11:58:56 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2012-02-28 11:58:56 ----A---- C:\WINDOWS\eDrawingOfficeAutomator.INI
2012-02-28 11:58:33 ----D---- C:\Program Files\Common Files\eDrawings2008
2012-02-28 11:54:12 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Autodesk
2012-02-28 11:06:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-02-28 11:06:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-02-28 10:03:00 ----D---- C:\totalcmd
2012-02-28 10:03:00 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\GHISLER
2012-02-28 10:03:00 ----A---- C:\WINDOWS\UC.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\RAR.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\PKZIP.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\PKUNZIP.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\NOCLOSE.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\LHA.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\ARJ.PIF
2012-02-28 09:35:22 ----D---- C:\WRYKRYS2012
2012-02-28 09:23:11 ----D---- C:\SAPSPROW19
2012-02-28 09:22:08 ----D---- C:\download
2012-02-28 09:21:16 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\WinRAR
2012-02-28 09:20:48 ----D---- C:\Program Files\WinRAR
2012-02-28 09:19:58 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Estsoft
2012-02-28 09:06:00 ----D---- C:\Program Files\Common Files\Skype
2012-02-28 08:50:47 ----D---- C:\WINDOWS\pss
2012-02-28 08:38:46 ----D---- C:\Program Files\CCleaner
2012-02-28 08:30:55 ----N---- C:\WINDOWS\system32\acaptuser32.dll
2012-02-28 08:29:00 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Opera
2012-02-28 08:26:11 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Macromedia
2012-02-28 08:13:24 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Sun
2012-02-28 08:11:35 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Skype
2012-02-28 08:08:43 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Adobe
2012-02-28 08:08:27 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Windows Desktop Search
2012-02-28 08:06:29 ----ASH---- C:\Documents and Settings\jnovosad\Data aplikací\desktop.ini
2012-02-28 08:06:25 ----SD---- C:\Documents and Settings\jnovosad\Data aplikací\Microsoft
2012-02-28 08:06:25 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Lenovo
2012-02-28 08:06:25 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\InstallShield
2012-02-28 08:06:25 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Identities
2012-02-28 08:06:24 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Symantec
2012-02-27 12:22:33 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-27 12:08:49 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2012-02-27 12:01:54 ----D---- C:\Program Files\Microsoft Security Client
2012-02-27 11:51:45 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-02-27 11:50:48 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-27 11:50:48 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-27 11:50:48 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-03-01 08:35:22 ----D---- C:\WINDOWS\Prefetch
2012-03-01 08:35:15 ----RD---- C:\Program Files
2012-03-01 08:28:40 ----AD---- C:\WINDOWS\system32
2012-03-01 08:28:39 ----SD---- C:\WINDOWS\Tasks
2012-03-01 05:11:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-29 11:09:56 ----D---- C:\WINDOWS\Temp
2012-02-29 07:50:58 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-29 07:46:14 ----SHD---- C:\WINDOWS\Installer
2012-02-29 07:30:19 ----AD---- C:\I386
2012-02-28 15:56:33 ----D---- C:\WINDOWS\system32\drivers
2012-02-28 12:39:09 ----D---- C:\WINDOWS
2012-02-28 12:37:30 ----D---- C:\WINDOWS\security
2012-02-28 11:58:56 ----D---- C:\Program Files\Common Files
2012-02-28 09:05:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-02-28 09:02:12 ----HD---- C:\WINDOWS\inf
2012-02-28 08:47:22 ----D---- C:\WINDOWS\Debug
2012-02-28 08:47:20 ----SHD---- C:\RECYCLER
2012-02-28 08:41:02 ----D---- C:\Program Files\Google
2012-02-28 08:10:34 ----D---- C:\Documents and Settings
2012-02-27 14:58:33 ----RSD---- C:\WINDOWS\assembly
2012-02-27 14:58:33 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-27 14:33:14 ----D---- C:\WINDOWS\WinSxS
2012-02-27 14:33:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-02-27 14:27:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-02-27 14:24:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-27 14:21:43 ----D---- C:\Program Files\Common Files\System
2012-02-27 14:21:43 ----A---- C:\WINDOWS\win.ini
2012-02-27 13:38:50 ----D---- C:\WINDOWS\system32\cs-cz
2012-02-27 13:34:05 ----D---- C:\WINDOWS\system32\en-us
2012-02-27 13:33:52 ----D---- C:\Program Files\Microsoft.NET
2012-02-27 13:08:29 ----D---- C:\Program Files\Internet Explorer
2012-02-27 13:02:02 ----ASHD---- C:\WINDOWS\system32\dllcache
2012-02-27 12:53:20 ----HD---- C:\WINDOWS\$hf_mig$
2012-02-27 12:23:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-02-27 12:05:07 ----D---- C:\WINDOWS\system32\appmgmt
2012-02-27 12:03:13 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-27 12:01:30 ----D---- C:\Program Files\Microsoft Office
2012-02-27 12:01:15 ----D---- C:\WINDOWS\ie8updates
2012-02-27 11:54:13 ----D---- C:\Program Files\Common Files\Java
2012-02-27 11:50:18 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-27 11:50:07 ----D---- C:\Program Files\Java
2012-02-27 11:44:17 ----D---- C:\WINDOWS\SchCache
2012-02-27 11:38:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2012-02-27 11:38:24 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-02-27 11:38:23 ----D---- C:\Program Files\Symantec
2012-02-27 11:35:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2012-02-27 11:26:50 ----D---- C:\WINDOWS\system32\config
2012-02-27 11:23:30 ----D---- C:\swshare

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-03-01 89472]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-12-19 97760]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-05-26 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2011-12-19 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-12-19 494816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-12-19 31704]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544]
R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R2 tvtfilter;tvtfilter; C:\WINDOWS\system32\DRIVERS\tvtfilter.sys [2008-05-26 33536]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-03-17 5955872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2011-03-17 30144]
R3 TVTI2C;Lenovo SM bus driver; C:\WINDOWS\system32\DRIVERS\Tvti2c.sys [2007-05-22 30336]
R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2007-07-11 17792]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-04-21 297344]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 Teefer2;Teefer2 Miniport; C:\WINDOWS\system32\DRIVERS\teefer2.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-11 874240]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1052472]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-05-23 622700]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-27 153376]
R2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2009-03-24 28672]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-08-03 644408]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-07-11 569344]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2007-07-11 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [2007-07-11 45056]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-23 651720]
R3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-28 79360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
S2 SkypeUpdate;Skype Updater; C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-21 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2011-02-07 3093944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

jacktenrek · #2 Příspěvek od **jacktenrek** » 01 bře 2012 15:59

prosím je tu nekdo kdo by se na to mrkl ? dekuji

jacktenrek · #3 Příspěvek od **jacktenrek** » 02 bře 2012 08:34

https://www.virustotal.com/file/8fd8634 ... 330628791/

v příloze log

to první OTL se me nedaří uložit vždy to napíše, že nemuže vytvořit cosik

tedy nejspíš uložit log ..

jacktenrek · #4 Příspěvek od **jacktenrek** » 05 bře 2012 08:19

wrykrys je program pro cnc

ComboFix 12-03-01.02 - jnovosad 05.03.2012 7:57.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1031 [GMT 1:00]
Spuštěný z: c:\documents and settings\jnovosad\Plocha\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET158.tmp
c:\windows\system32\SOCKETX.DLL
c:\windows\system32\Thumbs.db
.
---- Předchozí spuštění -------
.
c:\windows\system32\SET153.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-05 do 2012-03-05 )))))))))))))))))))))))))))))))
.
.
2012-03-01 19:03 . 2012-03-02 14:29 512 ----a-w- C:\PhysicalMBR.bin
2012-03-01 18:57 . 2012-03-01 18:57 584704 ----a-w- C:\OTL.exe
2012-03-01 07:35 . 2012-03-01 07:35 -------- d-----w- C:\rsit
2012-03-01 07:35 . 2012-03-01 07:35 -------- d-----w- c:\program files\trend micro
2012-02-29 10:27 . 2012-02-29 13:30 -------- d-----w- C:\skype uložit
2012-02-29 10:20 . 2012-02-29 10:20 -------- d-----w- c:\program files\STPViewer
2012-02-29 07:53 . 2012-02-29 07:53 -------- d-----w- C:\VritualRoot
2012-02-29 07:06 . 2012-02-29 07:06 -------- d-----w- c:\program files\Opera
2012-02-28 14:59 . 2012-02-28 14:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CPA_VA
2012-02-28 14:56 . 2012-03-05 06:38 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2012-02-28 14:54 . 2012-03-01 11:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2012-02-28 14:53 . 2012-02-28 14:54 -------- d-----w- c:\program files\Comodo
2012-02-28 14:53 . 2012-02-28 14:53 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-02-28 14:44 . 2012-02-20 00:05 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F47B1426-F1CA-4A94-82EA-7913EC398742}\mpengine.dll
2012-02-28 14:36 . 2012-02-28 14:36 -------- d-----w- c:\program files\TeamViewer
2012-02-28 13:29 . 2012-02-28 13:29 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-02-28 11:20 . 2012-02-28 11:20 -------- d-----w- c:\program files\VS Revo Group
2012-02-28 10:59 . 2012-02-28 10:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DassaultSystemes
2012-02-28 10:58 . 2012-02-28 10:58 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2012-02-28 10:58 . 2012-02-28 10:58 -------- d-----w- c:\program files\Common Files\eDrawings2008
2012-02-28 10:06 . 2012-03-01 08:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-02-28 10:06 . 2012-02-28 10:07 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-02-28 09:03 . 2012-02-28 09:03 -------- d-----w- C:\totalcmd
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\UC.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\RAR.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\LHA.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\ARJ.PIF
2012-02-28 08:35 . 2012-03-02 13:34 -------- d-----w- C:\WRYKRYS2012
2012-02-28 08:23 . 2012-02-28 08:23 -------- d-----w- C:\SAPSPROW19
2012-02-28 08:22 . 2012-03-05 06:35 -------- d-----w- C:\download
2012-02-28 08:06 . 2012-02-28 08:06 -------- d-----w- c:\program files\Common Files\Skype
2012-02-28 07:38 . 2012-02-28 07:38 -------- d-----w- c:\program files\CCleaner
2012-02-28 07:32 . 2012-02-20 00:05 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-28 07:30 . 2012-01-03 18:42 112056 ------w- c:\windows\system32\acaptuser32.dll
2012-02-28 07:10 . 2012-02-28 07:10 -------- d-----w- c:\documents and settings\esevcikova
2012-02-28 07:06 . 2012-03-05 06:39 -------- d-----w- c:\documents and settings\jnovosad
2012-02-27 13:25 . 2012-02-27 13:25 -------- d-----w- c:\documents and settings\administrator.TENZO\Local Settings\Data aplikací\Microsoft Help
2012-02-27 11:22 . 2012-02-28 07:04 -------- d-----w- c:\program files\Microsoft Silverlight
2012-02-27 11:08 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-27 11:01 . 2012-02-29 06:49 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-27 10:54 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2012-02-27 10:54 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2012-02-27 10:51 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-27 10:51 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-02-27 10:51 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2012-02-27 10:43 . 2012-02-27 10:43 -------- d-sh--w- c:\documents and settings\administrator.TENZO\IECompatCache
2012-02-27 10:35 . 2012-02-27 10:35 -------- d-sh--w- c:\documents and settings\administrator.TENZO\PrivacIE
2012-02-27 10:35 . 2012-02-27 10:35 -------- d-----w- c:\documents and settings\administrator.TENZO\Local Settings\Data aplikací\Google
2012-02-27 10:31 . 2012-02-27 10:31 -------- d-----w- c:\documents and settings\administrator.TENZO\Local Settings\Data aplikací\Identities
2012-02-27 10:31 . 2012-02-27 10:31 -------- d-----w- c:\documents and settings\administrator.TENZO\Data aplikací\Windows Desktop Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 12:30 . 2011-12-21 06:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-27 10:50 . 2011-03-17 13:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-27 10:50 . 2009-03-23 10:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-12 17:20 . 2008-05-26 10:09 1859968 ------w- c:\windows\system32\win32k.sys
2011-12-19 17:59 . 2011-12-19 17:59 97760 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 17:59 . 2011-12-19 17:59 494816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 17:59 . 2011-12-19 17:59 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 17:59 . 2011-12-19 17:59 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 17:58 . 2011-12-19 17:58 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 17:58 . 2011-12-19 17:58 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-17 19:42 . 2008-05-26 10:09 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2008-05-26 10:09 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2008-05-26 10:08 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-05-26 10:08 385024 ------w- c:\windows\system32\html.iec
2007-08-13 21:46 . 2008-05-26 09:37 10896 ------w- c:\program files\ThinkVantage Fingerprint Software
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\documents and settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-21 141848]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-19 6676808]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2012-01-03 21:50 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
2011-11-23 10:27 208184 ----a-w- c:\program files\Comodo\COMODO GeekBuddy\CLPSLA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
2006-05-18 13:24 196696 ------w- c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 14:50 221184 ------w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-03-21 10:34 137752 ------w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\esevcikova\\Local Settings\\Data aplikací\\Skype\\Phone\\Skype.exe"=
.
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [19.12.2011 18:59 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [19.12.2011 18:59 494816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [19.12.2011 18:59 31704]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\Comodo\COMODO GeekBuddy\CLPSLS.exe [23.11.2011 11:27 1052472]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [28.2.2012 15:36 2886528]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [11.7.2007 19:38 569344]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.5.2007 14:59 30336]
S2 bcdcufr;System Manager;c:\windows\system32\svchost.exe -k netsvcs [26.5.2008 11:09 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21.12.2011 7:59 136176]
S2 kqhoijt;Network Security;c:\windows\system32\svchost.exe -k netsvcs [26.5.2008 11:09 14336]
S2 SkypeUpdate;Skype Updater;c:\documents and settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe [15.2.2012 13:30 158856]
S2 zyqon;eohkrpq;c:\windows\system32\svchost.exe -k netsvcs [26.5.2008 11:09 14336]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [21.12.2011 7:59 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-28 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ccf53a2694c3f6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 06:59]
.
2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ccf53a28196344.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 06:59]
.
2012-02-28 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-12-09 23:09]
.
2012-02-28 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-05-26 07:52]
.
2012-02-28 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-12-09 23:09]
.
2012-03-05 c:\windows\Tasks\User_Feed_Synchronization-{A004CE68-97CE-438B-A0A4-5221277B79E6}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://cz_z1_srv001
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.249 217.197.150.168
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstFred.ocx
DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstBanr.ocx
.
.
------- Asociace souborů -------
.
.scr=DWGTrueViewScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-MsMpSvc
AddRemove-PowerKey3.0 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-05 08:03
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
? [32456]
? [34516]
? [33868]
? [32504]
? [33024]
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1072)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(988)
c:\windows\system32\cmdcsr.dll
.
Celkový čas: 2012-03-05 08:05:16
ComboFix-quarantined-files.txt 2012-03-05 07:05
.
Před spuštěním: Volných bajtů: 211 660 967 936
Po spuštění: Volných bajtů: 211 607 896 064
.
- - End Of File - - FB2AD724D3113C447BF2BBA502F9B36C

ten OTL mě vůbec neudělá log

https://www.virustotal.com/file/8fd8634 ... /analysis/

jacktenrek · #5 Příspěvek od **jacktenrek** » 05 bře 2012 10:15

ComboFix 12-03-01.02 - jnovosad 05.03.2012 10:02:13.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1321 [GMT 1:00]
Spuštěný z: c:\documents and settings\jnovosad\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\jnovosad\Plocha\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_KQHOIJT
-------\Legacy_ZYQON
-------\Service_kqhoijt
-------\Service_zyqon
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-05 do 2012-03-05 )))))))))))))))))))))))))))))))
.
.
2012-03-01 19:03 . 2012-03-05 07:10 512 ----a-w- C:\PhysicalMBR.bin
2012-03-01 18:57 . 2012-03-01 18:57 584704 ----a-w- C:\OTL.exe
2012-03-01 07:35 . 2012-03-01 07:35 -------- d-----w- C:\rsit
2012-03-01 07:35 . 2012-03-01 07:35 -------- d-----w- c:\program files\trend micro
2012-02-29 10:27 . 2012-02-29 13:30 -------- d-----w- C:\skype uložit
2012-02-29 10:20 . 2012-02-29 10:20 -------- d-----w- c:\program files\STPViewer
2012-02-29 07:53 . 2012-02-29 07:53 -------- d-----w- C:\VritualRoot
2012-02-29 07:06 . 2012-02-29 07:06 -------- d-----w- c:\program files\Opera
2012-02-28 14:59 . 2012-02-28 14:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CPA_VA
2012-02-28 14:56 . 2012-03-05 06:38 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2012-02-28 14:54 . 2012-03-01 11:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2012-02-28 14:53 . 2012-02-28 14:54 -------- d-----w- c:\program files\Comodo
2012-02-28 14:53 . 2012-02-28 14:53 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-02-28 14:44 . 2012-02-20 00:05 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F47B1426-F1CA-4A94-82EA-7913EC398742}\mpengine.dll
2012-02-28 14:36 . 2012-02-28 14:36 -------- d-----w- c:\program files\TeamViewer
2012-02-28 13:29 . 2012-02-28 13:29 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-02-28 11:20 . 2012-02-28 11:20 -------- d-----w- c:\program files\VS Revo Group
2012-02-28 10:59 . 2012-02-28 10:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DassaultSystemes
2012-02-28 10:58 . 2012-02-28 10:58 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2012-02-28 10:58 . 2012-02-28 10:58 -------- d-----w- c:\program files\Common Files\eDrawings2008
2012-02-28 10:06 . 2012-03-01 08:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-02-28 10:06 . 2012-02-28 10:07 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-02-28 09:03 . 2012-02-28 09:03 -------- d-----w- C:\totalcmd
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\UC.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\RAR.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\LHA.PIF
2012-02-28 09:03 . 2012-02-24 06:57 545 ----a-w- c:\windows\ARJ.PIF
2012-02-28 08:35 . 2012-03-02 13:34 -------- d-----w- C:\WRYKRYS2012
2012-02-28 08:23 . 2012-02-28 08:23 -------- d-----w- C:\SAPSPROW19
2012-02-28 08:22 . 2012-03-05 06:35 -------- d-----w- C:\download
2012-02-28 08:06 . 2012-02-28 08:06 -------- d-----w- c:\program files\Common Files\Skype
2012-02-28 07:38 . 2012-02-28 07:38 -------- d-----w- c:\program files\CCleaner
2012-02-28 07:32 . 2012-02-20 00:05 6552120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-28 07:30 . 2012-01-03 18:42 112056 ------w- c:\windows\system32\acaptuser32.dll
2012-02-28 07:10 . 2012-02-28 07:10 -------- d-----w- c:\documents and settings\esevcikova
2012-02-28 07:06 . 2012-03-05 06:39 -------- d-----w- c:\documents and settings\jnovosad
2012-02-27 13:25 . 2012-02-27 13:25 -------- d-----w- c:\documents and settings\administrator.TENZO\Local Settings\Data aplikací\Microsoft Help
2012-02-27 11:22 . 2012-02-28 07:04 -------- d-----w- c:\program files\Microsoft Silverlight
2012-02-27 11:08 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-27 11:01 . 2012-02-29 06:49 -------- d-----w- c:\program files\Microsoft Security Client
2012-02-27 10:54 . 2011-06-24 14:10 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2012-02-27 10:54 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2012-02-27 10:51 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-27 10:51 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-02-27 10:51 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2012-02-27 10:43 . 2012-02-27 10:43 -------- d-sh--w- c:\documents and settings\administrator.TENZO\IECompatCache
2012-02-27 10:35 . 2012-02-27 10:35 -------- d-sh--w- c:\documents and settings\administrator.TENZO\PrivacIE
2012-02-27 10:35 . 2012-02-27 10:35 -------- d-----w- c:\documents and settings\administrator.TENZO\Local Settings\Data aplikací\Google
2012-02-27 10:31 . 2012-02-27 10:31 -------- d-----w- c:\documents and settings\administrator.TENZO\Local Settings\Data aplikací\Identities
2012-02-27 10:31 . 2012-02-27 10:31 -------- d-----w- c:\documents and settings\administrator.TENZO\Data aplikací\Windows Desktop Search
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-01 12:30 . 2011-12-21 06:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-27 10:50 . 2011-03-17 13:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-27 10:50 . 2009-03-23 10:36 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-17 21:00 . 2011-12-19 17:59 494968 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-01-12 17:20 . 2008-05-26 10:09 1859968 ------w- c:\windows\system32\win32k.sys
2011-12-19 17:59 . 2011-12-19 17:59 97760 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 17:59 . 2011-12-19 17:59 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 17:59 . 2011-12-19 17:59 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 17:58 . 2011-12-19 17:58 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 17:58 . 2011-12-19 17:58 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-17 19:42 . 2008-05-26 10:09 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2008-05-26 10:09 43520 ------w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2008-05-26 10:08 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-05-26 10:08 385024 ------w- c:\windows\system32\html.iec
2007-08-13 21:46 . 2008-05-26 09:37 10896 ------w- c:\program files\ThinkVantage Fingerprint Software
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-05_07.03.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-05 09:10 . 2012-03-05 09:10 16384 c:\windows\temp\Perflib_Perfdata_300.dat
+ 2012-03-05 09:10 . 2012-03-05 09:10 16384 c:\windows\temp\Perflib_Perfdata_1ac.dat
+ 2012-03-05 07:35 . 2012-03-05 07:35 352176 c:\windows\system32\FNTCACHE.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\documents and settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-21 141848]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2012-01-03 21:50 40376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
2011-11-23 10:27 208184 ----a-w- c:\program files\Comodo\COMODO GeekBuddy\CLPSLA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
2006-05-18 13:24 196696 ------w- c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 14:50 221184 ------w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-03-21 10:34 137752 ------w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\esevcikova\\Local Settings\\Data aplikací\\Skype\\Phone\\Skype.exe"=
.
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [19.12.2011 18:59 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [19.12.2011 18:59 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [19.12.2011 18:59 31704]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\Comodo\COMODO GeekBuddy\CLPSLS.exe [23.11.2011 11:27 1052472]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [28.2.2012 15:36 2886528]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [11.7.2007 19:38 569344]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22.5.2007 14:59 30336]
S2 bcdcufr;System Manager;c:\windows\system32\svchost.exe -k netsvcs [26.5.2008 11:09 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21.12.2011 7:59 136176]
S2 SkypeUpdate;Skype Updater;c:\documents and settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe [15.2.2012 13:30 158856]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [21.12.2011 7:59 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-28 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 13:54]
.
2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ccf53a2694c3f6.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 06:59]
.
2012-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ccf53a28196344.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-21 06:59]
.
2012-02-28 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-12-09 23:09]
.
2012-02-28 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2008-05-26 07:52]
.
2012-02-28 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-12-09 23:09]
.
2012-03-05 c:\windows\Tasks\User_Feed_Synchronization-{A004CE68-97CE-438B-A0A4-5221277B79E6}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://cz_z1_srv001
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.249 217.197.150.168
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstFred.ocx
DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstBanr.ocx
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-05 10:10
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1072)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(1224)
c:\windows\system32\guard32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll
c:\windows\system32\MPR.dll
.
- - - - - - - > 'csrss.exe'(988)
c:\windows\system32\cmdcsr.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\TeamViewer\Version7\TeamViewer.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\lenovo\system update\suservice.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\TeamViewer\Version7\tv_w32.exe
c:\program files\Common Files\Lenovo\Logger\logmon.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2012-03-05 10:15:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-05 09:14
ComboFix2.txt 2012-03-05 07:05
.
Před spuštěním: Volných bajtů: 211 428 106 240
Po spuštění: Volných bajtů: 211 422 240 768
.
- - End Of File - - 59158668058CAF3A1D1594054084C099

jacktenrek · #6 Příspěvek od **jacktenrek** » 05 bře 2012 10:53

no dneska ne takže snad to bude ok

děkuji mooc kdybyse ješte neco delo dám vedet

jacktenrek · #7 Příspěvek od **jacktenrek** » 07 bře 2012 07:28

koukam že se to nenahrálo ... dneska mě comodo opet zahlasilo ten samej problem s wormsem ...

jacktenrek · #8 Příspěvek od **jacktenrek** » 07 bře 2012 11:20

to vubec netuším ..

11:15:26.0356 6096 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
11:15:26.0434 6096 ============================================================
11:15:26.0434 6096 Current date / time: 2012/03/07 11:15:26.0434
11:15:26.0434 6096 SystemInfo:
11:15:26.0434 6096
11:15:26.0434 6096 OS Version: 5.1.2600 ServicePack: 3.0
11:15:26.0434 6096 Product type: Workstation
11:15:26.0434 6096 ComputerName: A0014B
11:15:26.0434 6096 UserName: jnovosad
11:15:26.0434 6096 Windows directory: C:\WINDOWS
11:15:26.0434 6096 System windows directory: C:\WINDOWS
11:15:26.0434 6096 Processor architecture: Intel x86
11:15:26.0434 6096 Number of processors: 2
11:15:26.0434 6096 Page size: 0x1000
11:15:26.0434 6096 Boot type: Normal boot
11:15:26.0434 6096 ============================================================
11:15:27.0746 6096 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:15:27.0746 6096 \Device\Harddisk0\DR0:
11:15:27.0746 6096 MBR used
11:15:27.0746 6096 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C86BD60
11:15:27.0777 6096 Initialize success
11:15:27.0777 6096 ============================================================
11:15:29.0777 3880 ============================================================
11:15:29.0777 3880 Scan started
11:15:29.0777 3880 Mode: Manual;
11:15:29.0777 3880 ============================================================
11:15:30.0231 3880 Abiosdsk - ok
11:15:30.0293 3880 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:15:30.0293 3880 abp480n5 - ok
11:15:30.0309 3880 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
11:15:30.0324 3880 ac97intc - ok
11:15:30.0371 3880 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:15:30.0371 3880 ACPI - ok
11:15:30.0434 3880 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:15:30.0434 3880 ACPIEC - ok
11:15:30.0465 3880 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:15:30.0465 3880 adpu160m - ok
11:15:30.0496 3880 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:15:30.0496 3880 aec - ok
11:15:30.0574 3880 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:15:30.0574 3880 AFD - ok
11:15:30.0637 3880 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:15:30.0637 3880 agp440 - ok
11:15:30.0668 3880 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:15:30.0668 3880 agpCPQ - ok
11:15:30.0715 3880 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:15:30.0715 3880 Aha154x - ok
11:15:30.0762 3880 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:15:30.0762 3880 aic78u2 - ok
11:15:30.0793 3880 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:15:30.0793 3880 aic78xx - ok
11:15:30.0840 3880 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:15:30.0840 3880 AliIde - ok
11:15:30.0871 3880 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:15:30.0871 3880 alim1541 - ok
11:15:30.0902 3880 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:15:30.0902 3880 amdagp - ok
11:15:30.0981 3880 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:15:30.0981 3880 amsint - ok
11:15:30.0996 3880 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:15:30.0996 3880 asc - ok
11:15:31.0027 3880 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:15:31.0027 3880 asc3350p - ok
11:15:31.0043 3880 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:15:31.0043 3880 asc3550 - ok
11:15:31.0137 3880 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:15:31.0137 3880 AsyncMac - ok
11:15:31.0199 3880 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:15:31.0199 3880 atapi - ok
11:15:31.0231 3880 Atdisk - ok
11:15:31.0231 3880 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:15:31.0246 3880 Atmarpc - ok
11:15:31.0262 3880 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:15:31.0262 3880 audstub - ok
11:15:31.0277 3880 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:15:31.0293 3880 Beep - ok
11:15:31.0309 3880 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:15:31.0309 3880 cbidf - ok
11:15:31.0324 3880 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:15:31.0324 3880 cbidf2k - ok
11:15:31.0324 3880 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:15:31.0340 3880 cd20xrnt - ok
11:15:31.0355 3880 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:15:31.0355 3880 Cdaudio - ok
11:15:31.0387 3880 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:15:31.0402 3880 Cdfs - ok
11:15:31.0418 3880 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:15:31.0418 3880 Cdrom - ok
11:15:31.0434 3880 Changer - ok
11:15:31.0496 3880 cmderd (6fc2b79561ba089cb5a271c0ab9192d9) C:\WINDOWS\system32\DRIVERS\cmderd.sys
11:15:31.0496 3880 cmderd - ok
11:15:31.0512 3880 cmdGuard (f8a304ab7bbc61b26f66ab65aae27693) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
11:15:31.0527 3880 cmdGuard - ok
11:15:31.0559 3880 cmdHlp (a736f2263310fee1799de88cb50c1023) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
11:15:31.0559 3880 cmdHlp - ok
11:15:31.0621 3880 CmdIde (964d0f042aca51d5644779eb9d9ee40f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:15:31.0621 3880 CmdIde - ok
11:15:31.0684 3880 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:15:31.0684 3880 Cpqarray - ok
11:15:31.0762 3880 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:15:31.0762 3880 dac2w2k - ok
11:15:31.0793 3880 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:15:31.0793 3880 dac960nt - ok
11:15:31.0855 3880 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:15:31.0855 3880 Disk - ok
11:15:31.0934 3880 DLABOIOM (35cbc02546335ea41a5d516da6626c8a) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
11:15:31.0934 3880 DLABOIOM - ok
11:15:31.0965 3880 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
11:15:31.0965 3880 DLACDBHM - ok
11:15:32.0012 3880 DLADResN (19e3db16de2bb3db81b172a78d140b03) C:\WINDOWS\system32\DLA\DLADResN.SYS
11:15:32.0012 3880 DLADResN - ok
11:15:32.0043 3880 DLAIFS_M (e4859ca5bd8412a9a60d62067a653522) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
11:15:32.0043 3880 DLAIFS_M - ok
11:15:32.0074 3880 DLAOPIOM (20c24a3d1cf0825487c93f806625805e) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
11:15:32.0074 3880 DLAOPIOM - ok
11:15:32.0090 3880 DLAPoolM (8a530da5dc81954bcf1966813f699b49) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
11:15:32.0090 3880 DLAPoolM - ok
11:15:32.0121 3880 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
11:15:32.0121 3880 DLARTL_N - ok
11:15:32.0121 3880 DLAUDFAM (7eda68af6a91bf64af6f301e39928ebf) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
11:15:32.0137 3880 DLAUDFAM - ok
11:15:32.0168 3880 DLAUDF_M (a18423bbc6d92b01fdf3c51e7510ee70) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
11:15:32.0168 3880 DLAUDF_M - ok
11:15:32.0230 3880 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:15:32.0246 3880 dmboot - ok
11:15:32.0309 3880 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:15:32.0309 3880 dmio - ok
11:15:32.0340 3880 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:15:32.0340 3880 dmload - ok
11:15:32.0355 3880 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:15:32.0355 3880 DMusic - ok
11:15:32.0402 3880 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:15:32.0402 3880 dpti2o - ok
11:15:32.0449 3880 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:15:32.0449 3880 drmkaud - ok
11:15:32.0496 3880 DRVMCDB (48c7008d23dcfce0d0232f49307efced) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
11:15:32.0496 3880 DRVMCDB - ok
11:15:32.0543 3880 DRVNDDM (05467e44a42c777dd1534bb4539b16d1) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
11:15:32.0543 3880 DRVNDDM - ok
11:15:32.0574 3880 E100B (866b8ee30e4504c11ae0d29ed6f8824b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:15:32.0590 3880 E100B - ok
11:15:32.0637 3880 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:15:32.0637 3880 Fastfat - ok
11:15:32.0652 3880 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:15:32.0652 3880 Fdc - ok
11:15:32.0715 3880 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:15:32.0715 3880 Fips - ok
11:15:32.0746 3880 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:15:32.0746 3880 Flpydisk - ok
11:15:32.0809 3880 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:15:32.0809 3880 FltMgr - ok
11:15:32.0855 3880 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:15:32.0871 3880 Fs_Rec - ok
11:15:32.0918 3880 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:15:32.0934 3880 Ftdisk - ok
11:15:32.0965 3880 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:15:32.0965 3880 Gpc - ok
11:15:33.0012 3880 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:15:33.0027 3880 HDAudBus - ok
11:15:33.0043 3880 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:15:33.0043 3880 hidusb - ok
11:15:33.0090 3880 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:15:33.0090 3880 hpn - ok
11:15:33.0137 3880 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:15:33.0137 3880 HTTP - ok
11:15:33.0199 3880 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:15:33.0199 3880 i2omgmt - ok
11:15:33.0215 3880 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:15:33.0230 3880 i2omp - ok
11:15:33.0246 3880 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:15:33.0262 3880 i8042prt - ok
11:15:33.0418 3880 ialm (cd32607f1cc8ac67224334ae123f7b98) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:15:33.0543 3880 ialm - ok
11:15:33.0637 3880 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
11:15:33.0668 3880 iaStor - ok
11:15:33.0730 3880 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:15:33.0730 3880 Imapi - ok
11:15:33.0762 3880 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:15:33.0762 3880 ini910u - ok
11:15:33.0824 3880 Inspect (456003490faa4a2361ceacbfb6409172) C:\WINDOWS\system32\DRIVERS\inspect.sys
11:15:33.0824 3880 Inspect - ok
11:15:33.0949 3880 IntcAzAudAddService (557e20484a095d949912883f5ab29e88) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:15:34.0059 3880 IntcAzAudAddService - ok
11:15:34.0137 3880 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:15:34.0137 3880 IntelIde - ok
11:15:34.0199 3880 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:15:34.0199 3880 intelppm - ok
11:15:34.0215 3880 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:15:34.0215 3880 Ip6Fw - ok
11:15:34.0230 3880 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:15:34.0230 3880 IpFilterDriver - ok
11:15:34.0277 3880 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:15:34.0277 3880 IpInIp - ok
11:15:34.0309 3880 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:15:34.0309 3880 IpNat - ok
11:15:34.0340 3880 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:15:34.0355 3880 IPSec - ok
11:15:34.0387 3880 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:15:34.0387 3880 IRENUM - ok
11:15:34.0465 3880 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:15:34.0465 3880 isapnp - ok
11:15:34.0496 3880 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
11:15:34.0496 3880 Iviaspi - ok
11:15:34.0527 3880 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:15:34.0527 3880 Kbdclass - ok
11:15:34.0559 3880 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:15:34.0559 3880 kbdhid - ok
11:15:34.0590 3880 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:15:34.0605 3880 kmixer - ok
11:15:34.0637 3880 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:15:34.0652 3880 KSecDD - ok
11:15:34.0730 3880 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
11:15:34.0730 3880 Lavasoft Kernexplorer - ok
11:15:34.0840 3880 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
11:15:34.0840 3880 Lbd - ok
11:15:34.0871 3880 lbrtfdc - ok
11:15:34.0949 3880 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:15:34.0949 3880 mnmdd - ok
11:15:34.0996 3880 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:15:35.0027 3880 Modem - ok
11:15:35.0059 3880 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:15:35.0059 3880 Mouclass - ok
11:15:35.0105 3880 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:15:35.0105 3880 mouhid - ok
11:15:35.0137 3880 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:15:35.0137 3880 MountMgr - ok
11:15:35.0168 3880 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:15:35.0168 3880 MpFilter - ok
11:15:35.0215 3880 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:15:35.0230 3880 mraid35x - ok
11:15:35.0262 3880 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:15:35.0262 3880 MRxDAV - ok
11:15:35.0309 3880 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:15:35.0324 3880 MRxSmb - ok
11:15:35.0371 3880 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:15:35.0387 3880 Msfs - ok
11:15:35.0434 3880 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:15:35.0434 3880 MSKSSRV - ok
11:15:35.0449 3880 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:15:35.0449 3880 MSPCLOCK - ok
11:15:35.0465 3880 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:15:35.0465 3880 MSPQM - ok
11:15:35.0480 3880 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:15:35.0480 3880 mssmbios - ok
11:15:35.0512 3880 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:15:35.0652 3880 Mup - ok
11:15:35.0762 3880 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:15:35.0762 3880 NDIS - ok
11:15:35.0809 3880 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:15:35.0809 3880 NdisTapi - ok
11:15:35.0840 3880 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:15:35.0840 3880 Ndisuio - ok
11:15:35.0855 3880 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:15:35.0855 3880 NdisWan - ok
11:15:35.0887 3880 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:15:35.0980 3880 NDProxy - ok
11:15:36.0246 3880 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:15:36.0246 3880 NetBIOS - ok
11:15:36.0512 3880 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:15:36.0543 3880 NetBT - ok
11:15:36.0871 3880 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:15:36.0887 3880 Npfs - ok
11:15:36.0918 3880 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:15:36.0965 3880 Ntfs - ok
11:15:37.0012 3880 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:15:37.0012 3880 Null - ok
11:15:37.0090 3880 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:15:37.0152 3880 nv - ok
11:15:37.0184 3880 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:15:37.0184 3880 NwlnkFlt - ok
11:15:37.0230 3880 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:15:37.0230 3880 NwlnkFwd - ok
11:15:37.0293 3880 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:15:37.0293 3880 Parport - ok
11:15:37.0309 3880 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:15:37.0309 3880 PartMgr - ok
11:15:37.0355 3880 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:15:37.0355 3880 ParVdm - ok
11:15:37.0418 3880 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:15:37.0418 3880 PCI - ok
11:15:37.0449 3880 PCIDump - ok
11:15:37.0465 3880 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:15:37.0465 3880 PCIIde - ok
11:15:37.0543 3880 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:15:37.0559 3880 Pcmcia - ok
11:15:37.0574 3880 PDCOMP - ok
11:15:37.0730 3880 PDFRAME - ok
11:15:37.0855 3880 PDRELI - ok
11:15:37.0949 3880 PDRFRAME - ok
11:15:38.0121 3880 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:15:38.0137 3880 perc2 - ok
11:15:38.0433 3880 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:15:38.0433 3880 perc2hib - ok
11:15:38.0824 3880 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
11:15:38.0840 3880 pmem - ok
11:15:39.0230 3880 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:15:39.0246 3880 PptpMiniport - ok
11:15:39.0637 3880 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
11:15:39.0652 3880 Processor - ok
11:15:40.0137 3880 psadd (f8a25f1dd8b2c332cbc663e3579566e7) C:\WINDOWS\system32\DRIVERS\psadd.sys
11:15:40.0152 3880 psadd - ok
11:15:40.0230 3880 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:15:40.0230 3880 PSched - ok
11:15:40.0262 3880 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:15:40.0262 3880 Ptilink - ok
11:15:40.0324 3880 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:15:40.0324 3880 PxHelp20 - ok
11:15:40.0355 3880 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:15:40.0355 3880 ql1080 - ok
11:15:40.0402 3880 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:15:40.0402 3880 Ql10wnt - ok
11:15:40.0402 3880 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:15:40.0402 3880 ql12160 - ok
11:15:40.0418 3880 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:15:40.0418 3880 ql1240 - ok
11:15:40.0433 3880 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:15:40.0433 3880 ql1280 - ok
11:15:40.0449 3880 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:15:40.0449 3880 RasAcd - ok
11:15:40.0496 3880 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:15:40.0496 3880 Rasl2tp - ok
11:15:40.0512 3880 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:15:40.0512 3880 RasPppoe - ok
11:15:40.0543 3880 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:15:40.0543 3880 Raspti - ok
11:15:40.0605 3880 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:15:40.0621 3880 Rdbss - ok
11:15:40.0652 3880 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:15:40.0652 3880 RDPCDD - ok
11:15:40.0715 3880 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:15:40.0715 3880 rdpdr - ok
11:15:40.0762 3880 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:15:40.0887 3880 RDPWD - ok
11:15:40.0949 3880 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:15:40.0949 3880 redbook - ok
11:15:40.0980 3880 RimUsb - ok
11:15:41.0027 3880 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
11:15:41.0027 3880 RimVSerPort - ok
11:15:41.0090 3880 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
11:15:41.0090 3880 ROOTMODEM - ok
11:15:41.0105 3880 Suspicious service (NoAccess): ryfvq
11:15:41.0168 3880 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:15:41.0168 3880 Secdrv - ok
11:15:41.0246 3880 Sentinel (cd8f847a75a974d7aa723a23dfb7d004) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
11:15:41.0246 3880 Sentinel - ok
11:15:41.0293 3880 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:15:41.0293 3880 serenum - ok
11:15:41.0308 3880 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:15:41.0308 3880 Serial - ok
11:15:41.0371 3880 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:15:41.0371 3880 Sfloppy - ok
11:15:41.0402 3880 Simbad - ok
11:15:41.0465 3880 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:15:41.0465 3880 sisagp - ok
11:15:41.0543 3880 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:15:41.0543 3880 Sparrow - ok
11:15:41.0605 3880 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:15:41.0605 3880 splitter - ok
11:15:41.0637 3880 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:15:41.0637 3880 sr - ok
11:15:41.0699 3880 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:15:41.0699 3880 Srv - ok
11:15:41.0762 3880 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:15:41.0762 3880 swenum - ok
11:15:41.0808 3880 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:15:41.0808 3880 swmidi - ok
11:15:41.0887 3880 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:15:41.0887 3880 symc810 - ok
11:15:41.0918 3880 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:15:41.0918 3880 symc8xx - ok
11:15:41.0933 3880 SymIM - ok
11:15:41.0980 3880 SymIMMP - ok
11:15:42.0012 3880 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:15:42.0012 3880 sym_hi - ok
11:15:42.0043 3880 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:15:42.0043 3880 sym_u3 - ok
11:15:42.0090 3880 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:15:42.0090 3880 sysaudio - ok
11:15:42.0168 3880 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:15:42.0183 3880 Tcpip - ok
11:15:42.0246 3880 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:15:42.0262 3880 TDPIPE - ok
11:15:42.0293 3880 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:15:42.0293 3880 TDTCP - ok
11:15:42.0340 3880 Teefer2 - ok
11:15:42.0387 3880 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:15:42.0387 3880 TermDD - ok
11:15:42.0480 3880 TosIde (fd4fd7d6fda5c019ed86025d7be1510f) C:\WINDOWS\system32\DRIVERS\toside.sys
11:15:42.0480 3880 TosIde - ok
11:15:42.0543 3880 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
11:15:42.0543 3880 tvtfilter - ok
11:15:42.0590 3880 TVTI2C (8ab24d4b7da715c2c80455137910e792) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
11:15:42.0590 3880 TVTI2C - ok
11:15:42.0652 3880 TVTPktFilter (6c60a5209be2fa1f94bb98a056418f66) C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys
11:15:42.0652 3880 TVTPktFilter - ok
11:15:42.0715 3880 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:15:42.0746 3880 Udfs - ok
11:15:42.0808 3880 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:15:42.0808 3880 ultra - ok
11:15:42.0855 3880 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:15:42.0871 3880 Update - ok
11:15:42.0902 3880 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:15:42.0902 3880 usbccgp - ok
11:15:42.0949 3880 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:15:42.0949 3880 usbehci - ok
11:15:43.0012 3880 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:15:43.0012 3880 usbhub - ok
11:15:43.0043 3880 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:15:43.0043 3880 USBSTOR - ok
11:15:43.0105 3880 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:15:43.0105 3880 usbuhci - ok
11:15:43.0137 3880 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:15:43.0137 3880 VgaSave - ok
11:15:43.0199 3880 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:15:43.0199 3880 viaagp - ok
11:15:43.0262 3880 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:15:43.0277 3880 ViaIde - ok
11:15:43.0324 3880 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:15:43.0324 3880 VolSnap - ok
11:15:43.0387 3880 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:15:43.0387 3880 Wanarp - ok
11:15:43.0402 3880 WDICA - ok
11:15:43.0433 3880 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:15:43.0433 3880 wdmaud - ok
11:15:43.0543 3880 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:15:43.0543 3880 WpdUsb - ok
11:15:43.0605 3880 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:15:43.0605 3880 WS2IFSL - ok
11:15:43.0699 3880 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:15:43.0715 3880 WudfPf - ok
11:15:43.0746 3880 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:15:43.0762 3880 WudfRd - ok
11:15:43.0824 3880 yukonwxp (7578410b1512fad9c485b134561e8b78) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:15:43.0824 3880 yukonwxp - ok
11:15:43.0855 3880 MBR (0x1B8) (08f882a04ec48a6361cc5fd55849bceb) \Device\Harddisk0\DR0
11:15:43.0887 3880 \Device\Harddisk0\DR0 - ok
11:15:43.0887 3880 Boot (0x1200) (21591d86338d775221f1fea9390b3aa5) \Device\Harddisk0\DR0\Partition0
11:15:43.0887 3880 \Device\Harddisk0\DR0\Partition0 - ok
11:15:43.0887 3880 ============================================================
11:15:43.0887 3880 Scan finished
11:15:43.0887 3880 ============================================================
11:15:43.0902 6120 Detected object count: 0
11:15:43.0902 6120 Actual detected object count: 0
11:16:18.0745 5496 ============================================================
11:16:18.0745 5496 Scan started
11:16:18.0745 5496 Mode: Manual; SigCheck; TDLFS;
11:16:18.0745 5496 ============================================================
11:16:18.0964 5496 Abiosdsk - ok
11:16:19.0011 5496 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
11:16:19.0542 5496 abp480n5 - ok
11:16:19.0651 5496 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
11:16:19.0761 5496 ac97intc - ok
11:16:19.0808 5496 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:16:19.0933 5496 ACPI - ok
11:16:19.0980 5496 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:16:20.0089 5496 ACPIEC - ok
11:16:20.0105 5496 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
11:16:20.0198 5496 adpu160m - ok
11:16:20.0276 5496 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:16:20.0355 5496 aec - ok
11:16:20.0480 5496 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:16:20.0558 5496 AFD - ok
11:16:20.0605 5496 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
11:16:20.0698 5496 agp440 - ok
11:16:20.0730 5496 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
11:16:20.0839 5496 agpCPQ - ok
11:16:20.0886 5496 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
11:16:20.0948 5496 Aha154x - ok
11:16:20.0995 5496 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
11:16:21.0105 5496 aic78u2 - ok
11:16:21.0198 5496 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
11:16:21.0308 5496 aic78xx - ok
11:16:21.0417 5496 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
11:16:21.0526 5496 AliIde - ok
11:16:21.0636 5496 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
11:16:21.0745 5496 alim1541 - ok
11:16:21.0855 5496 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
11:16:21.0948 5496 amdagp - ok
11:16:22.0058 5496 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
11:16:22.0120 5496 amsint - ok
11:16:22.0151 5496 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
11:16:22.0261 5496 asc - ok
11:16:22.0323 5496 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
11:16:22.0386 5496 asc3350p - ok
11:16:22.0464 5496 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
11:16:22.0558 5496 asc3550 - ok
11:16:22.0683 5496 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:16:22.0792 5496 AsyncMac - ok
11:16:22.0886 5496 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:16:22.0995 5496 atapi - ok
11:16:23.0089 5496 Atdisk - ok
11:16:23.0136 5496 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:16:23.0276 5496 Atmarpc - ok
11:16:23.0339 5496 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:16:23.0448 5496 audstub - ok
11:16:23.0479 5496 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:16:23.0589 5496 Beep - ok
11:16:23.0683 5496 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
11:16:23.0792 5496 cbidf - ok
11:16:23.0839 5496 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:16:23.0933 5496 cbidf2k - ok
11:16:23.0964 5496 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
11:16:24.0026 5496 cd20xrnt - ok
11:16:24.0136 5496 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:16:24.0245 5496 Cdaudio - ok
11:16:24.0308 5496 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:16:24.0417 5496 Cdfs - ok
11:16:24.0464 5496 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:16:24.0573 5496 Cdrom - ok
11:16:24.0604 5496 Changer - ok
11:16:24.0667 5496 cmderd (6fc2b79561ba089cb5a271c0ab9192d9) C:\WINDOWS\system32\DRIVERS\cmderd.sys
11:16:24.0729 5496 cmderd - ok
11:16:24.0792 5496 cmdGuard (f8a304ab7bbc61b26f66ab65aae27693) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
11:16:24.0808 5496 cmdGuard - ok
11:16:24.0839 5496 cmdHlp (a736f2263310fee1799de88cb50c1023) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
11:16:24.0854 5496 cmdHlp - ok
11:16:24.0933 5496 CmdIde (964d0f042aca51d5644779eb9d9ee40f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
11:16:25.0042 5496 CmdIde - ok
11:16:25.0089 5496 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
11:16:25.0198 5496 Cpqarray - ok
11:16:25.0308 5496 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
11:16:25.0433 5496 dac2w2k - ok
11:16:25.0526 5496 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
11:16:25.0651 5496 dac960nt - ok
11:16:25.0714 5496 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:16:25.0808 5496 Disk - ok
11:16:25.0870 5496 DLABOIOM (35cbc02546335ea41a5d516da6626c8a) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
11:16:25.0886 5496 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
11:16:25.0886 5496 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
11:16:25.0933 5496 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
11:16:25.0948 5496 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
11:16:25.0948 5496 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
11:16:25.0979 5496 DLADResN (19e3db16de2bb3db81b172a78d140b03) C:\WINDOWS\system32\DLA\DLADResN.SYS
11:16:25.0995 5496 DLADResN ( UnsignedFile.Multi.Generic ) - warning
11:16:25.0995 5496 DLADResN - detected UnsignedFile.Multi.Generic (1)
11:16:26.0011 5496 DLAIFS_M (e4859ca5bd8412a9a60d62067a653522) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
11:16:26.0026 5496 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
11:16:26.0026 5496 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
11:16:26.0042 5496 DLAOPIOM (20c24a3d1cf0825487c93f806625805e) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
11:16:26.0058 5496 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
11:16:26.0058 5496 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
11:16:26.0104 5496 DLAPoolM (8a530da5dc81954bcf1966813f699b49) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
11:16:26.0120 5496 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
11:16:26.0120 5496 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
11:16:26.0151 5496 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
11:16:26.0167 5496 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
11:16:26.0183 5496 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
11:16:26.0386 5496 DLAUDFAM (7eda68af6a91bf64af6f301e39928ebf) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
11:16:26.0433 5496 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
11:16:26.0433 5496 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
11:16:26.0511 5496 DLAUDF_M (a18423bbc6d92b01fdf3c51e7510ee70) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
11:16:26.0526 5496 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
11:16:26.0526 5496 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
11:16:26.0604 5496 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:16:26.0729 5496 dmboot - ok
11:16:26.0776 5496 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:16:26.0870 5496 dmio - ok
11:16:26.0917 5496 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:16:27.0026 5496 dmload - ok
11:16:27.0089 5496 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:16:27.0198 5496 DMusic - ok
11:16:27.0308 5496 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
11:16:27.0417 5496 dpti2o - ok
11:16:27.0479 5496 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:16:27.0558 5496 drmkaud - ok
11:16:27.0620 5496 DRVMCDB (48c7008d23dcfce0d0232f49307efced) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
11:16:27.0636 5496 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
11:16:27.0636 5496 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
11:16:27.0667 5496 DRVNDDM (05467e44a42c777dd1534bb4539b16d1) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
11:16:27.0683 5496 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
11:16:27.0683 5496 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
11:16:27.0729 5496 E100B (866b8ee30e4504c11ae0d29ed6f8824b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:16:27.0839 5496 E100B - ok
11:16:27.0933 5496 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:16:28.0026 5496 Fastfat - ok
11:16:28.0073 5496 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:16:28.0167 5496 Fdc - ok
11:16:28.0214 5496 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:16:28.0308 5496 Fips - ok
11:16:28.0417 5496 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:16:28.0511 5496 Flpydisk - ok
11:16:28.0589 5496 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:16:28.0698 5496 FltMgr - ok
11:16:28.0776 5496 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:16:28.0870 5496 Fs_Rec - ok
11:16:28.0948 5496 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:16:29.0042 5496 Ftdisk - ok
11:16:29.0104 5496 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:16:29.0198 5496 Gpc - ok
11:16:29.0245 5496 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:16:29.0354 5496 HDAudBus - ok
11:16:29.0401 5496 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:16:29.0526 5496 hidusb - ok
11:16:29.0558 5496 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
11:16:29.0651 5496 hpn - ok
11:16:29.0714 5496 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:16:29.0823 5496 HTTP - ok
11:16:29.0870 5496 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
11:16:29.0979 5496 i2omgmt - ok
11:16:30.0026 5496 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
11:16:30.0136 5496 i2omp - ok
11:16:30.0167 5496 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:16:30.0245 5496 i8042prt - ok
11:16:30.0417 5496 ialm (cd32607f1cc8ac67224334ae123f7b98) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:16:30.0620 5496 ialm - ok
11:16:30.0761 5496 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
11:16:30.0839 5496 iaStor - ok
11:16:30.0901 5496 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:16:30.0995 5496 Imapi - ok
11:16:31.0073 5496 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
11:16:31.0182 5496 ini910u - ok
11:16:31.0245 5496 Inspect (456003490faa4a2361ceacbfb6409172) C:\WINDOWS\system32\DRIVERS\inspect.sys
11:16:31.0261 5496 Inspect - ok
11:16:31.0401 5496 IntcAzAudAddService (557e20484a095d949912883f5ab29e88) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:16:31.0667 5496 IntcAzAudAddService - ok
11:16:31.0792 5496 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:16:31.0886 5496 IntelIde - ok
11:16:31.0964 5496 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:16:32.0057 5496 intelppm - ok
11:16:32.0104 5496 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:16:32.0198 5496 Ip6Fw - ok
11:16:32.0323 5496 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:16:32.0432 5496 IpFilterDriver - ok
11:16:32.0511 5496 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:16:32.0589 5496 IpInIp - ok
11:16:32.0651 5496 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:16:32.0761 5496 IpNat - ok
11:16:32.0807 5496 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:16:32.0917 5496 IPSec - ok
11:16:32.0964 5496 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:16:33.0089 5496 IRENUM - ok
11:16:33.0151 5496 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:16:33.0261 5496 isapnp - ok
11:16:33.0323 5496 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
11:16:33.0323 5496 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
11:16:33.0323 5496 Iviaspi - detected UnsignedFile.Multi.Generic (1)
11:16:33.0386 5496 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:16:33.0495 5496 Kbdclass - ok
11:16:33.0557 5496 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:16:33.0651 5496 kbdhid - ok
11:16:33.0729 5496 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:16:33.0823 5496 kmixer - ok
11:16:33.0886 5496 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:16:34.0042 5496 KSecDD - ok
11:16:34.0136 5496 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
11:16:34.0151 5496 Lavasoft Kernexplorer - ok
11:16:34.0261 5496 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
11:16:34.0276 5496 Lbd - ok
11:16:34.0307 5496 lbrtfdc - ok
11:16:34.0370 5496 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:16:34.0479 5496 mnmdd - ok
11:16:34.0557 5496 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:16:34.0636 5496 Modem - ok
11:16:34.0714 5496 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:16:34.0807 5496 Mouclass - ok
11:16:34.0870 5496 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:16:34.0979 5496 mouhid - ok
11:16:35.0026 5496 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:16:35.0120 5496 MountMgr - ok
11:16:35.0182 5496 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
11:16:35.0198 5496 MpFilter - ok
11:16:35.0276 5496 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
11:16:35.0386 5496 mraid35x - ok
11:16:35.0448 5496 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:16:35.0557 5496 MRxDAV - ok
11:16:35.0620 5496 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:16:35.0682 5496 MRxSmb - ok
11:16:35.0761 5496 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:16:35.0870 5496 Msfs - ok
11:16:36.0198 5496 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:16:36.0323 5496 MSKSSRV - ok
11:16:36.0354 5496 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:16:36.0448 5496 MSPCLOCK - ok
11:16:36.0464 5496 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:16:36.0573 5496 MSPQM - ok
11:16:36.0604 5496 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:16:36.0698 5496 mssmbios - ok
11:16:36.0807 5496 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:16:36.0839 5496 Mup - ok
11:16:36.0948 5496 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:16:37.0042 5496 NDIS - ok
11:16:37.0104 5496 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:16:37.0151 5496 NdisTapi - ok
11:16:37.0182 5496 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:16:37.0292 5496 Ndisuio - ok
11:16:37.0339 5496 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:16:37.0432 5496 NdisWan - ok
11:16:37.0542 5496 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:16:37.0604 5496 NDProxy - ok
11:16:37.0651 5496 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:16:37.0760 5496 NetBIOS - ok
11:16:37.0807 5496 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:16:37.0917 5496 NetBT - ok
11:16:38.0042 5496 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:16:38.0135 5496 Npfs - ok
11:16:38.0214 5496 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:16:38.0323 5496 Ntfs - ok
11:16:38.0401 5496 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:16:38.0526 5496 Null - ok
11:16:38.0620 5496 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:16:38.0792 5496 nv - ok
11:16:38.0901 5496 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:16:39.0026 5496 NwlnkFlt - ok
11:16:39.0057 5496 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:16:39.0182 5496 NwlnkFwd - ok
11:16:39.0260 5496 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:16:39.0339 5496 Parport - ok
11:16:39.0401 5496 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:16:39.0495 5496 PartMgr - ok
11:16:39.0557 5496 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:16:39.0667 5496 ParVdm - ok
11:16:39.0729 5496 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:16:39.0823 5496 PCI - ok
11:16:39.0901 5496 PCIDump - ok
11:16:39.0948 5496 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:16:40.0057 5496 PCIIde - ok
11:16:40.0120 5496 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:16:40.0214 5496 Pcmcia - ok
11:16:40.0292 5496 PDCOMP - ok
11:16:40.0323 5496 PDFRAME - ok
11:16:40.0354 5496 PDRELI - ok
11:16:40.0370 5496 PDRFRAME - ok
11:16:40.0401 5496 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
11:16:40.0510 5496 perc2 - ok
11:16:40.0589 5496 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
11:16:40.0698 5496 perc2hib - ok
11:16:40.0870 5496 pmem (dedef40e1d05842639491365cb2c069e) C:\WINDOWS\System32\drivers\pmemnt.sys
11:16:40.0885 5496 pmem ( UnsignedFile.Multi.Generic ) - warning
11:16:40.0885 5496 pmem - detected UnsignedFile.Multi.Generic (1)
11:16:41.0042 5496 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:16:41.0135 5496 PptpMiniport - ok
11:16:41.0448 5496 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
11:16:41.0542 5496 Processor - ok
11:16:41.0635 5496 psadd (f8a25f1dd8b2c332cbc663e3579566e7) C:\WINDOWS\system32\DRIVERS\psadd.sys
11:16:41.0651 5496 psadd - ok
11:16:42.0042 5496 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:16:42.0167 5496 PSched - ok
11:16:42.0542 5496 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:16:42.0651 5496 Ptilink - ok
11:16:43.0088 5496 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:16:43.0104 5496 PxHelp20 - ok
11:16:43.0417 5496 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
11:16:43.0526 5496 ql1080 - ok
11:16:43.0573 5496 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
11:16:43.0667 5496 Ql10wnt - ok
11:16:43.0713 5496 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
11:16:43.0823 5496 ql12160 - ok
11:16:43.0885 5496 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
11:16:43.0995 5496 ql1240 - ok
11:16:44.0010 5496 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
11:16:44.0104 5496 ql1280 - ok
11:16:44.0167 5496 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:16:44.0276 5496 RasAcd - ok
11:16:44.0354 5496 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:16:44.0448 5496 Rasl2tp - ok
11:16:44.0526 5496 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:16:44.0620 5496 RasPppoe - ok
11:16:44.0729 5496 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:16:44.0838 5496 Raspti - ok
11:16:44.0917 5496 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:16:45.0026 5496 Rdbss - ok
11:16:45.0057 5496 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:16:45.0167 5496 RDPCDD - ok
11:16:45.0354 5496 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:16:45.0463 5496 rdpdr - ok
11:16:45.0620 5496 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:16:45.0651 5496 RDPWD - ok
11:16:45.0760 5496 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:16:45.0870 5496 redbook - ok
11:16:45.0901 5496 RimUsb - ok
11:16:45.0963 5496 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
11:16:46.0010 5496 RimVSerPort - ok
11:16:46.0088 5496 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
11:16:46.0198 5496 ROOTMODEM - ok
11:16:46.0213 5496 Suspicious service (NoAccess): ryfvq
11:16:46.0292 5496 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:16:46.0401 5496 Secdrv - ok
11:16:46.0448 5496 Sentinel (cd8f847a75a974d7aa723a23dfb7d004) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
11:16:46.0448 5496 Sentinel ( UnsignedFile.Multi.Generic ) - warning
11:16:46.0448 5496 Sentinel - detected UnsignedFile.Multi.Generic (1)
11:16:46.0495 5496 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:16:46.0588 5496 serenum - ok
11:16:46.0604 5496 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:16:46.0698 5496 Serial - ok
11:16:46.0823 5496 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:16:46.0932 5496 Sfloppy - ok
11:16:47.0026 5496 Simbad - ok
11:16:47.0073 5496 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
11:16:47.0167 5496 sisagp - ok
11:16:47.0260 5496 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
11:16:47.0307 5496 Sparrow - ok
11:16:47.0385 5496 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:16:47.0479 5496 splitter - ok
11:16:47.0557 5496 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:16:47.0667 5496 sr - ok
11:16:47.0729 5496 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:16:47.0807 5496 Srv - ok
11:16:47.0870 5496 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:16:47.0963 5496 swenum - ok
11:16:48.0026 5496 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:16:48.0135 5496 swmidi - ok
11:16:48.0213 5496 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
11:16:48.0307 5496 symc810 - ok
11:16:48.0338 5496 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
11:16:48.0463 5496 symc8xx - ok
11:16:48.0542 5496 SymIM - ok
11:16:48.0573 5496 SymIMMP - ok
11:16:48.0651 5496 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
11:16:48.0760 5496 sym_hi - ok
11:16:48.0854 5496 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
11:16:48.0948 5496 sym_u3 - ok
11:16:49.0026 5496 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:16:49.0120 5496 sysaudio - ok
11:16:49.0213 5496 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:16:49.0292 5496 Tcpip - ok
11:16:49.0354 5496 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:16:49.0463 5496 TDPIPE - ok
11:16:49.0541 5496 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:16:49.0635 5496 TDTCP - ok
11:16:49.0713 5496 Teefer2 - ok
11:16:49.0776 5496 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:16:49.0870 5496 TermDD - ok
11:16:49.0963 5496 TosIde (fd4fd7d6fda5c019ed86025d7be1510f) C:\WINDOWS\system32\DRIVERS\toside.sys
11:16:50.0057 5496 TosIde - ok
11:16:50.0151 5496 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\WINDOWS\system32\DRIVERS\tvtfilter.sys
11:16:50.0198 5496 tvtfilter - ok
11:16:50.0307 5496 TVTI2C (8ab24d4b7da715c2c80455137910e792) C:\WINDOWS\system32\DRIVERS\Tvti2c.sys
11:16:50.0370 5496 TVTI2C - ok
11:16:50.0416 5496 TVTPktFilter (6c60a5209be2fa1f94bb98a056418f66) C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys
11:16:50.0432 5496 TVTPktFilter ( UnsignedFile.Multi.Generic ) - warning
11:16:50.0432 5496 TVTPktFilter - detected UnsignedFile.Multi.Generic (1)
11:16:50.0510 5496 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:16:50.0620 5496 Udfs - ok
11:16:50.0682 5496 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
11:16:50.0745 5496 ultra - ok
11:16:50.0854 5496 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:16:50.0963 5496 Update - ok
11:16:51.0026 5496 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:16:51.0120 5496 usbccgp - ok
11:16:51.0198 5496 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:16:51.0291 5496 usbehci - ok
11:16:51.0354 5496 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:16:51.0463 5496 usbhub - ok
11:16:51.0526 5496 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:16:51.0635 5496 USBSTOR - ok
11:16:51.0698 5496 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:16:51.0791 5496 usbuhci - ok
11:16:51.0854 5496 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:16:51.0963 5496 VgaSave - ok
11:16:52.0041 5496 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
11:16:52.0120 5496 viaagp - ok
11:16:52.0245 5496 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:16:52.0354 5496 ViaIde - ok
11:16:52.0401 5496 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:16:52.0510 5496 VolSnap - ok
11:16:52.0588 5496 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:16:52.0698 5496 Wanarp - ok
11:16:52.0729 5496 WDICA - ok
11:16:52.0791 5496 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:16:52.0885 5496 wdmaud - ok
11:16:53.0010 5496 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
11:16:53.0120 5496 WpdUsb - ok
11:16:53.0229 5496 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:16:53.0338 5496 WS2IFSL - ok
11:16:53.0416 5496 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:16:53.0495 5496 WudfPf - ok
11:16:53.0557 5496 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:16:53.0573 5496 WudfRd - ok
11:16:53.0666 5496 yukonwxp (7578410b1512fad9c485b134561e8b78) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:16:53.0760 5496 yukonwxp - ok
11:16:53.0791 5496 MBR (0x1B8) (08f882a04ec48a6361cc5fd55849bceb) \Device\Harddisk0\DR0
11:16:53.0901 5496 \Device\Harddisk0\DR0 - ok
11:16:53.0901 5496 Boot (0x1200) (21591d86338d775221f1fea9390b3aa5) \Device\Harddisk0\DR0\Partition0
11:16:53.0901 5496 \Device\Harddisk0\DR0\Partition0 - ok
11:16:53.0901 5496 ============================================================
11:16:53.0901 5496 Scan finished
11:16:53.0901 5496 ============================================================
11:16:54.0010 5732 Detected object count: 15
11:16:54.0010 5732 Actual detected object count: 15
11:17:25.0228 5732 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0228 5732 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0228 5732 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0228 5732 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0228 5732 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0228 5732 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0228 5732 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0228 5732 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0228 5732 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0228 5732 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0228 5732 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0228 5732 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0244 5732 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0244 5732 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0244 5732 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0244 5732 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0244 5732 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0244 5732 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0244 5732 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0244 5732 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0244 5732 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0244 5732 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0244 5732 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0244 5732 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0260 5732 pmem ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0260 5732 pmem ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0260 5732 Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0260 5732 Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:17:25.0260 5732 TVTPktFilter ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:25.0260 5732 TVTPktFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip

jacktenrek · #9 Příspěvek od **jacktenrek** » 08 bře 2012 11:00

jj dva, ale nevím jestli se to někam ukladá nejaky report ...

https://www.virustotal.com/file/05e538d ... /analysis/

https://www.virustotal.com/file/f72733a ... /analysis/

https://www.virustotal.com/file/240fa16 ... /analysis/

https://www.virustotal.com/file/7e24d86 ... /analysis/

https://www.virustotal.com/file/cdbf2ac ... /analysis/

https://www.virustotal.com/file/5faa689 ... /analysis/

https://www.virustotal.com/file/79b34b8 ... /analysis/

https://www.virustotal.com/file/19d50d1 ... /analysis/

https://www.virustotal.com/file/301b0f4 ... /analysis/

https://www.virustotal.com/file/6c0de90 ... /analysis/

https://www.virustotal.com/file/ec8d26a ... /analysis/

https://www.virustotal.com/file/9b63e97 ... /analysis/

https://www.virustotal.com/file/17e0705 ... /analysis/

https://www.virustotal.com/file/eb9ed37 ... /analysis/

https://www.virustotal.com/file/cb84549 ... /analysis/

Logfile of random's system information tool 1.09 (written by random/random)
Run by jnovosad at 2012-03-08 10:29:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 204 GB (87%) free of 234 GB
Total RAM: 2047 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:29:56, on 8.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\mstsc.exe
C:\WINDOWS\system32\mstsc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\jnovosad\Dokumenty\Stažené soubory\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\jnovosad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cz_z1_srv001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/AcDcToday.ocx
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ANYXO.LOCAL
O17 - HKLM\Software\..\Telephony: DomainName = ANYXO.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ANYXO.LOCAL
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ANYXO.LOCAL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

--
End of file - 12642 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ccf53a2694c3f6.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1ccf53a28196344.job
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
C:\WINDOWS\tasks\Připomenutí registrace 1.job
C:\WINDOWS\tasks\SystemToolsDailyTest.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A004CE68-97CE-438B-A0A4-5221277B79E6}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\jnovosad\Data aplikací\Mozilla\Firefox\Profiles\jghxuhf7.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=undefined&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\jnovosad\Data aplikací\Mozilla\Firefox\Profiles\jghxuhf7.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\jnovosad\Data aplikací\Mozilla\Firefox\Profiles\jghxuhf7.default\searchplugins\
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
Ad-Aware Security Toolbar - C:\Program Files\adawaretb\adawareDx.dll [2011-12-21 87440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-27 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-27 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-27 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 349640]
{6c97a91e-4524-4019-86af-2aa2d567bf5c} - Ad-Aware Security Toolbar - C:\Program Files\adawaretb\adawareDx.dll [2011-12-21 87440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2009-07-23 185688]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-03-21 141848]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]
"LPMailChecker"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-21 6676808]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-02-02 122940]
"ISUSPM Startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe [2004-07-27 221184]
"Ad-Aware Browsing Protection"=C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe [2011-11-15 197288]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-02-10 15494464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-02-10 108352]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-02-10 1634112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe [2012-02-15 17146504]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2012-01-03 40376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe [2011-11-23 208184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-05-18 196696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-03-21 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-03-17 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe"="C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe"="C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\adawaretb\dtUser.exe"="C:\Program Files\adawaretb\dtUser.exe:*:Enabled:Ad-Aware Security Toolbar DTX Broker"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-03-08 10:29:49 ----D---- C:\rsit
2012-03-08 09:48:24 ----ASH---- C:\hiberfil.sys
2012-03-08 09:47:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-03-08 09:46:54 ----A---- C:\WINDOWS\system32\nvrszht.dll
2012-03-08 09:46:54 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2012-03-08 09:46:54 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrstr.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsth.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrssv.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrssl.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrssk.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsru.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrspt.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrspl.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsno.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsko.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsja.dll
2012-03-08 09:46:53 ----A---- C:\WINDOWS\system32\nvrsit.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrshu.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrshe.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrses.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrseng.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsel.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsde.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsda.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrscs.dll
2012-03-08 09:46:52 ----A---- C:\WINDOWS\system32\nvrsar.dll
2012-03-08 09:46:51 ----A---- C:\WINDOWS\system32\nvcolor.exe
2012-03-08 09:46:50 ----A---- C:\WINDOWS\system32\nvmctray.dll
2012-03-08 09:46:50 ----A---- C:\WINDOWS\system32\nvcpl.dll
2012-03-08 09:46:47 ----A---- C:\WINDOWS\system32\nvwddi.dll
2012-03-08 09:45:14 ----A---- C:\WINDOWS\system32\OpenCL.dll
2012-03-08 09:45:13 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2012-03-08 09:45:13 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2012-03-08 09:45:13 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2012-03-08 09:45:13 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2012-03-08 09:45:13 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2012-03-08 09:45:13 ----A---- C:\WINDOWS\system32\nvcuda.dll
2012-03-08 09:45:11 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2012-03-08 09:45:11 ----A---- C:\WINDOWS\system32\nvapi.dll
2012-03-08 09:44:45 ----D---- C:\Program Files\NVIDIA Corporation
2012-03-08 09:44:24 ----D---- C:\NVIDIA
2012-03-08 09:37:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-03-08 09:32:35 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-03-08 07:34:50 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Mozilla
2012-03-08 07:34:19 ----D---- C:\Program Files\Mozilla Firefox
2012-03-07 11:15:26 ----A---- C:\TDSSKiller.2.7.19.0_07.03.2012_11.15.26_log.txt
2012-03-07 07:46:42 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2012-03-07 07:41:52 ----A---- C:\WINDOWS\system32\rp_stats.dat
2012-03-07 07:41:52 ----A---- C:\WINDOWS\system32\rp_rules.dat
2012-03-07 07:41:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection
2012-03-07 07:41:42 ----D---- C:\Program Files\Toolbar Cleaner
2012-03-07 07:41:38 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\adawaretb
2012-03-07 07:41:36 ----D---- C:\Program Files\adawaretb
2012-03-07 07:41:26 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys
2012-03-07 07:41:13 ----D---- C:\Program Files\Lavasoft
2012-03-07 07:41:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2012-03-05 14:27:52 ----SHD---- C:\RECYCLER
2012-03-05 10:07:48 ----D---- C:\WINDOWS\temp
2012-03-02 14:29:39 ----A---- C:\Boot.bak
2012-03-02 14:29:33 ----RASHD---- C:\cmdcons
2012-03-02 14:23:11 ----A---- C:\WINDOWS\MBR.exe
2012-03-01 08:35:15 ----D---- C:\Program Files\trend micro
2012-02-29 11:27:23 ----D---- C:\skype uložit
2012-02-29 11:20:54 ----D---- C:\Program Files\STPViewer
2012-02-29 10:15:00 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Windows Search
2012-02-29 08:53:08 ----D---- C:\VritualRoot
2012-02-29 08:06:28 ----D---- C:\Program Files\Opera
2012-02-28 15:59:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
2012-02-28 15:56:33 ----A---- C:\WINDOWS\system32\drivers\sfi.dat
2012-02-28 15:54:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2012-02-28 15:53:51 ----D---- C:\Program Files\Comodo
2012-02-28 15:53:48 ----A---- C:\WINDOWS\system32\gdiplus.dll
2012-02-28 15:37:02 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\TeamViewer
2012-02-28 15:36:54 ----D---- C:\Program Files\TeamViewer
2012-02-28 12:20:28 ----D---- C:\Program Files\VS Revo Group
2012-02-28 11:59:36 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\DassaultSystemes
2012-02-28 11:59:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
2012-02-28 11:58:56 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2012-02-28 11:58:56 ----A---- C:\WINDOWS\eDrawingOfficeAutomator.INI
2012-02-28 11:58:33 ----D---- C:\Program Files\Common Files\eDrawings2008
2012-02-28 11:54:12 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Autodesk
2012-02-28 11:06:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-02-28 11:06:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-02-28 10:03:00 ----D---- C:\totalcmd
2012-02-28 10:03:00 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\GHISLER
2012-02-28 10:03:00 ----A---- C:\WINDOWS\UC.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\RAR.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\NOCLOSE.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\LHA.PIF
2012-02-28 10:03:00 ----A---- C:\WINDOWS\ARJ.PIF
2012-02-28 09:35:22 ----D---- C:\WRYKRYS2012
2012-02-28 09:23:11 ----D---- C:\SAPSPROW19
2012-02-28 09:22:08 ----D---- C:\download
2012-02-28 09:21:16 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\WinRAR
2012-02-28 09:20:48 ----D---- C:\Program Files\WinRAR
2012-02-28 09:19:58 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Estsoft
2012-02-28 09:06:00 ----D---- C:\Program Files\Common Files\Skype
2012-02-28 08:50:47 ----D---- C:\WINDOWS\pss
2012-02-28 08:38:46 ----D---- C:\Program Files\CCleaner
2012-02-28 08:30:55 ----N---- C:\WINDOWS\system32\acaptuser32.dll
2012-02-28 08:29:00 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Opera
2012-02-28 08:26:11 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Macromedia
2012-02-28 08:13:24 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Sun
2012-02-28 08:11:35 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Skype
2012-02-28 08:08:43 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Adobe
2012-02-28 08:08:27 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Windows Desktop Search
2012-02-28 08:06:29 ----ASH---- C:\Documents and Settings\jnovosad\Data aplikací\desktop.ini
2012-02-28 08:06:25 ----SD---- C:\Documents and Settings\jnovosad\Data aplikací\Microsoft
2012-02-28 08:06:25 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Lenovo
2012-02-28 08:06:25 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\InstallShield
2012-02-28 08:06:25 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Identities
2012-02-28 08:06:24 ----D---- C:\Documents and Settings\jnovosad\Data aplikací\Symantec
2012-02-27 12:22:33 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-27 12:08:49 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2012-02-27 12:01:54 ----D---- C:\Program Files\Microsoft Security Client
2012-02-27 11:51:45 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-02-27 11:50:48 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-27 11:50:48 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-27 11:50:48 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-03-08 10:16:51 ----SD---- C:\WINDOWS\Tasks
2012-03-08 10:16:51 ----D---- C:\WINDOWS\Prefetch
2012-03-08 09:49:09 ----D---- C:\WINDOWS\system32\CatRoot2
2012-03-08 09:49:01 ----HD---- C:\WINDOWS\inf
2012-03-08 09:48:56 ----D---- C:\WINDOWS
2012-03-08 09:47:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-03-08 09:47:09 ----D---- C:\WINDOWS\Help
2012-03-08 09:46:54 ----AD---- C:\WINDOWS\system32
2012-03-08 09:45:45 ----ASHD---- C:\WINDOWS\system32\dllcache
2012-03-08 09:45:37 ----D---- C:\WINDOWS\system32\drivers
2012-03-08 09:45:20 ----D---- C:\WINDOWS\system32\CatRoot
2012-03-08 09:44:45 ----RD---- C:\Program Files
2012-03-08 09:32:39 ----SHD---- C:\WINDOWS\CSC
2012-03-07 21:31:59 ----D---- C:\WINDOWS\security
2012-03-07 08:33:49 ----D---- C:\WINDOWS\SoftwareDistribution
2012-03-07 07:41:35 ----SHD---- C:\WINDOWS\Installer
2012-03-07 07:41:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-03-07 07:41:16 ----D---- C:\WINDOWS\WinSxS
2012-03-06 07:26:16 ----D---- C:\swshare
2012-03-05 12:10:21 ----SHD---- C:\System Volume Information
2012-03-05 12:10:21 ----D---- C:\WINDOWS\system32\Restore
2012-03-05 10:10:59 ----A---- C:\WINDOWS\system.ini
2012-03-05 10:10:38 ----D---- C:\WINDOWS\system32\drivers\etc
2012-03-05 10:08:05 ----D---- C:\WINDOWS\system32\config
2012-03-05 10:06:06 ----D---- C:\WINDOWS\AppPatch
2012-03-05 10:06:02 ----D---- C:\Program Files\Common Files
2012-03-05 07:39:24 ----D---- C:\WINDOWS\Debug
2012-03-02 14:29:42 ----RASH---- C:\boot.ini
2012-03-02 11:49:22 ----A---- C:\WINDOWS\win.ini
2012-02-29 07:30:19 ----AD---- C:\I386
2012-02-28 09:05:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-02-28 08:41:02 ----D---- C:\Program Files\Google
2012-02-28 08:10:34 ----D---- C:\Documents and Settings
2012-02-27 14:58:33 ----RSD---- C:\WINDOWS\assembly
2012-02-27 14:58:33 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-27 14:33:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-02-27 14:27:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-02-27 14:24:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-27 14:21:43 ----D---- C:\Program Files\Common Files\System
2012-02-27 13:38:50 ----D---- C:\WINDOWS\system32\cs-cz
2012-02-27 13:34:05 ----D---- C:\WINDOWS\system32\en-us
2012-02-27 13:33:52 ----D---- C:\Program Files\Microsoft.NET
2012-02-27 13:08:29 ----D---- C:\Program Files\Internet Explorer
2012-02-27 12:53:20 ----HD---- C:\WINDOWS\$hf_mig$
2012-02-27 12:23:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-02-27 12:05:07 ----D---- C:\WINDOWS\system32\appmgmt
2012-02-27 12:01:30 ----D---- C:\Program Files\Microsoft Office
2012-02-27 12:01:15 ----D---- C:\WINDOWS\ie8updates
2012-02-27 11:54:13 ----D---- C:\Program Files\Common Files\Java
2012-02-27 11:50:18 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-27 11:50:07 ----D---- C:\Program Files\Java
2012-02-27 11:44:17 ----D---- C:\WINDOWS\SchCache
2012-02-27 11:38:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2012-02-27 11:38:24 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-02-27 11:38:23 ----D---- C:\Program Files\Symantec
2012-02-27 11:35:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2012-02-10 05:10:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-03-01 89472]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-12-19 97760]
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-12-23 64512]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-05-26 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2011-12-19 18056]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-01-17 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-12-19 31704]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544]
R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R2 tvtfilter;tvtfilter; C:\WINDOWS\system32\DRIVERS\tvtfilter.sys [2008-05-26 33536]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-02-10 13415040]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2011-03-17 30144]
R3 TVTI2C;Lenovo SM bus driver; C:\WINDOWS\system32\DRIVERS\Tvti2c.sys [2007-05-22 30336]
R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2007-07-11 17792]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-04-21 297344]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-03-17 5955872]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 Teefer2;Teefer2 Miniport; C:\WINDOWS\system32\DRIVERS\teefer2.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-11 874240]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1052472]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-05-23 622700]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-27 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2012-03-07 2152152]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-02-10 164160]
R2 SUService;System Update; c:\program files\lenovo\system update\suservice.exe [2009-03-24 28672]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-08-03 644408]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-07-11 569344]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2007-07-11 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [2007-07-11 45056]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 bcdcufr;System Manager; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
S2 SkypeUpdate;Skype Updater; C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-23 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-21 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-21 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2011-02-07 3093944]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2012-02-28 79360]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

jacktenrek · #10 Příspěvek od **jacktenrek** » 09 bře 2012 07:47

ee problem přetrvává wormsik tu na me kuka jak na poleno

jacktenrek · #11 Příspěvek od **jacktenrek** » 09 bře 2012 11:24

zkusim toto

jacktenrek · #12 Příspěvek od **jacktenrek** » 09 bře 2012 11:33

tu je

jacktenrek · #13 Příspěvek od **jacktenrek** » 10 bře 2012 17:52

Rapport de ZHPDiag v1.28.34 par Nicolas Coolman, Update du 06/03/2012
Run by jnovosad at 10.3.2012 17:13:43
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Web site : http://nicolascoolman.skyrock.com/
Windows XP Professional Service Pack 3 (Build 2600)
State : A new version is available.

Boot mode: Normal (Normal boot)
Logged in as Administrator

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 10.0.2 v10.0.2
GCIE: Google Chrome v17.0.963.78
OPIE: Opera v11.61 (Defaut)

---\\ Running Processes
[MD5.BE465A17FDA2E79ED49053CBEC7E9335] - (.COMODO - COMODO livePCsupport Service.) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1052472] [PID.]
[MD5.6629D81B41BADD0D787F0E306CEEE7E0] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1960584] [PID.]
[MD5.0711D2E0F17B31E537B2770A618DA41F] - (.Diskeeper Corporation - DKSERVICE.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [622700] [PID.]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Instalační program Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.]
[MD5.0A5709543986843D37A92290B7838340] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.971B4344ABA9B79ED0E9D0BB2A5283C1] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 295.7.) -- C:\WINDOWS\system32\nvsvc32.exe [164160] [PID.]
[MD5.74FC70AE64A7B7DABEC9697CE0A1F4FA] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2886528] [PID.]
[MD5.D04402CD654AF1058AD9A82B73AD67C8] - (.Lenovo Group Limited - ThinkVantage Registry Monitor Service.) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [644408] [PID.]
[MD5.EAC42DF153B85C33621788B49CE58287] - (.Unknown owner - rrpservice Module.) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [569344] [PID.]
[MD5.57485259D6E558228EAE711890119D05] - (.Lenovo Group Limited - Rescue and Recovery Backup Service.) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [950272] [PID.]
[MD5.016A0213634B4D3EA9C1FDF10F53DA55] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe [7983488] [PID.]
[MD5.3500C12DEDD92775CBFE0E5D90C091DF] - (.TeamViewer GmbH - Helper process for TeamViewer performance o.) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe [116608] [PID.]
[MD5.E9EA448F1174BE4052416B62263EA4EE] - (.Lenovo Group Limited - ThinkVantage Scheduler.) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304] [PID.]
[MD5.2E72C66682E9274C97AE3F5A57C2FA33] - (...) -- C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056] [PID.]
[MD5.76B634A5817874485B71F540305F6A8E] - (...) -- C:\Program Files\Common Files\Lenovo\Logger\logmon.exe [22016] [PID.]
[MD5.5749522980DF6239D28F0F6606F62A77] - (.Lenovo Group Limited - ThinkVantage System Update Service.) -- c:\program files\lenovo\system update\suservice.exe [28672] [PID.]
[MD5.58C27EBBBEB67A26484A1C50909C002C] - (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424] [PID.]
[MD5.763DAB43BDAB27316DBF3373192823D7] - (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920] [PID.]
[MD5.D5A776C5A6564326885E6C52ECE9D7D5] - (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [185688] [PID.]
[MD5.3B376496187AB240FAC6ECD7BD1251F6] - (.Unknown owner - Message Center Plus Launcher.) -- C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976] [PID.]
[MD5.3B6E8AE318818B59A8A6AAF7C2BFF972] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16875008] [PID.]
[MD5.739C1F1721CF90CA719D04478C2E2779] - (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [124248] [PID.]
[MD5.106E3AE6547782AF85A29895205D57D5] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6676808] [PID.]
[MD5.17730174D7426CD567001B77341C5ECE] - (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940] [PID.]
[MD5.5D51AB9F8C41A99D47D353B48E4291DD] - (.Lavasoft - Ad-Aware Browsing Protection.) -- C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe [197288] [PID.]
[MD5.17DA10ECF834EBE33E03B3C0B3EAD8F7] - (.Skype Technologies S.A. - Skype.) -- C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe [17146504] [PID.]
[MD5.BCC4348A76435AC7A2AF6E824DCB02A8] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [256536] [PID.]
[MD5.9467CC67D11345272337CC11ADD80507] - (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [196696] [PID.]
[MD5.0E5398084278E4CD84DDB0A2B646548D] - (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE [12997488] [PID.]
[MD5.5C6558352FC3E7CC76D27B9AD8614FFC] - (.Ghisler Software GmbH - Total Commander 32 bit.) -- C:\totalcmd\TOTALCMD.EXE [3734952] [PID.]
[MD5.33D679D5CC80CCC8E784CC588DA12465] - (.Microsoft Corporation - Remote Desktop Connection.) -- C:\WINDOWS\system32\mstsc.exe [677888] [PID.]
[MD5.F45865663B1A2D7D18488A8DB1E93AC0] - (...) -- C:\SAPSPROW19\sapsw.exe [2531840] [PID.]
[MD5.BF86A026FDCA9ECC5C118E700C1FD4EC] - (...) -- C:\Program Files\MusicJet\MusicJet.exe [3726160] [PID.]
[MD5.CC7001E619906A0FF78C162A0A39D5B7] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe [949104] [PID.]
[MD5.1D8BD62296564C8F5A469976D53DD716] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [64000] [PID.]
[MD5.C8F1A365C4EDBC72FEDE0CE166D8AF17] - (.Lubomír Chudek Anra - WRYKRYS Application.) -- C:\WRYKRYS2012\Wrykrys.exe [1350656] [PID.]
[MD5.7AE5A78832A79B4157E83404093B59AB] - (...) -- C:\WRYKRYS2012\VKATBANF.EXE [331264] [PID.]
[MD5.EA38136981C61C571D52C380DAAD46EF] - (.Lavasoft Limited - Ad-Aware Service Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2152152] [PID.]
[MD5.0830E6BA8463BEF96CF69C1993F74A4B] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [1187072] [PID.]
[MD5.6652DF745B86123B73315B7427F17694] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- c:\program files\teamviewer\version7\TeamViewer_Desktop.exe [2394496] [PID.]
[MD5.5AC757AE411CBC603C33C85F81F8657D] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.]
[MD5.196F6E8FBC7043A867C8F428E40530E8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.]
[MD5.46AE705AC463F50AC714C8084A09A2A3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2211328] [PID.5108]
[MD5.88842DE939A827577BF24243699AC80A] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
[MD5.DCF3E3EDF5109EE8BC02FE6E1F045795] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504] [PID.]
~ Scan Processes Running in 00mn 03s

---\\ Opera, Plugins,Start,Search (P1,B0,B1)
B0 - SPO: operaprefs.ini [jnovosad] Home URL=http://www.seznam.cz
~ Scan Opera Browser in 00mn 00s

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [jnovosad] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [jnovosad] -- C:\Program Files\Mozilla FireFox\searchplugins\heureka-cz.xml
M3 - MFPP: Plugins - [jnovosad] -- C:\Program Files\Mozilla FireFox\searchplugins\jyxo-cz.xml
M3 - MFPP: Plugins - [jnovosad] -- C:\Program Files\Mozilla FireFox\searchplugins\seznam-cz.xml
M3 - MFPP: Plugins - [jnovosad] -- C:\Program Files\Mozilla FireFox\searchplugins\slunecnice-cz.xml
M3 - MFPP: Plugins - [jnovosad] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-cz.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10111.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Acrobat] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cz_z1_srv001
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19190 (longhorn_ie8_gdr.111214-1715)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1

---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\DLA\DLASHX_W.dll
O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} . (.Unknown owner - Ad-Aware Security Toolbar Link Library.) -- C:\Program Files\adawaretb\adawareDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} . (...) -- C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
~ Scan BHO in 00mn 01s

---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} . (.Unknown owner - Ad-Aware Security Toolbar Link Library.) -- C:\Program Files\adawaretb\adawareDx.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} . (...) -- C:\Program Files\Seznam.cz\toolbar\toolbar.dll
~ Scan Toolbar in 00mn 00s

---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [TVT Scheduler Proxy] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [ISUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Run: [LPManager] . (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [Message Center Plus] . (.Unknown owner - Message Center Plus Launcher.) -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [LPMailChecker] . (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
O4 - HKLM\..\Run: [DLA] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\DLA\DLACTRLW.exe
O4 - HKLM\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] . (.Lavasoft - Ad-Aware Browsing Protection.) -- C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\nvcpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\nvmctray.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2000478354-839522115-682003330-3397\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2000478354-839522115-682003330-3397\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] . (.Microsoft Corporation - Registry Console Tool.) -- C:\WINDOWS\system32\reg.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] . (.Microsoft Corporation - Registry Console Tool.) -- C:\WINDOWS\system32\reg.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] . (.Microsoft Corporation - Registry Console Tool.) -- C:\WINDOWS\system32\reg.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] . (.Microsoft Corporation - Registry Console Tool.) -- C:\WINDOWS\system32\reg.exe
~ Scan Application in 00mn 00s

---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &Windows Live Search . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O8 - Extra context menu item: Append Link Target to Existing PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: Append to Existing PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: Convert Link Target to Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: Convert to Adobe PDF . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 01s

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} . (...) -- C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} . (...) -- C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Poskytovatel služeb Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Poskytovatel služeb Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - (InstaFred) - (.Autodesk, Inc. - InstFred ActiveX Control Module.) -- C:\Program Files\AutoCAD LT 2002 Cz\InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - (Ovládací prvek AcDcToday) - (.Autodesk - AcDcToday ActiveX Control Module.) -- C:\Program Files\AutoCAD LT 2002 Cz\AcDcToday.ocx
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - (NOXLATE-BANR) - (.Autodesk, Inc. - InstBanr ActiveX Control Module.) -- C:\Program Files\AutoCAD LT 2002 Cz\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - (Prvek AcPreview) - (.Autodesk - AcPreview ActiveX Support.) -- C:\Program Files\AutoCAD LT 2002 Cz\AcPreview.ocx
~ Scan Objets ActiveX in 00mn 00s

---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: DhcpNameServer = 10.0.0.249 217.197.150.168
O17 - HKLM\System\CCS\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: DhcpDomain = anyxo.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: DhcpNameServer = 10.0.0.249 217.197.150.168
O17 - HKLM\System\CS1\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: DhcpDomain = anyxo.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: DhcpNameServer = 10.0.0.249 217.197.150.168
O17 - HKLM\System\CS2\Services\Tcpip\..\{A7133675-5A5F-48C3-9987-E7394B592BC2}: DhcpDomain = anyxo.local
~ Scan Domain in 00mn 00s

---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 01s

---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notification.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s

---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.COMODO - COMODO Internet Security.) - C:\WINDOWS\system32\guard32.dll
~ Scan AppInit DLL in 00mn 00s

---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s

---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Společnost Microsoft - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Společnost Microsoft - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: COMODO livePCsupport Service (CLPSLS) . (.COMODO - COMODO livePCsupport Service.) - C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Diskeeper (Diskeeper) . (.Diskeeper Corporation - DKSERVICE.EXE.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) . (.Google Inc. - Instalační program Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 295.7.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Documents and Settings\esevcikova\Local Settings\Data aplikací\Skype\Updater\Updater.exe
O23 - Service: System Update (SUService) . (.Lenovo Group Limited - ThinkVantage System Update Service.) - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ThinkVantage Registry Monitor Service (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited - ThinkVantage Registry Monitor Service.) - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Protection Service (TVT Backup Protection Service) . (.Unknown owner - rrpservice Module.) - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service (TVT Backup Service) . (.Lenovo Group Limited - Rescue and Recovery Backup Service.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler (TVT Scheduler) . (.Lenovo Group Limited - ThinkVantage Scheduler.) - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk (tvtnetwk) . (...) - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
~ Scan Services in 00mn 00s

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Aktuální domovská stránka - file:About:Home
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

End of the scan (337 lines in 00mn 11s)(0)

to druhy nejde hlasi me to vir a hodi do karanteny ikdyž vypnu antivir ..

jacktenrek · #14 Příspěvek od **jacktenrek** » 10 bře 2012 18:14

jejda tak to jedine až v pondeli delal jsem to přes vzdalenou plochu tudiž nemužu dát flašku do pc

jacktenrek · #15 Příspěvek od **jacktenrek** » 13 bře 2012 18:29

sem se dostanu až příšti pondeli

pak dám vedet --

VIRY.CZ

kontrola plus wormsík

kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík

Re: kontrola plus wormsík