Kontrola+Avast

Zpráva

frutas11 · #1 Příspěvek od **frutas11** » 01 dub 2012 20:05

Dobrý den,prosím o kontrolu logu.Děkuji předem.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2012-04-01 21:02:00
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 50 GB (49%) free of 101 GB
Total RAM: 2039 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:04:15, on 1.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fighters\FighterSuiteService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\713xRMTMon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\explorer.exe
C:\downloads\avast_free_antivirus_setup.exe
C:\DOCUME~1\Uzivatel\LOCALS~1\Temp\_av_sfx.tm~a03612\avast.setup
C:\WINDOWS\system32\cidaemon.exe
C:\Downloads\RSIT.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=13760
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=snd&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\core.3.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\ARO 2012\ARO.exe -rem
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2010804910
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3843309171
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

--
End of file - 10844 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\expressaccountsSevenDaysInit.job
C:\WINDOWS\tasks\expressaccountsShakeIcon.job
C:\WINDOWS\tasks\expressburnSevenDaysInit.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\expressinvoiceSevenDaysInit.job
C:\WINDOWS\tasks\expressinvoiceShakeIcon.job
C:\WINDOWS\tasks\flexiserverSevenDaysInit.job
C:\WINDOWS\tasks\flexiserverShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3405207397-609143208-2953296790-1004.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3405207397-609143208-2953296790-1005.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3405207397-609143208-2953296790-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3405207397-609143208-2953296790-1005.job
C:\WINDOWS\tasks\Registry Reviver-Uzivatel-Startup.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4664943E-8FED-414C-B188-0172A180C4B1}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2011-06-28 241464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-22 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\core.3.dll [2010-10-07 1164568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\DealBulldog Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-05-09 176936]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2011-06-28 696000]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - DealBulldog Toolbar - C:\Program Files\DealBulldog Toolbar\tbcore3.dll [2011-06-22 2398720]
{daf5b34c-1aa3-4c33-ae24-766a370635d2} - KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"UpdatePDRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"C-Media Mixer"=Mixer.exe /startup []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"TV Card Remote Control Device Monitor"=C:\WINDOWS\713xRMTMon.exe [2005-07-20 352256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-01-31 258512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe [2010-10-07 488728]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"AROReminder"=C:\Program Files\ARO 2012\ARO.exe [2012-01-06 2552688]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-02-01 2342608]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Orbit.lnk -
Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PFNet]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Program Files\QuadCoreM2\pack\core.bin"="C:\Program Files\QuadCoreM2\pack\core.bin:*:Enabled:core"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Logitech\Vid HD\Vid.exe"="C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"F:\q3demo\quake3.exe"="F:\q3demo\quake3.exe:*:Enabled:quake3"
"F:\Quake3\quake3.exe"="F:\Quake3\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\kmpmediatoolbar\dtUser.exe"="C:\Program Files\kmpmediatoolbar\dtUser.exe:*:Enabled:KMP Media Toolbar DTX Broker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2012-04-01 21:02:01 ----D---- C:\Program Files\trend micro
2012-04-01 21:02:00 ----D---- C:\rsit
2012-04-01 20:14:12 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\searchresultstb
2012-04-01 20:10:03 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-04-01 20:03:24 ----D---- C:\Program Files\AVAST Software
2012-04-01 19:39:34 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2012-04-01 18:55:23 ----D---- C:\Avenger
2012-04-01 18:55:23 ----A---- C:\avenger.txt
2012-04-01 18:50:36 ----A---- C:\cleanup.exe
2012-04-01 18:50:36 ----A---- C:\cleanup.bat
2012-04-01 18:50:35 ----A---- C:\zip.exe
2012-04-01 18:42:48 ----D---- C:\Program Files\CCleaner
2012-04-01 18:18:17 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\kmpmediatoolbar
2012-04-01 00:08:41 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\IObit
2012-04-01 00:08:35 ----D---- C:\Program Files\IObit
2012-03-31 23:58:33 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Wise Registry Cleaner
2012-03-31 23:56:03 ----D---- C:\Program Files\Ask.com
2012-03-31 23:55:39 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Avira
2012-03-31 23:55:23 ----D---- C:\Program Files\Wise Registry Cleaner
2012-03-31 23:49:24 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2012-03-31 23:49:19 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2012-03-31 23:49:19 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2012-03-31 23:49:18 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2012-03-31 23:49:16 ----D---- C:\Program Files\Avira
2012-03-31 23:49:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2012-03-31 23:33:21 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Sammsoft
2012-03-31 23:32:46 ----D---- C:\Program Files\ARO 2012
2012-03-30 11:33:45 ----D---- C:\Program Files\kmpmediatoolbar
2012-03-30 11:32:24 ----D---- C:\Program Files\PANDORA.TV
2012-03-30 11:30:35 ----D---- C:\Program Files\The KMPlayer
2012-03-29 09:42:05 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2012-03-29 08:46:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2012-03-29 08:45:39 ----D---- C:\Program Files\Sony
2012-03-27 10:13:25 ----A---- C:\WINDOWS\system32\pncrt.dll
2012-03-25 00:44:23 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Toolbar4
2012-03-23 11:50:42 ----A---- C:\WINDOWS\system32\xvidcore.dll
2012-03-23 09:18:58 ----D---- C:\Program Files\DealBulldog Toolbar
2012-03-22 21:12:12 ----A---- C:\WINDOWS\system32\GPhotos.scr
2012-03-22 10:52:54 ----AH---- C:\WINDOWS\system32\drivers\hamachi.sys
2012-03-22 10:49:56 ----D---- C:\Program Files\Common Files\Java
2012-03-22 10:48:32 ----A---- C:\WINDOWS\system32\javaws.exe
2012-03-22 10:48:32 ----A---- C:\WINDOWS\system32\javaw.exe
2012-03-22 10:48:31 ----A---- C:\WINDOWS\system32\java.exe
2012-03-14 22:15:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 22:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-13 22:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-09 22:00:01 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\CasinoOnNet
2012-03-09 21:59:22 ----D---- C:\Program Files\CasinoOnNet
2012-03-09 21:04:16 ----D---- C:\Casino
2012-03-07 19:10:02 ----A---- C:\WINDOWS\WORDPAD.INI

======List of files/folders modified in the last 1 month======

2012-04-01 21:03:36 ----D---- C:\WINDOWS\Temp
2012-04-01 21:02:01 ----RD---- C:\Program Files
2012-04-01 21:01:33 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Orbit
2012-04-01 21:01:32 ----D---- C:\downloads
2012-04-01 20:56:59 ----D---- C:\WINDOWS
2012-04-01 20:52:30 ----D---- C:\WINDOWS\Prefetch
2012-04-01 20:44:37 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-01 20:44:24 ----D---- C:\WINDOWS\system32\logishrd
2012-04-01 20:28:36 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Skype
2012-04-01 20:14:53 ----SHD---- C:\WINDOWS\Installer
2012-04-01 20:14:48 ----SHD---- C:\Config.Msi
2012-04-01 20:14:38 ----D---- C:\WINDOWS\system32
2012-04-01 20:11:39 ----D---- C:\WINDOWS\SoftwareDistribution
2012-04-01 18:55:23 ----D---- C:\WINDOWS\system32\drivers
2012-04-01 18:44:52 ----D---- C:\WINDOWS\Logs
2012-04-01 18:32:47 ----D---- C:\Program Files\Picasa2
2012-03-31 23:56:09 ----SD---- C:\WINDOWS\Tasks
2012-03-30 11:47:43 ----A---- C:\WINDOWS\NeroDigital.ini
2012-03-29 23:01:12 ----D---- C:\Program Files\Opera
2012-03-29 10:09:39 ----HD---- C:\WINDOWS\inf
2012-03-29 09:49:02 ----RSD---- C:\WINDOWS\assembly
2012-03-29 09:42:36 ----D---- C:\WINDOWS\system32\mui
2012-03-29 09:42:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-29 09:39:27 ----D---- C:\Program Files\Softonic-Eng7
2012-03-29 09:32:29 ----D---- C:\WINDOWS\WinSxS
2012-03-22 11:38:47 ----D---- C:\WINDOWS\Debug
2012-03-22 11:38:45 ----D---- C:\WINDOWS\Minidump
2012-03-22 10:49:56 ----D---- C:\Program Files\Common Files
2012-03-22 10:46:52 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-03-14 22:15:21 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-14 22:11:50 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-05-20 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-01-31 137416]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl26d11cae;MpKsl26d11cae; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\MpKsl26d11cae.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-05-20 279712]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-01-31 74640]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-05-20 25888]
R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2011-08-19 121464]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2007-11-07 171152]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2011-01-27 15664]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 LVPr2Mon;LVPr2Mon Driver; C:\WINDOWS\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448]
R3 LVUVC;Logitech Webcam 250(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-05-20 12160]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 glojekrh;glojekrh; C:\WINDOWS\system32\drivers\glojekrh.sys []
S1 lywqmxgr;lywqmxgr; C:\WINDOWS\system32\drivers\lywqmxgr.sys []
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 AVFSFilter;AVFSFilter; C:\WINDOWS\system32\DRIVERS\avfsfilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2008-01-02 1404544]
S3 cpuz132;cpuz132; C:\WINDOWS\system32\drivers\cpuz132.sys []
S3 EagleNT;EagleNT; C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FilterService;UVCFilterService; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2010-05-15 23904]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 iANSMiniport;Intel(R) Advanced Network Services Virtual Adapter; C:\WINDOWS\system32\DRIVERS\ianswxp.sys [2007-12-06 114824]
S3 iANSProtocol;Intel(R) Advanced Network Services Protocol; C:\WINDOWS\system32\DRIVERS\ianswxp.sys [2007-12-06 114824]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2010-05-15 114784]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MREMP50a64.sys []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MREMPR5.sys []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MRENDIS5.sys []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MRESP50a64.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2002-02-14 47360]
S3 RT73;ASUS USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2008-01-15 459520]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-05-20 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-01-31 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-22 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Suite Service;Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [2011-12-28 1324680]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-25 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Common Toolkit Tools;Common Toolkit Tools; C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-12-28 216712]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-25 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-13 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]

-----------------EOF-----------------

frutas11 · #2 Příspěvek od **frutas11** » 01 dub 2012 20:18

Omlouvám se za další příspěvek ale zapoměl sem dodat.Mám nefunkční AVAST,ukazuje mi že je jke systém nechráněn,avšak pokusi o zapnutí štítu byli marné.Nejde odinstalovat,smazat,opravit,nainstalovat, no prostě nic.Dokonce sem udělal větší šílený zákrok a to ten že jsem pomocí Avengeru smazal jeho složku s Avastem,po restartu mi počítač zobrazil modrou obrazovku a ukázal závažnou chybu.Počítač jsem zapl ve stavu nouze a ze zálohy Avengeru vrátil Avast tam kde byl.Nyní je počítač funkční ale Avast ne.Děkuji.

#3 Příspěvek od **JaRon** » 02 dub 2012 08:06

ahoj,
no s prepacenim mi pripadas ako "zbrkly autocistic"

1. odinstaluj IObit\Advanced SystemCare 3 + ASK Toolbar
2. ujasni si ci Avira ALEBO Avast - odinstaluj jeden z nich
3. vycisti PC s CCleanerom
4. vloz log RSIT

frutas11 · #4 Příspěvek od **frutas11** » 02 dub 2012 16:26

Aviru jsem to měl z důvodu toho že Avast nefunguje a já chtěl mít v PC alespoň nějakou ochranu.
Vše sem udělal dle vaších pokynů.Avast momentálně pořád nefunguje.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2012-04-02 17:23:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 49 GB (49%) free of 101 GB
Total RAM: 2039 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:23:58, on 2.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fighters\FighterSuiteService.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\713xRMTMon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\honestech\honestech TVR\scheduleTV.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Opera\opera.exe
C:\DOCUME~1\Uzivatel\LOCALS~1\Temp\_iu14D2N.tmp
C:\WINDOWS\system32\mshta.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\downloads\RSIT(1).exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=13760
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=snd&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\core.3.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = ?
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2010804910
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3843309171
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Common Toolkit Tools - SPAMfighter ApS - C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

--
End of file - 9839 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\expressaccountsSevenDaysInit.job
C:\WINDOWS\tasks\expressaccountsShakeIcon.job
C:\WINDOWS\tasks\expressburnSevenDaysInit.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\expressinvoiceSevenDaysInit.job
C:\WINDOWS\tasks\expressinvoiceShakeIcon.job
C:\WINDOWS\tasks\flexiserverSevenDaysInit.job
C:\WINDOWS\tasks\flexiserverShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3405207397-609143208-2953296790-1004.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3405207397-609143208-2953296790-1005.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3405207397-609143208-2953296790-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3405207397-609143208-2953296790-1005.job
C:\WINDOWS\tasks\Registry Reviver-Uzivatel-Startup.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4664943E-8FED-414C-B188-0172A180C4B1}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2011-06-28 241464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-22 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\core.3.dll [2010-10-07 1164568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\DealBulldog Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-05-09 176936]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2011-06-28 696000]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - DealBulldog Toolbar - C:\Program Files\DealBulldog Toolbar\tbcore3.dll [2011-06-22 2398720]
{daf5b34c-1aa3-4c33-ae24-766a370635d2} - KMP Media Toolbar - C:\Program Files\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]
{D4027C7F-154A-4066-A1AD-4243D8127440}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"UpdatePDRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"C-Media Mixer"=Mixer.exe /startup []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"TV Card Remote Control Device Monitor"=C:\WINDOWS\713xRMTMon.exe [2005-07-20 352256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Documents and Settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe [2010-10-07 488728]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Orbit.lnk -
Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PFNet]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Program Files\QuadCoreM2\pack\core.bin"="C:\Program Files\QuadCoreM2\pack\core.bin:*:Enabled:core"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Logitech\Vid HD\Vid.exe"="C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"F:\q3demo\quake3.exe"="F:\q3demo\quake3.exe:*:Enabled:quake3"
"F:\Quake3\quake3.exe"="F:\Quake3\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\kmpmediatoolbar\dtUser.exe"="C:\Program Files\kmpmediatoolbar\dtUser.exe:*:Enabled:KMP Media Toolbar DTX Broker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2012-04-01 21:02:01 ----D---- C:\Program Files\trend micro
2012-04-01 21:02:00 ----D---- C:\rsit
2012-04-01 20:14:12 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\searchresultstb
2012-04-01 20:10:03 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-04-01 20:03:24 ----D---- C:\Program Files\AVAST Software
2012-04-01 19:39:34 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2012-04-01 18:55:23 ----D---- C:\Avenger
2012-04-01 18:55:23 ----A---- C:\avenger.txt
2012-04-01 18:50:36 ----A---- C:\cleanup.exe
2012-04-01 18:50:36 ----A---- C:\cleanup.bat
2012-04-01 18:50:35 ----A---- C:\zip.exe
2012-04-01 18:42:48 ----D---- C:\Program Files\CCleaner
2012-04-01 18:18:17 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\kmpmediatoolbar
2012-04-01 00:08:41 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\IObit
2012-04-01 00:08:35 ----D---- C:\Program Files\IObit
2012-03-31 23:58:33 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Wise Registry Cleaner
2012-03-31 23:55:23 ----D---- C:\Program Files\Wise Registry Cleaner
2012-03-30 11:33:45 ----D---- C:\Program Files\kmpmediatoolbar
2012-03-30 11:32:24 ----D---- C:\Program Files\PANDORA.TV
2012-03-30 11:30:35 ----D---- C:\Program Files\The KMPlayer
2012-03-29 09:42:05 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2012-03-29 08:46:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2012-03-29 08:45:39 ----D---- C:\Program Files\Sony
2012-03-27 10:13:25 ----A---- C:\WINDOWS\system32\pncrt.dll
2012-03-25 00:44:23 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Toolbar4
2012-03-23 11:50:42 ----A---- C:\WINDOWS\system32\xvidcore.dll
2012-03-23 09:18:58 ----D---- C:\Program Files\DealBulldog Toolbar
2012-03-22 21:12:12 ----A---- C:\WINDOWS\system32\GPhotos.scr
2012-03-22 10:52:54 ----AH---- C:\WINDOWS\system32\drivers\hamachi.sys
2012-03-22 10:49:56 ----D---- C:\Program Files\Common Files\Java
2012-03-22 10:48:32 ----A---- C:\WINDOWS\system32\javaws.exe
2012-03-22 10:48:32 ----A---- C:\WINDOWS\system32\javaw.exe
2012-03-22 10:48:31 ----A---- C:\WINDOWS\system32\java.exe
2012-03-14 22:15:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 22:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-13 22:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-09 22:00:01 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\CasinoOnNet
2012-03-09 21:59:22 ----D---- C:\Program Files\CasinoOnNet
2012-03-09 21:04:16 ----D---- C:\Casino
2012-03-07 19:10:02 ----A---- C:\WINDOWS\WORDPAD.INI

======List of files/folders modified in the last 1 month======

2012-04-02 17:23:53 ----D---- C:\WINDOWS\Temp
2012-04-02 17:20:06 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Orbit
2012-04-02 17:19:49 ----D---- C:\downloads
2012-04-02 17:18:45 ----RD---- C:\Program Files
2012-04-02 17:18:07 ----SHD---- C:\WINDOWS\Installer
2012-04-02 17:17:29 ----D---- C:\WINDOWS
2012-04-02 17:15:34 ----D---- C:\WINDOWS\system32\logishrd
2012-04-02 17:15:28 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-02 17:11:20 ----D---- C:\WINDOWS\system32\drivers
2012-04-02 15:35:58 ----D---- C:\WINDOWS\Prefetch
2012-04-01 20:28:36 ----D---- C:\Documents and Settings\Uzivatel\Data aplikací\Skype
2012-04-01 20:14:48 ----SHD---- C:\Config.Msi
2012-04-01 20:14:38 ----D---- C:\WINDOWS\system32
2012-04-01 20:11:39 ----D---- C:\WINDOWS\SoftwareDistribution
2012-04-01 18:44:52 ----D---- C:\WINDOWS\Logs
2012-04-01 18:32:47 ----D---- C:\Program Files\Picasa2
2012-03-31 23:56:09 ----SD---- C:\WINDOWS\Tasks
2012-03-30 11:47:43 ----A---- C:\WINDOWS\NeroDigital.ini
2012-03-29 23:01:12 ----D---- C:\Program Files\Opera
2012-03-29 10:09:39 ----HD---- C:\WINDOWS\inf
2012-03-29 09:49:02 ----RSD---- C:\WINDOWS\assembly
2012-03-29 09:42:36 ----D---- C:\WINDOWS\system32\mui
2012-03-29 09:42:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-29 09:39:27 ----D---- C:\Program Files\Softonic-Eng7
2012-03-29 09:32:29 ----D---- C:\WINDOWS\WinSxS
2012-03-22 11:38:47 ----D---- C:\WINDOWS\Debug
2012-03-22 11:38:45 ----D---- C:\WINDOWS\Minidump
2012-03-22 10:49:56 ----D---- C:\Program Files\Common Files
2012-03-22 10:46:52 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-03-14 22:15:21 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-14 22:11:50 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-05-20 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl1f11e374;MpKsl1f11e374; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\MpKsl1f11e374.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-05-20 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-05-20 25888]
R2 Machnm32;Machnm32 Driver; \??\C:\WINDOWS\System32\Machnm32.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2011-08-19 121464]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2007-11-07 171152]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2011-01-27 15664]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 LVPr2Mon;LVPr2Mon Driver; C:\WINDOWS\system32\Drivers\LVPr2Mon.sys [2010-05-07 25824]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-05-15 276448]
R3 LVUVC;Logitech Webcam 250(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-05-15 6842592]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2009-05-20 12160]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 glojekrh;glojekrh; C:\WINDOWS\system32\drivers\glojekrh.sys []
S1 lywqmxgr;lywqmxgr; C:\WINDOWS\system32\drivers\lywqmxgr.sys []
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
S3 AVFSFilter;AVFSFilter; C:\WINDOWS\system32\DRIVERS\avfsfilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2008-01-02 1404544]
S3 cpuz132;cpuz132; C:\WINDOWS\system32\drivers\cpuz132.sys []
S3 EagleNT;EagleNT; C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 FilterService;UVCFilterService; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2010-05-15 23904]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 iANSMiniport;Intel(R) Advanced Network Services Virtual Adapter; C:\WINDOWS\system32\DRIVERS\ianswxp.sys [2007-12-06 114824]
S3 iANSProtocol;Intel(R) Advanced Network Services Protocol; C:\WINDOWS\system32\DRIVERS\ianswxp.sys [2007-12-06 114824]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2010-05-15 114784]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MREMP50a64.sys []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MREMPR5.sys []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MRENDIS5.sys []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; C:\WINDOWS\system32\drivers\MRESP50a64.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2002-02-14 47360]
S3 RT73;ASUS USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2008-01-15 459520]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-05-20 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-22 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Suite Service;Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [2011-12-28 1324680]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-25 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Common Toolkit Tools;Common Toolkit Tools; C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2011-12-28 216712]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-25 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-13 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]

-----------------EOF-----------------

#5 Příspěvek od **JaRon** » 02 dub 2012 17:02

spust Combofix - jeho log vloz

frutas11 · #6 Příspěvek od **frutas11** » 02 dub 2012 17:37

ComboFix 12-04-01.03 - Uzivatel 02.04.2012 18:11:44.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1238 [GMT 2:00]
Spuštěný z: c:\downloads\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\cleanup.exe
c:\documents and settings\Uzivatel\WINDOWS
c:\program files\DealBulldog Toolbar
c:\program files\DealBulldog Toolbar\affid.dat
c:\program files\DealBulldog Toolbar\alert_plugin.dll
c:\program files\DealBulldog Toolbar\basis.xml
c:\program files\DealBulldog Toolbar\icons.bmp
c:\program files\DealBulldog Toolbar\info.txt
c:\program files\DealBulldog Toolbar\install.ico
c:\program files\DealBulldog Toolbar\MacroParserPlugin.dll
c:\program files\DealBulldog Toolbar\mbback.bmp
c:\program files\DealBulldog Toolbar\mbbigopen.bmp
c:\program files\DealBulldog Toolbar\mbclose.bmp
c:\program files\DealBulldog Toolbar\mbfwd.bmp
c:\program files\DealBulldog Toolbar\mbsep.bmp
c:\program files\DealBulldog Toolbar\nav1c.bmp
c:\program files\DealBulldog Toolbar\somoto.dll
c:\program files\DealBulldog Toolbar\TbCommonUtils.dll
c:\program files\DealBulldog Toolbar\tbcore3.dll
c:\program files\DealBulldog Toolbar\tbcore3.inf
c:\program files\DealBulldog Toolbar\tbhelper.dll
c:\program files\DealBulldog Toolbar\TbHelper2.exe
c:\program files\DealBulldog Toolbar\uninstall.exe
c:\program files\DealBulldog Toolbar\UninstallToolbar.exe
c:\program files\DealBulldog Toolbar\update.exe
c:\program files\DealBulldog Toolbar\version.txt
c:\program files\filesubmit
c:\program files\filesubmit\40522\40522\Mysnowpaper.jpg
c:\program files\filesubmit\40522\40522\Thumbs.db
c:\program files\filesubmit\40522\internal-flame-ws\internal-flame-ws.jpg
c:\program files\filesubmit\40522\internal-flame-ws\Thumbs.db
c:\program files\TelevisionFanaticEI
c:\program files\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll
c:\program files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll
c:\windows\iun6002.exe
c:\windows\PCGWIN32.LI5
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\aosmtp.dll
c:\windows\system32\asw1B0.tmp
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\unin0405.exe
c:\windows\XSxS
C:\zip.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-02 do 2012-04-02 )))))))))))))))))))))))))))))))
.
.
2012-04-02 15:33 . 2012-04-02 15:33 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\offreg.dll
2012-04-02 15:15 . 2012-04-02 15:15 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\MpKsl1f11e374.sys
2012-04-02 13:34 . 2012-04-02 13:34 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\MpKsl8aa31f49.sys
2012-04-01 19:02 . 2012-04-02 15:23 -------- d-----w- c:\program files\trend micro
2012-04-01 19:02 . 2012-04-01 19:04 -------- d-----w- C:\rsit
2012-04-01 18:28 . 2012-04-01 18:28 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\MpKsl416151f8.sys
2012-04-01 18:14 . 2012-04-01 18:14 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\searchresultstb
2012-04-01 18:14 . 2012-04-01 18:52 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\AskToolbar
2012-04-01 18:03 . 2012-04-01 18:07 -------- d-----w- c:\program files\AVAST Software
2012-04-01 16:50 . 2012-04-01 16:50 574 ----a-w- C:\cleanup.bat
2012-04-01 16:42 . 2012-04-01 16:43 -------- d-----w- c:\program files\CCleaner
2012-04-01 16:28 . 2012-03-13 17:15 6582328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\mpengine.dll
2012-04-01 16:18 . 2012-04-01 18:16 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\kmpmediatoolbar
2012-03-31 22:08 . 2012-03-31 22:08 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\IObit
2012-03-31 22:08 . 2012-03-31 22:08 -------- d-----w- c:\program files\IObit
2012-03-31 21:58 . 2012-03-31 22:20 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\Wise Registry Cleaner
2012-03-31 21:55 . 2012-03-31 21:55 -------- d-----w- c:\program files\Wise Registry Cleaner
2012-03-30 09:33 . 2012-03-30 09:33 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Ask.com
2012-03-30 09:33 . 2012-03-30 09:33 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\kmpmediatoolbar
2012-03-30 09:33 . 2012-03-30 09:33 -------- d-----w- c:\program files\kmpmediatoolbar
2012-03-30 09:32 . 2012-03-30 09:32 -------- d-----w- c:\program files\PANDORA.TV
2012-03-30 09:30 . 2012-03-30 09:56 -------- d-----w- c:\program files\The KMPlayer
2012-03-29 08:13 . 2012-03-29 08:27 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\WMTools Downloaded Files
2012-03-23 10:02 . 2012-03-23 10:02 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\AnvSoft
2012-03-23 09:52 . 2012-03-23 09:53 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\tiger-k
2012-03-23 09:52 . 2012-03-23 09:52 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Leawo
2012-03-23 09:50 . 2008-10-28 09:10 139264 ----a-w- c:\windows\system32\xvid.ax
2012-03-23 09:50 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-03-23 07:51 . 2012-03-23 07:51 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\FastStone
2012-03-23 07:51 . 2012-03-23 07:51 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\FastStone
2012-03-23 07:19 . 2012-03-23 07:19 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Toolbar4
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-22 18:28 . 2012-03-31 21:23 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 09:37 . 2012-03-30 08:47 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 09:37 . 2012-03-31 21:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 08:54 . 2012-03-22 09:35 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Hamachi
2012-03-22 08:52 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2012-03-22 08:49 . 2012-03-22 08:49 -------- d-----w- c:\program files\Common Files\Java
2012-03-22 08:48 . 2012-03-22 08:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-09 20:00 . 2012-03-09 20:09 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\CasinoOnNet
2012-03-09 19:59 . 2012-03-09 20:00 -------- d-----w- c:\program files\CasinoOnNet
2012-03-09 19:04 . 2012-03-14 21:19 -------- d-----w- C:\Casino
2012-03-07 17:08 . 2012-03-07 17:08 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Irrational Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-22 08:46 . 2002-01-03 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-13 17:15 . 2011-11-19 16:29 6582328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-20 19:50 . 2011-09-19 21:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:56 . 2009-05-20 21:01 1869184 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-02-10 22:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-11 19:07 . 2012-02-18 19:05 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2009-12-28 13:54 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2011-05-09 09:49 176936 ----a-w- c:\program files\Softonic-Eng7\prxtbSof2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
2012-03-22 04:38 87008 ----a-w- c:\program files\kmpmediatoolbar\searchresultsDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
"{daf5b34c-1aa3-4c33-ae24-766a370635d2}"= "c:\program files\kmpmediatoolbar\searchresultsDx.dll" [2012-03-22 87008]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CLASSES_ROOT\clsid\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2010-10-07 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMTMon.exe" [2005-07-20 352256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Orbit.lnk - [N/A]
Scheduler for OEM.lnk - c:\program files\honestech\honestech TVR\scheduleTV.exe [2011-8-12 307200]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LWS"=c:\program files\Logitech\LWS\Webcam Software\LWS.exe -hide
"igfxhkcmd"=c:\windows\system32\hkcmd.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
"igfxtray"=c:\windows\system32\igfxtray.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Raildcall"=c:\program files\raidcall\raidcall.exe
"CommonToolkitTray"=c:\program files\Fighters\Tray\FightersTray.exe
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\QuadCoreM2\\pack\\core.bin"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\kmpmediatoolbar\\dtUser.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 17:35 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.3.2011 17:35 314456]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [7.1.2010 14:40 19064]
R1 MpKsl1f11e374;MpKsl1f11e374;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0B6B3391-F6CB-48BB-9648-3F01D4745AE6}\MpKsl1f11e374.sys [2.4.2012 17:15 29904]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.3.2011 17:35 20568]
R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [28.12.2011 10:57 1324680]
S1 glojekrh;glojekrh; [x]
S1 lywqmxgr;lywqmxgr; [x]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.12.2011 19:15 136176]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
S3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [28.12.2011 12:51 216712]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.12.2011 19:15 136176]
S3 iANSMiniport;Intel(R) Advanced Network Services Virtual Adapter;c:\windows\system32\drivers\ianswxp.sys [6.12.2007 10:30 114824]
S3 iANSProtocol;Intel(R) Advanced Network Services Protocol;c:\windows\system32\drivers\ianswxp.sys [6.12.2007 10:30 114824]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [14.2.2002 1:07 47360]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL1F11E374
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 17:15]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 17:15]
.
2012-04-02 c:\windows\Tasks\User_Feed_Synchronization-{4664943E-8FED-414C-B188-0172A180C4B1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=13760
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.toggle.com/en/index.php?rvs=google
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: WikiKomentáře Google...
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{02696AD5-FF96-454b-9E00-81DA8B79B678} - (no file)
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
AddRemove-Any Video Converter_is1 - f:\anvsoft\Any Video Converter\unins000.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-DealBulldog Toolbar - c:\program files\DealBulldog Toolbar\UninstallToolbar.exe
AddRemove-FormatFactory - f:\formatfactory\uninst.exe
AddRemove-Fraps - f:\fraps\uninstall.exe
AddRemove-Freedom Force vs The Third Reich - c:\documents and settings\uzivatelw\dokumenty\freedom force\Uninst.isu
AddRemove-YouTube Downloader_is1 - f:\rlab\YouTube Downloader\unins000.exe
AddRemove-{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1 - f:\leawo\AVI Converter\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-02 18:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TV Card Remote Control Device Monitor = c:\windows\713xRMTMon.exe???????????????T?a?HF??m?a?????????????????????????????????????????x????????A??????????????????x???????PF??????????T?a?x???m?a?????????????1??| F??????????????????????????????????????????????????????x???????T?a?h?o?m?a???????????A????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3405207397-609143208-2953296790-1004\ "*_*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"MachineID"=hex:e1,d2,63,ce,f0,1c,62,00
DUMPHIVE0.003 (REGF)
.
Celkový čas: 2012-04-02 18:35:30
ComboFix-quarantined-files.txt 2012-04-02 16:35
.
Před spuštěním: Volných bajtů: 51 708 030 976
Po spuštění: Volných bajtů: 52 416 872 448
.
- - End Of File - - 800EDD18421C2AAC972F7B09A575D905

#7 Příspěvek od **JaRon** » 03 dub 2012 06:26

pekny svincik tam bol

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
glojekrh
lywqmxgr

Folder::
c:\documents and settings\Uzivatel\Local Settings\Data aplikací\AskToolbar
c:\documents and settings\Uzivatel\Data aplikací\IObit
c:\program files\IObit
c:\documents and settings\Uzivatelw\Data aplikací\Ask.com

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

frutas11 · #8 Příspěvek od **frutas11** » 04 dub 2012 17:09

ComboFix 12-04-04.02 - Uzivatel 06.04.2012 20:37:35.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1396 [GMT 2:00]
Spuštěný z: d:\dokumenty\CD\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uzivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 3\AWC.exe.bak
c:\program files\IObit\Advanced SystemCare 3\License.dat
c:\program files\IObit\Advanced SystemCare 3\Registration.exe.bak
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_glojekrh
-------\Service_lywqmxgr
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-06 do 2012-04-06 )))))))))))))))))))))))))))))))
.
.
2012-04-06 18:37 . 2012-04-06 18:37 -------- d-----w- C:\Metro 2033
2012-04-06 15:05 . 2012-04-06 15:05 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\searchresultstb
2012-04-05 16:42 . 2012-04-05 16:42 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-04-01 19:02 . 2012-04-02 15:23 -------- d-----w- c:\program files\trend micro
2012-04-01 18:14 . 2012-04-01 18:14 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\searchresultstb
2012-04-01 18:14 . 2012-04-01 18:52 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\AskToolbar
2012-04-01 18:03 . 2012-04-01 18:07 -------- d-----w- c:\program files\AVAST Software
2012-04-01 16:50 . 2012-04-01 16:50 574 ----a-w- C:\cleanup.bat
2012-04-01 16:42 . 2012-04-01 16:43 -------- d-----w- c:\program files\CCleaner
2012-04-01 16:18 . 2012-04-02 16:38 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\kmpmediatoolbar
2012-03-31 22:08 . 2012-03-31 22:08 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\IObit
2012-03-31 21:58 . 2012-03-31 22:20 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\Wise Registry Cleaner
2012-03-31 21:55 . 2012-03-31 21:55 -------- d-----w- c:\program files\Wise Registry Cleaner
2012-03-30 09:33 . 2012-03-30 09:33 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Ask.com
2012-03-30 09:33 . 2012-04-06 15:06 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\kmpmediatoolbar
2012-03-30 09:33 . 2012-03-30 09:33 -------- d-----w- c:\program files\kmpmediatoolbar
2012-03-30 09:32 . 2012-03-30 09:32 -------- d-----w- c:\program files\PANDORA.TV
2012-03-30 09:30 . 2012-03-30 09:56 -------- d-----w- c:\program files\The KMPlayer
2012-03-29 08:13 . 2012-03-29 08:27 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\WMTools Downloaded Files
2012-03-29 07:37 . 2012-04-06 15:05 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\PriceGong
2012-03-29 07:36 . 2012-03-29 07:36 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Conduit
2012-03-29 07:34 . 2012-03-29 07:34 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Xilisoft
2012-03-29 07:34 . 2012-03-29 07:34 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Xilisoft
2012-03-29 07:33 . 2012-03-29 07:33 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Publish Providers
2012-03-29 06:50 . 2012-03-29 07:52 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Sony
2012-03-29 06:50 . 2012-03-29 07:52 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Sony
2012-03-29 06:46 . 2012-03-29 06:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony
2012-03-29 06:45 . 2012-03-29 07:46 -------- d-----w- c:\program files\Sony
2012-03-24 22:44 . 2012-03-24 22:44 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\Toolbar4
2012-03-23 10:45 . 2012-03-23 10:45 -------- d-sh--w- c:\documents and settings\Uzivatelw\PrivacIE
2012-03-23 10:44 . 2012-04-06 15:05 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Softonic-Eng7
2012-03-23 10:02 . 2012-03-23 10:02 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\AnvSoft
2012-03-23 09:52 . 2012-03-23 09:53 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\tiger-k
2012-03-23 09:52 . 2012-03-23 09:52 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Leawo
2012-03-23 09:50 . 2008-10-28 09:10 139264 ----a-w- c:\windows\system32\xvid.ax
2012-03-23 09:50 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-03-23 07:51 . 2012-03-23 07:51 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\FastStone
2012-03-23 07:51 . 2012-03-23 07:51 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\FastStone
2012-03-23 07:19 . 2012-03-23 07:19 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Toolbar4
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-22 18:28 . 2012-03-31 21:23 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 09:37 . 2012-03-30 08:47 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 09:37 . 2012-03-31 21:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 08:54 . 2012-03-22 09:35 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Hamachi
2012-03-22 08:52 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2012-03-22 08:49 . 2012-03-22 08:49 -------- d-----w- c:\program files\Common Files\Java
2012-03-22 08:48 . 2012-03-22 08:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-09 20:00 . 2012-03-09 20:09 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\CasinoOnNet
2012-03-09 19:59 . 2012-03-09 20:00 -------- d-----w- c:\program files\CasinoOnNet
2012-03-09 19:04 . 2012-03-14 21:19 -------- d-----w- C:\Casino
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-22 08:46 . 2002-01-03 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-20 19:50 . 2011-09-19 21:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:56 . 2009-05-20 21:01 1869184 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-02-10 22:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-11 19:07 . 2012-02-18 19:05 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2009-12-28 13:54 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2011-05-09 09:49 176936 ----a-w- c:\program files\Softonic-Eng7\prxtbSof2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
2012-03-22 04:38 87008 ----a-w- c:\program files\kmpmediatoolbar\searchresultsDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
"{daf5b34c-1aa3-4c33-ae24-766a370635d2}"= "c:\program files\kmpmediatoolbar\searchresultsDx.dll" [2012-03-22 87008]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CLASSES_ROOT\clsid\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2010-10-07 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMTMon.exe" [2005-07-20 352256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Orbit.lnk - [N/A]
Scheduler for OEM.lnk - c:\program files\honestech\honestech TVR\scheduleTV.exe [2011-8-12 307200]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LWS"=c:\program files\Logitech\LWS\Webcam Software\LWS.exe -hide
"igfxhkcmd"=c:\windows\system32\hkcmd.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
"igfxtray"=c:\windows\system32\igfxtray.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Raildcall"=c:\program files\raidcall\raidcall.exe
"CommonToolkitTray"=c:\program files\Fighters\Tray\FightersTray.exe
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\QuadCoreM2\\pack\\core.bin"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\kmpmediatoolbar\\dtUser.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 17:35 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.3.2011 17:35 314456]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [7.1.2010 14:40 19064]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.3.2011 17:35 20568]
R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [28.12.2011 10:57 1324680]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.12.2011 19:15 136176]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
S3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [28.12.2011 12:51 216712]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.12.2011 19:15 136176]
S3 iANSMiniport;Intel(R) Advanced Network Services Virtual Adapter;c:\windows\system32\drivers\ianswxp.sys [6.12.2007 10:30 114824]
S3 iANSProtocol;Intel(R) Advanced Network Services Protocol;c:\windows\system32\drivers\ianswxp.sys [6.12.2007 10:30 114824]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [14.2.2002 1:07 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 17:15]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-25 17:15]
.
2012-04-06 c:\windows\Tasks\User_Feed_Synchronization-{4664943E-8FED-414C-B188-0172A180C4B1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=13760
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.toggle.com/en/index.php?rvs=google
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: WikiKomentáře Google...
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-06 20:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TV Card Remote Control Device Monitor = c:\windows\713xRMTMon.exe???????????????T?a?HF??m?a?????????????????????????????????????????x????????A??????????????????x???????PF??????????T?a?x???m?a?????????????1??| F??????????????????????????????????????????????????????x???????T?a?h?o?m?a???????????A????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3405207397-609143208-2953296790-1004\ "*_*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"MachineID"=hex:e1,d2,63,ce,f0,1c,62,00
DUMPHIVE0.003 (REGF)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3128)
c:\windows\system32\logishrd\LVPrcInj01.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\Mixer.exe
.
**************************************************************************
.
Celkový čas: 2012-04-06 20:57:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-06 18:56
.
Před spuštěním: Volných bajtů: 49 980 715 008
Po spuštění: Volných bajtů: 50 095 771 648
.
- - End Of File - - BD8429B579514ABD6951C2A50E0574A0

#9 Příspěvek od **JaRon** » 11 dub 2012 06:35

prescanuj PC s MBAM - log vloz
+ log z TDSSKiller

frutas11 · #10 Příspěvek od **frutas11** » 11 dub 2012 19:34

TDSS Killer
19:11:35.0098 0944 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
19:11:35.0411 0944 ============================================================
19:11:35.0411 0944 Current date / time: 2012/04/11 19:11:35.0411
19:11:35.0411 0944 SystemInfo:
19:11:35.0411 0944
19:11:35.0411 0944 OS Version: 6.1.7600 ServicePack: 0.0
19:11:35.0411 0944 Product type: Workstation
19:11:35.0413 0944 ComputerName: ROBERT-PC
19:11:35.0415 0944 UserName: Robert
19:11:35.0415 0944 Windows directory: D:\Windows
19:11:35.0415 0944 System windows directory: D:\Windows
19:11:35.0415 0944 Processor architecture: Intel x86
19:11:35.0415 0944 Number of processors: 1
19:11:35.0415 0944 Page size: 0x1000
19:11:35.0415 0944 Boot type: Normal boot
19:11:35.0415 0944 ============================================================
19:11:37.0188 0944 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:11:37.0200 0944 \Device\Harddisk0\DR0:
19:11:37.0200 0944 MBR used
19:11:37.0215 0944 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC529C44, BlocksNum 0x2D7044DE
19:11:37.0235 0944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC529BC6
19:11:37.0301 0944 Initialize success
19:11:37.0301 0944 ============================================================
19:11:40.0153 1280 ============================================================
19:11:40.0153 1280 Scan started
19:11:40.0153 1280 Mode: Manual;
19:11:40.0153 1280 ============================================================
19:11:42.0569 1280 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) D:\Windows\system32\DRIVERS\1394ohci.sys
19:11:42.0583 1280 1394ohci - ok
19:11:42.0756 1280 ACPI (f0e07d144c8685b8774bc32fc8da4df0) D:\Windows\system32\DRIVERS\ACPI.sys
19:11:42.0764 1280 ACPI - ok
19:11:43.0010 1280 AcpiPmi (98d81ca942d19f7d9153b095162ac013) D:\Windows\system32\DRIVERS\acpipmi.sys
19:11:43.0012 1280 AcpiPmi - ok
19:11:43.0069 1280 adp94xx (21e785ebd7dc90a06391141aac7892fb) D:\Windows\system32\DRIVERS\adp94xx.sys
19:11:43.0079 1280 adp94xx - ok
19:11:43.0116 1280 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) D:\Windows\system32\DRIVERS\adpahci.sys
19:11:43.0124 1280 adpahci - ok
19:11:43.0165 1280 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) D:\Windows\system32\DRIVERS\adpu320.sys
19:11:43.0168 1280 adpu320 - ok
19:11:43.0239 1280 aeaudio (6803453f3ff53cf353cdbef5ffaa8b7e) D:\Windows\system32\drivers\aeaudio.sys
19:11:43.0247 1280 aeaudio - ok
19:11:43.0293 1280 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) D:\Windows\System32\aelupsvc.dll
19:11:43.0295 1280 AeLookupSvc - ok
19:11:43.0372 1280 AFD (0db7a48388d54d154ebec120461a0fcd) D:\Windows\system32\drivers\afd.sys
19:11:43.0381 1280 AFD - ok
19:11:43.0418 1280 agp440 (507812c3054c21cef746b6ee3d04dd6e) D:\Windows\system32\DRIVERS\agp440.sys
19:11:43.0422 1280 agp440 - ok
19:11:43.0477 1280 aic78xx (8b30250d573a8f6b4bd23195160d8707) D:\Windows\system32\DRIVERS\djsvs.sys
19:11:43.0481 1280 aic78xx - ok
19:11:43.0538 1280 ALG (18a54e132947cd98fea9accc57f98f13) D:\Windows\System32\alg.exe
19:11:43.0541 1280 ALG - ok
19:11:43.0573 1280 aliide (0d40bcf52ea90fc7df2aeab6503dea44) D:\Windows\system32\DRIVERS\aliide.sys
19:11:43.0575 1280 aliide - ok
19:11:43.0606 1280 amdagp (3c6600a0696e90a463771c7422e23ab5) D:\Windows\system32\DRIVERS\amdagp.sys
19:11:43.0610 1280 amdagp - ok
19:11:43.0641 1280 amdide (cd5914170297126b6266860198d1d4f0) D:\Windows\system32\DRIVERS\amdide.sys
19:11:43.0645 1280 amdide - ok
19:11:43.0686 1280 AmdK8 (00dda200d71bac534bf56a9db5dfd666) D:\Windows\system32\DRIVERS\amdk8.sys
19:11:43.0690 1280 AmdK8 - ok
19:11:43.0723 1280 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) D:\Windows\system32\DRIVERS\amdppm.sys
19:11:43.0727 1280 AmdPPM - ok
19:11:43.0790 1280 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) D:\Windows\system32\drivers\amdsata.sys
19:11:43.0793 1280 amdsata - ok
19:11:43.0858 1280 amdsbs (ea43af0c423ff267355f74e7a53bdaba) D:\Windows\system32\DRIVERS\amdsbs.sys
19:11:43.0862 1280 amdsbs - ok
19:11:43.0918 1280 amdxata (869e67d66be326a5a9159fba8746fa70) D:\Windows\system32\drivers\amdxata.sys
19:11:43.0922 1280 amdxata - ok
19:11:43.0969 1280 AppID (feb834c02ce1e84b6a38f953ca067706) D:\Windows\system32\drivers\appid.sys
19:11:43.0973 1280 AppID - ok
19:11:44.0012 1280 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) D:\Windows\System32\appidsvc.dll
19:11:44.0016 1280 AppIDSvc - ok
19:11:44.0045 1280 Appinfo (7dead9e3f65dcb2794f2711003bbf650) D:\Windows\System32\appinfo.dll
19:11:44.0049 1280 Appinfo - ok
19:11:44.0090 1280 AppMgmt (a45d184df6a8803da13a0b329517a64a) D:\Windows\System32\appmgmts.dll
19:11:44.0096 1280 AppMgmt - ok
19:11:44.0133 1280 arc (2932004f49677bd84dbc72edb754ffb3) D:\Windows\system32\DRIVERS\arc.sys
19:11:44.0139 1280 arc - ok
19:11:44.0170 1280 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) D:\Windows\system32\DRIVERS\arcsas.sys
19:11:44.0174 1280 arcsas - ok
19:11:44.0245 1280 aswFsBlk (0ae43c6c411254049279c2ee55630f95) D:\Windows\system32\drivers\aswFsBlk.sys
19:11:44.0247 1280 aswFsBlk - ok
19:11:44.0293 1280 aswFW (80beddcbb4a1417cec0c78a61cac0f66) D:\Windows\system32\drivers\aswFW.sys
19:11:44.0323 1280 aswFW - ok
19:11:44.0391 1280 aswKbd (81e695913fefd4e23360a69c0f151797) D:\Windows\system32\drivers\aswKbd.sys
19:11:44.0395 1280 aswKbd - ok
19:11:44.0446 1280 aswMonFlt (6693141560b1615d8dccf0d8eb00087e) D:\Windows\system32\drivers\aswMonFlt.sys
19:11:44.0450 1280 aswMonFlt - ok
19:11:44.0512 1280 aswNdis (7b948e3657bea62e437bc46ca6ef6012) D:\Windows\system32\DRIVERS\aswNdis.sys
19:11:44.0524 1280 aswNdis - ok
19:11:44.0573 1280 aswNdis2 (72c8f79d72b4ff6e1627276ddf4b01c9) D:\Windows\system32\drivers\aswNdis2.sys
19:11:44.0579 1280 aswNdis2 - ok
19:11:44.0610 1280 aswRdr (225013c16fe096714d71649ad7a20e8b) D:\Windows\System32\Drivers\aswrdr2.sys
19:11:44.0614 1280 aswRdr - ok
19:11:44.0676 1280 aswSnx (dcb199b967375753b5019ec15f008f53) D:\Windows\system32\drivers\aswSnx.sys
19:11:44.0690 1280 aswSnx - ok
19:11:44.0782 1280 aswSP (b32873e5a1443c0a1e322266e203bf10) D:\Windows\system32\drivers\aswSP.sys
19:11:44.0795 1280 aswSP - ok
19:11:44.0825 1280 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) D:\Windows\system32\drivers\aswTdi.sys
19:11:44.0831 1280 aswTdi - ok
19:11:44.0870 1280 AsyncMac (add2ade1c2b285ab8378d2daaf991481) D:\Windows\system32\DRIVERS\asyncmac.sys
19:11:44.0874 1280 AsyncMac - ok
19:11:44.0905 1280 atapi (338c86357871c167a96ab976519bf59e) D:\Windows\system32\DRIVERS\atapi.sys
19:11:44.0907 1280 atapi - ok
19:11:44.0979 1280 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) D:\Windows\System32\Audiosrv.dll
19:11:44.0989 1280 AudioEndpointBuilder - ok
19:11:45.0026 1280 Audiosrv (510c873bfa135aa829f4180352772734) D:\Windows\System32\Audiosrv.dll
19:11:45.0032 1280 Audiosrv - ok
19:11:45.0213 1280 avast! Antivirus (4041d31508a2a084dfb42c595854090f) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:11:45.0215 1280 avast! Antivirus - ok
19:11:45.0262 1280 avast! Firewall (7d465549dfb0eca6601e9609c72cd20a) D:\Program Files\AVAST Software\Avast\afwServ.exe
19:11:45.0268 1280 avast! Firewall - ok
19:11:45.0348 1280 AxInstSV (dd6a431b43e34b91a767d1ce33728175) D:\Windows\System32\AxInstSV.dll
19:11:45.0352 1280 AxInstSV - ok
19:11:45.0444 1280 b06bdrv (1a231abec60fd316ec54c66715543cec) D:\Windows\system32\DRIVERS\bxvbdx.sys
19:11:45.0456 1280 b06bdrv - ok
19:11:45.0532 1280 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) D:\Windows\system32\DRIVERS\b57nd60x.sys
19:11:45.0540 1280 b57nd60x - ok
19:11:45.0602 1280 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) D:\Windows\System32\bdesvc.dll
19:11:45.0606 1280 BDESVC - ok
19:11:45.0637 1280 Beep (505506526a9d467307b3c393dedaf858) D:\Windows\system32\drivers\Beep.sys
19:11:45.0639 1280 Beep - ok
19:11:45.0702 1280 BFE (85ac71c045ceb054ed48a7841aae0c11) D:\Windows\System32\bfe.dll
19:11:45.0713 1280 BFE - ok
19:11:45.0770 1280 BITS (53f476476f55a27f580661bde09c4ec4) D:\Windows\System32\qmgr.dll
19:11:45.0790 1280 BITS - ok
19:11:45.0819 1280 blbdrive (2287078ed48fcfc477b05b20cf38f36f) D:\Windows\system32\DRIVERS\blbdrive.sys
19:11:45.0819 1280 blbdrive - ok
19:11:45.0922 1280 bowser (9a5c671b7fbae4865149bb11f59b91b2) D:\Windows\system32\DRIVERS\bowser.sys
19:11:45.0936 1280 bowser - ok
19:11:45.0967 1280 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) D:\Windows\system32\DRIVERS\BrFiltLo.sys
19:11:45.0971 1280 BrFiltLo - ok
19:11:46.0012 1280 BrFiltUp (56801ad62213a41f6497f96dee83755a) D:\Windows\system32\DRIVERS\BrFiltUp.sys
19:11:46.0016 1280 BrFiltUp - ok
19:11:46.0110 1280 Browser (598e1280e7ff3744f4b8329366cc5635) D:\Windows\System32\browser.dll
19:11:46.0124 1280 Browser - ok
19:11:46.0172 1280 Brserid (845b8ce732e67f3b4133164868c666ea) D:\Windows\System32\Drivers\Brserid.sys
19:11:46.0180 1280 Brserid - ok
19:11:46.0213 1280 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) D:\Windows\System32\Drivers\BrSerWdm.sys
19:11:46.0217 1280 BrSerWdm - ok
19:11:46.0256 1280 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) D:\Windows\System32\Drivers\BrUsbMdm.sys
19:11:46.0260 1280 BrUsbMdm - ok
19:11:46.0291 1280 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) D:\Windows\System32\Drivers\BrUsbSer.sys
19:11:46.0295 1280 BrUsbSer - ok
19:11:46.0334 1280 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) D:\Windows\system32\DRIVERS\bthmodem.sys
19:11:46.0340 1280 BTHMODEM - ok
19:11:46.0422 1280 bthserv (1df19c96eef6c29d1c3e1a8678e07190) D:\Windows\system32\bthserv.dll
19:11:46.0426 1280 bthserv - ok
19:11:46.0471 1280 cdfs (77ea11b065e0a8ab902d78145ca51e10) D:\Windows\system32\DRIVERS\cdfs.sys
19:11:46.0475 1280 cdfs - ok
19:11:46.0547 1280 cdrom (ba6e70aa0e6091bc39de29477d866a77) D:\Windows\system32\DRIVERS\cdrom.sys
19:11:46.0551 1280 cdrom - ok
19:11:46.0606 1280 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) D:\Windows\System32\certprop.dll
19:11:46.0850 1280 CertPropSvc - ok
19:11:47.0395 1280 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) D:\Windows\system32\DRIVERS\circlass.sys
19:11:47.0399 1280 circlass - ok
19:11:47.0458 1280 CLFS (635181e0e9bbf16871bf5380d71db02d) D:\Windows\system32\CLFS.sys
19:11:47.0465 1280 CLFS - ok
19:11:47.0602 1280 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:47.0606 1280 clr_optimization_v2.0.50727_32 - ok
19:11:47.0825 1280 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:47.0831 1280 clr_optimization_v4.0.30319_32 - ok
19:11:47.0967 1280 CmBatt (dea805815e587dad1dd2c502220b5616) D:\Windows\system32\DRIVERS\CmBatt.sys
19:11:47.0973 1280 CmBatt - ok
19:11:48.0006 1280 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) D:\Windows\system32\DRIVERS\cmdide.sys
19:11:48.0016 1280 cmdide - ok
19:11:48.0079 1280 CNG (36c252e474b2ffa0f0fbbff20d92a640) D:\Windows\system32\Drivers\cng.sys
19:11:48.0090 1280 CNG - ok
19:11:48.0131 1280 Compbatt (a6023d3823c37043986713f118a89bee) D:\Windows\system32\DRIVERS\compbatt.sys
19:11:48.0145 1280 Compbatt - ok
19:11:48.0192 1280 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) D:\Windows\system32\DRIVERS\CompositeBus.sys
19:11:48.0196 1280 CompositeBus - ok
19:11:48.0229 1280 COMSysApp - ok
19:11:48.0268 1280 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) D:\Windows\system32\DRIVERS\crcdisk.sys
19:11:48.0272 1280 crcdisk - ok
19:11:48.0375 1280 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) D:\Windows\system32\cryptsvc.dll
19:11:48.0432 1280 CryptSvc - ok
19:11:48.0485 1280 CSC (27c9490bdd0ae48911ab8cf1932591ed) D:\Windows\system32\drivers\csc.sys
19:11:48.0497 1280 CSC - ok
19:11:48.0551 1280 CscService (56fb5f222ea30d3d3fc459879772cb73) D:\Windows\System32\cscsvc.dll
19:11:48.0567 1280 CscService - ok
19:11:48.0641 1280 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) D:\Windows\system32\rpcss.dll
19:11:48.0666 1280 DcomLaunch - ok
19:11:48.0709 1280 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) D:\Windows\System32\defragsvc.dll
19:11:48.0717 1280 defragsvc - ok
19:11:48.0786 1280 DfsC (83d1ecea8faae75604c0fa49ac7ad996) D:\Windows\system32\Drivers\dfsc.sys
19:11:48.0791 1280 DfsC - ok
19:11:48.0836 1280 Dhcp (c56495fbd770712367cad35e5de72da6) D:\Windows\system32\dhcpcore.dll
19:11:48.0846 1280 Dhcp - ok
19:11:48.0903 1280 discache (1a050b0274bfb3890703d490f330c0da) D:\Windows\system32\drivers\discache.sys
19:11:48.0905 1280 discache - ok
19:11:48.0963 1280 Disk (565003f326f99802e68ca78f2a68e9ff) D:\Windows\system32\DRIVERS\disk.sys
19:11:48.0967 1280 Disk - ok
19:11:49.0092 1280 Dnscache (b15be77a2bacf9c3177d27518afe26a9) D:\Windows\System32\dnsrslvr.dll
19:11:49.0100 1280 Dnscache - ok
19:11:49.0194 1280 dot3svc (4408c85c21eea48eb0ce486baeef0502) D:\Windows\System32\dot3svc.dll
19:11:49.0204 1280 dot3svc - ok
19:11:49.0272 1280 DPS (7fa81c6e11caa594adb52084da73a1e5) D:\Windows\system32\dps.dll
19:11:49.0280 1280 DPS - ok
19:11:49.0381 1280 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) D:\Windows\system32\drivers\drmkaud.sys
19:11:49.0397 1280 drmkaud - ok
19:11:49.0491 1280 DXGKrnl (1679a4669326cb1a67cc95658d273234) D:\Windows\System32\drivers\dxgkrnl.sys
19:11:49.0520 1280 DXGKrnl - ok
19:11:49.0598 1280 E1G60 (22ef8965101685add128f03a2b03ce16) D:\Windows\system32\DRIVERS\E1G60I32.sys
19:11:49.0612 1280 E1G60 - ok
19:11:49.0657 1280 EapHost (8600142fa91c1b96367d3300ad0f3f3a) D:\Windows\System32\eapsvc.dll
19:11:49.0668 1280 EapHost - ok
19:11:50.0063 1280 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) D:\Windows\system32\DRIVERS\evbdx.sys
19:11:50.0118 1280 ebdrv - ok
19:11:50.0186 1280 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) D:\Windows\System32\lsass.exe
19:11:50.0202 1280 EFS - ok
19:11:50.0399 1280 ehRecvr (1697c39978cd69f6fbc15302edcece1f) D:\Windows\ehome\ehRecvr.exe
19:11:50.0411 1280 ehRecvr - ok
19:11:50.0461 1280 ehSched (d389bff34f80caede417bf9d1507996a) D:\Windows\ehome\ehsched.exe
19:11:50.0467 1280 ehSched - ok
19:11:50.0741 1280 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) D:\Windows\system32\DRIVERS\elxstor.sys
19:11:50.0752 1280 elxstor - ok
19:11:50.0803 1280 ErrDev (8fc3208352dd3912c94367a206ab3f11) D:\Windows\system32\DRIVERS\errdev.sys
19:11:50.0805 1280 ErrDev - ok
19:11:50.0885 1280 EventSystem (f6916efc29d9953d5d0df06882ae8e16) D:\Windows\system32\es.dll
19:11:50.0897 1280 EventSystem - ok
19:11:50.0967 1280 exfat (2dc9108d74081149cc8b651d3a26207f) D:\Windows\system32\drivers\exfat.sys
19:11:50.0973 1280 exfat - ok
19:11:51.0026 1280 fastfat (7e0ab74553476622fb6ae36f73d97d35) D:\Windows\system32\drivers\fastfat.sys
19:11:51.0032 1280 fastfat - ok
19:11:51.0135 1280 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) D:\Windows\system32\fxssvc.exe
19:11:51.0149 1280 Fax - ok
19:11:51.0188 1280 fdc (e817a017f82df2a1f8cfdbda29388b29) D:\Windows\system32\DRIVERS\fdc.sys
19:11:51.0194 1280 fdc - ok
19:11:51.0235 1280 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) D:\Windows\system32\fdPHost.dll
19:11:51.0249 1280 fdPHost - ok
19:11:51.0303 1280 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) D:\Windows\system32\fdrespub.dll
19:11:51.0309 1280 FDResPub - ok
19:11:51.0356 1280 FileInfo (6cf00369c97f3cf563be99be983d13d8) D:\Windows\system32\drivers\fileinfo.sys
19:11:51.0360 1280 FileInfo - ok
19:11:51.0440 1280 Filetrace (42c51dc94c91da21cb9196eb64c45db9) D:\Windows\system32\drivers\filetrace.sys
19:11:51.0444 1280 Filetrace - ok
19:11:51.0473 1280 flpydisk (87907aa70cb3c56600f1c2fb8841579b) D:\Windows\system32\DRIVERS\flpydisk.sys
19:11:51.0477 1280 flpydisk - ok
19:11:51.0561 1280 FltMgr (7520ec808e0c35e0ee6f841294316653) D:\Windows\system32\drivers\fltmgr.sys
19:11:51.0567 1280 FltMgr - ok
19:11:51.0702 1280 FontCache (7fe4995528a7529a761875151ee3d512) D:\Windows\system32\FntCache.dll
19:11:51.0735 1280 FontCache - ok
19:11:51.0887 1280 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) D:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:51.0893 1280 FontCache3.0.0.0 - ok
19:11:51.0942 1280 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) D:\Windows\system32\drivers\FsDepends.sys
19:11:51.0946 1280 FsDepends - ok
19:11:52.0008 1280 Fs_Rec (a574b4360e438977038aae4bf60d79a2) D:\Windows\system32\drivers\Fs_Rec.sys
19:11:52.0012 1280 Fs_Rec - ok
19:11:52.0125 1280 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) D:\Windows\system32\DRIVERS\fvevol.sys
19:11:52.0145 1280 fvevol - ok
19:11:52.0411 1280 gagp30kx (65ee0c7a58b65e74ae05637418153938) D:\Windows\system32\DRIVERS\gagp30kx.sys
19:11:52.0415 1280 gagp30kx - ok
19:11:52.0487 1280 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) D:\Windows\System32\gpsvc.dll
19:11:52.0502 1280 gpsvc - ok
19:11:52.0543 1280 hcw85cir (c44e3c2bab6837db337ddee7544736db) D:\Windows\system32\drivers\hcw85cir.sys
19:11:52.0557 1280 hcw85cir - ok
19:11:52.0604 1280 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) D:\Windows\system32\DRIVERS\HDAudBus.sys
19:11:52.0612 1280 HDAudBus - ok
19:11:52.0645 1280 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) D:\Windows\system32\DRIVERS\HidBatt.sys
19:11:52.0649 1280 HidBatt - ok
19:11:52.0688 1280 HidBth (89448f40e6df260c206a193a4683ba78) D:\Windows\system32\DRIVERS\hidbth.sys
19:11:52.0694 1280 HidBth - ok
19:11:52.0756 1280 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) D:\Windows\system32\DRIVERS\hidir.sys
19:11:52.0760 1280 HidIr - ok
19:11:52.0803 1280 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) D:\Windows\system32\hidserv.dll
19:11:52.0819 1280 hidserv - ok
19:11:52.0889 1280 HidUsb (25072fb35ac90b25f9e4e3bacf774102) D:\Windows\system32\DRIVERS\hidusb.sys
19:11:52.0893 1280 HidUsb - ok
19:11:52.0932 1280 hkmsvc (741c2a45ca8407e374aaba3e330b7872) D:\Windows\system32\kmsvc.dll
19:11:52.0940 1280 hkmsvc - ok
19:11:52.0999 1280 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) D:\Windows\system32\ListSvc.dll
19:11:53.0008 1280 HomeGroupListener - ok
19:11:53.0125 1280 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) D:\Windows\system32\provsvc.dll
19:11:53.0139 1280 HomeGroupProvider - ok
19:11:53.0202 1280 HpSAMD (295fdc419039090eb8b49ffdbb374549) D:\Windows\system32\DRIVERS\HpSAMD.sys
19:11:53.0208 1280 HpSAMD - ok
19:11:53.0342 1280 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) D:\Windows\system32\drivers\HTTP.sys
19:11:53.0360 1280 HTTP - ok
19:11:53.0395 1280 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) D:\Windows\system32\drivers\hwpolicy.sys
19:11:53.0418 1280 hwpolicy - ok
19:11:53.0461 1280 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) D:\Windows\system32\DRIVERS\i8042prt.sys
19:11:53.0467 1280 i8042prt - ok
19:11:53.0543 1280 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) D:\Windows\system32\drivers\iaStorV.sys
19:11:53.0583 1280 iaStorV - ok
19:11:53.0706 1280 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:53.0723 1280 idsvc - ok
19:11:53.0772 1280 iirsp (4173ff5708f3236cf25195fecd742915) D:\Windows\system32\DRIVERS\iirsp.sys
19:11:53.0782 1280 iirsp - ok
19:11:53.0928 1280 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) D:\Windows\System32\ikeext.dll
19:11:53.0946 1280 IKEEXT - ok
19:11:54.0002 1280 intelide (a0f12f2c9ba6c72f3987ce780e77c130) D:\Windows\system32\DRIVERS\intelide.sys
19:11:54.0022 1280 intelide - ok
19:11:54.0100 1280 intelppm (3b514d27bfc4accb4037bc6685f766e0) D:\Windows\system32\DRIVERS\intelppm.sys
19:11:54.0106 1280 intelppm - ok
19:11:54.0196 1280 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) D:\Windows\system32\ipbusenum.dll
19:11:54.0204 1280 IPBusEnum - ok
19:11:54.0258 1280 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) D:\Windows\system32\DRIVERS\ipfltdrv.sys
19:11:54.0264 1280 IpFilterDriver - ok
19:11:54.0393 1280 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) D:\Windows\System32\iphlpsvc.dll
19:11:54.0411 1280 iphlpsvc - ok
19:11:54.0471 1280 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) D:\Windows\system32\DRIVERS\IPMIDrv.sys
19:11:54.0475 1280 IPMIDRV - ok
19:11:54.0510 1280 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) D:\Windows\system32\drivers\ipnat.sys
19:11:54.0516 1280 IPNAT - ok
19:11:54.0561 1280 IRENUM (42996cff20a3084a56017b7902307e9f) D:\Windows\system32\drivers\irenum.sys
19:11:54.0565 1280 IRENUM - ok
19:11:54.0602 1280 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) D:\Windows\system32\DRIVERS\isapnp.sys
19:11:54.0612 1280 isapnp - ok
19:11:54.0674 1280 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) D:\Windows\system32\DRIVERS\msiscsi.sys
19:11:54.0690 1280 iScsiPrt - ok
19:11:54.0743 1280 kbdclass (adef52ca1aeae82b50df86b56413107e) D:\Windows\system32\DRIVERS\kbdclass.sys
19:11:54.0747 1280 kbdclass - ok
19:11:54.0811 1280 kbdhid (3d9f0ebf350edcfd6498057301455964) D:\Windows\system32\DRIVERS\kbdhid.sys
19:11:54.0817 1280 kbdhid - ok
19:11:54.0899 1280 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) D:\Windows\system32\lsass.exe
19:11:54.0905 1280 KeyIso - ok
19:11:54.0961 1280 KSecDD (0263364acb9c834ace52fb85c2c064ec) D:\Windows\system32\Drivers\ksecdd.sys
19:11:54.0965 1280 KSecDD - ok
19:11:55.0057 1280 KSecPkg (27391db553be2a4e2b0adeea2873b2af) D:\Windows\system32\Drivers\ksecpkg.sys
19:11:55.0063 1280 KSecPkg - ok
19:11:55.0163 1280 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) D:\Windows\system32\msdtckrm.dll
19:11:55.0178 1280 KtmRm - ok
19:11:55.0258 1280 LanmanServer (8f6bf790d3168224c16f2af68a84438c) D:\Windows\system32\srvsvc.dll
19:11:55.0286 1280 LanmanServer - ok
19:11:55.0348 1280 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) D:\Windows\System32\wkssvc.dll
19:11:55.0362 1280 LanmanWorkstation - ok
19:11:55.0508 1280 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) D:\Windows\system32\DRIVERS\lltdio.sys
19:11:55.0524 1280 lltdio - ok
19:11:55.0637 1280 lltdsvc (5700673e13a2117fa3b9020c852c01e2) D:\Windows\System32\lltdsvc.dll
19:11:55.0649 1280 lltdsvc - ok
19:11:55.0696 1280 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) D:\Windows\System32\lmhsvc.dll
19:11:55.0709 1280 lmhosts - ok
19:11:55.0768 1280 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) D:\Windows\system32\DRIVERS\lsi_fc.sys
19:11:55.0774 1280 LSI_FC - ok
19:11:55.0852 1280 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) D:\Windows\system32\DRIVERS\lsi_sas.sys
19:11:55.0858 1280 LSI_SAS - ok
19:11:55.0913 1280 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) D:\Windows\system32\DRIVERS\lsi_sas2.sys
19:11:55.0918 1280 LSI_SAS2 - ok
19:11:56.0002 1280 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) D:\Windows\system32\DRIVERS\lsi_scsi.sys
19:11:56.0008 1280 LSI_SCSI - ok
19:11:56.0108 1280 luafv (6703e366cc18d3b6e534f5cf7df39cee) D:\Windows\system32\drivers\luafv.sys
19:11:56.0116 1280 luafv - ok
19:11:56.0362 1280 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) D:\Windows\system32\drivers\mbamswissarmy.sys
19:11:56.0364 1280 MBAMSwissArmy - ok
19:11:56.0432 1280 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) D:\Windows\system32\Mcx2Svc.dll
19:11:56.0442 1280 Mcx2Svc - ok
19:11:56.0510 1280 megasas (0fff5b045293002ab38eb1fd1fc2fb74) D:\Windows\system32\DRIVERS\megasas.sys
19:11:56.0514 1280 megasas - ok
19:11:56.0577 1280 MegaSR (dcbab2920c75f390caf1d29f675d03d6) D:\Windows\system32\DRIVERS\MegaSR.sys
19:11:56.0584 1280 MegaSR - ok
19:11:56.0665 1280 MMCSS (146b6f43a673379a3c670e86d89be5ea) D:\Windows\system32\mmcss.dll
19:11:56.0682 1280 MMCSS - ok
19:11:56.0729 1280 Modem (f001861e5700ee84e2d4e52c712f4964) D:\Windows\system32\drivers\modem.sys
19:11:56.0733 1280 Modem - ok
19:11:56.0797 1280 monitor (79d10964de86b292320e9dfe02282a23) D:\Windows\system32\DRIVERS\monitor.sys
19:11:56.0801 1280 monitor - ok
19:11:56.0856 1280 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) D:\Windows\system32\DRIVERS\mouclass.sys
19:11:56.0860 1280 mouclass - ok
19:11:56.0936 1280 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) D:\Windows\system32\DRIVERS\mouhid.sys
19:11:56.0940 1280 mouhid - ok
19:11:57.0004 1280 mountmgr (921c18727c5920d6c0300736646931c2) D:\Windows\system32\drivers\mountmgr.sys
19:11:57.0010 1280 mountmgr - ok
19:11:57.0069 1280 mpio (2af5997438c55fb79d33d015c30e1974) D:\Windows\system32\DRIVERS\mpio.sys
19:11:57.0075 1280 mpio - ok
19:11:57.0118 1280 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) D:\Windows\system32\drivers\mpsdrv.sys
19:11:57.0124 1280 mpsdrv - ok
19:11:57.0202 1280 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) D:\Windows\system32\mpssvc.dll
19:11:57.0219 1280 MpsSvc - ok
19:11:57.0290 1280 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) D:\Windows\system32\drivers\mrxdav.sys
19:11:57.0301 1280 MRxDAV - ok
19:11:57.0366 1280 mrxsmb (ca7570e42522e24324a12161db14ec02) D:\Windows\system32\DRIVERS\mrxsmb.sys
19:11:57.0372 1280 mrxsmb - ok
19:11:57.0553 1280 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) D:\Windows\system32\DRIVERS\mrxsmb10.sys
19:11:57.0561 1280 mrxsmb10 - ok
19:11:57.0604 1280 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) D:\Windows\system32\DRIVERS\mrxsmb20.sys
19:11:57.0610 1280 mrxsmb20 - ok
19:11:57.0653 1280 msahci (4326d168944123f38dd3b2d9c37a0b12) D:\Windows\system32\DRIVERS\msahci.sys
19:11:57.0666 1280 msahci - ok
19:11:57.0713 1280 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) D:\Windows\system32\DRIVERS\msdsm.sys
19:11:57.0719 1280 msdsm - ok
19:11:57.0776 1280 MSDTC (e1bce74a3bd9902b72599c0192a07e27) D:\Windows\System32\msdtc.exe
19:11:57.0788 1280 MSDTC - ok
19:11:57.0907 1280 Msfs (daefb28e3af5a76abcc2c3078c07327f) D:\Windows\system32\drivers\Msfs.sys
19:11:57.0911 1280 Msfs - ok
19:11:58.0026 1280 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) D:\Windows\System32\drivers\mshidkmdf.sys
19:11:58.0038 1280 mshidkmdf - ok
19:11:58.0170 1280 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) D:\Windows\system32\DRIVERS\msisadrv.sys
19:11:58.0174 1280 msisadrv - ok
19:11:58.0237 1280 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) D:\Windows\system32\iscsiexe.dll
19:11:58.0245 1280 MSiSCSI - ok
19:11:58.0282 1280 msiserver - ok
19:11:58.0329 1280 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) D:\Windows\system32\drivers\MSKSSRV.sys
19:11:58.0333 1280 MSKSSRV - ok
19:11:58.0438 1280 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) D:\Windows\system32\drivers\MSPCLOCK.sys
19:11:58.0442 1280 MSPCLOCK - ok
19:11:58.0489 1280 MSPQM (f456e973590d663b1073e9c463b40932) D:\Windows\system32\drivers\MSPQM.sys
19:11:58.0493 1280 MSPQM - ok
19:11:58.0536 1280 MsRPC (0e008fc4819d238c51d7c93e7b41e560) D:\Windows\system32\drivers\MsRPC.sys
19:11:58.0541 1280 MsRPC - ok
19:11:58.0584 1280 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) D:\Windows\system32\DRIVERS\mssmbios.sys
19:11:58.0588 1280 mssmbios - ok
19:11:58.0624 1280 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) D:\Windows\system32\drivers\MSTEE.sys
19:11:58.0627 1280 MSTEE - ok
19:11:58.0663 1280 MTConfig (33599130f44e1f34631cea241de8ac84) D:\Windows\system32\DRIVERS\MTConfig.sys
19:11:58.0666 1280 MTConfig - ok
19:11:58.0948 1280 Mup (159fad02f64e6381758c990f753bcc80) D:\Windows\system32\Drivers\mup.sys
19:11:58.0952 1280 Mup - ok
19:11:59.0004 1280 napagent (80284f1985c70c86f0b5f86da2dfe1df) D:\Windows\system32\qagentRT.dll
19:11:59.0018 1280 napagent - ok
19:11:59.0086 1280 NativeWifiP (26384429fcd85d83746f63e798ab1480) D:\Windows\system32\DRIVERS\nwifi.sys
19:11:59.0096 1280 NativeWifiP - ok
19:11:59.0223 1280 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) D:\Program Files\Nero\Update\NASvc.exe
19:11:59.0235 1280 NAUpdate - ok
19:11:59.0307 1280 NDIS (23759d175a0a9baaf04d05047bc135a8) D:\Windows\system32\drivers\ndis.sys
19:11:59.0323 1280 NDIS - ok
19:11:59.0387 1280 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) D:\Windows\system32\DRIVERS\ndiscap.sys
19:11:59.0391 1280 NdisCap - ok
19:11:59.0430 1280 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) D:\Windows\system32\DRIVERS\ndistapi.sys
19:11:59.0434 1280 NdisTapi - ok
19:11:59.0471 1280 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) D:\Windows\system32\DRIVERS\ndisuio.sys
19:11:59.0477 1280 Ndisuio - ok
19:11:59.0510 1280 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) D:\Windows\system32\DRIVERS\ndiswan.sys
19:11:59.0514 1280 NdisWan - ok
19:11:59.0559 1280 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) D:\Windows\system32\drivers\NDProxy.sys
19:11:59.0563 1280 NDProxy - ok
19:11:59.0606 1280 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) D:\Windows\system32\DRIVERS\netbios.sys
19:11:59.0610 1280 NetBIOS - ok
19:11:59.0645 1280 NetBT (dd52a733bf4ca5af84562a5e2f963b91) D:\Windows\system32\DRIVERS\netbt.sys
19:11:59.0653 1280 NetBT - ok
19:11:59.0708 1280 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) D:\Windows\system32\lsass.exe
19:11:59.0713 1280 Netlogon - ok
19:11:59.0791 1280 Netman (7cccfca7510684768da22092d1fa4db2) D:\Windows\System32\netman.dll
19:11:59.0817 1280 Netman - ok
19:11:59.0856 1280 netprofm (8c338238c16777a802d6a9211eb2ba50) D:\Windows\System32\netprofm.dll
19:11:59.0872 1280 netprofm - ok
19:12:00.0206 1280 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:12:00.0211 1280 NetTcpPortSharing - ok
19:12:00.0266 1280 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) D:\Windows\system32\DRIVERS\nfrd960.sys
19:12:00.0270 1280 nfrd960 - ok
19:12:00.0313 1280 NlaSvc (2226496e34bd40734946a054b1cd657f) D:\Windows\System32\nlasvc.dll
19:12:00.0360 1280 NlaSvc - ok
19:12:00.0393 1280 Npfs (1db262a9f8c087e8153d89bef3d2235f) D:\Windows\system32\drivers\Npfs.sys
19:12:00.0397 1280 Npfs - ok
19:12:00.0438 1280 nsi (ba387e955e890c8a88306d9b8d06bf17) D:\Windows\system32\nsisvc.dll
19:12:00.0458 1280 nsi - ok
19:12:00.0493 1280 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) D:\Windows\system32\drivers\nsiproxy.sys
19:12:00.0497 1280 nsiproxy - ok
19:12:00.0614 1280 Ntfs (187002ce05693c306f43c873f821381f) D:\Windows\system32\drivers\Ntfs.sys
19:12:00.0637 1280 Ntfs - ok
19:12:00.0684 1280 Null (f9756a98d69098dca8945d62858a812c) D:\Windows\system32\drivers\Null.sys
19:12:00.0686 1280 Null - ok
19:12:00.0745 1280 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) D:\Windows\system32\drivers\nvraid.sys
19:12:00.0750 1280 nvraid - ok
19:12:00.0790 1280 nvstor (4520b63899e867f354ee012d34e11536) D:\Windows\system32\drivers\nvstor.sys
19:12:00.0795 1280 nvstor - ok
19:12:00.0989 1280 nv_agp (5a0983915f02bae73267cc2a041f717d) D:\Windows\system32\DRIVERS\nv_agp.sys
19:12:01.0000 1280 nv_agp - ok
19:12:01.0040 1280 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) D:\Windows\system32\DRIVERS\ohci1394.sys
19:12:01.0045 1280 ohci1394 - ok
19:12:01.0133 1280 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) D:\Windows\system32\pnrpsvc.dll
19:12:01.0149 1280 p2pimsvc - ok
19:12:01.0239 1280 p2psvc (59c3ddd501e39e006dac31bf55150d91) D:\Windows\system32\p2psvc.dll
19:12:01.0258 1280 p2psvc - ok
19:12:01.0291 1280 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) D:\Windows\system32\DRIVERS\parport.sys
19:12:01.0297 1280 Parport - ok
19:12:01.0327 1280 partmgr (ff4218952b51de44fe910953a3e686b9) D:\Windows\system32\drivers\partmgr.sys
19:12:01.0346 1280 partmgr - ok
19:12:01.0418 1280 Parvdm (eb0a59f29c19b86479d36b35983daadc) D:\Windows\system32\DRIVERS\parvdm.sys
19:12:01.0430 1280 Parvdm - ok
19:12:01.0479 1280 PcaSvc (358ab7956d3160000726574083dfc8a6) D:\Windows\System32\pcasvc.dll
19:12:01.0491 1280 PcaSvc - ok
19:12:01.0541 1280 pci (c858cb77c577780ecc456a892e7e7d0f) D:\Windows\system32\DRIVERS\pci.sys
19:12:01.0547 1280 pci - ok
19:12:01.0594 1280 pciide (afe86f419014db4e5593f69ffe26ce0a) D:\Windows\system32\DRIVERS\pciide.sys
19:12:01.0610 1280 pciide - ok
19:12:01.0672 1280 pcmcia (f396431b31693e71e8a80687ef523506) D:\Windows\system32\DRIVERS\pcmcia.sys
19:12:01.0678 1280 pcmcia - ok
19:12:01.0725 1280 pcw (250f6b43d2b613172035c6747aeeb19f) D:\Windows\system32\drivers\pcw.sys
19:12:01.0729 1280 pcw - ok
19:12:01.0780 1280 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) D:\Windows\system32\drivers\peauth.sys
19:12:01.0793 1280 PEAUTH - ok
19:12:01.0868 1280 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) D:\Windows\system32\peerdistsvc.dll
19:12:01.0909 1280 PeerDistSvc - ok
19:12:02.0151 1280 pla (9c1bff7910c89a1d12e57343475840cb) D:\Windows\system32\pla.dll
19:12:02.0209 1280 pla - ok
19:12:02.0311 1280 PlugPlay (71def5ec79774c798342d0ea16e41780) D:\Windows\system32\umpnpmgr.dll
19:12:02.0327 1280 PlugPlay - ok
19:12:02.0403 1280 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) D:\Windows\system32\pnrpauto.dll
19:12:02.0418 1280 PNRPAutoReg - ok
19:12:02.0458 1280 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) D:\Windows\system32\pnrpsvc.dll
19:12:02.0469 1280 PNRPsvc - ok
19:12:02.0600 1280 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) D:\Windows\System32\ipsecsvc.dll
19:12:02.0612 1280 PolicyAgent - ok
19:12:02.0694 1280 Power (dbff83f709a91049621c1d35dd45c92c) D:\Windows\system32\umpo.dll
19:12:02.0708 1280 Power - ok
19:12:02.0868 1280 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) D:\Windows\system32\DRIVERS\raspptp.sys
19:12:02.0881 1280 PptpMiniport - ok
19:12:02.0934 1280 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) D:\Windows\system32\DRIVERS\processr.sys
19:12:02.0950 1280 Processor - ok
19:12:03.0014 1280 ProfSvc (630cf26f0227498b7d5a92b12548960f) D:\Windows\system32\profsvc.dll
19:12:03.0026 1280 ProfSvc - ok
19:12:03.0090 1280 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) D:\Windows\system32\lsass.exe
19:12:03.0100 1280 ProtectedStorage - ok
19:12:03.0151 1280 Psched (6270ccae2a86de6d146529fe55b3246a) D:\Windows\system32\DRIVERS\pacer.sys
19:12:03.0163 1280 Psched - ok
19:12:03.0399 1280 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) D:\Windows\system32\DRIVERS\ql2300.sys
19:12:03.0432 1280 ql2300 - ok
19:12:03.0469 1280 ql40xx (b4dd51dd25182244b86737dc51af2270) D:\Windows\system32\DRIVERS\ql40xx.sys
19:12:03.0475 1280 ql40xx - ok
19:12:03.0520 1280 QWAVE (31ac809e7707eb580b2bdb760390765a) D:\Windows\system32\qwave.dll
19:12:03.0534 1280 QWAVE - ok
19:12:03.0565 1280 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) D:\Windows\system32\drivers\qwavedrv.sys
19:12:03.0569 1280 QWAVEdrv - ok
19:12:03.0602 1280 RasAcd (30a81b53c766d0133bb86d234e5556ab) D:\Windows\system32\DRIVERS\rasacd.sys
19:12:03.0606 1280 RasAcd - ok
19:12:03.0670 1280 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) D:\Windows\system32\DRIVERS\AgileVpn.sys
19:12:03.0686 1280 RasAgileVpn - ok
19:12:03.0731 1280 RasAuto (a60f1839849c0c00739787fd5ec03f13) D:\Windows\System32\rasauto.dll
19:12:03.0743 1280 RasAuto - ok
19:12:03.0786 1280 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) D:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:03.0803 1280 Rasl2tp - ok
19:12:03.0889 1280 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) D:\Windows\System32\rasmans.dll
19:12:03.0905 1280 RasMan - ok
19:12:03.0967 1280 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) D:\Windows\system32\DRIVERS\raspppoe.sys
19:12:03.0981 1280 RasPppoe - ok
19:12:04.0030 1280 RasSstp (44101f495a83ea6401d886e7fd70096b) D:\Windows\system32\DRIVERS\rassstp.sys
19:12:04.0036 1280 RasSstp - ok
19:12:04.0073 1280 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) D:\Windows\system32\DRIVERS\rdbss.sys
19:12:04.0081 1280 rdbss - ok
19:12:04.0124 1280 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) D:\Windows\system32\DRIVERS\rdpbus.sys
19:12:04.0139 1280 rdpbus - ok
19:12:04.0170 1280 RDPCDD (1e016846895b15a99f9a176a05029075) D:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:04.0174 1280 RDPCDD - ok
19:12:04.0229 1280 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) D:\Windows\system32\drivers\rdpdr.sys
19:12:04.0235 1280 RDPDR - ok
19:12:04.0278 1280 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) D:\Windows\system32\drivers\rdpencdd.sys
19:12:04.0282 1280 RDPENCDD - ok
19:12:04.0336 1280 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) D:\Windows\system32\drivers\rdprefmp.sys
19:12:04.0340 1280 RDPREFMP - ok
19:12:04.0399 1280 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) D:\Windows\system32\drivers\RDPWD.sys
19:12:04.0407 1280 RDPWD - ok
19:12:04.0461 1280 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) D:\Windows\system32\drivers\rdyboost.sys
19:12:04.0479 1280 rdyboost - ok
19:12:04.0532 1280 RemoteAccess (7b5e1419717fac363a31cc302895217a) D:\Windows\System32\mprdim.dll
19:12:04.0541 1280 RemoteAccess - ok
19:12:04.0606 1280 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) D:\Windows\system32\regsvc.dll
19:12:04.0618 1280 RemoteRegistry - ok
19:12:04.0672 1280 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) D:\Windows\System32\RpcEpMap.dll
19:12:04.0690 1280 RpcEptMapper - ok
19:12:04.0749 1280 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) D:\Windows\system32\locator.exe
19:12:04.0760 1280 RpcLocator - ok
19:12:04.0807 1280 RpcSs (b82cd39e336973359d7c9bf911e8e84f) D:\Windows\system32\rpcss.dll
19:12:04.0819 1280 RpcSs - ok
19:12:04.0875 1280 rspndr (032b0d36ad92b582d869879f5af5b928) D:\Windows\system32\DRIVERS\rspndr.sys
19:12:04.0881 1280 rspndr - ok
19:12:04.0942 1280 s3cap (5423d8437051e89dd34749f242c98648) D:\Windows\system32\DRIVERS\vms3cap.sys
19:12:04.0946 1280 s3cap - ok
19:12:05.0036 1280 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) D:\Windows\system32\lsass.exe
19:12:05.0041 1280 SamSs - ok
19:12:05.0090 1280 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) D:\Windows\system32\DRIVERS\sbp2port.sys
19:12:05.0094 1280 sbp2port - ok
19:12:05.0137 1280 SCardSvr (8fc518ffe9519c2631d37515a68009c4) D:\Windows\System32\SCardSvr.dll
19:12:05.0149 1280 SCardSvr - ok
19:12:05.0180 1280 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) D:\Windows\system32\DRIVERS\scfilter.sys
19:12:05.0184 1280 scfilter - ok
19:12:05.0252 1280 Schedule (df1e5c82e4d09cf8105cc644980c4803) D:\Windows\system32\schedsvc.dll
19:12:05.0274 1280 Schedule - ok
19:12:05.0356 1280 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) D:\Windows\System32\certprop.dll
19:12:05.0360 1280 SCPolicySvc - ok
19:12:05.0432 1280 SDRSVC (5fd90abdbfaee85986802622cbb03446) D:\Windows\System32\SDRSVC.dll
19:12:05.0450 1280 SDRSVC - ok
19:12:05.0516 1280 secdrv (90a3935d05b494a5a39d37e71f09a677) D:\Windows\system32\drivers\secdrv.sys
19:12:05.0520 1280 secdrv - ok
19:12:05.0559 1280 seclogon (a59b3a4442c52060cc7a85293aa3546f) D:\Windows\system32\seclogon.dll
19:12:05.0571 1280 seclogon - ok
19:12:05.0625 1280 senfilt (9a4c4a4b191200f12085d188be70e4e3) D:\Windows\system32\drivers\senfilt.sys
19:12:05.0635 1280 senfilt - ok
19:12:05.0684 1280 SENS (dcb7fcdcc97f87360f75d77425b81737) D:\Windows\System32\sens.dll
19:12:05.0709 1280 SENS - ok
19:12:05.0760 1280 SensrSvc (50087fe1ee447009c9cc2997b90de53f) D:\Windows\system32\sensrsvc.dll
19:12:05.0772 1280 SensrSvc - ok
19:12:05.0823 1280 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) D:\Windows\system32\DRIVERS\serenum.sys
19:12:05.0827 1280 Serenum - ok
19:12:05.0858 1280 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) D:\Windows\system32\DRIVERS\serial.sys
19:12:05.0864 1280 Serial - ok
19:12:05.0901 1280 sermouse (79bffb520327ff916a582dfea17aa813) D:\Windows\system32\DRIVERS\sermouse.sys
19:12:05.0905 1280 sermouse - ok
19:12:05.0983 1280 SessionEnv (8f55ce568c543d5adf45c409d16718fc) D:\Windows\system32\sessenv.dll
19:12:06.0008 1280 SessionEnv - ok
19:12:06.0038 1280 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) D:\Windows\system32\DRIVERS\sffdisk.sys
19:12:06.0041 1280 sffdisk - ok
19:12:06.0077 1280 sffp_mmc (932a68ee27833cfd57c1639d375f2731) D:\Windows\system32\DRIVERS\sffp_mmc.sys
19:12:06.0081 1280 sffp_mmc - ok
19:12:06.0110 1280 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) D:\Windows\system32\DRIVERS\sffp_sd.sys
19:12:06.0122 1280 sffp_sd - ok
19:12:06.0153 1280 sfloppy (db96666cc8312ebc45032f30b007a547) D:\Windows\system32\DRIVERS\sfloppy.sys
19:12:06.0157 1280 sfloppy - ok
19:12:06.0221 1280 SharedAccess (d1a079a0de2ea524513b6930c24527a2) D:\Windows\System32\ipnathlp.dll
19:12:06.0233 1280 SharedAccess - ok
19:12:06.0286 1280 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) D:\Windows\System32\shsvcs.dll
19:12:06.0303 1280 ShellHWDetection - ok
19:12:06.0346 1280 sisagp (2565cac0dc9fe0371bdce60832582b2e) D:\Windows\system32\DRIVERS\sisagp.sys
19:12:06.0364 1280 sisagp - ok
19:12:06.0415 1280 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) D:\Windows\system32\DRIVERS\SiSRaid2.sys
19:12:06.0420 1280 SiSRaid2 - ok
19:12:06.0469 1280 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) D:\Windows\system32\DRIVERS\sisraid4.sys
19:12:06.0473 1280 SiSRaid4 - ok
19:12:06.0528 1280 Smb (3e21c083b8a01cb70ba1f09303010fce) D:\Windows\system32\DRIVERS\smb.sys
19:12:06.0534 1280 Smb - ok
19:12:06.0624 1280 smwdm (db74141bbcbe8f22acfb53215e8af0d1) D:\Windows\system32\drivers\smwdm.sys
19:12:06.0631 1280 smwdm - ok
19:12:06.0674 1280 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) D:\Windows\System32\snmptrap.exe
19:12:06.0686 1280 SNMPTRAP - ok
19:12:06.0717 1280 spldr (95cf1ae7527fb70f7816563cbc09d942) D:\Windows\system32\drivers\spldr.sys
19:12:06.0721 1280 spldr - ok
19:12:06.0791 1280 Spooler (d1bb750eb51694de183e08b9c33be5b2) D:\Windows\System32\spoolsv.exe
19:12:06.0809 1280 Spooler - ok
19:12:07.0036 1280 sppsvc (4c287f9069fedbd791178876ee9de536) D:\Windows\system32\sppsvc.exe
19:12:07.0102 1280 sppsvc - ok
19:12:07.0153 1280 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) D:\Windows\system32\sppuinotify.dll
19:12:07.0165 1280 sppuinotify - ok
19:12:07.0219 1280 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) D:\Windows\system32\DRIVERS\srv.sys
19:12:07.0229 1280 srv - ok
19:12:07.0278 1280 srv2 (414bb592cad8a79649d01f9d94318fb3) D:\Windows\system32\DRIVERS\srv2.sys
19:12:07.0288 1280 srv2 - ok
19:12:07.0338 1280 srvnet (ff207d67700aa18242aaf985d3e7d8f4) D:\Windows\system32\DRIVERS\srvnet.sys
19:12:07.0356 1280 srvnet - ok
19:12:07.0395 1280 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) D:\Windows\System32\ssdpsrv.dll
19:12:07.0407 1280 SSDPSRV - ok
19:12:07.0442 1280 SstpSvc (d318f23be45d5e3a107469eb64815b50) D:\Windows\system32\sstpsvc.dll
19:12:07.0454 1280 SstpSvc - ok
19:12:07.0500 1280 stexstor (db32d325c192b801df274bfd12a7e72b) D:\Windows\system32\DRIVERS\stexstor.sys
19:12:07.0504 1280 stexstor - ok
19:12:07.0590 1280 StiSvc (a22825e7bb7018e8af3e229a5af17221) D:\Windows\System32\wiaservc.dll
19:12:07.0645 1280 StiSvc - ok
19:12:07.0788 1280 storflt (957e346ca948668f2496a6ccf6ff82cc) D:\Windows\system32\DRIVERS\vmstorfl.sys
19:12:07.0791 1280 storflt - ok
19:12:07.0836 1280 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) D:\Windows\system32\DRIVERS\storvsc.sys
19:12:07.0840 1280 storvsc - ok
19:12:07.0872 1280 swenum (e58c78a848add9610a4db6d214af5224) D:\Windows\system32\DRIVERS\swenum.sys
19:12:07.0881 1280 swenum - ok
19:12:07.0928 1280 swprv (a28bd92df340e57b024ba433165d34d7) D:\Windows\System32\swprv.dll
19:12:07.0944 1280 swprv - ok
19:12:08.0002 1280 SysMain (04105c8da62353589c29bdaeb8d88bd8) D:\Windows\system32\sysmain.dll
19:12:08.0032 1280 SysMain - ok
19:12:08.0083 1280 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) D:\Windows\System32\TabSvc.dll
19:12:08.0094 1280 TabletInputService - ok
19:12:08.0135 1280 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) D:\Windows\System32\tapisrv.dll
19:12:08.0151 1280 TapiSrv - ok
19:12:08.0200 1280 TBS (b799d9fdb26111737f58288d8dc172d9) D:\Windows\System32\tbssvc.dll
19:12:08.0211 1280 TBS - ok
19:12:08.0313 1280 Tcpip (56c198ac82efa622dd93e9e43575f79c) D:\Windows\system32\drivers\tcpip.sys
19:12:08.0440 1280 Tcpip - ok
19:12:08.0502 1280 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) D:\Windows\system32\DRIVERS\tcpip.sys
19:12:08.0514 1280 TCPIP6 - ok
19:12:08.0575 1280 tcpipreg (e64444523add154f86567c469bc0b17f) D:\Windows\system32\drivers\tcpipreg.sys
19:12:08.0590 1280 tcpipreg - ok
19:12:08.0641 1280 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) D:\Windows\system32\drivers\tdpipe.sys
19:12:08.0645 1280 TDPIPE - ok
19:12:08.0698 1280 TDTCP (7156308896d34ea75a582f9a09e50c17) D:\Windows\system32\drivers\tdtcp.sys
19:12:08.0709 1280 TDTCP - ok
19:12:08.0745 1280 tdx (cb39e896a2a83702d1737bfd402b3542) D:\Windows\system32\DRIVERS\tdx.sys
19:12:08.0750 1280 tdx - ok
19:12:08.0782 1280 TermDD (c36f41ee20e6999dbf4b0425963268a5) D:\Windows\system32\DRIVERS\termdd.sys
19:12:08.0786 1280 TermDD - ok
19:12:08.0858 1280 TermService (a01e50a04d7b1960b33e92b9080e6a94) D:\Windows\System32\termsrv.dll
19:12:08.0881 1280 TermService - ok
19:12:08.0920 1280 Themes (42fb6afd6b79d9fe07381609172e7ca4) D:\Windows\system32\themeservice.dll
19:12:08.0934 1280 Themes - ok
19:12:08.0975 1280 THREADORDER (146b6f43a673379a3c670e86d89be5ea) D:\Windows\system32\mmcss.dll
19:12:08.0989 1280 THREADORDER - ok
19:12:09.0047 1280 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) D:\Windows\System32\trkwks.dll
19:12:09.0061 1280 TrkWks - ok
19:12:09.0124 1280 TrustedInstaller (41a4c781d2286208d397d72099304133) D:\Windows\servicing\TrustedInstaller.exe
19:12:09.0141 1280 TrustedInstaller - ok
19:12:09.0184 1280 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) D:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:09.0188 1280 tssecsrv - ok
19:12:09.0231 1280 tunnel (3e461d890a97f9d4c168f5fda36e1d00) D:\Windows\system32\DRIVERS\tunnel.sys
19:12:09.0237 1280 tunnel - ok
19:12:09.0276 1280 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) D:\Windows\system32\DRIVERS\uagp35.sys
19:12:09.0280 1280 uagp35 - ok
19:12:09.0317 1280 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) D:\Windows\system32\DRIVERS\udfs.sys
19:12:09.0342 1280 udfs - ok
19:12:09.0399 1280 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) D:\Windows\system32\UI0Detect.exe
19:12:09.0411 1280 UI0Detect - ok
19:12:09.0454 1280 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) D:\Windows\system32\DRIVERS\uliagpkx.sys
19:12:09.0459 1280 uliagpkx - ok
19:12:09.0502 1280 umbus (049b3a50b3d646baeeee9eec9b0668dc) D:\Windows\system32\DRIVERS\umbus.sys
19:12:09.0508 1280 umbus - ok
19:12:09.0551 1280 UmPass (7550ad0c6998ba1cb4843e920ee0feac) D:\Windows\system32\DRIVERS\umpass.sys
19:12:09.0555 1280 UmPass - ok
19:12:09.0620 1280 UmRdpService (8ecaca5454844f66386f7be4ae0d7cd1) D:\Windows\System32\umrdp.dll
19:12:09.0633 1280 UmRdpService - ok
19:12:09.0676 1280 upnphost (833fbb672460efce8011d262175fad33) D:\Windows\System32\upnphost.dll
19:12:09.0692 1280 upnphost - ok
19:12:09.0760 1280 usbaudio (2436a42aab4ad48a9b714e5b0f344627) D:\Windows\system32\drivers\usbaudio.sys
19:12:09.0766 1280 usbaudio - ok
19:12:09.0815 1280 usbccgp (c31ae588e403042632dc796cf09e30b0) D:\Windows\system32\DRIVERS\usbccgp.sys
19:12:09.0821 1280 usbccgp - ok
19:12:09.0874 1280 usbcir (04ec7cec62ec3b6d9354eee93327fc82) D:\Windows\system32\DRIVERS\usbcir.sys
19:12:09.0883 1280 usbcir - ok
19:12:09.0946 1280 usbehci (e4c436d914768ce965d5e659ba7eebd8) D:\Windows\system32\DRIVERS\usbehci.sys
19:12:09.0952 1280 usbehci - ok
19:12:10.0008 1280 usbhub (bdcd7156ec37448f08633fd899823620) D:\Windows\system32\DRIVERS\usbhub.sys
19:12:10.0016 1280 usbhub - ok
19:12:10.0055 1280 usbohci (eb2d819a639015253c871cda09d91d58) D:\Windows\system32\drivers\usbohci.sys
19:12:10.0059 1280 usbohci - ok
19:12:10.0108 1280 usbprint (797d862fe0875e75c7cc4c1ad7b30252) D:\Windows\system32\DRIVERS\usbprint.sys
19:12:10.0114 1280 usbprint - ok
19:12:10.0161 1280 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) D:\Windows\system32\drivers\USBSTOR.SYS
19:12:10.0165 1280 USBSTOR - ok
19:12:10.0206 1280 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) D:\Windows\system32\DRIVERS\usbuhci.sys
19:12:10.0211 1280 usbuhci - ok
19:12:10.0278 1280 usbvideo (b5f6a992d996282b7fae7048e50af83a) D:\Windows\System32\Drivers\usbvideo.sys
19:12:10.0286 1280 usbvideo - ok
19:12:10.0331 1280 UxSms (081e6e1c91aec36758902a9f727cd23c) D:\Windows\System32\uxsms.dll
19:12:10.0342 1280 UxSms - ok
19:12:10.0424 1280 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) D:\Windows\system32\lsass.exe
19:12:10.0432 1280 VaultSvc - ok
19:12:10.0475 1280 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) D:\Windows\system32\DRIVERS\vdrvroot.sys
19:12:10.0481 1280 vdrvroot - ok
19:12:10.0563 1280 vds (8c4e7c49d3641bc9e299e466a7f8867d) D:\Windows\System32\vds.exe
19:12:10.0583 1280 vds - ok
19:12:10.0625 1280 vga (17c408214ea61696cec9c66e388b14f3) D:\Windows\system32\DRIVERS\vgapnp.sys
19:12:10.0629 1280 vga - ok
19:12:10.0663 1280 VgaSave (8e38096ad5c8570a6f1570a61e251561) D:\Windows\System32\drivers\vga.sys
19:12:10.0666 1280 VgaSave - ok
19:12:10.0721 1280 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) D:\Windows\system32\DRIVERS\vhdmp.sys
19:12:10.0727 1280 vhdmp - ok
19:12:10.0772 1280 viaagp (c829317a37b4bea8f39735d4b076e923) D:\Windows\system32\DRIVERS\viaagp.sys
19:12:10.0778 1280 viaagp - ok
19:12:10.0809 1280 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) D:\Windows\system32\DRIVERS\viac7.sys
19:12:10.0815 1280 ViaC7 - ok
19:12:10.0854 1280 viaide (e43574f6a56a0ee11809b48c09e4fd3c) D:\Windows\system32\DRIVERS\viaide.sys
19:12:10.0858 1280 viaide - ok
19:12:10.0952 1280 vmbus (379b349f65f453d2a6e75ea6b7448e49) D:\Windows\system32\DRIVERS\vmbus.sys
19:12:10.0959 1280 vmbus - ok
19:12:10.0993 1280 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) D:\Windows\system32\DRIVERS\VMBusHID.sys
19:12:10.0997 1280 VMBusHID - ok
19:12:11.0032 1280 volmgr (384e5a2aa49934295171e499f86ba6f3) D:\Windows\system32\DRIVERS\volmgr.sys
19:12:11.0036 1280 volmgr - ok
19:12:11.0084 1280 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) D:\Windows\system32\drivers\volmgrx.sys
19:12:11.0094 1280 volmgrx - ok
19:12:11.0163 1280 volsnap (58df9d2481a56edde167e51b334d44fd) D:\Windows\system32\DRIVERS\volsnap.sys
19:12:11.0176 1280 volsnap - ok
19:12:11.0227 1280 vsmraid (9dfa0cc2f8855a04816729651175b631) D:\Windows\system32\DRIVERS\vsmraid.sys
19:12:11.0233 1280 vsmraid - ok
19:12:11.0291 1280 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) D:\Windows\system32\vssvc.exe
19:12:11.0321 1280 VSS - ok
19:12:11.0379 1280 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) D:\Windows\System32\drivers\vwifibus.sys
19:12:11.0391 1280 vwifibus - ok
19:12:11.0450 1280 W32Time (55187fd710e27d5095d10a472c8baf1c) D:\Windows\system32\w32time.dll
19:12:11.0465 1280 W32Time - ok
19:12:11.0508 1280 WacomPen (de3721e89c653aa281428c8a69745d90) D:\Windows\system32\DRIVERS\wacompen.sys
19:12:11.0512 1280 WacomPen - ok
19:12:11.0559 1280 WANARP (692a712062146e96d28ba0b7d75de31b) D:\Windows\system32\DRIVERS\wanarp.sys
19:12:11.0563 1280 WANARP - ok
19:12:11.0583 1280 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) D:\Windows\system32\DRIVERS\wanarp.sys
19:12:11.0586 1280 Wanarpv6 - ok
19:12:11.0747 1280 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) D:\Windows\system32\Wat\WatAdminSvc.exe
19:12:11.0772 1280 WatAdminSvc - ok
19:12:11.0911 1280 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) D:\Windows\system32\wbengine.exe
19:12:11.0944 1280 wbengine - ok
19:12:11.0981 1280 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) D:\Windows\System32\wbiosrvc.dll
19:12:11.0997 1280 WbioSrvc - ok
19:12:12.0053 1280 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) D:\Windows\System32\wcncsvc.dll
19:12:12.0071 1280 wcncsvc - ok
19:12:12.0118 1280 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) D:\Windows\System32\WcsPlugInService.dll
19:12:12.0131 1280 WcsPlugInService - ok
19:12:12.0180 1280 Wd (1112a9badacb47b7c0bb0392e3158dff) D:\Windows\system32\DRIVERS\wd.sys
19:12:12.0184 1280 Wd - ok
19:12:12.0235 1280 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) D:\Windows\system32\drivers\Wdf01000.sys
19:12:12.0247 1280 Wdf01000 - ok
19:12:12.0293 1280 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) D:\Windows\system32\wdi.dll
19:12:12.0307 1280 WdiServiceHost - ok
19:12:12.0327 1280 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) D:\Windows\system32\wdi.dll
19:12:12.0338 1280 WdiSystemHost - ok
19:12:12.0395 1280 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) D:\Windows\System32\webclnt.dll
19:12:12.0418 1280 WebClient - ok
19:12:12.0485 1280 Wecsvc (760f0afe937a77cff27153206534f275) D:\Windows\system32\wecsvc.dll
19:12:12.0500 1280 Wecsvc - ok
19:12:12.0538 1280 wercplsupport (ac804569bb2364fb6017370258a4091b) D:\Windows\System32\wercplsupport.dll
19:12:12.0553 1280 wercplsupport - ok
19:12:12.0610 1280 WerSvc (08e420d873e4fd85241ee2421b02c4a4) D:\Windows\System32\WerSvc.dll
19:12:12.0624 1280 WerSvc - ok
19:12:12.0665 1280 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) D:\Windows\system32\DRIVERS\wfplwf.sys
19:12:12.0676 1280 WfpLwf - ok
19:12:12.0711 1280 WIMMount (5cf95b35e59e2a38023836fff31be64c) D:\Windows\system32\drivers\wimmount.sys
19:12:12.0717 1280 WIMMount - ok
19:12:12.0915 1280 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) D:\Program Files\Windows Defender\mpsvc.dll
19:12:12.0969 1280 WinDefend - ok
19:12:13.0000 1280 WinHttpAutoProxySvc - ok
19:12:13.0124 1280 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) D:\Windows\system32\wbem\WMIsvc.dll
19:12:13.0133 1280 Winmgmt - ok
19:12:13.0217 1280 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) D:\Windows\system32\WsmSvc.dll
19:12:13.0250 1280 WinRM - ok
19:12:13.0350 1280 Wlansvc (16935c98ff639d185086a3529b1f2067) D:\Windows\System32\wlansvc.dll
19:12:13.0377 1280 Wlansvc - ok
19:12:13.0622 1280 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) D:\Windows\system32\DRIVERS\wmiacpi.sys
19:12:13.0625 1280 WmiAcpi - ok
19:12:13.0786 1280 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) D:\Windows\system32\wbem\WmiApSrv.exe
19:12:13.0791 1280 wmiApSrv - ok
19:12:13.0936 1280 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) D:\Program Files\Windows Media Player\wmpnetwk.exe
19:12:13.0963 1280 WMPNetworkSvc - ok
19:12:14.0016 1280 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) D:\Windows\System32\wpcsvc.dll
19:12:14.0028 1280 WPCSvc - ok
19:12:14.0071 1280 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) D:\Windows\system32\wpdbusenum.dll
19:12:14.0088 1280 WPDBusEnum - ok
19:12:14.0260 1280 ws2ifsl (6db3276587b853bf886b69528fdb048c) D:\Windows\system32\drivers\ws2ifsl.sys
19:12:14.0274 1280 ws2ifsl - ok
19:12:14.0329 1280 wscsvc (a661a76333057b383a06e65f0073222f) D:\Windows\System32\wscsvc.dll
19:12:14.0366 1280 wscsvc - ok
19:12:14.0393 1280 WSearch - ok
19:12:14.0583 1280 wuauserv (a33408cc036f9c08142b11be5e93f0a1) D:\Windows\system32\wuaueng.dll
19:12:14.0627 1280 wuauserv - ok
19:12:14.0666 1280 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) D:\Windows\system32\drivers\WudfPf.sys
19:12:14.0672 1280 WudfPf - ok
19:12:14.0723 1280 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) D:\Windows\System32\WUDFSvc.dll
19:12:14.0741 1280 wudfsvc - ok
19:12:14.0793 1280 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) D:\Windows\System32\wwansvc.dll
19:12:14.0811 1280 WwanSvc - ok
19:12:14.0854 1280 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:12:14.0901 1280 \Device\Harddisk0\DR0 - ok
19:12:14.0922 1280 Boot (0x1200) (8eefcf483b6ee4f04ba41fa73b152291) \Device\Harddisk0\DR0\Partition0
19:12:14.0924 1280 \Device\Harddisk0\DR0\Partition0 - ok
19:12:14.0940 1280 Boot (0x1200) (04b097c3a5d4a9145748d1fe945a7608) \Device\Harddisk0\DR0\Partition1
19:12:14.0942 1280 \Device\Harddisk0\DR0\Partition1 - ok
19:12:14.0950 1280 ============================================================
19:12:14.0950 1280 Scan finished
19:12:14.0950 1280 ============================================================
19:12:14.0977 3788 Detected object count: 0
19:12:14.0977 3788 Actual detected object count: 0

MBAM
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.04.11.05

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Robert :: ROBERT-PC [administrátor]

Ochrana: Povolena

11.4.2012 19:14:12
mbam-log-2012-04-11 (20-32-12).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 263140
Uplynulý čas: 1 hodin, 17 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 11
C:\System Volume Information\_restore{0EE73CF7-5F78-42BA-B27B-5EFFD428C92F}\RP185\A0115816.exe (PUP.Adware.RelevantKnowledge) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{0EE73CF7-5F78-42BA-B27B-5EFFD428C92F}\RP186\A0116766.dll (PUP.Adware.RelevantKnowledge) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{0EE73CF7-5F78-42BA-B27B-5EFFD428C92F}\RP186\A0116767.exe (PUP.Adware.RelevantKnowledge) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{0EE73CF7-5F78-42BA-B27B-5EFFD428C92F}\RP203\A0141360.exe (PUP.BundleInstaller.BI) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{0EE73CF7-5F78-42BA-B27B-5EFFD428C92F}\RP210\A0150662.exe (PUP.BundleInstaller.Somoto) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{0EE73CF7-5F78-42BA-B27B-5EFFD428C92F}\RP210\A0150665.exe (PUP.BundleInstaller.BI) -> Žádná instrukce nebyla provedena.
C:\Casino\Europa Casino\_EuropaSetup_f6680b.exe (PUP.Casino) -> Žádná instrukce nebyla provedena.
C:\Casino\William Hill CASINO CLUB\_SetupCasino_deaabd_cs.exe (PUP.Casino) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\Uzivatelw\Dokumenty\Sony Vegas Pro 9\Sony Vegas Pro 9.0 Build 704\Keygen.exe (Trojan.Agent.CK) -> Žádná instrukce nebyla provedena.
C:\downloads\SetupCasino_deaabd_cs.exe (PUP.Casino) -> Žádná instrukce nebyla provedena.
C:\downloads\EuropaSetup_f6680b.exe (PUP.Casino) -> Žádná instrukce nebyla provedena.

(konec)

#11 Příspěvek od **JaRon** » 12 dub 2012 06:23

najdene nechaj odstranit v MBAM - restart a popis problemy - ak nejake su

frutas11 · #12 Příspěvek od **frutas11** » 12 dub 2012 17:44

Nenastala žádná změna....

frutas11 píše:Omlouvám se za další příspěvek ale zapoměl sem dodat.Mám nefunkční AVAST,ukazuje mi že je jke systém nechráněn,avšak pokusi o zapnutí štítu byli marné.Nejde odinstalovat,smazat,opravit,nainstalovat, no prostě nic.Dokonce sem udělal větší šílený zákrok a to ten že jsem pomocí Avengeru smazal jeho složku s Avastem,po restartu mi počítač zobrazil modrou obrazovku a ukázal závažnou chybu.Počítač jsem zapl ve stavu nouze a ze zálohy Avengeru vrátil Avast tam kde byl.Nyní je počítač funkční ale Avast ne.Děkuji.

#13 Příspěvek od **JaRon** » 12 dub 2012 18:18

pouzi dalsi CFScript:

Kód: Vybrat vše

Driver::
aswSnx
aswSP
aswFsBlk

frutas11 · #14 Příspěvek od **frutas11** » 12 dub 2012 18:39

ComboFix 12-04-04.02 - Uzivatel 12.04.2012 19:31:04.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1539 [GMT 2:00]
Spuštěný z: d:\dokumenty\CD\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uzivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-12 do 2012-04-12 )))))))))))))))))))))))))))))))
.
.
2012-04-08 21:06 . 2012-04-09 07:18 -------- d-----w- C:\Boot
2012-04-08 16:33 . 2012-04-08 16:33 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-04-08 16:33 . 2012-04-08 16:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-04-08 16:29 . 2012-04-08 20:14 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\DAEMON Tools Lite
2012-04-08 16:28 . 2012-04-08 16:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-07 20:34 . 2012-04-07 20:34 -------- d-----w- c:\windows\Performance
2012-04-07 20:34 . 2012-04-07 20:34 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Microsoft Corporation
2012-04-07 18:34 . 2012-04-07 18:34 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\ESET
2012-04-07 18:33 . 2012-04-07 18:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2012-04-07 18:17 . 2009-09-02 08:20 652 ----a-w- c:\windows\FIX.reg
2012-04-07 18:17 . 2008-11-01 11:23 280 ----a-w- c:\windows\reset.reg
2012-04-07 17:38 . 2012-04-07 17:38 -------- d-----w- C:\_OTM
2012-04-06 18:37 . 2012-04-07 16:14 -------- d-----w- C:\Metro 2033
2012-04-06 15:05 . 2012-04-06 15:05 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\searchresultstb
2012-04-05 16:42 . 2012-04-05 16:42 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-04-01 19:02 . 2012-04-02 15:23 -------- d-----w- c:\program files\trend micro
2012-04-01 18:14 . 2012-04-01 18:14 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\searchresultstb
2012-04-01 18:14 . 2012-04-01 18:52 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\AskToolbar
2012-04-01 18:03 . 2012-04-01 18:07 -------- d-----w- c:\program files\AVAST Software
2012-04-01 16:50 . 2012-04-01 16:50 574 ----a-w- C:\cleanup.bat
2012-04-01 16:42 . 2012-04-01 16:43 -------- d-----w- c:\program files\CCleaner
2012-03-31 22:08 . 2012-03-31 22:08 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\IObit
2012-03-30 09:33 . 2012-03-30 09:33 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Ask.com
2012-03-30 09:33 . 2012-04-06 15:06 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\kmpmediatoolbar
2012-03-30 09:32 . 2012-03-30 09:32 -------- d-----w- c:\program files\PANDORA.TV
2012-03-30 09:30 . 2012-04-09 19:08 -------- d-----w- c:\program files\The KMPlayer
2012-03-29 08:13 . 2012-03-29 08:27 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\WMTools Downloaded Files
2012-03-29 07:37 . 2012-04-06 15:05 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\PriceGong
2012-03-29 07:36 . 2012-03-29 07:36 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Conduit
2012-03-29 07:34 . 2012-03-29 07:34 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Xilisoft
2012-03-29 07:34 . 2012-03-29 07:34 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Xilisoft
2012-03-29 07:33 . 2012-03-29 07:33 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Publish Providers
2012-03-29 06:50 . 2012-03-29 07:52 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Sony
2012-03-29 06:50 . 2012-03-29 07:52 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Sony
2012-03-29 06:46 . 2012-03-29 06:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony
2012-03-29 06:45 . 2012-03-29 07:46 -------- d-----w- c:\program files\Sony
2012-03-24 22:44 . 2012-03-24 22:44 -------- d-----w- c:\documents and settings\Uzivatel\Data aplikací\Toolbar4
2012-03-23 10:45 . 2012-03-23 10:45 -------- d-sh--w- c:\documents and settings\Uzivatelw\PrivacIE
2012-03-23 10:44 . 2012-04-06 15:05 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\Softonic-Eng7
2012-03-23 10:02 . 2012-03-23 10:02 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\AnvSoft
2012-03-23 09:52 . 2012-03-23 09:53 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\tiger-k
2012-03-23 09:52 . 2012-03-23 09:52 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Leawo
2012-03-23 09:50 . 2008-10-28 09:10 139264 ----a-w- c:\windows\system32\xvid.ax
2012-03-23 09:50 . 2008-10-08 08:45 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-03-23 07:51 . 2012-03-23 07:51 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\FastStone
2012-03-23 07:51 . 2012-03-23 07:51 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\FastStone
2012-03-23 07:19 . 2012-03-23 07:19 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Toolbar4
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-22 18:28 . 2012-03-31 21:23 -------- d-----w- c:\documents and settings\Uzivatel\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 09:37 . 2012-03-30 08:47 -------- d-----w- c:\documents and settings\Uzivatelw\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 09:37 . 2012-03-31 21:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2012-03-22 08:54 . 2012-03-22 09:35 -------- d-----w- c:\documents and settings\Uzivatelw\Data aplikací\Hamachi
2012-03-22 08:52 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2012-03-22 08:49 . 2012-03-22 08:49 -------- d-----w- c:\program files\Common Files\Java
2012-03-22 08:48 . 2012-03-22 08:46 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-22 08:46 . 2002-01-03 17:39 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-01 10:59 . 2009-03-08 02:34 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2009-03-08 02:34 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-03-01 10:59 . 2009-03-08 02:34 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-29 14:10 . 2008-04-14 11:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-14 11:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2009-03-08 02:35 385024 ----a-w- c:\windows\system32\html.iec
2012-02-20 19:50 . 2011-09-19 21:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:56 . 2009-05-20 21:01 1869184 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-02-10 22:44 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-06_18.53.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-12 17:26 . 2012-04-12 17:26 16384 c:\windows\Temp\Perflib_Perfdata_224.dat
- 2008-04-14 11:00 . 2012-03-25 09:46 71488 c:\windows\system32\perfc009.dat
+ 2008-04-14 11:00 . 2012-04-12 17:30 71488 c:\windows\system32\perfc009.dat
- 2008-04-14 11:00 . 2012-03-25 09:46 82800 c:\windows\system32\perfc005.dat
+ 2008-04-14 11:00 . 2012-04-12 17:30 82800 c:\windows\system32\perfc005.dat
+ 2009-03-08 02:31 . 2012-03-01 10:59 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 02:31 . 2011-12-17 19:42 66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 02:31 . 2012-03-01 10:59 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 02:31 . 2011-12-17 19:42 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 02:33 . 2012-03-01 10:59 25600 c:\windows\system32\jsproxy.dll
- 2009-03-08 02:33 . 2011-12-17 19:42 25600 c:\windows\system32\jsproxy.dll
- 2009-12-28 14:47 . 2011-12-17 19:42 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-12-28 14:47 . 2012-03-01 10:59 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-03-08 02:31 . 2012-03-01 10:59 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-03-08 02:31 . 2011-12-17 19:42 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2009-12-28 14:47 . 2011-12-17 19:42 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-12-28 14:47 . 2012-03-01 10:59 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 02:33 . 2011-12-17 19:42 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 02:33 . 2012-03-01 10:59 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 12800 c:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 66560 c:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 55296 c:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 43520 c:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 25600 c:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2012-04-11 21:07 . 2012-04-11 21:07 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_ca272b1e\System.Drawing.Design.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-02-18 21:27 . 2012-02-18 21:27 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 105984 c:\windows\system32\url.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 105984 c:\windows\system32\url.dll
+ 2008-04-14 11:00 . 2012-04-12 17:30 441552 c:\windows\system32\perfh009.dat
- 2008-04-14 11:00 . 2012-03-25 09:46 441552 c:\windows\system32\perfh009.dat
- 2008-04-14 11:00 . 2012-03-25 09:46 437986 c:\windows\system32\perfh005.dat
+ 2008-04-14 11:00 . 2012-04-12 17:30 437986 c:\windows\system32\perfh005.dat
- 2009-03-08 02:34 . 2011-12-17 19:42 206848 c:\windows\system32\occache.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 206848 c:\windows\system32\occache.dll
- 2009-03-08 02:32 . 2011-12-17 19:42 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 02:32 . 2012-03-01 10:59 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 02:32 . 2012-03-01 10:59 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 02:32 . 2011-12-17 19:42 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 02:31 . 2011-12-17 19:42 184320 c:\windows\system32\iepeers.dll
+ 2009-03-08 02:31 . 2012-03-01 10:59 184320 c:\windows\system32\iepeers.dll
- 2009-03-08 12:09 . 2011-12-17 19:42 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 12:09 . 2012-03-01 10:59 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 02:32 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe
- 2009-03-08 02:32 . 2011-12-16 12:23 174080 c:\windows\system32\ie4uinit.exe
+ 2009-12-28 13:46 . 2012-04-07 17:40 297256 c:\windows\system32\FNTCACHE.DAT
- 2009-12-28 13:46 . 2012-04-06 07:28 297256 c:\windows\system32\FNTCACHE.DAT
- 2008-04-14 11:00 . 2009-12-24 07:04 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2008-04-14 11:00 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 916992 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 916992 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 105984 c:\windows\system32\dllcache\url.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 105984 c:\windows\system32\dllcache\url.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 02:32 . 2011-12-17 19:42 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 02:32 . 2012-03-01 10:59 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-12-28 14:47 . 2012-03-01 10:59 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2009-12-28 14:47 . 2011-12-17 19:42 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-04-14 11:00 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
+ 2009-12-28 14:47 . 2012-03-01 10:59 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-12-28 14:47 . 2011-12-17 19:42 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-03-08 02:31 . 2011-12-17 19:42 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 02:31 . 2012-03-01 10:59 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-11 13:19 . 2011-12-17 19:42 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-11 13:19 . 2012-03-01 10:59 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2009-03-08 12:09 . 2011-12-17 19:42 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 12:09 . 2012-03-01 10:59 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 02:32 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-03-08 02:32 . 2011-12-16 12:23 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2012-04-06 20:51 . 2012-04-02 16:37 315714 c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
+ 2012-01-31 01:38 . 2012-01-31 01:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-01-27 15:35 . 2012-01-27 15:35 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2012-02-02 21:56 . 2012-02-02 21:56 963584 c:\windows\Installer\39414f.msp
+ 2012-04-11 21:08 . 2011-12-17 19:42 916992 c:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 105984 c:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-04-11 21:08 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-04-11 21:08 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-04-11 21:08 . 2011-12-17 19:42 206848 c:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 611840 c:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 602112 c:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 247808 c:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 184320 c:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 743424 c:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 387584 c:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-04-11 21:08 . 2011-12-16 12:23 174080 c:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
+ 2012-04-11 21:07 . 2012-04-11 21:07 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7ae24d9a\System.Drawing.dll
+ 2012-04-11 21:07 . 2012-04-11 21:07 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_0f45f8e8\System.Drawing.Design.dll
+ 2012-04-12 16:44 . 2012-04-12 16:44 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\5be064066858620a8aa628fca459a888\WindowsFormsIntegration.ni.dll
+ 2012-04-12 16:44 . 2012-04-12 16:44 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\cc2cd3bc46c9c2b30e47281e404a3230\System.Drawing.Design.ni.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-04-11 21:07 . 2012-04-11 21:07 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 1212416 c:\windows\system32\urlmon.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 1212416 c:\windows\system32\urlmon.dll
+ 2009-03-08 02:41 . 2012-03-01 10:59 5978624 c:\windows\system32\mshtml.dll
+ 2009-03-08 02:32 . 2012-03-01 10:59 2000384 c:\windows\system32\iertutil.dll
- 2009-03-08 02:32 . 2011-12-17 19:42 2000384 c:\windows\system32\iertutil.dll
- 2009-03-08 02:34 . 2011-12-17 19:42 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2009-03-08 02:34 . 2012-03-01 10:59 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2009-03-08 02:41 . 2012-03-01 10:59 5978624 c:\windows\system32\dllcache\mshtml.dll
+ 2009-12-28 14:47 . 2012-03-01 10:59 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2009-12-28 14:47 . 2011-12-17 19:42 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2012-01-31 02:46 . 2012-01-31 02:46 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp
+ 2012-04-11 21:07 . 2012-04-11 21:07 7069184 c:\windows\Installer\394158.msp
+ 2012-04-11 21:08 . 2011-12-17 19:42 1212416 c:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 5979136 c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-04-11 21:08 . 2011-12-17 19:42 2000384 c:\windows\ie8updates\KB2675157-IE8\iertutil.dll
+ 2012-04-11 21:08 . 2012-04-11 21:08 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_817519e5\System.Windows.Forms.dll
+ 2012-04-11 21:07 . 2012-04-11 21:07 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_35d71bce\System.Windows.Forms.dll
+ 2012-04-11 21:08 . 2012-04-11 21:08 2248704 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_c4559f53\System.Drawing.dll
+ 2012-04-11 21:07 . 2012-04-11 21:07 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f0cf346b\System.Design.dll
+ 2012-04-11 21:08 . 2012-04-11 21:08 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_be8c635f\System.Design.dll
+ 2012-04-12 16:44 . 2012-04-12 16:44 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\44d507a702c1623810e094adf751f687\System.Printing.ni.dll
+ 2012-04-12 16:44 . 2012-04-12 16:44 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8d886cdc2ca5f0ff97cd1afe8773bb6e\System.Drawing.ni.dll
+ 2012-04-12 16:43 . 2012-04-12 16:43 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\c73e109dbac6b099786cc68fe36e3d0b\ReachFramework.ni.dll
+ 2012-04-12 16:43 . 2012-04-12 16:43 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\20d72aeac1109863b77532d37d3f4fa2\PresentationUI.ni.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-02-18 21:27 . 2012-02-18 21:27 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-11 21:06 . 2012-04-11 21:06 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-02-18 21:28 . 2012-02-18 21:28 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-12-28 14:08 . 2012-04-11 21:02 55154568 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2012-03-02 03:59 11082752 c:\windows\system32\ieframe.dll
+ 2009-12-28 14:47 . 2012-03-02 03:59 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2012-04-11 21:08 . 2011-12-18 13:42 11082240 c:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-04-12 16:44 . 2012-04-12 16:44 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d96906db18e87ffe2e08f6cda7e2be0f\System.Windows.Forms.ni.dll
+ 2012-04-12 16:44 . 2012-04-12 16:44 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\561138d8d199861578c197c4d24e3934\System.Design.ni.dll
+ 2012-04-12 16:43 . 2012-04-12 16:43 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\029d1d9e6495065aa4f38bcf2315ee8c\PresentationFramework.ni.dll
+ 2012-04-12 16:42 . 2012-04-12 16:42 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0a059ecfca6e421629a8298b03a7814c\PresentationCore.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2011-05-09 09:49 176936 ----a-w- c:\program files\Softonic-Eng7\prxtbSof2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\documents and settings\Uzivatel\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2010-10-07 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"TV Card Remote Control Device Monitor"="c:\windows\713xRMTMon.exe" [2005-07-20 352256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Scheduler for OEM.lnk - c:\program files\honestech\honestech TVR\scheduleTV.exe [2011-8-12 307200]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LWS"=c:\program files\Logitech\LWS\Webcam Software\LWS.exe -hide
"igfxhkcmd"=c:\windows\system32\hkcmd.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
"igfxtray"=c:\windows\system32\igfxtray.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Raildcall"=c:\program files\raidcall\raidcall.exe
"CommonToolkitTray"=c:\program files\Fighters\Tray\FightersTray.exe
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\QuadCoreM2\\pack\\core.bin"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.3.2011 17:35 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.3.2011 17:35 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [8.4.2012 18:33 242240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.3.2011 17:35 20568]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 iANSMiniport;Intel(R) Advanced Network Services Virtual Adapter;c:\windows\system32\drivers\ianswxp.sys [6.12.2007 10:30 114824]
S3 iANSProtocol;Intel(R) Advanced Network Services Protocol;c:\windows\system32\drivers\ianswxp.sys [6.12.2007 10:30 114824]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [14.2.2002 1:07 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-12 c:\windows\Tasks\User_Feed_Synchronization-{4664943E-8FED-414C-B188-0172A180C4B1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=13760
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.toggle.com/en/index.php?rvs=google
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: WikiKomentáře Google...
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Europa Casino - c:\casino\Europa Casino\_EuropaSetup_f6680b.exe
AddRemove-William Hill CASINO CLUB - c:\casino\William Hill CASINO CLUB\_SetupCasino_deaabd_cs.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-12 19:33
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TV Card Remote Control Device Monitor = c:\windows\713xRMTMon.exe???????????????T?a?HF??m?a?????????????????????????????????????????x????????A??????????????????x???????PF??????????T?a?x???m?a?????????????1??| F??????????????????????????????????????????????????????x???????T?a?h?o?m?a???????????A????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3405207397-609143208-2953296790-1004\ "*_*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"MachineID"=hex:e1,d2,63,ce,f0,1c,62,00
DUMPHIVE0.003 (REGF)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3244)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-04-12 19:38:40
ComboFix-quarantined-files.txt 2012-04-12 17:38
ComboFix2.txt 2012-04-06 18:57
.
Před spuštěním: Volných bajtů: 49 452 695 552
Po spuštění: Volných bajtů: 49 503 805 440
.
- - End Of File - - 7B897E33BF665300528C69FA6F57E2A6

#15 Příspěvek od **JaRon** » 12 dub 2012 18:51

1. zopakuj akciu s "cerstvym" ComboFixom a v nudzovom rezime
2. nie som si isty, ci ma zmysel pokracovat v tomto pripade

(ESET)

VIRY.CZ

Kontrola+Avast

Kontrola+Avast

Re: Kontrola

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola

Re: Kontrola+Avast

Re: Kontrola+Avast

Re: Kontrola+Avast