Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola CF

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Kontrola CF

#1 Příspěvek od Johny.XXX »

Dobrý večer už docela dlouhou dobu mám velký problém se svím pc,zpomalený,zasekaný,nejde zvuk a všechny ty nepříjemnosti kolem toho.Programy jako CCleaner,Systeme advanced care a další pič***samozřejmě nepomáhají,takže zbývá klasika RESTART už nevím co s tím napadá mě jedině přeinstal,ale chci se předem poradit..CPU stále okolo 20% někdy i méně.Zkoušel jsem Combo Fix,ale připadá mě že se nic nezměnilo.Najde se tu prosím někdo kdo by mě poradil co s tím mám dělat,předem děkuji za RADU A ODPOVĚD-Zde je Log--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->>>ComboFix 12-04-16.02 - Owner 17.04.2012 1:19.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.268 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\WINDOWS
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
c:\program files\MorpheusBar\bar\1.bin\M0PLUGIN.DLL
c:\program files\MorpheusBar\bar\1.bin\NPMORPBR.DLL
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.3.0.840\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.0.840\unins000.dat
c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
c:\windows\bk23567.dat
c:\windows\fdgg34353edfgdfdf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\ST6UNST.000
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\drivers\Install.exe
c:\windows\system32\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-16 do 2012-04-16 )))))))))))))))))))))))))))))))
.
.
2012-04-16 23:05 . 2012-04-16 23:05 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2012-04-15 20:15 . 2012-04-15 21:20 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ..ZZ.....ZZ..Z
2012-04-15 19:35 . 2012-04-15 20:14 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06Z....ZZZZ..ZZ.ZZ
2012-04-15 19:00 . 2012-04-15 19:35 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ.ZZZZ......ZZ
2012-04-15 18:38 . 2012-04-15 19:00 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.....ZZZZ..Z
2012-04-09 19:22 . 2012-04-14 13:34 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-07 19:42 . 2012-04-07 19:43 -------- d-----w- C:\6f997e1f41da20ee1f3d5544a21ee556
2012-04-01 10:18 . 2012-04-01 10:18 -------- d-----w- c:\documents and settings\Owner\AppData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 13:34 . 2011-10-05 19:37 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-13 17:02 . 2012-03-13 17:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-13 17:02 . 2010-06-27 19:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-07 00:15 . 2011-10-30 14:14 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-10-30 14:14 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-10-30 14:15 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2011-10-30 14:15 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2011-10-30 14:15 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2011-10-30 14:15 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-10-30 14:15 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2011-10-30 14:15 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2011-10-30 14:15 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2011-10-30 14:15 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 10:59 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2009-03-26 11:03 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:10 . 2004-08-18 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 12:17 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-09 13:13 . 2012-03-13 20:50 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-02-09 13:13 . 2012-03-13 20:53 28992 ----a-w- c:\windows\system32\uxtuneup.dll
2012-02-03 09:57 . 2009-03-26 11:03 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-21 07:39 . 2012-01-11 11:24 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD}"= "c:\program files\SpeedUpToolbar\IEToolbar.dll" [2011-11-08 2376792]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
"{c2db4fe6-8409-45ce-8010-189a7b5cce86}"= "c:\program files\NCH\prxtbNC0.dll" [2011-05-09 176936]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-05-09 176936]
"{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "c:\program files\BrotherSoft_Extreme\prxtbBro2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0d52b2ca-c02e-4ec1-8e80-0a5cd2a640bd}]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD}]
2011-11-08 01:45 2376792 ----a-w- c:\program files\SpeedUpToolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
2011-05-09 09:49 176936 ----a-w- c:\program files\BrotherSoft_Extreme\prxtbBro2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
2011-05-09 09:49 176936 ----a-w- c:\program files\NCH\prxtbNC0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2011-05-09 09:49 176936 ----a-w- c:\program files\free-downloads.net\prxtbfre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2011-05-09 09:49 176936 ----a-w- c:\program files\BS_Player\prxtbBS_0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c2db4fe6-8409-45ce-8010-189a7b5cce86}"= "c:\program files\NCH\prxtbNC0.dll" [2011-05-09 176936]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-05-09 176936]
"{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "c:\program files\BrotherSoft_Extreme\prxtbBro2.dll" [2011-05-09 176936]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
"{005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC}"= "c:\program files\SpeedUpToolbar\IEToolbar.dll" [2011-11-08 2376792]
.
[HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{005b8fc3-0f7e-45dd-8a2f-e352d67edbfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}"= "c:\program files\NCH\prxtbNC0.dll" [2011-05-09 176936]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-05-09 176936]
"{51A86BB3-6602-4C85-92A5-130EE4864F13}"= "c:\program files\BrotherSoft_Extreme\prxtbBro2.dll" [2011-05-09 176936]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
"{005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC}"= "c:\program files\SpeedUpToolbar\IEToolbar.dll" [2011-11-08 2376792]
.
[HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{005b8fc3-0f7e-45dd-8a2f-e352d67edbfc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"nwiz"="nwiz.exe" [2007-10-04 1626112]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-07-02 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"SoundMAXPnP"="c:\program files\analog devices\soundmax\smax4pnp.exe" [2004-10-14 1388544]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-03-24 18:24 137536 ----atw- c:\documents and settings\Owner\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
2004-08-06 05:27 860160 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualDesk]
2011-02-24 06:17 6089576 ----a-w- c:\program files\TweakNow PowerPack 2011\VirDesk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [27.4.2007 10:56 52480]
R0 pe3apasb;Made Man Environment Driver (pe3apasb);c:\windows\system32\drivers\pe3apasb.sys [13.11.2007 14:25 65136]
R0 ps7apasb;Made Man Synchronization Driver (ps7apasb);c:\windows\system32\drivers\ps7apasb.sys [13.11.2007 14:24 68728]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [27.4.2007 10:56 45056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30.10.2011 16:15 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.10.2011 16:15 337880]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [22.3.2012 22:31 497496]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.10.2011 16:15 20696]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [13.3.2012 21:17 820568]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [18.12.2011 1:38 140848]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.10.2011 16:54 232512]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [14.10.2007 14:08 47360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [1.2.2012 14:24 10064]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [27.4.2007 10:56 28672]
S2 pr2apasb;Made Man Drivers Auto Removal (pr2apasb);c:\windows\system32\pr2apasb.exe svc --> c:\windows\system32\pr2apasb.exe svc [?]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [9.2.2012 15:13 1529152]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [9.4.2012 21:22 253088]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [19.3.2010 19:06 100992]
S3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [13.3.2012 21:17 239600]
S3 gtermddo;gtermddo; [x]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys --> c:\windows\system32\DRIVERS\ewdcsc.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [13.3.2012 21:17 30368]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [13.3.2012 21:17 16080]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 14:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:34]
.
2012-04-16 c:\windows\Tasks\ASC5_AutoClean.job
- c:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe [2012-03-22 09:58]
.
2012-04-16 c:\windows\Tasks\ASC5_AutoUpdate.job
- c:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2012-03-22 17:19]
.
2012-04-16 c:\windows\Tasks\User_Feed_Synchronization-{120CFF7D-641A-4868-9954-13E6FCED0684}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-04-16 c:\windows\Tasks\User_Feed_Synchronization-{52D0369D-0EC1-425D-ABC0-9C10E334C4C7}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-04-16 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_DREZI-5D963DE92_Owner.job
- c:\windows\system32\mobsync.exe [2004-08-18 06:52]
.
2012-04-16 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ÚPŮÚŮ_Owner.job
- c:\windows\system32\mobsync.exe [2004-08-18 06:52]
.
.
------- Doplňkový sken -------
.
uLocal Page =
uStart Page = hxxp://isearch.avg.com/?cid={9C307AF4-20C5-415A-B88C-D40FF99EF1E6}&mid=5e5d7862a35447d09a7cd153d4b09364-a294c56481036312c00500de39bbdb869d95a9cf&lang=en&ds=tt014&pr=sa&d=2012-03-13 21:49&v=8.0.0.34&sap=hp
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page =
mStart Page = hxxp://www.taazu.com/
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download with &Shareaza - c:\program files\BearShare MP3\Plugins\RazaWebHook.dll/3000
IE: {{3015DB92-158E-4b77-9020-85C8E311FBB5}
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 188.122.222.222 188.122.222.223
Handler: speeduptoolbar - {A59E71FA-63AB-4695-B7B0-7B97BAA3CF9E} - c:\program files\SpeedUpToolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\1o8lc42f.default\
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-17 01:42
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-725345543-412668190-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:96,e6,f0,38,7b,39,fb,d3,78,61,0c,9d,52,2d,d4,db,6a,59,70,9f,9b,
31,c0,39,39,e1,54,5a,45,1e,f1,b4,51,c4,8f,c5,bf,00,f4,36,b2,00,73,d6,10,09,\
"rkeysecu"=hex:1c,76,53,ec,c3,cc,b5,db,fa,59,b9,15,be,f8,5a,f7
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2308)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\System32\snmp.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\documents and settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\documents and settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\documents and settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\documents and settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2012-04-17 01:54:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-16 23:54
.
Před spuštěním: Volných bajtů: 39 111 655 424
Po spuštění: Volných bajtů: 42 860 412 928
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[Boot Loader]
Timeout=2
Default=c:\$win_nt$.~bt\BOOTSECT.DAT
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
c:\$win_nt$.~bt\BOOTSECT.DAT="Instalace systému Windows"
.
- - End Of File - - FF25EBDE00175321B7CBBD120402003A
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola CF

#2 Příspěvek od JaRon »

ahoj,
1. odinstaluj Advanced SystemCare 5
2. vycisti s CCleanerom - hlavne registre
3. vloz log RSIT + TDSSKiller
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#3 Příspěvek od Johny.XXX »

Dobrý den jednal jsem podle vašeho postupu,co navrhujete dál??Díky za odpověd. Zde je log------------------------------------------------------------------------- ------------------------------------------------------------------------------------------------------------------------------------------------------------------file of random's system information tool 1.09 (written by random/random)
Run by Owner at 2012-04-17 09:38:31
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 41 GB (36%) free of 114 GB
Total RAM: 767 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:39:17, on 17.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\program files\analog devices\soundmax\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Dokumenty\Downloads\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9C307AF4-2 ... 2012-03-13 21:49:48&v=8.0.0.34&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.taazu.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SpeedUpToolbar BHO - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBro2.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\5855\2343\toolbaru.dll
O2 - BHO: SpeedUpToolbar BHO - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BrotherSoft Extreme - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBro2.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NCH - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\prxtbNC0.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBro2.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll
O3 - Toolbar: SpeedUp Toolbar - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Synchronization Manager] %systemroot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMAXPnP] c:\program files\analog devices\soundmax\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualDesk] c:\program files\tweaknow powerpack 2011\virdesk.exe
O4 - HKLM\..\Run: [Windows Defender] "c:\program files\windows defender\msascui.exe" -hide
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Facebook Update] "c:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\BearShare MP3\Plugins\RazaWebHook.dll/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Casino-On-Net - {3015DB92-158E-4b77-9020-85C8E311FBB5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: speeduptoolbar - {A59E71FA-63AB-4695-B7B0-7B97BAA3CF9E} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Made Man Drivers Auto Removal (pr2apasb) (pr2apasb) - City Interactive Sp z o.o. - C:\WINDOWS\system32\pr2apasb.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - http://t1.gstatic.com/images?q=tbn:ANd9 ... t4m6ngKqtA
O24 - Desktop Component 1: (no name) - http://www.soccerplay.net/wp-content/up ... lpaper.jpg

--
End of file - 12388 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{120CFF7D-641A-4868-9954-13E6FCED0684}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{52D0369D-0EC1-425D-ABC0-9C10E334C4C7}.job
C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_DREZI-5D963DE92_Owner.job
C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ÚPŮÚŮ_Owner.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\1o8lc42f.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}"=C:\Program Files\RelevantKnowledge
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0]
"Description"=npganymedenet
"Path"=C:\Program Files\Ganymede\Plugins\npganymedenet.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{3112ca9c-de6d-4884-a869-9855de68056c}
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npganymedenet.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\5855\2343\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD}]
SpeedUpToolbar BHO - C:\Program Files\SpeedUpToolbar\IEToolbar.dll [2011-11-08 2376792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-07-02 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBro2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-13 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
NCH Toolbar - C:\Program Files\NCH\prxtbNC0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-13 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-13 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\prxtbfre0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
Ask Toolbar BHO - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2010-07-27 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
{c2db4fe6-8409-45ce-8010-189a7b5cce86} - NCH Toolbar - C:\Program Files\NCH\prxtbNC0.dll [2011-05-09 176936]
{D5D47440-0750-463D-BAEF-A47D02414806}
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2010-07-27 262144]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-05-09 176936]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBro2.dll [2011-05-09 176936]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\prxtbfre0.dll [2011-05-09 176936]
{005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - SpeedUp Toolbar - C:\Program Files\SpeedUpToolbar\IEToolbar.dll [2011-11-08 2376792]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"nwiz"=nwiz.exe /install []
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-07-02 198160]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143872]
"SoundMAXPnP"=c:\program files\analog devices\soundmax\smax4pnp.exe [2004-10-14 1388544]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"VirtualDesk"=c:\program files\tweaknow powerpack 2011\virdesk.exe [2011-02-24 6089576]
"Windows Defender"=c:\program files\windows defender\msascui.exe [2006-11-03 866584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"MSMSGS"=c:\program files\messenger\msmsgs.exe [2008-04-14 1695232]
"msnmsgr"=c:\program files\windows live\messenger\msnmsgr.exe [2010-04-16 3872080]
"Facebook Update"=c:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe [2012-03-24 137536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files\daemon tools lite\dtlite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
c:\program files\analog devices\soundmax\smax4.exe [2004-08-06 860160]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Metin2\metin2.bin"="C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=iyvu9_32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"vidc.yv12"=yv12vfw.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.lameacm"=lameACM.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"msacm.siren"=sirenacm.dll

======List of files/folders created in the last 1 month======

2012-04-17 09:38:33 ----D---- C:\Program Files\trend micro
2012-04-17 09:38:31 ----D---- C:\rsit
2012-04-17 09:37:49 ----SHD---- C:\RECYCLER
2012-04-17 09:31:17 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZ.ZZZ..Z...Z
2012-04-17 01:54:45 ----A---- C:\ComboFix.txt
2012-04-17 01:11:29 ----A---- C:\Boot.bak
2012-04-17 01:11:19 ----RASHD---- C:\cmdcons
2012-04-17 01:06:47 ----A---- C:\WINDOWS\zip.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\SWSC.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\SWREG.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\sed.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\PEV.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\NIRCMD.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\MBR.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\grep.exe
2012-04-17 01:06:09 ----D---- C:\WINDOWS\ERDNT
2012-04-17 01:06:09 ----D---- C:\ComboFix
2012-04-17 01:06:04 ----D---- C:\Qoobox
2012-04-15 22:15:14 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ..ZZ.....ZZ..Z
2012-04-15 21:35:37 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06Z....ZZZZ..ZZ.ZZ
2012-04-15 21:00:24 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ.ZZZZ......ZZ
2012-04-15 20:38:50 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.....ZZZZ..Z
2012-04-12 12:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-04-09 21:22:19 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-07 21:42:58 ----D---- C:\6f997e1f41da20ee1f3d5544a21ee556

======List of files/folders modified in the last 1 month======

2012-04-17 09:38:33 ----RD---- C:\Program Files
2012-04-17 09:22:57 ----SD---- C:\WINDOWS\Tasks
2012-04-17 09:12:44 ----D---- C:\WINDOWS\Temp
2012-04-17 02:11:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-17 01:54:54 ----D---- C:\WINDOWS\system32\drivers
2012-04-17 01:50:51 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-17 01:43:19 ----D---- C:\WINDOWS
2012-04-17 01:43:19 ----A---- C:\WINDOWS\system.ini
2012-04-17 01:42:13 ----D---- C:\WINDOWS\system32\drivers\etc
2012-04-17 01:36:51 ----D---- C:\WINDOWS\system32\config
2012-04-17 01:33:47 ----D---- C:\WINDOWS\system32
2012-04-17 01:29:00 ----D---- C:\WINDOWS\AppPatch
2012-04-17 01:28:57 ----D---- C:\Program Files\Common Files
2012-04-17 01:11:29 ----RASH---- C:\boot.ini
2012-04-16 11:31:04 ----SHD---- C:\WINDOWS\Installer
2012-04-16 00:33:21 ----D---- C:\Program Files\Mozilla Firefox
2012-04-15 20:46:09 ----D---- C:\WINDOWS\Prefetch
2012-04-12 22:19:42 ----HD---- C:\Program Files\WindowsUpdate
2012-04-12 20:19:22 ----D---- C:\Config.Msi
2012-04-12 12:14:31 ----HD---- C:\WINDOWS\inf
2012-04-12 12:14:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-12 12:14:16 ----D---- C:\Program Files\Internet Explorer
2012-04-12 12:13:54 ----D---- C:\WINDOWS\ie8updates
2012-04-12 12:13:41 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-12 12:07:35 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-09 22:04:02 ----D---- C:\WINDOWS\Minidump
2012-04-01 12:22:41 ----D---- C:\WINDOWS\system32\CatRoot
2012-03-30 14:31:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-22 23:15:31 ----D---- C:\Documents and Settings\Owner\Data aplikací\DAEMON Tools Lite
2012-03-22 22:45:51 ----D---- C:\WINDOWS\Debug
2012-03-22 22:40:59 ----D---- C:\Program Files\TweakNow PowerPack 2011
2012-03-22 22:40:59 ----D---- C:\Documents and Settings\Owner\Data aplikací\TweakNow PowerPack 2011
2012-03-22 22:33:46 ----D---- C:\Documents and Settings\Owner\Data aplikací\IObit
2012-03-19 18:55:48 ----D---- C:\WINDOWS\security

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 m5289;m5289; C:\WINDOWS\system32\DRIVERS\m5289.sys [2005-07-04 52480]
R0 pe3apasb;Made Man Environment Driver (pe3apasb); C:\WINDOWS\system32\drivers\pe3apasb.sys [2007-11-13 65136]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-01-26 95552]
R0 ps7apasb;Made Man Synchronization Driver (ps7apasb); C:\WINDOWS\system32\drivers\ps7apasb.sys [2007-11-13 68728]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-02-21 49664]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-10-17 443448]
R0 uliagpkx;ULi AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 45056]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-08-13 129408]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-17 232512]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-06-25 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-02-01 260288]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
S3 azu6218i;azu6218i; C:\WINDOWS\system32\drivers\azu6218i.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleNT;EagleNT; C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
S3 gtermddo;gtermddo; C:\WINDOWS\system32\drivers\gtermddo.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 RT73;TL-WN321G USB Wireless Adapter; C:\WINDOWS\system32\DRIVERS\rt73.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 catchme;catchme; \??\C:\ComboFix\catchme.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-13 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2012-02-09 1529152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 pr2apasb;Made Man Drivers Auto Removal (pr2apasb); C:\WINDOWS\system32\pr2apasb.exe [2007-11-13 410992]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
nfo.txt logfile of random's system information tool 1.09 2012-04-17 09:39:26

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DMark03-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF35F637-72B9-43BE-A281-06EB2854393A}\Setup.exe" -l0x9
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{FE23D063-934D-4829-A0D8-00634CE79B4A}
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_2_202_233_Plugin.exe -maintain plugin
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace systému Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB2447568)-->"C:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB982632)-->"C:\WINDOWS\ie8updates\KB982632-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"
Ask Toolbar-->rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
BrotherSoft Extreme Toolbar-->C:\Program Files\BrotherSoft_Extreme\uninstall.exe
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
BS_Player Toolbar-->C:\Program Files\BS_Player\uninstall.exe
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Driver Genius Professional Edition 2007-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Facebook Video Calling 1.2.0.159-->MsiExec.exe /X{7CAC6A44-C3DE-4153-ACA6-7524602C789E}
FlipToast-->msiexec /qb /x {EC5B32B8-95D6-15E3-256B-9F4144AB4DFA}
FlyDS (remove)-->"C:\Program Files\FlyDS\uninstall.exe"
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\fmcodec.inf
free-downloads.net Toolbar-->C:\Program Files\free-downloads.net\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {81AFB523-CC49-3A7B-83BB-EFA6EC6C7EC3} /qb+ REBOOTPROMPT=""
Indeo® software-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Intel\Indeo\Uninst.isu" -c"C:\Program Files\Intel\Indeo\SavedSystemFiles\indounin.dll"
IObit Malware Fighter-->"C:\Program Files\IObit\IObit Malware Fighter\unins000.exe"
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
K-Lite Mega Codec Pack 3.7.5-->"C:\Program Files\Haihaisoft Universal Player\Codec\unins000.exe"
Microsoft .NET Framework 1.1 Czech Language Pack-->MsiExec.exe /X{5E65E94D-69F2-4850-9E93-6459C53A0F50}
Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Mozilla Firefox 9.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NewLive All Media To Mp3 Converter 3.3-->"C:\Program Files\NewLive All Media To Mp3 Converter\unins000.exe"
NCH Toolbar-->C:\Program Files\NCH\uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Oprava Hotfix systému Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"
Protected Folder-->"C:\Program Files\IObit\Protected Folder\unins000.exe"
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x9 -removeonly
SpeedUp Toolbar 2.009.008.001-->"C:\Program Files\SpeedUpToolbar\unins000.exe"
ULi PCI to AGP Controller Driver-->C:\WINDOWS\system32\UnAGP.EXE C:\WINDOWS\IsUninst.exe -y -fC:\WINDOWS\system32\ALiAGP.isu
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Live Call-->MsiExec.exe /I{E6158D07-2637-4ECF-B576-37C489669174}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->MsiExec.exe /I{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}
Windows Live Messenger-->MsiExec.exe /X{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}
Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: ÚPŮÚŮ
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno

Record Number: 6594
Source Name: Service Control Manager
Time Written: 20120325223159.000000+120
Event Type: Informace
User:

Computer Name: ÚPŮÚŮ
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno

Record Number: 6593
Source Name: Service Control Manager
Time Written: 20120325210348.000000+120
Event Type: Informace
User:

Computer Name: ÚPŮÚŮ
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno

Record Number: 6592
Source Name: Service Control Manager
Time Written: 20120325202811.000000+120
Event Type: Informace
User:

Computer Name: ÚPŮÚŮ
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno

Record Number: 6591
Source Name: Service Control Manager
Time Written: 20120325200859.000000+120
Event Type: Informace
User:

Computer Name: ÚPŮÚŮ
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno

Record Number: 6590
Source Name: Service Control Manager
Time Written: 20120325200552.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: ÚPŮÚŮ
Event Code: 1035
Message: Instalační služba systému Windows provedla opětovnou konfiguraci produktu. Název produktu: Microsoft .NET Framework 2.0 Service Pack 2. Verze produktu: 2.2.30730. Jazyk produktu: 0. Stav opětovné konfigurace (úspěch nebo chyba): 1638.

Record Number: 512
Source Name: MsiInstaller
Time Written: 20120325130956.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: ÚPŮÚŮ
Event Code: 11729
Message: Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Konfigurace se nezdařila.

Record Number: 511
Source Name: MsiInstaller
Time Written: 20120325130956.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: ÚPŮÚŮ
Event Code: 1036
Message: Instalační služba systému Windows provedla instalaci aktualizace. Název produktu: Microsoft .NET Framework 2.0 Service Pack 2. Verze produktu: 2.2.30730. Jazyk produktu: 0. Název aktualizace: KB979909. Stav instalace (úspěch nebo chyba): 1638.

Record Number: 510
Source Name: MsiInstaller
Time Written: 20120325130956.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: ÚPŮÚŮ
Event Code: 1023
Message: Aktualizaci KB979909 produktu Microsoft .NET Framework 2.0 Service Pack 2 nebylo možné nainstalovat. Kód chyby: 1638. Další informace naleznete v souboru protokolu C:\WINDOWS\system32\config\SYSTEM~1\LOCALS~1\Temp\Microsoft .NET Framework 2.0-KB979909_20120325_110850359-Msi0.txt.

Record Number: 509
Source Name: MsiInstaller
Time Written: 20120325130956.000000+120
Event Type: Chyba
User: NT AUTHORITY\SYSTEM

Computer Name: ÚPŮÚŮ
Event Code: 1040
Message: Zahajuji transakci Instalační služby systému Windows: c:\WINDOWS\Installer\585972.msi. ID procesu klienta: 944.

Record Number: 508
Source Name: MsiInstaller
Time Written: 20120325130932.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\ArcSoft\Bin;C:\WINDOWS\system32\WindowsPowerShell\v1.0
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola CF

#4 Příspěvek od JaRon »

rozhodne odinstaluj Ask Toolbar + nejake dalsie toolbary - mas ich tam na 3 pocitace :)
potom vloz log z TDSSKiller - ako som pisal
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#5 Příspěvek od Johny.XXX »

Po skenování TDSSKILLER jse mi žádný log nezobrazí,skoušel sem to spustit víckrát ale stále nic.Co teda stím?Díky
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola CF

#6 Příspěvek od JaRon »

citat:
na disku C se objeví textový soubor majicí přibližně tvar TDSSKiller.2.6.2.0_27.09.2011_10.16.46_log
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#7 Příspěvek od Johny.XXX »

To by mělo být ono------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------09:58:20.0656 2204 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
09:58:21.0375 2204 ============================================================
09:58:21.0375 2204 Current date / time: 2012/04/17 09:58:21.0375
09:58:21.0375 2204 SystemInfo:
09:58:21.0375 2204
09:58:21.0406 2204 OS Version: 5.1.2600 ServicePack: 3.0
09:58:21.0406 2204 Product type: Workstation
09:58:21.0406 2204 ComputerName: ÚPŮÚŮ
09:58:21.0406 2204 UserName: Owner
09:58:21.0406 2204 Windows directory: C:\WINDOWS
09:58:21.0406 2204 System windows directory: C:\WINDOWS
09:58:21.0406 2204 Processor architecture: Intel x86
09:58:21.0406 2204 Number of processors: 1
09:58:21.0406 2204 Page size: 0x1000
09:58:21.0406 2204 Boot type: Normal boot
09:58:21.0406 2204 ============================================================
09:58:28.0937 2204 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:58:28.0953 2204 \Device\Harddisk0\DR0:
09:58:28.0953 2204 MBR used
09:58:28.0953 2204 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
09:58:28.0984 2204 Initialize success
09:58:29.0000 2204 ============================================================
09:58:32.0968 3364 ============================================================
09:58:32.0968 3364 Scan started
09:58:32.0968 3364 Mode: Manual;
09:58:32.0968 3364 ============================================================
09:58:34.0328 3364 6to4 (d76e9f5a991458a9f7e28395479b3150) C:\WINDOWS\System32\6to4svc.dll
09:58:34.0343 3364 6to4 - ok
09:58:34.0625 3364 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
09:58:34.0625 3364 Aavmker4 - ok
09:58:34.0921 3364 Abiosdsk - ok
09:58:35.0203 3364 abp480n5 - ok
09:58:35.0484 3364 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:58:35.0500 3364 ACPI - ok
09:58:35.0734 3364 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:58:35.0750 3364 ACPIEC - ok
09:58:36.0031 3364 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:58:36.0093 3364 AdobeFlashPlayerUpdateSvc - ok
09:58:36.0296 3364 adpu160m - ok
09:58:36.0531 3364 adusbser (d9fde4ee2b1b115a78014921b84da635) C:\WINDOWS\system32\DRIVERS\adusbser.sys
09:58:36.0562 3364 adusbser - ok
09:58:36.0859 3364 aeaudio (6803453f3ff53cf353cdbef5ffaa8b7e) C:\WINDOWS\system32\drivers\aeaudio.sys
09:58:36.0875 3364 aeaudio - ok
09:58:37.0109 3364 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:58:37.0140 3364 aec - ok
09:58:37.0375 3364 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:58:37.0406 3364 AFD - ok
09:58:37.0593 3364 Aha154x - ok
09:58:37.0765 3364 aic78u2 - ok
09:58:37.0890 3364 aic78xx - ok
09:58:38.0062 3364 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
09:58:38.0062 3364 ALG - ok
09:58:38.0312 3364 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
09:58:38.0312 3364 AliIde - ok
09:58:38.0546 3364 amsint - ok
09:58:38.0718 3364 AppMgmt - ok
09:58:38.0890 3364 asc - ok
09:58:39.0031 3364 asc3350p - ok
09:58:39.0156 3364 asc3550 - ok
09:58:39.0375 3364 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:58:39.0484 3364 aspnet_state - ok
09:58:39.0703 3364 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:58:39.0703 3364 aswFsBlk - ok
09:58:39.0953 3364 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
09:58:39.0953 3364 aswMon2 - ok
09:58:40.0250 3364 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
09:58:40.0265 3364 aswRdr - ok
09:58:41.0109 3364 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
09:58:41.0312 3364 aswSnx - ok
09:58:41.0500 3364 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
09:58:41.0609 3364 aswSP - ok
09:58:41.0843 3364 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
09:58:41.0875 3364 aswTdi - ok
09:58:42.0015 3364 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:58:42.0015 3364 AsyncMac - ok
09:58:42.0218 3364 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:58:42.0218 3364 atapi - ok
09:58:42.0312 3364 Atdisk - ok
09:58:42.0453 3364 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:58:42.0468 3364 Atmarpc - ok
09:58:42.0656 3364 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
09:58:42.0671 3364 AudioSrv - ok
09:58:42.0890 3364 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:58:42.0906 3364 audstub - ok
09:58:43.0109 3364 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:58:43.0109 3364 avast! Antivirus - ok
09:58:43.0359 3364 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:58:43.0359 3364 Beep - ok
09:58:43.0640 3364 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
09:58:43.0890 3364 BITS - ok
09:58:44.0296 3364 catchme - ok
09:58:44.0625 3364 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:58:44.0625 3364 cbidf2k - ok
09:58:44.0843 3364 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:58:44.0843 3364 CCDECODE - ok
09:58:45.0046 3364 cd20xrnt - ok
09:58:45.0250 3364 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:58:45.0250 3364 Cdaudio - ok
09:58:45.0484 3364 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:58:45.0500 3364 Cdfs - ok
09:58:45.0718 3364 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:58:45.0734 3364 Cdrom - ok
09:58:45.0937 3364 Changer - ok
09:58:46.0140 3364 cisvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
09:58:46.0156 3364 cisvc - ok
09:58:46.0343 3364 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
09:58:46.0359 3364 ClipSrv - ok
09:58:46.0625 3364 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:58:46.0656 3364 clr_optimization_v2.0.50727_32 - ok
09:58:46.0812 3364 CmdIde - ok
09:58:46.0921 3364 COMSysApp - ok
09:58:47.0062 3364 Cpqarray - ok
09:58:47.0296 3364 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
09:58:47.0328 3364 CryptSvc - ok
09:58:47.0578 3364 dac2w2k - ok
09:58:47.0718 3364 dac960nt - ok
09:58:47.0984 3364 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
09:58:47.0984 3364 DcomLaunch - ok
09:58:48.0203 3364 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
09:58:48.0234 3364 Dhcp - ok
09:58:48.0468 3364 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:58:48.0468 3364 Disk - ok
09:58:48.0734 3364 dmadmin - ok
09:58:49.0062 3364 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
09:58:49.0250 3364 dmboot - ok
09:58:49.0593 3364 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
09:58:49.0609 3364 dmio - ok
09:58:49.0812 3364 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:58:49.0828 3364 dmload - ok
09:58:49.0953 3364 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
09:58:49.0968 3364 dmserver - ok
09:58:50.0171 3364 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:58:50.0187 3364 DMusic - ok
09:58:50.0390 3364 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
09:58:50.0406 3364 Dnscache - ok
09:58:50.0593 3364 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
09:58:50.0656 3364 Dot3svc - ok
09:58:50.0828 3364 dpti2o - ok
09:58:50.0984 3364 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:58:50.0984 3364 drmkaud - ok
09:58:51.0468 3364 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
09:58:51.0578 3364 dtsoftbus01 - ok
09:58:51.0765 3364 EagleNT - ok
09:58:52.0015 3364 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
09:58:52.0031 3364 EapHost - ok
09:58:52.0406 3364 ENTECH (bdd170fecb0e496a914318009d85b819) C:\WINDOWS\system32\DRIVERS\ENTECH.SYS
09:58:52.0421 3364 ENTECH - ok
09:58:52.0578 3364 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
09:58:52.0609 3364 ERSvc - ok
09:58:52.0796 3364 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
09:58:52.0828 3364 Eventlog - ok
09:58:53.0109 3364 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
09:58:53.0156 3364 EventSystem - ok
09:58:53.0375 3364 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:58:53.0437 3364 Fastfat - ok
09:58:53.0625 3364 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
09:58:53.0640 3364 FastUserSwitchingCompatibility - ok
09:58:53.0890 3364 Fax (2cd14c70d1d81af054aa5ed8024dcae6) C:\WINDOWS\system32\fxssvc.exe
09:58:53.0937 3364 Fax - ok
09:58:54.0203 3364 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:58:54.0218 3364 Fdc - ok
09:58:54.0484 3364 FileMonitor (c21fc36d3cd28c2726fee10d397216c7) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
09:58:54.0515 3364 FileMonitor - ok
09:58:54.0765 3364 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
09:58:54.0781 3364 Fips - ok
09:58:55.0000 3364 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:58:55.0000 3364 Flpydisk - ok
09:58:55.0250 3364 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:58:55.0265 3364 FltMgr - ok
09:58:55.0515 3364 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:58:55.0531 3364 FontCache3.0.0.0 - ok
09:58:55.0812 3364 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:58:55.0812 3364 Fs_Rec - ok
09:58:56.0031 3364 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:58:56.0062 3364 Ftdisk - ok
09:58:56.0296 3364 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:58:56.0312 3364 Gpc - ok
09:58:56.0500 3364 gtermddo - ok
09:58:56.0703 3364 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:58:56.0718 3364 helpsvc - ok
09:58:57.0015 3364 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
09:58:57.0062 3364 HidServ - ok
09:58:57.0375 3364 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:58:57.0375 3364 HidUsb - ok
09:58:57.0609 3364 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
09:58:57.0625 3364 hkmsvc - ok
09:58:57.0890 3364 hpn - ok
09:58:58.0156 3364 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:58:58.0187 3364 HTTP - ok
09:58:58.0406 3364 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
09:58:58.0453 3364 HTTPFilter - ok
09:58:58.0687 3364 Huawei - ok
09:58:58.0843 3364 hwdatacard - ok
09:58:59.0062 3364 hwusbdev - ok
09:58:59.0218 3364 i2omgmt - ok
09:58:59.0375 3364 i2omp - ok
09:58:59.0593 3364 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:58:59.0593 3364 i8042prt - ok
09:58:59.0812 3364 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
09:58:59.0843 3364 IDriverT - ok
09:59:00.0453 3364 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:59:00.0937 3364 idsvc - ok
09:59:01.0156 3364 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:59:01.0171 3364 Imapi - ok
09:59:01.0453 3364 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
09:59:01.0500 3364 ImapiService - ok
09:59:01.0937 3364 IMFservice (1f0aedcbd294a0a3b479896b278ad343) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
09:59:02.0171 3364 IMFservice - ok
09:59:02.0375 3364 ini910u - ok
09:59:02.0500 3364 IntelIde - ok
09:59:02.0656 3364 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:59:02.0656 3364 Ip6Fw - ok
09:59:02.0843 3364 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:59:02.0859 3364 IpFilterDriver - ok
09:59:03.0109 3364 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:59:03.0109 3364 IpInIp - ok
09:59:03.0421 3364 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:59:03.0468 3364 IpNat - ok
09:59:03.0703 3364 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:59:03.0734 3364 IPSec - ok
09:59:04.0000 3364 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:59:04.0000 3364 IRENUM - ok
09:59:04.0203 3364 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:59:04.0203 3364 isapnp - ok
09:59:04.0484 3364 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
09:59:04.0578 3364 JavaQuickStarterService - ok
09:59:04.0859 3364 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:59:04.0859 3364 Kbdclass - ok
09:59:05.0062 3364 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:59:05.0062 3364 kbdhid - ok
09:59:05.0328 3364 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:59:05.0359 3364 kmixer - ok
09:59:05.0656 3364 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:59:05.0687 3364 KSecDD - ok
09:59:05.0890 3364 lbrtfdc - ok
09:59:06.0093 3364 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
09:59:06.0140 3364 LmHosts - ok
09:59:06.0562 3364 LPDSVC (0befa983f8b9511eadd6960dd13e9fbf) C:\WINDOWS\system32\tcpsvcs.exe
09:59:06.0578 3364 LPDSVC - ok
09:59:07.0265 3364 m5289 (e1ca1ea9ad7c8c50ea533829a6854d63) C:\WINDOWS\system32\DRIVERS\m5289.sys
09:59:07.0281 3364 m5289 - ok
09:59:07.0546 3364 MidiSyn (8c7d037a53b495e7c250fd70b158b581) C:\WINDOWS\system32\drivers\MidiSyn.sys
09:59:07.0562 3364 MidiSyn - ok
09:59:07.0781 3364 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:59:07.0781 3364 mnmdd - ok
09:59:08.0046 3364 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
09:59:08.0062 3364 mnmsrvc - ok
09:59:08.0234 3364 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
09:59:08.0250 3364 Modem - ok
09:59:08.0484 3364 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:59:08.0500 3364 Mouclass - ok
09:59:08.0781 3364 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:59:08.0781 3364 mouhid - ok
09:59:08.0968 3364 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:59:08.0984 3364 MountMgr - ok
09:59:09.0140 3364 mraid35x - ok
09:59:09.0421 3364 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:59:09.0453 3364 MRxDAV - ok
09:59:09.0703 3364 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
09:59:09.0718 3364 MSDTC - ok
09:59:10.0046 3364 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:59:10.0046 3364 Msfs - ok
09:59:10.0140 3364 MSIServer - ok
09:59:10.0328 3364 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:59:10.0359 3364 MSKSSRV - ok
09:59:10.0546 3364 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:59:10.0546 3364 MSPCLOCK - ok
09:59:10.0796 3364 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:59:10.0796 3364 MSPQM - ok
09:59:11.0031 3364 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:59:11.0031 3364 mssmbios - ok
09:59:11.0250 3364 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:59:11.0265 3364 MSTEE - ok
09:59:11.0500 3364 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:59:11.0500 3364 Mup - ok
09:59:11.0734 3364 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:59:11.0734 3364 NABTSFEC - ok
09:59:12.0031 3364 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
09:59:12.0109 3364 napagent - ok
09:59:12.0359 3364 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:59:12.0421 3364 NDIS - ok
09:59:12.0671 3364 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:59:12.0687 3364 NdisIP - ok
09:59:12.0906 3364 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:59:12.0921 3364 NdisTapi - ok
09:59:13.0187 3364 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:59:13.0203 3364 Ndisuio - ok
09:59:13.0453 3364 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:59:13.0468 3364 NdisWan - ok
09:59:13.0671 3364 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:59:13.0687 3364 NDProxy - ok
09:59:13.0937 3364 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:59:13.0984 3364 NetBT - ok
09:59:14.0171 3364 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
09:59:14.0187 3364 NetDDE - ok
09:59:14.0203 3364 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
09:59:14.0218 3364 NetDDEdsdm - ok
09:59:14.0421 3364 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
09:59:14.0484 3364 Netman - ok
09:59:14.0781 3364 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:59:14.0796 3364 NetTcpPortSharing - ok
09:59:15.0062 3364 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
09:59:15.0125 3364 Nla - ok
09:59:15.0375 3364 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
09:59:15.0375 3364 nm - ok
09:59:15.0640 3364 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:59:15.0640 3364 Npfs - ok
09:59:15.0890 3364 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:59:16.0015 3364 Ntfs - ok
09:59:16.0296 3364 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
09:59:16.0437 3364 NtmsSvc - ok
09:59:16.0734 3364 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:59:16.0734 3364 Null - ok
09:59:18.0187 3364 nv (c190757a29a9bc0199032f353dd2557a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:59:20.0140 3364 nv - ok
09:59:20.0375 3364 NVSvc (8d64b827a6709c3d18f855619d7d89e9) C:\WINDOWS\system32\nvsvc32.exe
09:59:20.0421 3364 NVSvc - ok
09:59:20.0687 3364 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:59:20.0703 3364 NwlnkFlt - ok
09:59:20.0953 3364 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:59:20.0968 3364 NwlnkFwd - ok
09:59:21.0281 3364 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
09:59:21.0296 3364 Parport - ok
09:59:21.0515 3364 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:59:21.0546 3364 PartMgr - ok
09:59:21.0781 3364 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
09:59:21.0781 3364 ParVdm - ok
09:59:22.0015 3364 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
09:59:22.0078 3364 PCI - ok
09:59:22.0234 3364 PCIDump - ok
09:59:22.0359 3364 PCIIde - ok
09:59:22.0546 3364 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:59:22.0578 3364 Pcmcia - ok
09:59:22.0765 3364 pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\pcouffin.sys
09:59:22.0781 3364 pcouffin - ok
09:59:22.0953 3364 PDCOMP - ok
09:59:23.0109 3364 PDFRAME - ok
09:59:23.0234 3364 PDRELI - ok
09:59:23.0562 3364 PDRFRAME - ok
09:59:23.0812 3364 pe3apasb (69a335146032a4a4c7a5b3ead9e62e4d) C:\WINDOWS\system32\drivers\pe3apasb.sys
09:59:23.0828 3364 pe3apasb - ok
09:59:24.0015 3364 perc2 - ok
09:59:24.0125 3364 perc2hib - ok
09:59:24.0343 3364 PfFilter (8512a7a19959218711f884eecc1dbaeb) C:\Program Files\IObit\Protected Folder\pffilter.sys
09:59:24.0375 3364 PfFilter - ok
09:59:24.0593 3364 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
09:59:24.0609 3364 PlugPlay - ok
09:59:24.0796 3364 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
09:59:24.0812 3364 PolicyAgent - ok
09:59:25.0093 3364 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:59:25.0109 3364 PptpMiniport - ok
09:59:25.0234 3364 pr2apasb - ok
09:59:25.0437 3364 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
09:59:25.0468 3364 Processor - ok
09:59:25.0734 3364 prodrv06 (bc91060f244722a5d1c0e8016d9b0173) C:\WINDOWS\System32\drivers\prodrv06.sys
09:59:25.0734 3364 prodrv06 - ok
09:59:26.0015 3364 prohlp02 (880dc7832fd1dd7411e608cad45cf4a1) C:\WINDOWS\system32\drivers\prohlp02.sys
09:59:26.0046 3364 prohlp02 - ok
09:59:26.0265 3364 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
09:59:26.0281 3364 ProtectedStorage - ok
09:59:26.0484 3364 ps7apasb (9be970b14e37d90775204ec3ccda4c5c) C:\WINDOWS\system32\drivers\ps7apasb.sys
09:59:26.0500 3364 ps7apasb - ok
09:59:26.0750 3364 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:59:26.0765 3364 PSched - ok
09:59:26.0968 3364 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:59:26.0968 3364 Ptilink - ok
09:59:27.0218 3364 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:59:27.0218 3364 PxHelp20 - ok
09:59:27.0390 3364 ql1080 - ok
09:59:27.0562 3364 Ql10wnt - ok
09:59:27.0750 3364 ql12160 - ok
09:59:28.0093 3364 ql1240 - ok
09:59:28.0234 3364 ql1280 - ok
09:59:28.0453 3364 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:59:28.0453 3364 RasAcd - ok
09:59:28.0750 3364 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
09:59:28.0765 3364 RasAuto - ok
09:59:28.0968 3364 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:59:28.0984 3364 Rasl2tp - ok
09:59:29.0187 3364 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
09:59:29.0234 3364 RasMan - ok
09:59:29.0484 3364 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:59:29.0484 3364 RasPppoe - ok
09:59:29.0781 3364 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:59:29.0796 3364 Raspti - ok
09:59:30.0328 3364 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:59:30.0343 3364 RDPCDD - ok
09:59:30.0796 3364 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
09:59:30.0828 3364 RDPWD - ok
09:59:31.0312 3364 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
09:59:31.0390 3364 RDSessMgr - ok
09:59:31.0937 3364 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:59:31.0984 3364 redbook - ok
09:59:32.0500 3364 RegFilter (3bc05ec17f0a2bf4f141cb3d3390515e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
09:59:32.0500 3364 RegFilter - ok
09:59:32.0890 3364 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
09:59:33.0031 3364 RemoteAccess - ok
09:59:33.0375 3364 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
09:59:33.0390 3364 ROOTMODEM - ok
09:59:33.0625 3364 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
09:59:33.0640 3364 RpcSs - ok
09:59:33.0937 3364 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
09:59:33.0984 3364 RSVP - ok
09:59:34.0171 3364 RT73 - ok
09:59:34.0546 3364 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
09:59:34.0546 3364 SamSs - ok
09:59:34.0859 3364 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
09:59:34.0875 3364 SCardSvr - ok
09:59:35.0140 3364 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
09:59:35.0218 3364 Schedule - ok
09:59:35.0781 3364 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:59:35.0781 3364 Secdrv - ok
09:59:36.0281 3364 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
09:59:36.0312 3364 seclogon - ok
09:59:36.0593 3364 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys
09:59:36.0640 3364 senfilt - ok
09:59:36.0906 3364 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
09:59:36.0921 3364 SENS - ok
09:59:37.0171 3364 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:59:37.0171 3364 serenum - ok
09:59:37.0468 3364 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
09:59:37.0484 3364 Serial - ok
09:59:37.0765 3364 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
09:59:37.0765 3364 sfhlp01 - ok
09:59:38.0046 3364 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:59:38.0078 3364 Sfloppy - ok
09:59:38.0765 3364 sfsync04 (7261f6191827134d249a6462d833af8d) C:\WINDOWS\system32\drivers\sfsync04.sys
09:59:38.0796 3364 sfsync04 - ok
09:59:39.0015 3364 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
09:59:39.0093 3364 SharedAccess - ok
09:59:39.0312 3364 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
09:59:39.0328 3364 ShellHWDetection - ok
09:59:39.0531 3364 Simbad - ok
09:59:39.0687 3364 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:59:39.0687 3364 SLIP - ok
09:59:39.0953 3364 smwdm (db74141bbcbe8f22acfb53215e8af0d1) C:\WINDOWS\system32\drivers\smwdm.sys
09:59:39.0968 3364 smwdm - ok
09:59:40.0171 3364 SNMP (442d891cf7cb138f185fb2a1161c8af9) C:\WINDOWS\System32\snmp.exe
09:59:40.0187 3364 SNMP - ok
09:59:40.0421 3364 SNMPTRAP (4296e52a9d3ca6dcd1cf57e8bca45ab7) C:\WINDOWS\System32\snmptrap.exe
09:59:40.0437 3364 SNMPTRAP - ok
09:59:40.0734 3364 SNP325 - ok
09:59:40.0875 3364 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
09:59:40.0890 3364 SoundMAX Agent Service (default) - ok
09:59:41.0078 3364 Sparrow - ok
09:59:41.0250 3364 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:59:41.0250 3364 splitter - ok
09:59:41.0515 3364 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:59:41.0546 3364 Spooler - ok
09:59:41.0875 3364 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\WINDOWS\System32\Drivers\sptd.sys
09:59:41.0875 3364 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
09:59:41.0890 3364 sptd ( LockedFile.Multi.Generic ) - warning
09:59:41.0890 3364 sptd - detected LockedFile.Multi.Generic (1)
09:59:42.0062 3364 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
09:59:42.0078 3364 sr - ok
09:59:42.0312 3364 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
09:59:42.0359 3364 srservice - ok
09:59:42.0531 3364 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
09:59:42.0546 3364 SSDPSRV - ok
09:59:42.0718 3364 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
09:59:42.0781 3364 stisvc - ok
09:59:43.0031 3364 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:59:43.0031 3364 streamip - ok
09:59:43.0265 3364 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:59:43.0281 3364 swenum - ok
09:59:43.0515 3364 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:59:43.0531 3364 swmidi - ok
09:59:43.0671 3364 SwPrv - ok
09:59:43.0906 3364 symc810 - ok
09:59:44.0093 3364 symc8xx - ok
09:59:44.0265 3364 sym_hi - ok
09:59:44.0421 3364 sym_u3 - ok
09:59:44.0625 3364 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:59:44.0625 3364 sysaudio - ok
09:59:44.0843 3364 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
09:59:44.0875 3364 SysmonLog - ok
09:59:45.0093 3364 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
09:59:45.0187 3364 TapiSrv - ok
09:59:45.0468 3364 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:59:45.0546 3364 Tcpip - ok
09:59:45.0796 3364 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
09:59:45.0875 3364 Tcpip6 - ok
09:59:46.0218 3364 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:59:46.0234 3364 TDPIPE - ok
09:59:46.0453 3364 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:59:46.0468 3364 TDTCP - ok
09:59:46.0703 3364 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:59:46.0703 3364 TermDD - ok
09:59:46.0937 3364 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
09:59:47.0046 3364 TermService - ok
09:59:47.0296 3364 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
09:59:47.0312 3364 Themes - ok
09:59:47.0453 3364 TosIde - ok
09:59:47.0625 3364 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
09:59:47.0656 3364 TrkWks - ok
09:59:48.0062 3364 TuneUp.UtilitiesSvc (747ae9d7c5489455e2e3ca9459419e17) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
09:59:48.0437 3364 TuneUp.UtilitiesSvc - ok
09:59:48.0609 3364 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
09:59:48.0625 3364 TuneUpUtilitiesDrv - ok
09:59:48.0875 3364 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
09:59:48.0875 3364 tunmp - ok
09:59:49.0078 3364 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:59:49.0093 3364 Udfs - ok
09:59:49.0593 3364 ULI5261XP (ce2dd5efb0f773382376faaf9f506542) C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS
09:59:49.0609 3364 ULI5261XP - ok
09:59:49.0828 3364 uliagpkx (67ab641cc203081780e8483faa959549) C:\WINDOWS\system32\DRIVERS\agpkx.sys
09:59:49.0843 3364 uliagpkx - ok
09:59:50.0046 3364 ultra - ok
09:59:50.0328 3364 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
09:59:50.0359 3364 UMWdf - ok
09:59:50.0656 3364 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:59:50.0718 3364 Update - ok
09:59:50.0953 3364 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
09:59:51.0000 3364 upnphost - ok
09:59:51.0234 3364 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
09:59:51.0265 3364 UPS - ok
09:59:51.0578 3364 UrlFilter (6a65cd6761337d339001959232233f0d) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
09:59:51.0578 3364 UrlFilter - ok
09:59:51.0906 3364 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:59:51.0921 3364 usbaudio - ok
09:59:52.0156 3364 usbbus (9419faac6552a51542dbba02971c841c) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
09:59:52.0156 3364 usbbus - ok
09:59:52.0578 3364 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:59:52.0593 3364 usbccgp - ok
09:59:52.0796 3364 UsbDiag (c0a466fa4ffec464320e159bc1bbdc0c) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
09:59:52.0812 3364 UsbDiag - ok
09:59:53.0062 3364 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:59:53.0078 3364 usbehci - ok
09:59:53.0390 3364 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:59:53.0406 3364 usbhub - ok
09:59:53.0718 3364 USBModem (f74a54774a9b0afeb3c40adec68aa600) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
09:59:53.0734 3364 USBModem - ok
09:59:53.0953 3364 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:59:53.0968 3364 usbohci - ok
09:59:54.0343 3364 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:59:54.0375 3364 usbscan - ok
09:59:54.0640 3364 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
09:59:54.0656 3364 usbser - ok
09:59:54.0984 3364 UsbserFilt (e748d50b3b2ec7f40a2ba67fb094cf01) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:59:55.0000 3364 UsbserFilt - ok
09:59:55.0203 3364 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:59:55.0218 3364 USBSTOR - ok
09:59:55.0468 3364 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
09:59:55.0484 3364 usbvideo - ok
09:59:55.0734 3364 UxTuneUp (56947ac4045d9cc2b2ab6e768fc91cac) C:\WINDOWS\System32\uxtuneup.dll
09:59:55.0750 3364 UxTuneUp - ok
09:59:55.0890 3364 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:59:55.0921 3364 VgaSave - ok
09:59:56.0171 3364 ViaIde - ok
09:59:56.0484 3364 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
09:59:56.0500 3364 VolSnap - ok
09:59:56.0734 3364 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
09:59:56.0781 3364 VSS - ok
09:59:56.0984 3364 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
09:59:57.0000 3364 W32Time - ok
09:59:57.0171 3364 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:59:57.0187 3364 Wanarp - ok
09:59:57.0359 3364 WDICA - ok
09:59:57.0515 3364 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:59:57.0531 3364 wdmaud - ok
09:59:57.0718 3364 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
09:59:57.0750 3364 WebClient - ok
09:59:57.0953 3364 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
09:59:57.0953 3364 WinDefend - ok
09:59:58.0203 3364 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:59:58.0234 3364 winmgmt - ok
09:59:58.0671 3364 WinRM (4d34cedd74bdbf2b6a935eae3bf80543) C:\WINDOWS\system32\WsmSvc.dll
09:59:59.0031 3364 WinRM - ok
09:59:59.0281 3364 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
09:59:59.0359 3364 WmdmPmSN - ok
09:59:59.0687 3364 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:59:59.0703 3364 WmiApSrv - ok
09:59:59.0890 3364 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:59:59.0921 3364 WpdUsb - ok
10:00:00.0218 3364 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:00:00.0265 3364 WS2IFSL - ok
10:00:00.0687 3364 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
10:00:00.0718 3364 wscsvc - ok
10:00:00.0937 3364 WSearch - ok
10:00:01.0265 3364 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:00:01.0265 3364 WSTCODEC - ok
10:00:01.0500 3364 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
10:00:01.0515 3364 wuauserv - ok
10:00:01.0750 3364 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:00:01.0765 3364 WudfPf - ok
10:00:02.0015 3364 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:00:02.0046 3364 WudfRd - ok
10:00:02.0203 3364 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
10:00:02.0234 3364 WudfSvc - ok
10:00:02.0531 3364 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
10:00:02.0750 3364 WZCSVC - ok
10:00:02.0968 3364 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
10:00:03.0000 3364 xmlprov - ok
10:00:03.0031 3364 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
10:00:04.0750 3364 \Device\Harddisk0\DR0 - ok
10:00:04.0781 3364 Boot (0x1200) (da7daf354a44cab6f1f9ec28ab740887) \Device\Harddisk0\DR0\Partition0
10:00:04.0828 3364 \Device\Harddisk0\DR0\Partition0 - ok
10:00:04.0828 3364 ============================================================
10:00:04.0828 3364 Scan finished
10:00:04.0828 3364 ============================================================
10:00:04.0843 3000 Detected object count: 1
10:00:04.0843 3000 Actual detected object count: 1
10:00:17.0625 3000 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:00:17.0625 3000 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:02:37.0000 3244 Deinitialize success
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola CF

#8 Příspěvek od JaRon »

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
gtermddo
uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#9 Příspěvek od Johny.XXX »

ComboFix 12-04-16.02 - Owner 17.04.2012 13:40:55.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.521 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Owner\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-17 do 2012-04-17 )))))))))))))))))))))))))))))))
.
.
2012-04-17 11:29 . 2012-04-17 11:29 -------- d-----w- c:\documents and settings\Owner\Data aplikací\BSplayer
2012-04-17 10:37 . 2010-07-27 14:58 262144 ----a-w- c:\program files\Uninstall Ask Toolbar.dll
2012-04-17 08:06 . 2012-04-17 08:06 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-17 07:38 . 2012-04-17 07:39 -------- d-----w- c:\program files\trend micro
2012-04-17 07:38 . 2012-04-17 07:39 -------- d-----w- C:\rsit
2012-04-16 23:05 . 2012-04-16 23:05 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2012-04-09 19:22 . 2012-04-14 13:34 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-07 19:42 . 2012-04-07 19:43 -------- d-----w- C:\6f997e1f41da20ee1f3d5544a21ee556
2012-04-01 10:18 . 2012-04-01 10:18 -------- d-----w- c:\documents and settings\Owner\AppData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 13:34 . 2011-10-05 19:37 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-13 17:02 . 2012-03-13 17:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-13 17:02 . 2010-06-27 19:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-07 00:15 . 2011-10-30 14:14 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-10-30 14:14 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-10-30 14:15 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2011-10-30 14:15 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2011-10-30 14:15 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2011-10-30 14:15 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-10-30 14:15 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2011-10-30 14:15 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2011-10-30 14:15 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2011-10-30 14:15 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 10:59 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2009-03-26 11:03 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:10 . 2004-08-18 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 12:17 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-09 13:13 . 2012-03-13 20:50 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-02-09 13:13 . 2012-03-13 20:53 28992 ----a-w- c:\windows\system32\uxtuneup.dll
2012-02-03 09:57 . 2009-03-26 11:03 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-21 07:39 . 2012-01-11 11:24 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2011-05-09 09:49 176936 ----a-w- c:\program files\free-downloads.net\prxtbfre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Facebook Update"="c:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe" [2012-03-24 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"nwiz"="nwiz.exe" [2007-10-04 1626112]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-07-02 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"SoundMAXPnP"="c:\program files\analog devices\soundmax\smax4pnp.exe" [2004-10-14 1388544]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"VirtualDesk"="c:\program files\tweaknow powerpack 2011\virdesk.exe" [2011-02-24 6089576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
2004-08-06 05:27 860160 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 pe3apasb;Made Man Environment Driver (pe3apasb);c:\windows\system32\drivers\pe3apasb.sys [13.11.2007 14:25 65136]
R0 ps7apasb;Made Man Synchronization Driver (ps7apasb);c:\windows\system32\drivers\ps7apasb.sys [13.11.2007 14:24 68728]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [27.4.2007 10:56 45056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30.10.2011 16:15 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.10.2011 16:15 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.10.2011 16:15 20696]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [13.3.2012 21:17 820568]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.10.2011 16:54 232512]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [1.2.2012 14:24 10064]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [27.4.2007 10:56 28672]
S?4 PfFilter;PfFilter;\??\c:\program files\IObit\Protected Folder\pffilter.sys --> c:\program files\IObit\Protected Folder\pffilter.sys [?]
S0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [27.4.2007 10:56 52480]
S2 pr2apasb;Made Man Drivers Auto Removal (pr2apasb);c:\windows\system32\pr2apasb.exe svc --> c:\windows\system32\pr2apasb.exe svc [?]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [9.2.2012 15:13 1529152]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [9.4.2012 21:22 253088]
S3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [13.3.2012 21:17 239600]
S3 gtermddo;gtermddo; [x]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys --> c:\windows\system32\DRIVERS\ewdcsc.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [13.3.2012 21:17 30368]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [13.3.2012 21:17 16080]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 14:00 14336]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 67945852
*NewlyCreated* - 97675325
*Deregistered* - 67945852
*Deregistered* - 97675325
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:34]
.
2012-04-17 c:\windows\Tasks\User_Feed_Synchronization-{120CFF7D-641A-4868-9954-13E6FCED0684}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-04-17 c:\windows\Tasks\User_Feed_Synchronization-{52D0369D-0EC1-425D-ABC0-9C10E334C4C7}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-04-17 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_DREZI-5D963DE92_Owner.job
- c:\windows\system32\mobsync.exe [2004-08-18 06:52]
.
2012-04-17 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ÚPŮÚŮ_Owner.job
- c:\windows\system32\mobsync.exe [2004-08-18 06:52]
.
.
------- Doplňkový sken -------
.
uLocal Page =
uStart Page = hxxp://isearch.avg.com/?cid={9C307AF4-20C5-415A-B88C-D40FF99EF1E6}&mid=5e5d7862a35447d09a7cd153d4b09364-a294c56481036312c00500de39bbdb869d95a9cf&lang=en&ds=tt014&pr=sa&d=2012-03-13 21:49&v=8.0.0.34&sap=hp
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page =
mStart Page = hxxp://www.taazu.com/
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download with &Shareaza - c:\program files\BearShare MP3\Plugins\RazaWebHook.dll/3000
IE: {{3015DB92-158E-4b77-9020-85C8E311FBB5}
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 188.122.222.222 188.122.222.223
FF - ProfilePath - c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\1o8lc42f.default\
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - (no file)
WebBrowser-{005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - (no file)
SafeBoot-67945852.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-17 13:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-725345543-412668190-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:96,e6,f0,38,7b,39,fb,d3,78,61,0c,9d,52,2d,d4,db,6a,59,70,9f,9b,
31,c0,39,39,e1,54,5a,45,1e,f1,b4,51,c4,8f,c5,bf,00,f4,36,b2,00,73,d6,10,09,\
"rkeysecu"=hex:1c,76,53,ec,c3,cc,b5,db,fa,59,b9,15,be,f8,5a,f7
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3468)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\WMASF.DLL
c:\windows\system32\webcheck.dll
.
Celkový čas: 2012-04-17 13:58:12
ComboFix-quarantined-files.txt 2012-04-17 11:58
ComboFix2.txt 2012-04-16 23:54
.
Před spuštěním: Volných bajtů: 44 820 447 232
Po spuštění: Volných bajtů: 44 821 721 088
.
- - End Of File - - E54B305A692597D87FF34635BBB4234D
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15713
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Kontrola CF

#10 Příspěvek od JaRon »

prescanuj PC s MBAM - log vloz
+ popis problemy, ak nejake su
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#11 Příspěvek od Johny.XXX »

Zatím žádné známky zlepšení,pc stále nestabilní... zpomalený systém,CPU stále malé využití okolo 17-35% zde je Log---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.04.17.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ÚPŮÚŮ [administrátor]

Ochrana: Povolena

17.4.2012 14:40:09
mbam-log-2012-04-17 (15-07-49).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 240435
Uplynulý čas: 25 minut, 30 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 19
HKCR\AppID\{57ABA38E-6535-48F3-99FD-EFDC62137C78} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{883DFC00-8A21-411D-956C-73A4E4B7D16F} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{AC5AB953-ED25-4F9C-87F0-B086B0178FFA} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{6160F76A-1992-4B17-A32D-0C706D159105} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{C28A0312-C403-417B-A425-A915BC0519CD} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\ExplorerBar.FunExplorer (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\ExplorerBar.FunExplorer.1 (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCR\AppID\AIMActiveXDLL.DLL (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (PUP.Spyware.MarketScore) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 15
C:\Documents and Settings\test\Local Settings\Temp\zipX50930\ProduKey.exe (PUP.PSWTool.ProductKey) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temp\zipX75583\ProduKey.exe (PUP.PSWTool.ProductKey) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temp\zipX79485\ProduKey.exe (PUP.PSWTool.ProductKey) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temp\zipX13019\ProduKey.exe (PUP.PSWTool.ProductKey) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temp\zipX22426\ProduKey.exe (PUP.PSWTool.ProductKey) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\Owner\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\test\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Program Files\ICQToolbar\5855\2343\toolbaru.dll (Trojan.BHO) -> Žádná instrukce nebyla provedena.

(konec)
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#12 Příspěvek od Johny.XXX »

Zničeho nic my přestal jít i zvuk,zkoušel sem přeinstal hud.přehrávače a už nejde ani nainstalovat,bs player,winamp také nejde,při instalaci to píše chybu.Zvuk prostě nejde ani na Youtube.už sem z toho jelen vážně... :?:
Nahoru
Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele cernohous13

Re: Kontrola CF

#13 Příspěvek od cernohous13 »

Zdravím, než se ti zas bude věnovat kolega
MBAM spustit znovu - dát Úplná kontrola
:arrow: po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené složky: 3
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (PUP.Spyware.MarketScore) -> Umístnění do karantény a smazání se zdařilo..
ten by taky rád viděl :)
:arrow: restartuj a vytvoř log RSIT - http://forum.viry.cz/viewtopic.php?f=13&t=105895
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#14 Příspěvek od Johny.XXX »

Zde je log z MBAM-------------------------------------------------------------------------------------------------------------------------------------------------Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.04.17.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Owner :: ÚPŮÚŮ [administrátor]

Ochrana: Zakázána

17.4.2012 18:19:32
mbam-log-2012-04-17 (20-52-45).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 146769
Uplynulý čas: 2 hodin, 32 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 9
C:\Qoobox\Quarantine\C\Program Files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll.vir (Adware.DoubleD) -> Žádná instrukce nebyla provedena.
C:\Qoobox\Quarantine\C\Program Files\MorpheusBar\bar\1.bin\M0PLUGIN.DLL.vir (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Qoobox\Quarantine\C\Program Files\MorpheusBar\bar\1.bin\NPMORPBR.DLL.vir (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Qoobox\Quarantine\C\Program Files\RelevantKnowledge\rlls.dll.vir (PUP.Adware.RelevantKnowledge) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{39B3DE9F-4B6B-43CE-860B-6532645EA5A0}\RP384\A0703550.exe (Spyware.Passwords) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{39B3DE9F-4B6B-43CE-860B-6532645EA5A0}\RP385\A0705968.exe (Adware.Dropper) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{39B3DE9F-4B6B-43CE-860B-6532645EA5A0}\RP411\A0821420.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{39B3DE9F-4B6B-43CE-860B-6532645EA5A0}\RP411\A0821421.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\System Volume Information\_restore{39B3DE9F-4B6B-43CE-860B-6532645EA5A0}\RP411\A0821422.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.------------------------------------------------------------------------------------------------------------------------------------------------
Nahoru
Johny.XXX
Návštěvník
Návštěvník
Příspěvky: 18
Registrován: 17 dub 2012 01:23

Re: Kontrola CF

#15 Příspěvek od Johny.XXX »

Jasně zatím všemu rozumím,díky moc za rady a pomoc,snad to bude k něčemu dobrý... :) Zde je log z RSIT-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2012-04-17 21:11:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 43 GB (37%) free of 114 GB
Total RAM: 767 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:44, on 17.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.taazu.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\prxtbfre0.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Synchronization Manager] %systemroot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualDesk] c:\program files\tweaknow powerpack 2011\virdesk.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "c:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\BearShare MP3\Plugins\RazaWebHook.dll/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Casino-On-Net - {3015DB92-158E-4b77-9020-85C8E311FBB5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Made Man Drivers Auto Removal (pr2apasb) (pr2apasb) - City Interactive Sp z o.o. - C:\WINDOWS\system32\pr2apasb.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - http://t1.gstatic.com/images?q=tbn:ANd9 ... t4m6ngKqtA
O24 - Desktop Component 1: (no name) - http://www.soccerplay.net/wp-content/up ... lpaper.jpg

--
End of file - 9671 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{120CFF7D-641A-4868-9954-13E6FCED0684}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{52D0369D-0EC1-425D-ABC0-9C10E334C4C7}.job
C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_DREZI-5D963DE92_Owner.job
C:\WINDOWS\tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ÚPŮÚŮ_Owner.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\1o8lc42f.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}"=C:\Program Files\RelevantKnowledge
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0]
"Description"=npganymedenet
"Path"=C:\Program Files\Ganymede\Plugins\npganymedenet.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{3112ca9c-de6d-4884-a869-9855de68056c}
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npganymedenet.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\1o8lc42f.default\extensions\
{51a86bb3-6602-4c85-92a5-130ee4864f13}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-07-02 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-13 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-13 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-13 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\prxtbfre0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
{D5D47440-0750-463D-BAEF-A47D02414806}
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\prxtbfre0.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"nwiz"=nwiz.exe /install []
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-07-02 198160]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143872]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"VirtualDesk"=c:\program files\tweaknow powerpack 2011\virdesk.exe [2011-02-24 6089576]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Facebook Update"=c:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe [2012-03-24 137536]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files\daemon tools lite\dtlite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMax]
c:\program files\analog devices\soundmax\smax4.exe /tray []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Metin2\metin2.bin"="C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Owner\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=iyvu9_32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"vidc.yv12"=yv12vfw.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.lameacm"=lameACM.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"msacm.siren"=sirenacm.dll

======List of files/folders created in the last 1 month======

2012-04-17 17:56:32 ----D---- C:\Program Files\Lavalys
2012-04-17 15:29:31 ----D---- C:\Documents and Settings\Owner\Data aplikací\AIMP
2012-04-17 15:28:45 ----D---- C:\Program Files\AIMP2
2012-04-17 14:37:38 ----D---- C:\Documents and Settings\Owner\Data aplikací\Malwarebytes
2012-04-17 14:37:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-04-17 14:37:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-04-17 14:37:23 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-04-17 14:09:19 ----N---- C:\WINDOWS\system32\pxwma.dll
2012-04-17 14:04:57 ----SHD---- C:\RECYCLER
2012-04-17 13:58:12 ----A---- C:\ComboFix.txt
2012-04-17 13:38:10 ----D---- C:\ComboFix
2012-04-17 13:29:22 ----D---- C:\Documents and Settings\Owner\Data aplikací\BSplayer
2012-04-17 10:06:35 ----D---- C:\TDSSKiller_Quarantine
2012-04-17 09:38:33 ----D---- C:\Program Files\trend micro
2012-04-17 09:38:31 ----D---- C:\rsit
2012-04-17 01:11:29 ----A---- C:\Boot.bak
2012-04-17 01:11:19 ----RASHD---- C:\cmdcons
2012-04-17 01:06:47 ----A---- C:\WINDOWS\zip.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\SWSC.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\SWREG.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\sed.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\PEV.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\NIRCMD.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\MBR.exe
2012-04-17 01:06:47 ----A---- C:\WINDOWS\grep.exe
2012-04-17 01:06:09 ----D---- C:\WINDOWS\ERDNT
2012-04-17 01:06:04 ----D---- C:\Qoobox
2012-04-12 12:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-04-09 21:22:19 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-07 21:42:58 ----D---- C:\6f997e1f41da20ee1f3d5544a21ee556

======List of files/folders modified in the last 1 month======

2012-04-17 21:09:59 ----D---- C:\WINDOWS\Temp
2012-04-17 20:58:56 ----SHD---- C:\WINDOWS\Installer
2012-04-17 20:58:56 ----D---- C:\WINDOWS\system32\drivers
2012-04-17 20:58:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-17 17:56:32 ----RD---- C:\Program Files
2012-04-17 17:49:32 ----D---- C:\WINDOWS
2012-04-17 17:00:46 ----D---- C:\Documents and Settings\Owner\Data aplikací\GetRightToGo
2012-04-17 17:00:36 ----D---- C:\WINDOWS\system32
2012-04-17 16:46:15 ----D---- C:\WINDOWS\system
2012-04-17 16:45:58 ----HD---- C:\WINDOWS\inf
2012-04-17 16:45:58 ----D---- C:\WINDOWS\Prefetch
2012-04-17 16:34:04 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-17 15:16:27 ----D---- C:\WINDOWS\msapps
2012-04-17 14:15:00 ----D---- C:\Program Files\Winamp
2012-04-17 13:54:12 ----A---- C:\WINDOWS\system.ini
2012-04-17 13:48:47 ----D---- C:\WINDOWS\AppPatch
2012-04-17 13:48:45 ----D---- C:\Program Files\Common Files
2012-04-17 12:40:34 ----D---- C:\Documents and Settings\Owner\Data aplikací\PriceGong
2012-04-17 12:39:31 ----D---- C:\Config.Msi
2012-04-17 09:22:57 ----SD---- C:\WINDOWS\Tasks
2012-04-17 01:42:13 ----D---- C:\WINDOWS\system32\drivers\etc
2012-04-17 01:36:51 ----D---- C:\WINDOWS\system32\config
2012-04-17 01:11:29 ----RASH---- C:\boot.ini
2012-04-16 00:33:21 ----D---- C:\Program Files\Mozilla Firefox
2012-04-12 22:19:42 ----HD---- C:\Program Files\WindowsUpdate
2012-04-12 12:14:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-12 12:14:16 ----D---- C:\Program Files\Internet Explorer
2012-04-12 12:13:54 ----D---- C:\WINDOWS\ie8updates
2012-04-12 12:13:41 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-12 12:07:35 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-09 22:04:02 ----D---- C:\WINDOWS\Minidump
2012-04-01 12:22:41 ----D---- C:\WINDOWS\system32\CatRoot
2012-03-30 14:31:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-22 23:15:31 ----D---- C:\Documents and Settings\Owner\Data aplikací\DAEMON Tools Lite
2012-03-22 22:45:51 ----D---- C:\WINDOWS\Debug
2012-03-22 22:40:59 ----D---- C:\Program Files\TweakNow PowerPack 2011
2012-03-22 22:40:59 ----D---- C:\Documents and Settings\Owner\Data aplikací\TweakNow PowerPack 2011
2012-03-22 22:33:46 ----D---- C:\Documents and Settings\Owner\Data aplikací\IObit
2012-03-19 18:55:48 ----D---- C:\WINDOWS\security

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 m5289;m5289; C:\WINDOWS\system32\DRIVERS\m5289.sys [2005-07-04 52480]
R0 pe3apasb;Made Man Environment Driver (pe3apasb); C:\WINDOWS\system32\drivers\pe3apasb.sys [2007-11-13 65136]
R0 ps7apasb;Made Man Synchronization Driver (ps7apasb); C:\WINDOWS\system32\drivers\ps7apasb.sys [2007-11-13 68728]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 uliagpkx;ULi AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\agpkx.sys [2005-05-03 45056]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-17 232512]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-06-25 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 catchme;catchme; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleNT;EagleNT; C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
S3 gtermddo;gtermddo; C:\WINDOWS\system32\drivers\gtermddo.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 RT73;TL-WN321G USB Wireless Adapter; C:\WINDOWS\system32\DRIVERS\rt73.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-13 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 pr2apasb;Made Man Drivers Auto Removal (pr2apasb); C:\WINDOWS\system32\pr2apasb.exe [2007-11-13 410992]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2012-02-09 1529152]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“