vytížení pc na 100%

Zpráva

manatte · #1 Příspěvek od **manatte** » 15 črc 2012 13:38

Dobry den, mam problem s vytizenim pc(notebook) na cca 100 % a taky mi z toho duvodu asi skoro nefunguje klavesnice. Nevim cim t muze byt, proveden test Avast, Malwarebyte a CCleaner a vse ok.

Soucasne se omlouvam za pravopis, ale tukam to na klavesnici na obrazuvce mysi,no des:)

Prikladam log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-07-15 14:18:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (29%) free of 46 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:38, on 15.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\acer\epm\epm-dm.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\WINDOWS\is-53341.exe" /REG /REGSVRMODE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
O23 - Service: Autodesk EDM Server - - C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 7791 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-04-29 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-13 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-13 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-13 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-04-29 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-03-28 188416]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-24 2880512]
"SafeQ Client"=C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2010-03-31 249856]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-02-20 2786480]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-02-20 3669680]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"InnoSetupRegFile.0000000001"=C:\WINDOWS\is-53341.exe [2012-07-15 711240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-12-07 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-07-15 14:18:18 ----D---- C:\rsit
2012-07-15 11:08:37 ----A---- C:\WINDOWS\is-53341.exe
2012-07-15 10:15:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\dvdcss

======List of files/folders modified in the last 1 month======

2012-07-15 14:18:38 ----D---- C:\Program Files\trend micro
2012-07-15 14:18:16 ----D---- C:\WINDOWS\Prefetch
2012-07-15 14:15:43 ----D---- C:\WINDOWS\system32\drivers
2012-07-15 13:21:33 ----AD---- C:\WINDOWS
2012-07-15 13:17:35 ----D---- C:\WINDOWS\Temp
2012-07-15 11:08:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-07-15 10:13:36 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-15 08:35:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-07-14 20:38:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2012-06-24 22:33:27 ----SHD---- C:\WINDOWS\Installer
2012-06-22 15:27:14 ----D---- C:\Program Files\Spyware Terminator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-03 218688]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-12-07 874496]
R3 b57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-10 200064]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-10 684800]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-12-07 425984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-13 153376]
R2 MSSQL$AUTODESKVAULT;MSSQL$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe [2005-05-04 9150464]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-02-20 482992]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Autodesk Data Management Job Dispatch;Autodesk Data Management Job Dispatch; C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe [2006-03-09 40960]
S2 Autodesk EDM Server;Autodesk EDM Server; C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe [2006-03-09 49152]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-03 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 SQLAgent$AUTODESKVAULT;SQLAgent$AUTODESKVAULT; C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE [2005-05-03 323584]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Danstahr · #2 Příspěvek od **Danstahr** » 15 črc 2012 14:14

Dobre odpoledne

,

Stáhněte OTL z tohoto odkazu a uložte jej na Plochu.

Pokud používáte Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáte 64bitový OS, zkontrolujte, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtněte jej.
Zaškrtněte okénko Pro všechny uživatele.
Zaškrtněte okénko Kontrola na havěť "LOP".
Zaškrtněte okénko Kontrola na havěť "Purity".
Stáři souborů změňte z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vložte tento script :

Kód: Vybrat vše

CREATERESTOREPOINT

netsvc
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
%userprofile%\*.bat /s

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s

%SystemDrive%\PhysicalMBR.bin /md5

Klikněte na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vložte.
Pokud se nevejdou do jednoho, rozdělte je prosím do více příspěvků.

šablonka © Mc_Murphy

Na strance http://dan-stahr.tk/ vlozte do okna nasledujici text, prepnete prepinac nahore na .bat a kliknete na OK. Stazeny soubor spustte a ve slozce s nim by se mel objevit soubor log.txt, jeho obsah sem vlozte.

Kód: Vybrat vše

tasklist /v > log.txt

manatte · #3 Příspěvek od **manatte** » 15 črc 2012 15:05

Dobrý den, děkuji za brzkou reakci.
První vkládám log Extras.txt:

OTL Extras logfile created on: 15.7.2012 15:19:56 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,50% Memory free
3,85 Gb Paging File | 3,38 Gb Available in Paging File | 87,94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,00 Gb Total Space | 12,88 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Drive D: | 45,21 Gb Total Space | 2,73 Gb Free Space | 6,03% Space Free | Partition Type: FAT32

Computer Name: DOMOV | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe" = C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012 -- (Crawler.com)
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012 -- (Crawler.com)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1D9151C2-FBDB-48B9-B3BF-69A8274820D6}" = Autodesk Data Management Server 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-5001-0405-0002-0060B0CE6BBA}" = AutoCAD 2007 - Český
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7CFAEC66-BA0E-4076-AAA5-2BE29153E6DF}" = Microsoft XML Parser
"{7F4DD591-1100-0409-0000-7107D70F3DB4}" = Autodesk Inventor 11
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (AUTODESKVAULT)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.20
"ATI Display Driver" = ATI Display Driver
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_00661025" = SoftV92 Data Fax Modem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{827289F5-B44F-4E49-9993-840741585A62}" = Acer eManager for Notebook
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"ShockwaveFlash" = Macromedia Flash Player 8
"The KMPlayer" = The KMPlayer (remove only)
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8097
"QipGuard" = QIP Internet Guardian
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4.1.2012 17:51:17 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:52:17 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:53:18 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:54:18 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:55:19 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:56:19 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:57:20 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:58:20 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 17:59:21 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

Error - 4.1.2012 18:00:21 | Computer Name = DOMOV | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = Authentication failed for user: JobUser: 301

[ System Events ]
Error - 28.2.2012 4:19:34 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.42.209. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 29.2.2012 9:20:45 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.42.209. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 29.2.2012 13:40:37 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 1.3.2012 1:42:53 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 1.3.2012 11:27:14 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 2.3.2012 3:20:03 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 2.3.2012 11:22:11 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 3.3.2012 3:03:40 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 4.3.2012 3:25:43 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

Error - 5.3.2012 12:41:02 | Computer Name = DOMOV | Source = NetBT | ID = 4321
Description = Název DOMOV :0 nelze zaregistrovat v rozhraní s adresou IP
158.196.43.73. Počítač s adresou IP 158.196.147.56 nepovolil získání názvu tímto
počítačem.

< End of report >

manatte · #4 Příspěvek od **manatte** » 15 črc 2012 15:06

další log z OTL.txt:

OTL logfile created on: 15.7.2012 15:19:56 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,50% Memory free
3,85 Gb Paging File | 3,38 Gb Available in Paging File | 87,94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 45,00 Gb Total Space | 12,88 Gb Free Space | 28,62% Space Free | Partition Type: NTFS
Drive D: | 45,21 Gb Total Space | 2,73 Gb Free Space | 6,03% Space Free | Partition Type: FAT32

Computer Name: DOMOV | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.07.15 15:18:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\OTL.exe
PRC - [2012.02.20 08:00:10 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\st_rsser.exe
PRC - [2012.02.20 08:00:04 | 003,669,680 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2012.02.20 07:59:54 | 002,786,480 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2011.11.28 20:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.11.28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.07.09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 09:52:42 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\osk.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.03.28 19:04:00 | 000,188,416 | ---- | M] (Acer Inc) -- C:\Acer\ePM\EPM-DM.exe
PRC - [2004.08.16 16:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
PRC - [2001.10.25 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msswchx.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.15 10:56:50 | 001,783,296 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12071500\algo.dll
MOD - [2011.07.09 06:51:17 | 000,329,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\ppgooglenaclpluginchrome.dll
MOD - [2011.07.09 06:51:16 | 003,649,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\pdf.dll
MOD - [2011.07.09 06:50:09 | 000,321,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\Locales\cs.dll
MOD - [2011.07.09 06:49:50 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avutil-50.dll
MOD - [2011.07.09 06:49:48 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avformat-52.dll
MOD - [2011.07.09 06:49:47 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avcodec-52.dll
MOD - [2011.07.09 04:31:29 | 006,333,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\gcswf32.dll
MOD - [2010.04.11 19:48:06 | 000,327,680 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.03.31 10:56:00 | 002,355,200 | ---- | M] () -- C:\WINDOWS\system32\SAFEQVS.DLL
MOD - [2010.03.15 12:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.05.06 16:35:00 | 000,421,888 | ---- | M] () -- C:\WINDOWS\system32\SafeQCairoLib.DLL
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - [2012.02.20 08:00:10 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2012.01.04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.11.28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.02.03 11:19:07 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2006.03.09 17:35:20 | 000,049,152 | ---- | M] ( ) [Auto | Stopped] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe -- (Autodesk EDM Server)
SRV - [2006.03.09 14:23:56 | 000,040,960 | ---- | M] (Autodesk Inc) [Auto | Stopped] -- C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe -- (Autodesk Data Management Job Dispatch)
SRV - [2004.08.16 16:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011.11.28 19:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 19:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 19:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 19:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 19:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 19:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 19:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.06.21 12:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.02.03 10:58:30 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.02.16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.04.05 17:38:00 | 000,132,352 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) Broadcom NetLink (TM)
DRV - [2005.03.24 17:54:08 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2005.03.04 17:37:26 | 000,008,704 | ---- | M] (Avocent/OSA Technologies Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2005.01.14 16:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2004.12.07 23:06:00 | 000,874,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.10.29 19:48:00 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004.07.19 14:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2004.06.25 15:31:00 | 000,276,480 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA)
DRV - [2004.06.25 15:29:00 | 000,034,048 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD)
DRV - [2004.06.10 16:00:00 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004.06.10 15:58:00 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004.06.10 15:58:00 | 000,684,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/search?query={searchTerms}&from=IE
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-1364589140-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.2.183.23\npGoogleOneClick8.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\gcswf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2012.03.13 09:41:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\EPM-DM.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [SafeQ Client] C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe ()
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1757981266-1364589140-839522115-500..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\WINDOWS\is-53341.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1757981266-1364589140-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1757981266-1364589140-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 158.196.149.9 158.196.162.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB7A6639-B87C-467E-AD97-7BE6A713DC61}: DhcpNameServer = 158.196.149.9 158.196.162.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Error creating restore point.

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.07.15 14:18:18 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.15 10:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2012.07.15 10:03:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent

========== Files - Modified Within 7 Days ==========

[2012.07.15 15:24:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.15 13:24:32 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.15 11:08:37 | 000,711,240 | ---- | M] () -- C:\WINDOWS\is-53341.exe
[2012.07.15 11:08:37 | 000,012,370 | ---- | M] () -- C:\WINDOWS\is-53341.msg
[2012.07.15 11:08:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.07.15 11:08:37 | 000,000,474 | ---- | M] () -- C:\WINDOWS\is-53341.lst
[2012.07.15 08:51:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.15 08:51:38 | 2145,505,280 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.14 20:36:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

========== Files Created - No Company Name ==========

[2012.07.15 15:24:54 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.15 11:08:37 | 000,711,240 | ---- | C] () -- C:\WINDOWS\is-53341.exe
[2012.07.15 11:08:37 | 000,012,370 | ---- | C] () -- C:\WINDOWS\is-53341.msg
[2012.07.15 11:08:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2012.07.15 11:08:37 | 000,000,474 | ---- | C] () -- C:\WINDOWS\is-53341.lst
[2012.04.04 22:22:37 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.03.20 22:21:04 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.09.20 21:48:54 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2011.06.23 17:29:18 | 000,000,370 | ---- | C] () -- C:\WINDOWS\capture.ini
[2011.04.29 11:32:04 | 000,000,034 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2011.04.05 14:53:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011.04.05 14:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\People
[2011.04.05 14:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Pedal Hard
[2011.04.05 14:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\PDEs
[2011.04.05 14:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PageLibraries
[2011.04.05 14:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\Overdrive
[2011.04.05 14:45:39 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\Organs
[2011.04.05 14:45:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2011.04.05 14:45:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2011.04.05 14:45:39 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2011.04.05 14:45:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Podcasting
[2011.04.05 14:45:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Plug-Ins
[2011.04.05 14:45:39 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Plants
[2011.03.30 11:36:37 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011.03.24 19:58:09 | 000,000,298 | ---- | C] () -- C:\WINDOWS\setting1.ini
[2011.03.24 19:58:04 | 000,000,079 | ---- | C] () -- C:\WINDOWS\ricdb.ini
[2011.03.24 19:57:21 | 002,355,200 | ---- | C] () -- C:\WINDOWS\System32\SAFEQVS.DLL
[2011.03.24 19:57:21 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\SafeQCairoLib.DLL
[2011.03.24 19:57:21 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\SAFEQUI.DLL
[2011.03.24 19:57:00 | 000,000,603 | ---- | C] () -- C:\WINDOWS\setting.ini
[2011.03.04 12:04:06 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\fusioncache.dat
[2011.03.04 11:53:29 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\fusioncache.dat
[2011.03.04 11:40:16 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2011.02.16 18:23:14 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.02.04 00:16:15 | 000,896,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.02.03 13:19:36 | 000,113,152 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.03 10:35:01 | 000,002,236 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.02.03 01:54:33 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.02.03 01:52:56 | 000,384,816 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.03 01:07:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.02.03 01:00:32 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2011.03.04 11:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Autodesk
[2011.02.03 11:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2011.04.26 00:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.04.18 17:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Jpeg Resampler
[2011.04.29 11:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LangSoft
[2011.04.05 14:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nikon
[2012.02.24 17:54:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nokia
[2012.02.24 18:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2011.02.03 10:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QipGuard
[2012.03.20 22:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2011.04.27 15:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Zoner
[2011.02.03 10:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.03.04 12:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2011.02.03 10:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.04.05 14:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2011.04.29 11:48:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2011.04.06 09:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2012.02.24 17:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2012.03.12 21:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2012.02.24 17:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.07.14 20:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2011.04.05 14:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2011.02.24 16:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2011.08.19 17:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

========== Purity Check ==========

========== Custom Scans ==========

< >

< netsvc >

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 01:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.03 11:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2012.02.18 11:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2011.03.04 11:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Autodesk
[2011.02.28 17:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVS4YOU
[2011.06.15 17:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Corel
[2011.02.03 11:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2012.07.15 10:15:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2011.04.26 00:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.03.29 21:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2011.02.03 01:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.04.18 17:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Jpeg Resampler
[2011.04.29 11:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LangSoft
[2011.02.03 10:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.07.24 22:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2012.01.31 20:58:17 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2011.03.30 11:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2011.04.05 14:49:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nikon
[2012.02.24 17:54:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nokia
[2012.02.24 18:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2011.02.03 10:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\QipGuard
[2012.03.20 22:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
[2011.02.16 11:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.12.09 20:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2011.02.03 10:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2011.04.27 15:40:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2011.04.05 14:47:04 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2011.03.04 11:42:24 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}\ARPPRODUCTICON.exe
[2010.10.20 15:35:20 | 000,188,416 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\QipGuard\QipGuard.exe
[2011.04.27 15:42:16 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Documents and Settings\Administrator\Data aplikací\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.02.03 01:47:56 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.02.03 01:47:56 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.02.03 01:47:56 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.14 20:36:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >
[2011.07.11 20:07:23 | 000,330,576 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\02_Materialy.pdf
[2011.02.09 14:44:12 | 000,001,266 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\10.semestr_sal.lnk
[2011.07.11 20:11:27 | 001,755,485 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\178.pdf
[2011.11.18 17:15:15 | 000,743,754 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\2.4_finish.rar
[2012.03.20 23:30:29 | 000,000,884 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\AIDA64 Extreme Edition.lnk
[2011.11.14 23:40:30 | 000,281,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Analyza potrebnosti 2.4.doc
[2012.06.22 19:55:09 | 000,051,200 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Curricullum vitae_Rusz_2012_v1_upravit.doc
[2011.11.17 22:47:44 | 000,016,947 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Dotaznik_2.4.docx
[2011.11.14 23:40:35 | 000,273,920 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Dotazník.doc
[2011.02.06 11:59:37 | 000,001,223 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\DP_clanky.lnk
[2012.01.08 12:16:07 | 000,933,888 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\fyzika.doc
[2012.01.07 18:12:25 | 000,889,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\fyzika_final.doc
[2012.01.09 23:52:21 | 001,524,224 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\fyzika_finish.doc
[2012.01.10 19:19:59 | 001,528,832 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\fyzika_finish_2.doc
[2012.01.10 19:42:59 | 001,527,808 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\fyzika_finish_3_tisk.doc
[2011.07.17 21:42:08 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Google Chrome.lnk
[2011.04.18 17:00:49 | 002,486,784 | ---- | M] (David Macek) -- C:\Documents and Settings\Administrator\Plocha\JpegResampler.exe
[2012.01.05 22:13:42 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\KMPlayer.lnk
[2011.09.20 21:56:51 | 000,000,647 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Mafia.lnk
[2011.07.24 23:30:18 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\mbam-log-2011-07-24 (23-30-12).txt
[2011.12.18 17:12:22 | 000,000,210 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Nový textový dokument.txt
[2011.11.11 19:56:24 | 005,270,990 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\oznameni_workshop.docx
[2011.11.17 22:25:34 | 000,292,755 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\pracovní_17_11.pdf
[2011.06.19 13:48:46 | 001,441,084 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\prilohy.zip
[2012.02.01 16:19:42 | 000,445,382 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\PV_ang.xlsx
[2011.11.12 14:01:24 | 000,258,379 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\report2.4.pdf
[2011.11.04 17:35:55 | 000,121,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Rez.doc
[2011.09.02 12:34:50 | 000,246,203 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Salajka_PV_2011_Nanotým_VŠB-TUO.xlsx
[2011.12.18 13:43:21 | 003,515,621 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\srovnání průchodů AZ31.xlsx
[2011.02.03 01:23:35 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Tento počítač.lnk
[2011.06.19 15:32:14 | 000,074,240 | -HS- | M] () -- C:\Documents and Settings\Administrator\Plocha\Thumbs.db
[2011.12.09 20:58:10 | 000,005,044 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\TV-novy.m3u
[2012.03.12 18:32:00 | 005,856,962 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\tvarkoI.rar
[2012.03.12 18:32:18 | 006,016,324 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\tvarkoII.rar
[2012.02.19 23:18:53 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Workshop_Trojanovice.doc
[2011.05.31 18:32:42 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\Plocha\~$ezentace.doc
[2011.05.15 09:39:06 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\Plocha\~$_SAL111_final_1.doc
[2011.05.31 17:30:08 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\Plocha\~$_SAL111_final_3.doc
[2011.11.18 01:31:09 | 000,313,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Řež_spolupráce.doc

< %userprofile%\Desktop\*.* >

< %ALLUSERSPROFILE%\Plocha\*.* >
[2011.03.30 11:35:34 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CloneCD.lnk
[2012.07.15 11:08:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2011.04.05 14:46:07 | 000,001,703 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ViewNX 2.lnk
[2011.12.09 21:00:17 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >
[2011.02.28 17:20:27 | 064,390,180 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\AVS Video Converter 7.0.3.453 + Crack.rar
[2011.03.30 11:35:00 | 002,660,259 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\CloneCD 5.3.1.4 + crack + návod.rar
[2011.11.28 21:29:40 | 000,381,440 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\crackdown.doc
[2011.02.03 14:27:21 | 371,941,452 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Nero_10.5.10500_+_Serial_+_Crack.rar
[2001.08.14 17:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\Inventor 11\Textures\surfaces\Cracks.bmp
[1999.06.11 20:18:36 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Corel Graphics 11\Custom Data\Bumpmap\Cracks.cpt
[2002.01.30 18:31:34 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Corel Graphics 11\Custom Data\Canvas\cracks2c.pcx
[2002.01.30 19:15:40 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Corel Graphics 11\Custom Data\Tiles\CRACKS2M.CPT
[2002.12.18 17:10:46 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Bumpmap\Cracks.cpt
[2002.12.16 18:44:50 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Canvas\cracks2c.pcx
[2002.12.16 18:44:30 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Tiles\CRACKS2M.CPT

< *keygen* /s >
[2012.02.28 23:34:34 | 000,800,836 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\autocad-2012-keygen.rar

< *loader* /s >
[2010.09.23 11:12:18 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2006.03.09 13:59:52 | 000,008,678 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\CSharp\ERPBulkUploaderViaDwf\ERPBulkUploaderViaDwf.csproj
[2006.03.09 13:59:52 | 000,000,927 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\CSharp\ERPBulkUploaderViaDwf\ERPBulkUploaderViaDwf.sln
[2006.03.09 13:59:52 | 000,098,304 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\CSharp\ERPBulkUploaderViaDwf\bin\Debug\ERPBulkUploaderViaDwf.exe
[2006.03.09 13:59:54 | 000,009,672 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\CSharp\VaultBulkUploader\VaultBulkUploader.csproj
[2006.03.09 13:59:54 | 000,001,338 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\CSharp\VaultBulkUploader\VaultBulkUploader.sln
[2006.03.09 13:59:54 | 000,229,376 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\CSharp\VaultBulkUploader\bin\Debug\VaultBulkUploader.exe
[2006.03.09 13:59:56 | 000,000,927 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\VB\ERPBulkUploaderViaDwf\ERPBulkUploaderViaDwf.sln
[2006.03.09 13:59:56 | 000,008,379 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\VB\ERPBulkUploaderViaDwf\ERPBulkUploaderViaDwf.vbproj
[2006.03.09 13:59:56 | 000,110,592 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\VB\ERPBulkUploaderViaDwf\bin\ERPBulkUploaderViaDwf.exe
[2006.03.09 13:59:58 | 000,001,338 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\VB\VaultBulkUploader\VaultBulkUploader.sln
[2006.03.09 13:59:58 | 000,009,209 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\VB\VaultBulkUploader\VaultBulkUploader.vbproj
[2006.03.09 13:59:58 | 000,249,856 | ---- | M] () -- \Program Files\Autodesk\Data Management Server 5\SDK\VS7.1\VB\VaultBulkUploader\bin\VaultBulkUploader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.03.15 12:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.04.29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 01:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 01:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2011.02.02 15:31:20 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr

< *RemoveWAT* /s >

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 16:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2011.02.03 14:27:21 | 371,941,452 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Nero_10.5.10500_+_Serial_+_Crack.rar
[2010.08.20 11:43:02 | 000,242,984 | ---- | M] () -- \Program Files\Common Files\Nero\BDCore10\boost_serialization-mt.dll
[2010.08.20 11:43:16 | 000,165,160 | ---- | M] () -- \Program Files\Common Files\Nero\BDCore10\boost_wserialization-mt.dll
[2010.12.04 03:04:10 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.51204.0\System.Runtime.Serialization.dll
[2011.02.03 15:47:01 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.51204.0\System.Runtime.Serialization.ni.dll
[2010.09.28 17:18:06 | 000,775,464 | ---- | M] () -- \Program Files\Nero\Nero 10\Nero BackItUp\SetSerial.exe
[2008.07.29 20:16:38 | 000,966,656 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.17 15:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.03.04 11:42:49 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.03.04 11:41:58 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.03 11:09:57 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.02.03 15:41:53 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.03 15:43:53 | 000,966,656 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.02.03 16:41:13 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01dc643b54310ebc5ab7e4696df426bc\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.02.03 15:59:12 | 002,338,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bb748f8ef8c98eb5c7f79b8faee95397\System.Runtime.Serialization.ni.dll
[2004.07.15 15:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 20:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 12:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 19:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.29 20:16:38 | 000,966,656 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 08:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 08:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 19:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 08:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *AutoRearm* /s >

< %userprofile%\*.bat /s >
[2011.04.18 17:00:49 | 000,000,271 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\JR2010\unregister.bat

< >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"EPM-DM" = c:\acer\epm\epm-dm.exe -- [2005.03.28 19:04:00 | 000,188,416 | ---- | M] (Acer Inc)
"ePowerManagement" = C:\Acer\ePM\ePM.exe boot -- [2005.03.24 10:13:28 | 002,880,512 | ---- | M] (Acer Value Labs, Taiwan)
"SafeQ Client" = "C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" -- [2010.03.31 10:55:00 | 000,249,856 | ---- | M] ()
"iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" -- [2011.07.19 18:29:00 | 000,421,736 | ---- | M] (Apple Inc.)
"BluetoothAuthenticationAgent" = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"SunJavaUpdateSched" = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" -- [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.)
"SpywareTerminatorShield" = C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe -- [2012.02.20 07:59:54 | 002,786,480 | ---- | M] (Crawler.com)
"SpywareTerminatorUpdater" = C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe -- [2012.02.20 08:00:04 | 003,669,680 | ---- | M] (Crawler.com)
"QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime -- [2010.11.29 17:38:18 | 000,421,888 | ---- | M] (Apple Inc.)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed" = 1
"NoChange" = 1
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed" = 1
"" =

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 09:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.15 15:24:54 | 000,000,512 | ---- | M] () MD5=37BE4FAC8A4D53B28FD69152A09AED26 -- C:\PhysicalMBR.bin

< End of report >

manatte · #5 Příspěvek od **manatte** » 15 črc 2012 15:09

další log z té stránky:

N zev procesu PID N zev relace ¬ˇslo re Vyu§itˇ pamŘ Stav U§ivatelsk‚ jm‚no ¬as CPU Titulek okna
========================= ====== ================ ======== ============ =============== ================================================== ============ ========================================================================
System Idle Process 0 Console 0 28 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:23:03 Nenˇ k dispozici
System 4 Console 0 252 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:32:41 Nenˇ k dispozici
smss.exe 516 Console 0 412 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:00 Nenˇ k dispozici
csrss.exe 900 Console 0 5˙380 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:26 Nenˇ k dispozici
winlogon.exe 928 Console 0 3˙244 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:05 Nenˇ k dispozici
services.exe 972 Console 0 7˙076 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:26 Nenˇ k dispozici
lsass.exe 984 Console 0 1˙536 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:06 Nenˇ k dispozici
ati2evxx.exe 1148 Console 0 2˙532 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:00 ATI video bios poller
svchost.exe 1184 Console 0 5˙316 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:01 Nenˇ k dispozici
svchost.exe 1296 Console 0 4˙972 kB SpuçtŘno NT AUTHORITY\NETWORK SERVICE 0:00:01 Nenˇ k dispozici
svchost.exe 1440 Console 0 24˙964 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:19 Nenˇ k dispozici
svchost.exe 1472 Console 0 3˙632 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:00 Nenˇ k dispozici
svchost.exe 1632 Console 0 4˙452 kB SpuçtŘno NT AUTHORITY\NETWORK SERVICE 0:00:00 Nenˇ k dispozici
svchost.exe 1764 Console 0 4˙780 kB SpuçtŘno NT AUTHORITY\LOCAL SERVICE 0:00:02 Nenˇ k dispozici
AvastSvc.exe 184 Console 0 21˙296 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:14:31 Nenˇ k dispozici
ati2evxx.exe 632 Console 0 2˙556 kB SpuçtŘno DOMOV\Administrator 0:00:20 ATI video bios poller client
explorer.exe 712 Console 0 16˙076 kB SpuçtŘno DOMOV\Administrator 0:00:51 Nenˇ k dispozici
spoolsv.exe 408 Console 0 7˙888 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:05 Nenˇ k dispozici
anbmServ.exe 876 Console 0 5˙640 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:04 anbmserv
svchost.exe 224 Console 0 3˙548 kB SpuçtŘno NT AUTHORITY\LOCAL SERVICE 0:00:00 Nenˇ k dispozici
jqs.exe 832 Console 0 1˙408 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:58 Nenˇ k dispozici
sqlservr.exe 908 Console 0 20˙172 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:08 Nenˇ k dispozici
st_rsser.exe 1052 Console 0 20˙156 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:44 Nenˇ k dispozici
svchost.exe 2140 Console 0 4˙556 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:00 Nenˇ k dispozici
EPM-DM.exe 3448 Console 0 4˙584 kB SpuçtŘno DOMOV\Administrator 0:00:15 Acer EPM Device Manager
rundll32.exe 3608 Console 0 3˙668 kB SpuçtŘno DOMOV\Administrator 0:00:00 BluetoothNotificationAreaIconWindowClass
jusched.exe 3636 Console 0 2˙836 kB SpuçtŘno DOMOV\Administrator 0:00:00 OleMainThreadWndName
SpywareTerminatorShield.e 3668 Console 0 8˙284 kB SpuçtŘno DOMOV\Administrator 0:00:44 Nenˇ k dispozici
SpywareTerminatorUpdate.e 3692 Console 0 12˙748 kB SpuçtŘno DOMOV\Administrator 0:01:46 Spyware Terminator 2012 Aktualizace
sqlmangr.exe 376 Console 0 5˙296 kB SpuçtŘno DOMOV\Administrator 0:00:03 SQL Server Service Manager
wuauclt.exe 3724 Console 0 5˙624 kB SpuçtŘno DOMOV\Administrator 0:00:00 Nenˇ k dispozici
AvastUI.exe 764 Console 0 4˙884 kB SpuçtŘno DOMOV\Administrator 0:00:13 avast! Free Antivirus
AppleMobileDeviceService. 3572 Console 0 7˙284 kB SpuçtŘno NT AUTHORITY\SYSTEM 0:00:01 Nenˇ k dispozici
ctfmon.exe 3356 Console 0 3˙560 kB SpuçtŘno DOMOV\Administrator 0:00:00 Nenˇ k dispozici
chrome.exe 1788 Console 0 48˙160 kB SpuçtŘno DOMOV\Administrator 0:00:50 VIRY.CZ Zobrazit t‚ma - vytˇ§enˇ pc na 100%% - Google Chrome
chrome.exe 3296 Console 0 55˙408 kB SpuçtŘno DOMOV\Administrator 0:00:51 Nenˇ k dispozici
osk.exe 2800 Console 0 504 kB SpuçtŘno DOMOV\Administrator 0:00:02 Kl vesnice na obrazovce
msswchx.exe 3876 Console 0 3˙576 kB SpuçtŘno DOMOV\Administrator 0:00:00 msswchx
chrome.exe 3436 Console 0 28˙492 kB SpuçtŘno DOMOV\Administrator 0:00:02 OleMainThreadWndName
OTL.exe 2964 Console 0 9˙036 kB SpuçtŘno DOMOV\Administrator 0:07:11 OTL
notepad.exe 508 Console 0 3˙820 kB SpuçtŘno DOMOV\Administrator 0:00:00 Extras.Txt - Pozn mkově blok
notepad.exe 352 Console 0 3˙876 kB SpuçtŘno DOMOV\Administrator 0:00:00 OTL.Txt - Pozn mkově blok
chrome.exe 2620 Console 0 29˙260 kB SpuçtŘno DOMOV\Administrator 0:00:00 Nenˇ k dispozici
cmd.exe 3388 Console 0 2˙012 kB SpuçtŘno DOMOV\Administrator 0:00:00 C:\WINDOWS\system32\cmd.exe
tasklist.exe 3816 Console 0 5˙048 kB SpuçtŘno DOMOV\Administrator 0:00:00 OleMainThreadWndName
wmiprvse.exe 3192 Console 0 6˙008 kB SpuçtŘno NT AUTHORITY\NETWORK SERVICE 0:00:00 Nenˇ k dispozici

Danstahr · #6 Příspěvek od **Danstahr** » 15 črc 2012 15:16

Zatim prosim otestujte soubor C:\WINDOWS\is-53341.exe na Virustotal.com, pokud bude potreba, potvrdte, ze chcete provest sken znovu.

Log lustim, tak momentik...

manatte · #7 Příspěvek od **manatte** » 15 črc 2012 15:21

Provedeno a nejspis vse ok

Danstahr · #8 Příspěvek od **Danstahr** » 15 črc 2012 15:47

Pro dnesek ty cracky jako nevidim, ale priste uz to budeme resit. Pravidla mluvi jasne.

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

(šablona © Vyosek)

manatte · #9 Příspěvek od **manatte** » 15 črc 2012 16:06

Ok, dik. Ale Win jsou origo:)
Scan:

17:03:57.0046 2736 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
17:03:57.0140 2736 ============================================================
17:03:57.0140 2736 Current date / time: 2012/07/15 17:03:57.0140
17:03:57.0140 2736 SystemInfo:
17:03:57.0140 2736
17:03:57.0140 2736 OS Version: 5.1.2600 ServicePack: 3.0
17:03:57.0140 2736 Product type: Workstation
17:03:57.0140 2736 ComputerName: DOMOV
17:03:57.0140 2736 UserName: Administrator
17:03:57.0140 2736 Windows directory: C:\WINDOWS
17:03:57.0140 2736 System windows directory: C:\WINDOWS
17:03:57.0140 2736 Processor architecture: Intel x86
17:03:57.0140 2736 Number of processors: 1
17:03:57.0140 2736 Page size: 0x1000
17:03:57.0140 2736 Boot type: Normal boot
17:03:57.0140 2736 ============================================================
17:03:59.0609 2736 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:03:59.0609 2736 ============================================================
17:03:59.0609 2736 \Device\Harddisk0\DR0:
17:03:59.0609 2736 MBR partitions:
17:03:59.0609 2736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x5DE2BF, BlocksNum 0x5A02733
17:03:59.0625 2736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x5FE0A31, BlocksNum 0x5A70410
17:03:59.0625 2736 ============================================================
17:04:00.0359 2736 C: <-> \Device\Harddisk0\DR0\Partition0
17:04:00.0375 2736 D: <-> \Device\Harddisk0\DR0\Partition1
17:04:00.0375 2736 ============================================================
17:04:00.0375 2736 Initialize success
17:04:00.0375 2736 ============================================================
17:04:18.0250 2076 ============================================================
17:04:18.0250 2076 Scan started
17:04:18.0250 2076 Mode: Manual; SigCheck; TDLFS;
17:04:18.0250 2076 ============================================================
17:04:18.0781 2076 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
17:04:18.0937 2076 Aavmker4 - ok
17:04:18.0937 2076 Abiosdsk - ok
17:04:18.0953 2076 abp480n5 - ok
17:04:19.0015 2076 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:04:19.0312 2076 ACPI - ok
17:04:19.0328 2076 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:04:19.0468 2076 ACPIEC - ok
17:04:19.0468 2076 adpu160m - ok
17:04:19.0500 2076 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:04:19.0625 2076 aec - ok
17:04:19.0656 2076 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
17:04:19.0781 2076 AFD - ok
17:04:19.0796 2076 Aha154x - ok
17:04:19.0796 2076 aic78u2 - ok
17:04:19.0796 2076 aic78xx - ok
17:04:19.0843 2076 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
17:04:19.0953 2076 Alerter - ok
17:04:19.0968 2076 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
17:04:20.0109 2076 ALG - ok
17:04:20.0109 2076 AliIde - ok
17:04:20.0125 2076 amsint - ok
17:04:20.0390 2076 anbmService (c10d0fae427ea464edea2ee5dc40f056) C:\Acer\eManager\anbmServ.exe
17:04:20.0562 2076 anbmService ( UnsignedFile.Multi.Generic ) - warning
17:04:20.0562 2076 anbmService - detected UnsignedFile.Multi.Generic (1)
17:04:20.0656 2076 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:04:20.0671 2076 Apple Mobile Device - ok
17:04:20.0750 2076 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
17:04:20.0875 2076 AppMgmt - ok
17:04:20.0937 2076 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:04:21.0062 2076 Arp1394 - ok
17:04:21.0078 2076 asc - ok
17:04:21.0078 2076 asc3350p - ok
17:04:21.0093 2076 asc3550 - ok
17:04:21.0171 2076 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:04:21.0187 2076 aspnet_state - ok
17:04:21.0203 2076 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:04:21.0218 2076 aswFsBlk - ok
17:04:21.0265 2076 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
17:04:21.0281 2076 aswMon2 - ok
17:04:21.0281 2076 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
17:04:21.0296 2076 aswRdr - ok
17:04:21.0406 2076 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
17:04:21.0437 2076 aswSnx - ok
17:04:21.0500 2076 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
17:04:21.0515 2076 aswSP - ok
17:04:21.0546 2076 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
17:04:21.0562 2076 aswTdi - ok
17:04:21.0578 2076 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:04:21.0703 2076 AsyncMac - ok
17:04:21.0734 2076 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:04:21.0859 2076 atapi - ok
17:04:21.0875 2076 Atdisk - ok
17:04:21.0984 2076 Ati HotKey Poller (127e07d34b44438442a0e81ae7f093c0) C:\WINDOWS\system32\Ati2evxx.exe
17:04:22.0031 2076 Ati HotKey Poller - ok
17:04:22.0218 2076 ati2mtag (375eac7da270da658501ee766f960201) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:04:22.0343 2076 ati2mtag - ok
17:04:22.0390 2076 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:04:22.0515 2076 Atmarpc - ok
17:04:22.0546 2076 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
17:04:22.0671 2076 AudioSrv - ok
17:04:22.0687 2076 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:04:22.0828 2076 audstub - ok
17:04:22.0921 2076 Autodesk Data Management Job Dispatch (4144d0af5fce4814bbea9e58aab6c2ed) C:\Program Files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
17:04:22.0968 2076 Autodesk Data Management Job Dispatch ( UnsignedFile.Multi.Generic ) - warning
17:04:22.0968 2076 Autodesk Data Management Job Dispatch - detected UnsignedFile.Multi.Generic (1)
17:04:23.0015 2076 Autodesk EDM Server (ff149be4da0b5bc9f5b9fe223af4ece5) C:\Program Files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
17:04:23.0046 2076 Autodesk EDM Server ( UnsignedFile.Multi.Generic ) - warning
17:04:23.0046 2076 Autodesk EDM Server - detected UnsignedFile.Multi.Generic (1)
17:04:23.0093 2076 Autodesk Licensing Service (32a5defddc3562bf89d73586f5915b34) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:04:23.0109 2076 Autodesk Licensing Service - ok
17:04:23.0187 2076 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
17:04:23.0203 2076 avast! Antivirus - ok
17:04:23.0265 2076 b57w2k (48bf91cffbcdd12a710207f2a08fec4d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:04:23.0281 2076 b57w2k - ok
17:04:23.0328 2076 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:04:23.0468 2076 Beep - ok
17:04:23.0562 2076 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
17:04:23.0687 2076 BITS - ok
17:04:23.0796 2076 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
17:04:23.0843 2076 Bonjour Service - ok
17:04:23.0890 2076 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
17:04:24.0015 2076 Browser - ok
17:04:24.0062 2076 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:04:24.0203 2076 BthEnum - ok
17:04:24.0218 2076 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
17:04:24.0359 2076 BTHMODEM - ok
17:04:24.0390 2076 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:04:24.0500 2076 BthPan - ok
17:04:24.0562 2076 BTHPORT (164f186e09f26ba47b89e4db9b0aaf1e) C:\WINDOWS\system32\Drivers\BTHport.sys
17:04:24.0687 2076 BTHPORT - ok
17:04:24.0718 2076 BthServ (70ca4b3f634c9dca200832f8da76e009) C:\WINDOWS\System32\bthserv.dll
17:04:24.0843 2076 BthServ - ok
17:04:24.0875 2076 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:04:25.0000 2076 BTHUSB - ok
17:04:25.0031 2076 CAMCAUD (baa90d983f77759fc70c65a1ce3d3566) C:\WINDOWS\system32\drivers\camcaud.sys
17:04:25.0062 2076 CAMCAUD - ok
17:04:25.0109 2076 CAMCHALA (90d9c324df48bb8e3024e79f5c181784) C:\WINDOWS\system32\drivers\camchal.sys
17:04:25.0140 2076 CAMCHALA - ok
17:04:25.0171 2076 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:04:25.0296 2076 cbidf2k - ok
17:04:25.0312 2076 cd20xrnt - ok
17:04:25.0328 2076 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:04:25.0468 2076 Cdaudio - ok
17:04:25.0515 2076 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:04:25.0640 2076 Cdfs - ok
17:04:25.0656 2076 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:04:25.0765 2076 Cdrom - ok
17:04:25.0781 2076 Changer - ok
17:04:25.0812 2076 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
17:04:25.0937 2076 CiSvc - ok
17:04:25.0953 2076 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
17:04:26.0078 2076 ClipSrv - ok
17:04:26.0156 2076 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:04:26.0171 2076 clr_optimization_v2.0.50727_32 - ok
17:04:26.0187 2076 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:04:26.0312 2076 CmBatt - ok
17:04:26.0328 2076 CmdIde - ok
17:04:26.0359 2076 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:04:26.0484 2076 Compbatt - ok
17:04:26.0484 2076 COMSysApp - ok
17:04:26.0500 2076 Cpqarray - ok
17:04:26.0531 2076 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
17:04:26.0656 2076 CryptSvc - ok
17:04:26.0671 2076 dac2w2k - ok
17:04:26.0671 2076 dac960nt - ok
17:04:26.0765 2076 DcomLaunch (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
17:04:26.0890 2076 DcomLaunch - ok
17:04:26.0937 2076 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
17:04:27.0062 2076 Dhcp - ok
17:04:27.0078 2076 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:04:27.0203 2076 Disk - ok
17:04:27.0203 2076 dmadmin - ok
17:04:27.0359 2076 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
17:04:27.0500 2076 dmboot - ok
17:04:27.0531 2076 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
17:04:27.0656 2076 dmio - ok
17:04:27.0703 2076 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:04:27.0828 2076 dmload - ok
17:04:27.0875 2076 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
17:04:28.0000 2076 dmserver - ok
17:04:28.0015 2076 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:04:28.0156 2076 DMusic - ok
17:04:28.0171 2076 Dnscache (0634b791684b84f4a331f3d3536feef8) C:\WINDOWS\System32\dnsrslvr.dll
17:04:28.0296 2076 Dnscache - ok
17:04:28.0328 2076 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
17:04:28.0468 2076 Dot3svc - ok
17:04:28.0468 2076 dpti2o - ok
17:04:28.0500 2076 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:04:28.0609 2076 drmkaud - ok
17:04:28.0687 2076 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:04:28.0703 2076 dtsoftbus01 - ok
17:04:28.0734 2076 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
17:04:28.0859 2076 EapHost - ok
17:04:28.0906 2076 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
17:04:28.0921 2076 ElbyCDFL - ok
17:04:28.0968 2076 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
17:04:28.0984 2076 ElbyCDIO - ok
17:04:29.0031 2076 EpmPsd (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys
17:04:29.0062 2076 EpmPsd ( UnsignedFile.Multi.Generic ) - warning
17:04:29.0062 2076 EpmPsd - detected UnsignedFile.Multi.Generic (1)
17:04:29.0078 2076 EpmShd (b2d71ba438701b5f0368b958bea2dc62) C:\WINDOWS\system32\drivers\epm-shd.sys
17:04:29.0093 2076 EpmShd ( UnsignedFile.Multi.Generic ) - warning
17:04:29.0093 2076 EpmShd - detected UnsignedFile.Multi.Generic (1)
17:04:29.0125 2076 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
17:04:29.0281 2076 ERSvc - ok
17:04:29.0328 2076 Eventlog (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
17:04:29.0453 2076 Eventlog - ok
17:04:29.0500 2076 EventSystem (260c69fd67687b0dc062fc3d31655857) C:\WINDOWS\system32\es.dll
17:04:29.0625 2076 EventSystem - ok
17:04:29.0671 2076 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:04:29.0781 2076 Fastfat - ok
17:04:29.0859 2076 FastUserSwitchingCompatibility (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
17:04:29.0984 2076 FastUserSwitchingCompatibility - ok
17:04:30.0015 2076 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
17:04:30.0125 2076 Fdc - ok
17:04:30.0171 2076 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
17:04:30.0281 2076 Fips - ok
17:04:30.0296 2076 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
17:04:30.0421 2076 Flpydisk - ok
17:04:30.0453 2076 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
17:04:30.0578 2076 FltMgr - ok
17:04:30.0671 2076 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:04:30.0687 2076 FontCache3.0.0.0 - ok
17:04:30.0718 2076 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:04:30.0859 2076 Fs_Rec - ok
17:04:30.0875 2076 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:04:31.0015 2076 Ftdisk - ok
17:04:31.0078 2076 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:04:31.0093 2076 GEARAspiWDM - ok
17:04:31.0125 2076 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:04:31.0250 2076 Gpc - ok
17:04:31.0296 2076 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:04:31.0421 2076 helpsvc - ok
17:04:31.0437 2076 HidBth (0d349dc78c6ee16e655557e325a67d9c) C:\WINDOWS\system32\DRIVERS\hidbth.sys
17:04:31.0562 2076 HidBth - ok
17:04:31.0578 2076 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:04:31.0718 2076 hidusb - ok
17:04:31.0765 2076 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
17:04:31.0875 2076 hkmsvc - ok
17:04:31.0890 2076 hpn - ok
17:04:31.0937 2076 HSFHWICH (fac3b0a7ec158c4582d23eda4c5a56e9) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
17:04:32.0000 2076 HSFHWICH - ok
17:04:32.0171 2076 HSF_DP (e5add2afecbf514f5cca730edfdfb49e) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
17:04:32.0281 2076 HSF_DP - ok
17:04:32.0375 2076 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
17:04:32.0515 2076 HTTP - ok
17:04:32.0562 2076 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
17:04:32.0687 2076 HTTPFilter - ok
17:04:32.0703 2076 i2omgmt - ok
17:04:32.0703 2076 i2omp - ok
17:04:32.0734 2076 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:04:32.0890 2076 i8042prt - ok
17:04:33.0046 2076 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:04:33.0062 2076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:04:33.0062 2076 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:04:33.0281 2076 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:04:33.0375 2076 idsvc - ok
17:04:33.0406 2076 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:04:33.0515 2076 Imapi - ok
17:04:33.0609 2076 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
17:04:33.0734 2076 ImapiService - ok
17:04:33.0750 2076 ini910u - ok
17:04:33.0765 2076 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:04:33.0890 2076 IntelIde - ok
17:04:33.0921 2076 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:04:34.0046 2076 intelppm - ok
17:04:34.0093 2076 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
17:04:34.0218 2076 Ip6Fw - ok
17:04:34.0250 2076 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:04:34.0390 2076 IpFilterDriver - ok
17:04:34.0406 2076 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:04:34.0531 2076 IpInIp - ok
17:04:34.0578 2076 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:04:34.0687 2076 IpNat - ok
17:04:34.0875 2076 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
17:04:34.0968 2076 iPod Service - ok
17:04:35.0000 2076 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:04:35.0109 2076 IPSec - ok
17:04:35.0171 2076 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
17:04:35.0281 2076 irda - ok
17:04:35.0328 2076 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:04:35.0484 2076 IRENUM - ok
17:04:35.0531 2076 Irmon (8024ea8c5b2d2a4d201f418b0aadb804) C:\WINDOWS\System32\irmon.dll
17:04:35.0656 2076 Irmon - ok
17:04:35.0671 2076 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:04:35.0796 2076 isapnp - ok
17:04:35.0906 2076 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
17:04:35.0937 2076 JavaQuickStarterService - ok
17:04:35.0953 2076 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:04:36.0078 2076 Kbdclass - ok
17:04:36.0093 2076 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:04:36.0218 2076 kbdhid - ok
17:04:36.0281 2076 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:04:36.0421 2076 kmixer - ok
17:04:36.0468 2076 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
17:04:36.0578 2076 KSecDD - ok
17:04:36.0625 2076 lanmanserver (21920ac69594ab021237054fa728fe46) C:\WINDOWS\System32\srvsvc.dll
17:04:36.0750 2076 lanmanserver - ok
17:04:36.0828 2076 lanmanworkstation (5190783f51a2d7a8495202c664d7c963) C:\WINDOWS\System32\wkssvc.dll
17:04:36.0953 2076 lanmanworkstation - ok
17:04:36.0968 2076 lbrtfdc - ok
17:04:37.0031 2076 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
17:04:37.0140 2076 LmHosts - ok
17:04:37.0171 2076 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:04:37.0234 2076 mdmxsdk - ok
17:04:37.0250 2076 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
17:04:37.0375 2076 Messenger - ok
17:04:37.0406 2076 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:04:37.0546 2076 mnmdd - ok
17:04:37.0578 2076 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
17:04:37.0703 2076 mnmsrvc - ok
17:04:37.0718 2076 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
17:04:37.0828 2076 Modem - ok
17:04:37.0875 2076 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:04:37.0984 2076 Mouclass - ok
17:04:38.0031 2076 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:04:38.0156 2076 mouhid - ok
17:04:38.0187 2076 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:04:38.0296 2076 MountMgr - ok
17:04:38.0296 2076 mraid35x - ok
17:04:38.0312 2076 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:04:38.0437 2076 MRxDAV - ok
17:04:38.0500 2076 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:04:38.0625 2076 MRxSmb - ok
17:04:38.0937 2076 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
17:04:39.0062 2076 MSDTC - ok
17:04:39.0109 2076 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:04:39.0218 2076 Msfs - ok
17:04:39.0234 2076 MSIServer - ok
17:04:39.0250 2076 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:04:39.0375 2076 MSKSSRV - ok
17:04:39.0375 2076 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:04:39.0500 2076 MSPCLOCK - ok
17:04:39.0531 2076 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:04:39.0671 2076 MSPQM - ok
17:04:39.0703 2076 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:04:39.0828 2076 mssmbios - ok
17:04:41.0515 2076 MSSQL$AUTODESKVAULT (751961e128dbcc7a32304339c4bdeff0) C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
17:04:42.0765 2076 MSSQL$AUTODESKVAULT ( UnsignedFile.Multi.Generic ) - warning
17:04:42.0765 2076 MSSQL$AUTODESKVAULT - detected UnsignedFile.Multi.Generic (1)
17:04:42.0796 2076 MSSQLServerADHelper (1d1b22613eab9287af902398867bc93c) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
17:04:42.0812 2076 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
17:04:42.0812 2076 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
17:04:42.0953 2076 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
17:04:43.0062 2076 Mup - ok
17:04:43.0125 2076 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
17:04:43.0265 2076 napagent - ok
17:04:43.0312 2076 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:04:43.0437 2076 NDIS - ok
17:04:43.0453 2076 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:04:43.0578 2076 NdisTapi - ok
17:04:43.0609 2076 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:04:43.0718 2076 Ndisuio - ok
17:04:43.0734 2076 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:04:43.0859 2076 NdisWan - ok
17:04:43.0859 2076 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
17:04:43.0984 2076 NDProxy - ok
17:04:44.0015 2076 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:04:44.0140 2076 NetBIOS - ok
17:04:44.0203 2076 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:04:44.0328 2076 NetBT - ok
17:04:44.0375 2076 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
17:04:44.0500 2076 NetDDE - ok
17:04:44.0515 2076 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
17:04:44.0625 2076 NetDDEdsdm - ok
17:04:44.0656 2076 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:04:44.0781 2076 Netlogon - ok
17:04:44.0828 2076 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
17:04:44.0968 2076 Netman - ok
17:04:45.0062 2076 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:04:45.0093 2076 NetTcpPortSharing - ok
17:04:45.0125 2076 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:04:45.0250 2076 NIC1394 - ok
17:04:45.0312 2076 Nla (aac97dab5f8a0573cf10e0eac42a7724) C:\WINDOWS\System32\mswsock.dll
17:04:45.0437 2076 Nla - ok
17:04:45.0453 2076 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:04:45.0578 2076 Npfs - ok
17:04:45.0609 2076 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
17:04:45.0734 2076 NSCIRDA - ok
17:04:45.0828 2076 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:04:45.0984 2076 Ntfs - ok
17:04:46.0000 2076 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:04:46.0109 2076 NtLmSsp - ok
17:04:46.0203 2076 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
17:04:46.0375 2076 NtmsSvc - ok
17:04:46.0406 2076 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:04:46.0531 2076 Null - ok
17:04:46.0562 2076 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:04:46.0687 2076 NwlnkFlt - ok
17:04:46.0718 2076 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:04:46.0843 2076 NwlnkFwd - ok
17:04:47.0000 2076 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:04:47.0046 2076 odserv - ok
17:04:47.0078 2076 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:04:47.0203 2076 ohci1394 - ok
17:04:47.0234 2076 osaio (b270a30ae97524e7edb5eca7b2afb846) C:\WINDOWS\system32\drivers\osaio.sys
17:04:47.0265 2076 osaio ( UnsignedFile.Multi.Generic ) - warning
17:04:47.0265 2076 osaio - detected UnsignedFile.Multi.Generic (1)
17:04:47.0296 2076 osanbm (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys
17:04:47.0312 2076 osanbm ( UnsignedFile.Multi.Generic ) - warning
17:04:47.0312 2076 osanbm - detected UnsignedFile.Multi.Generic (1)
17:04:47.0375 2076 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:04:47.0406 2076 ose - ok
17:04:47.0437 2076 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
17:04:47.0593 2076 Parport - ok
17:04:47.0609 2076 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:04:47.0734 2076 PartMgr - ok
17:04:47.0765 2076 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
17:04:47.0906 2076 ParVdm - ok
17:04:47.0953 2076 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:04:47.0984 2076 pccsmcfd - ok
17:04:48.0000 2076 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
17:04:48.0125 2076 PCI - ok
17:04:48.0140 2076 PCIDump - ok
17:04:48.0156 2076 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\drivers\PCIIde.sys
17:04:48.0296 2076 PCIIde - ok
17:04:48.0312 2076 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:04:48.0437 2076 Pcmcia - ok
17:04:48.0437 2076 PDCOMP - ok
17:04:48.0453 2076 PDFRAME - ok
17:04:48.0453 2076 PDRELI - ok
17:04:48.0468 2076 PDRFRAME - ok
17:04:48.0468 2076 perc2 - ok
17:04:48.0484 2076 perc2hib - ok
17:04:48.0531 2076 PlugPlay (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
17:04:48.0640 2076 PlugPlay - ok
17:04:48.0671 2076 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:04:48.0781 2076 PolicyAgent - ok
17:04:48.0796 2076 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:04:48.0906 2076 PptpMiniport - ok
17:04:48.0921 2076 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:04:49.0031 2076 ProtectedStorage - ok
17:04:49.0046 2076 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:04:49.0171 2076 PSched - ok
17:04:49.0203 2076 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:04:49.0328 2076 Ptilink - ok
17:04:49.0343 2076 ql1080 - ok
17:04:49.0359 2076 Ql10wnt - ok
17:04:49.0359 2076 ql12160 - ok
17:04:49.0375 2076 ql1240 - ok
17:04:49.0375 2076 ql1280 - ok
17:04:49.0375 2076 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:04:49.0515 2076 RasAcd - ok
17:04:49.0578 2076 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
17:04:49.0687 2076 RasAuto - ok
17:04:49.0734 2076 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
17:04:49.0796 2076 Rasirda - ok
17:04:49.0828 2076 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:04:49.0953 2076 Rasl2tp - ok
17:04:50.0015 2076 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
17:04:50.0140 2076 RasMan - ok
17:04:50.0156 2076 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:04:50.0265 2076 RasPppoe - ok
17:04:50.0281 2076 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:04:50.0406 2076 Raspti - ok
17:04:50.0468 2076 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:04:50.0593 2076 Rdbss - ok
17:04:50.0609 2076 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:04:50.0750 2076 RDPCDD - ok
17:04:50.0796 2076 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:04:50.0921 2076 rdpdr - ok
17:04:50.0968 2076 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
17:04:51.0078 2076 RDPWD - ok
17:04:51.0109 2076 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
17:04:51.0250 2076 RDSessMgr - ok
17:04:51.0265 2076 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:04:51.0390 2076 redbook - ok
17:04:51.0421 2076 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
17:04:51.0546 2076 RemoteAccess - ok
17:04:51.0593 2076 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
17:04:51.0718 2076 RemoteRegistry - ok
17:04:51.0750 2076 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:04:51.0875 2076 RFCOMM - ok
17:04:51.0906 2076 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
17:04:52.0015 2076 RpcLocator - ok
17:04:52.0109 2076 RpcSs (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\System32\rpcss.dll
17:04:52.0265 2076 RpcSs - ok
17:04:52.0296 2076 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
17:04:52.0421 2076 RSVP - ok
17:04:52.0437 2076 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
17:04:52.0562 2076 SamSs - ok
17:04:52.0593 2076 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
17:04:52.0718 2076 SCardSvr - ok
17:04:52.0750 2076 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
17:04:52.0875 2076 Schedule - ok
17:04:52.0921 2076 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:04:53.0031 2076 Secdrv - ok
17:04:53.0062 2076 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
17:04:53.0171 2076 seclogon - ok
17:04:53.0203 2076 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
17:04:53.0328 2076 SENS - ok
17:04:53.0343 2076 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
17:04:53.0468 2076 Serial - ok
17:04:53.0703 2076 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:04:53.0750 2076 ServiceLayer - ok
17:04:53.0796 2076 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:04:53.0921 2076 Sfloppy - ok
17:04:54.0000 2076 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
17:04:54.0156 2076 SharedAccess - ok
17:04:54.0203 2076 ShellHWDetection (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
17:04:54.0312 2076 ShellHWDetection - ok
17:04:54.0328 2076 Simbad - ok
17:04:54.0343 2076 Sparrow - ok
17:04:54.0375 2076 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:04:54.0500 2076 splitter - ok
17:04:54.0515 2076 Spooler (cb1090bca0e7b40d0b5b4e4d66531809) C:\WINDOWS\system32\spoolsv.exe
17:04:54.0640 2076 Spooler - ok
17:04:54.0671 2076 sp_rsdrv2 (7b426b8e809edf081d771ef429345528) C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
17:04:54.0687 2076 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
17:04:54.0687 2076 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
17:04:54.0828 2076 SQLAgent$AUTODESKVAULT (352e375ab298c23b0f9bc307652c7f50) C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE
17:04:54.0843 2076 SQLAgent$AUTODESKVAULT ( UnsignedFile.Multi.Generic ) - warning
17:04:54.0843 2076 SQLAgent$AUTODESKVAULT - detected UnsignedFile.Multi.Generic (1)
17:04:54.0859 2076 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
17:04:54.0984 2076 sr - ok
17:04:55.0015 2076 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
17:04:55.0140 2076 srservice - ok
17:04:55.0171 2076 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
17:04:55.0296 2076 Srv - ok
17:04:55.0328 2076 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
17:04:55.0437 2076 SSDPSRV - ok
17:04:55.0578 2076 ST2012_Svc (9fdc73c22195bcee996f63499bb1318c) C:\Program Files\Spyware Terminator\st_rsser.exe
17:04:55.0593 2076 ST2012_Svc - ok
17:04:55.0671 2076 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
17:04:55.0843 2076 stisvc - ok
17:04:55.0890 2076 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:04:56.0000 2076 swenum - ok
17:04:56.0031 2076 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:04:56.0156 2076 swmidi - ok
17:04:56.0171 2076 SwPrv - ok
17:04:56.0171 2076 symc810 - ok
17:04:56.0187 2076 symc8xx - ok
17:04:56.0187 2076 sym_hi - ok
17:04:56.0203 2076 sym_u3 - ok
17:04:56.0218 2076 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:04:56.0343 2076 sysaudio - ok
17:04:56.0390 2076 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
17:04:56.0531 2076 SysmonLog - ok
17:04:56.0593 2076 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
17:04:56.0718 2076 TapiSrv - ok
17:04:56.0812 2076 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:04:56.0968 2076 Tcpip - ok
17:04:56.0984 2076 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:04:57.0109 2076 TDPIPE - ok
17:04:57.0140 2076 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:04:57.0250 2076 TDTCP - ok
17:04:57.0281 2076 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:04:57.0406 2076 TermDD - ok
17:04:57.0484 2076 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
17:04:57.0625 2076 TermService - ok
17:04:57.0656 2076 Themes (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
17:04:57.0765 2076 Themes - ok
17:04:57.0812 2076 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
17:04:57.0937 2076 TlntSvr - ok
17:04:57.0937 2076 TosIde - ok
17:04:57.0968 2076 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
17:04:58.0093 2076 TrkWks - ok
17:04:58.0109 2076 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:04:58.0234 2076 Udfs - ok
17:04:58.0250 2076 ultra - ok
17:04:58.0343 2076 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:04:58.0484 2076 Update - ok
17:04:58.0546 2076 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
17:04:58.0671 2076 upnphost - ok
17:04:58.0703 2076 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
17:04:58.0828 2076 UPS - ok
17:04:58.0859 2076 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:04:58.0890 2076 USBAAPL - ok
17:04:58.0921 2076 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:04:59.0046 2076 usbehci - ok
17:04:59.0062 2076 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:04:59.0203 2076 usbhub - ok
17:04:59.0234 2076 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:04:59.0343 2076 usbscan - ok
17:04:59.0390 2076 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
17:04:59.0500 2076 usbser - ok
17:04:59.0531 2076 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:04:59.0656 2076 USBSTOR - ok
17:04:59.0687 2076 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:04:59.0828 2076 usbuhci - ok
17:04:59.0843 2076 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:04:59.0968 2076 VgaSave - ok
17:04:59.0984 2076 ViaIde - ok
17:05:00.0000 2076 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
17:05:00.0125 2076 VolSnap - ok
17:05:00.0203 2076 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
17:05:00.0343 2076 VSS - ok
17:05:00.0937 2076 w29n51 (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
17:05:01.0156 2076 w29n51 - ok
17:05:01.0312 2076 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
17:05:01.0453 2076 W32Time - ok
17:05:01.0500 2076 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:05:01.0625 2076 Wanarp - ok
17:05:01.0734 2076 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:05:01.0765 2076 Wdf01000 - ok
17:05:01.0765 2076 WDICA - ok
17:05:01.0812 2076 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:05:01.0937 2076 wdmaud - ok
17:05:01.0953 2076 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
17:05:02.0078 2076 WebClient - ok
17:05:02.0218 2076 winachsf (2e84a40836b2a8dc523cb530c7262ac3) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:05:02.0359 2076 winachsf - ok
17:05:02.0453 2076 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
17:05:02.0593 2076 winmgmt - ok
17:05:02.0640 2076 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
17:05:02.0671 2076 WmdmPmSN - ok
17:05:02.0828 2076 Wmi (6538d6bde04b56737fe743c24d4ce83d) C:\WINDOWS\System32\advapi32.dll
17:05:03.0015 2076 Wmi - ok
17:05:03.0062 2076 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:05:03.0187 2076 WmiApSrv - ok
17:05:03.0250 2076 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:05:03.0265 2076 WpdUsb - ok
17:05:03.0312 2076 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:05:03.0453 2076 WS2IFSL - ok
17:05:03.0484 2076 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
17:05:03.0625 2076 wscsvc - ok
17:05:03.0640 2076 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
17:05:03.0765 2076 wuauserv - ok
17:05:03.0812 2076 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:05:03.0843 2076 WudfPf - ok
17:05:03.0859 2076 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:05:03.0906 2076 WudfRd - ok
17:05:03.0937 2076 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
17:05:03.0953 2076 WudfSvc - ok
17:05:04.0062 2076 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
17:05:04.0187 2076 WZCSVC - ok
17:05:04.0250 2076 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
17:05:04.0390 2076 xmlprov - ok
17:05:04.0421 2076 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
17:05:05.0187 2076 \Device\Harddisk0\DR0 - ok
17:05:05.0187 2076 Boot (0x1200) (3875a6cfc00d997104e6ca2768976218) \Device\Harddisk0\DR0\Partition0
17:05:05.0187 2076 \Device\Harddisk0\DR0\Partition0 - ok
17:05:05.0218 2076 Boot (0x1200) (3210909fac3121ad932ce42acd6c5a9f) \Device\Harddisk0\DR0\Partition1
17:05:05.0218 2076 \Device\Harddisk0\DR0\Partition1 - ok
17:05:05.0234 2076 ============================================================
17:05:05.0234 2076 Scan finished
17:05:05.0234 2076 ============================================================
17:05:05.0343 2308 Detected object count: 12
17:05:05.0343 2308 Actual detected object count: 12
17:05:37.0484 2308 anbmService ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 anbmService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 Autodesk Data Management Job Dispatch ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 Autodesk Data Management Job Dispatch ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 Autodesk EDM Server ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 Autodesk EDM Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 EpmPsd ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 EpmPsd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 EpmShd ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 EpmShd ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 MSSQL$AUTODESKVAULT ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 MSSQL$AUTODESKVAULT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0484 2308 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0484 2308 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0500 2308 osaio ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0500 2308 osaio ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0500 2308 osanbm ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0500 2308 osanbm ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0500 2308 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0500 2308 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:05:37.0500 2308 SQLAgent$AUTODESKVAULT ( UnsignedFile.Multi.Generic ) - skipped by user
17:05:37.0500 2308 SQLAgent$AUTODESKVAULT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Danstahr · #10 Příspěvek od **Danstahr** » 16 črc 2012 06:43

Pozor! Tato utilita má velkou schopnost mazat a její použití je určeno výhradně členům týmu tohoto fóra. Svévolné použití může vést ke zboření a reinstalaci systému

Stáhněte ComboFix a uložte jej na Plochu.

Vypněte všechny rezidentní štíty antivirů a všechny programy běžící na pozadí.

Spusťte ComboFix s administrátorským oprávněním.

Potvrďte licenční podmínky a případně i instalaci konzoly pro zotavení

Během skenu nechte počítač naprosto v klidu.

Sken trvá zhruba 15 minut, ale doba se může lišit v závislosti na stavu systému

Po dokončení skenu se zobrazí log (pokud by se neotevřel, lze jej nalézt na systémovém disku jako ComboFix.txt), obsah logu vložte sem

ComboFixu si do dalšího pokynu nevšímejte

manatte · #11 Příspěvek od **manatte** » 16 črc 2012 18:26

Dobrý den, vkládám log:

ComboFix 12-07-16.01 - Administrator 16.07.2012 19:00:44.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1503 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\isRS-000.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-16 do 2012-07-16 )))))))))))))))))))))))))))))))
.
.
2012-07-15 13:24 . 2012-07-15 13:24 512 ----a-w- C:\PhysicalMBR.bin
2012-07-15 12:18 . 2012-07-15 12:19 -------- d-----w- C:\rsit
2012-07-15 08:15 . 2012-07-15 08:15 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 11:46 . 2012-03-20 20:25 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-03-28 188416]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-03-24 2880512]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2012-02-20 3669680]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - [N/A]
Service Manager.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12.2.2012 22:02 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.2.2011 10:03 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3.2.2011 10:58 218688]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [20.3.2012 22:21 32768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.2.2011 10:03 20568]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL =
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 158.196.162.8 158.196.149.9
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-16 19:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-07-16 19:20:13
ComboFix-quarantined-files.txt 2012-07-16 17:20
.
Před spuštěním: Volných bajtů: 13 648 248 832
Po spuštění: Volných bajtů: 13 593 513 984
.
- - End Of File - - 48A0685594910ECC0538C0F3991C25DD

Danstahr · #12 Příspěvek od **Danstahr** » 16 črc 2012 20:28

I po několikerých restartech stále přetrvává stejný problém?

manatte · #13 Příspěvek od **manatte** » 16 črc 2012 20:34

Momentálně po restartu vše ok!

Danstahr · #14 Příspěvek od **Danstahr** » 16 črc 2012 21:35

Přesuňte ComboFix na Plochu.

Otevřete Poznámkový blok, vložte do něj následující text a uložte soubor na Plochu jako CFScript.txt. Pak soubor přetáhněte na ikonu ComboFixu. Po restartu se otevře log, ten sem vložte.

Kód: Vybrat vše

killall::

file::
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Service Manager.lnk
C:\Documents and Settings\Administrator\Dokumenty\Downloads\Nero_10.5.10500_+_Serial_+_Crack.rar
C:\Documents and Settings\Administrator\Dokumenty\Downloads\autocad-2012-keygen.rar
C:\Documents and Settings\Administrator\Dokumenty\Downloads\AVS Video Converter 7.0.3.453 + Crack.rar
C:\Documents and Settings\Administrator\Dokumenty\Downloads\Nero_10.5.10500_+_Serial_+_Crack.rar

registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"SpywareTerminatorUpdater"=-
"QuickTime Task"=-

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=-

reboot::

manatte · #15 Příspěvek od **manatte** » 17 črc 2012 17:47

Dobry den, tak dnes opet komplet zasekane. Prijde mi to jakoby na notasu bezela nejaka smycka a vytezovala ho do plna.

Zde dnesni log:

ComboFix 12-07-16.01 - Administrator 17.07.2012 18:04:45.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1616 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\Administrator\Dokumenty\Downloads\autocad-2012-keygen.rar"
"c:\documents and settings\Administrator\Dokumenty\Downloads\AVS Video Converter 7.0.3.453 + Crack.rar"
"c:\documents and settings\Administrator\Dokumenty\Downloads\Nero_10.5.10500_+_Serial_+_Crack.rar"
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk"
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Service Manager.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\host32.exe
c:\windows\svchost.dll
c:\windows\system32\accies98.dll
c:\windows\system32\arprmdg0.dll
c:\windows\system32\avload32.dll
c:\windows\system32\avpe32.dll
c:\windows\system32\avpx32.dll
c:\windows\system32\axxt32.dll
c:\windows\system32\bmtdhh.dll
c:\windows\system32\browsemu.dll
c:\windows\system32\bt848rom.dll
c:\windows\system32\clbdll.dll
c:\windows\system32\directpt.dll
c:\windows\system32\directut.dll
c:\windows\system32\dll.dll
c:\windows\system32\docent0.dll
c:\windows\system32\docent2.dll
c:\windows\system32\dvd4free.dll
c:\windows\system32\dxtpdx.dll
c:\windows\system32\extxerox.dll
c:\windows\system32\hpprintx.dll
c:\windows\system32\iesdl4l.dll
c:\windows\system32\KernelDrv.exe
c:\windows\system32\kernelwind32.exe
c:\windows\system32\ksapgh.dll
c:\windows\system32\lanmui.dll
c:\windows\system32\mmx4xt.dll
c:\windows\system32\msindeo.dll
c:\windows\system32\msliksurcredo.dll
c:\windows\system32\msliksurdns.dll
c:\windows\system32\Mspdnx.dll
c:\windows\system32\msvcrl.dll
c:\windows\system32\ntos.exe
c:\windows\system32\obbn13t.dll
c:\windows\system32\pasksa.dll
c:\windows\system32\pptp16.dll
c:\windows\system32\pptp32.dll
c:\windows\system32\qo.dll
c:\windows\system32\satdll.dll
c:\windows\system32\scsiusr4.dll
c:\windows\system32\sdra64.exe
c:\windows\system32\se500mdm.dll
c:\windows\system32\tcpwrk.dll
c:\windows\system32\twext.exe
c:\windows\system32\xptptt.dll
c:\windows\system32\yvpp01.dll
c:\windows\system32\yvsvga.dll
c:\windows\system32\zopenssl.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-17 do 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-15 13:24 . 2012-07-15 13:24 512 ----a-w- C:\PhysicalMBR.bin
2012-07-15 12:18 . 2012-07-15 12:19 -------- d-----w- C:\rsit
2012-07-15 08:15 . 2012-07-15 08:15 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 11:46 . 2012-03-20 20:25 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-16_17.15.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-17 16:29 . 2012-07-17 16:29 16384 c:\windows\temp\Perflib_Perfdata_5c0.dat
+ 2012-07-17 16:29 . 2012-07-17 16:29 16384 c:\windows\temp\Perflib_Perfdata_12c.dat
+ 2001-10-25 12:00 . 2012-07-17 16:07 80606 c:\windows\system32\perfc009.dat
- 2001-10-25 12:00 . 2012-03-13 11:26 80606 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2012-07-17 16:07 92496 c:\windows\system32\perfc005.dat
- 2001-10-25 12:00 . 2012-03-13 11:26 92496 c:\windows\system32\perfc005.dat
- 2001-10-25 12:00 . 2012-03-13 11:26 462690 c:\windows\system32\perfh009.dat
+ 2001-10-25 12:00 . 2012-07-17 16:07 462690 c:\windows\system32\perfh009.dat
+ 2001-10-25 12:00 . 2012-07-17 16:07 459794 c:\windows\system32\perfh005.dat
- 2001-10-25 12:00 . 2012-03-13 11:26 459794 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-03-28 188416]
"ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-03-24 2880512]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2010-03-31 249856]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-02-20 2786480]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Akcelerátor spuštění AutoCADu.lnk - [N/A]
Service Manager.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12.2.2012 22:02 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.2.2011 10:03 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [3.2.2011 10:58 218688]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [20.3.2012 22:21 32768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.2.2011 10:03 20568]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [20.3.2012 22:20 482992]
S3 SQLAgent$AUTODESKVAULT;SQLAgent$AUTODESKVAULT;c:\program files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE [3.5.2005 22:42 323584]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL =
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 158.196.162.8 158.196.149.9
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-17 18:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(940)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1372)
c:\windows\system32\msi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\eManager\anbmServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
c:\program files\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2012-07-17 18:43:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-17 16:43
ComboFix2.txt 2012-07-16 17:20
.
Před spuštěním: Volných bajtů: 13 297 303 552
Po spuštění: Volných bajtů: 13 290 369 024
.
- - End Of File - - 0E5C996A34692787A422D1FC42AADB73

VIRY.CZ

vytížení pc na 100%

vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%

Re: vytížení pc na 100%