Prosím o pomoc - AVG mi detekuje stále trojany

Zpráva

hkotrc · #1 Příspěvek od **hkotrc** » 11 zář 2012 21:57

Dobrý den,
prosím vás o pomoc. AVG mi detekuje trojany v každém testu, při každém spuštění Chromu zahlásí nález také.
Poradil by mi tu někdo?

Přikládám log RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Spravce at 2012-09-11 22:55:01
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (11%) free of 119 GB
Total RAM: 2047 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:14, on 11.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\windows\system32\ctfmon.exe
C:\windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\windows\system32\svchost.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\windows\system32\nvsvc32.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\windows\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\System32\alg.exe
C:\windows\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Dokumenty\Downloads\RSIT.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Spravce.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sezna.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: YouTubeUploaderLib.YouTubeUploaderLib - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll
O3 - Toolbar: aTube Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1424
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download by VersalSoft Internet Download - C:\Program Files\VersalSoft\InternetDownload\adddownload.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: vToolbarUpdater12.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe

--
End of file - 14273 bytes

======Scheduled tasks folder======

C:\windows\tasks\1-Click Maintenance.job
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AdobeAAMUpdater-1.0-PC-Spravce.job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\jdj2bd2r.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "avg@igeared:6.103.018.001, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, jqs@sun.com:1.0, {4CFC8387-5FB1-47C1-8AA4-5B7B906A591E}:1.0, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\12.2.0.5\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\windows\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
ssldivx.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
avg_igeared.xml
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\jdj2bd2r.default\extensions\
{43c35458-c907-439b-bcfd-07d373834689}

C:\Documents and Settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\jdj2bd2r.default\searchplugins\
askcom.xml
icq-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2012-06-24 1417336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-25 329480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll [2012-08-14 2045024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-09-27 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}]
PDF-XChange Viewer IE-Plugin - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll [2008-05-22 1099968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-25 59144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-25 79624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-09-27 2403392]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program Files\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
{D4027C7F-154A-4066-A1AD-4243D8127440} - aTube Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-08-23 1515688]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll [2012-08-14 2045024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"=C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [2008-06-25 5625344]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2008-06-13 16871936]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-12-31 500208]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-08-14 1162848]
"ROC_roc_ssl_v12"=C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe [2012-08-14 1020512]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2008-03-11 13520896]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1424 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-07-04 148776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Game Files\Test Drive Unlimited\TestDriveUnlimited.exe"="E:\Game Files\Test Drive Unlimited\TestDriveUnlimited.exe:*:Disabled:Test Drive Unlimited"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe"="C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe:*:Enabled:SeaMonkey"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Corel\DVD9\WinDVD.exe"="C:\Program Files\Corel\DVD9\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Namu6\Namu6.exe"="C:\Program Files\Namu6\Namu6.exe:*:Enabled:Namu6"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"E:\Game Files\Counter-Strike Source\hl2.exe"="E:\Game Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\AVG\AVG2012\avgnsx.exe"="C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2012\avgdiagex.exe"="C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"C:\Program Files\AVG\AVG2012\avgemcx.exe"="C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\windows\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"msacm.vorbis"=vorbis.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=yv12vfw.dll
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.VP40"=vp4vfw.dll
"msacm.voxacm160"=vct3216.acm
"MSVideo"=vfwwdm32.dll
"vidc.VP70"=vp7vfw.dll
"vidc.X264"=x264vfw.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.DRAW"=DVIDEO.DLL
"VIDC.MSUD"=msulvc05.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wavemapper"=msacm32.drv
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
"VIDC.FMVC"=fmcodec.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-09-11 22:55:01 ----D---- C:\rsit
2012-09-11 22:55:01 ----D---- C:\Program Files\trend micro
2012-09-11 22:11:38 ----A---- C:\windows\system32\h323log.txt
2012-09-10 21:53:07 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
2012-09-08 14:25:32 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
2012-09-06 20:05:57 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
2012-09-06 20:05:57 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
2012-09-06 20:00:49 ----A---- C:\windows\system32\CNHMCA.dll
2012-09-06 20:00:49 ----A---- C:\windows\system32\CNC5200U.dll
2012-09-06 20:00:49 ----A---- C:\windows\system32\CNC5200L.dll
2012-09-06 20:00:49 ----A---- C:\windows\system32\CNC5200I.dll
2012-09-06 20:00:49 ----A---- C:\windows\system32\CNC5200C.dll
2012-09-06 19:48:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
2012-09-06 19:47:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
2012-09-06 19:43:15 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2012-09-06 19:43:05 ----A---- C:\windows\system32\CNMLMAE.DLL
2012-09-06 19:43:01 ----HD---- C:\windows\system32\CanonIJ Uninstaller Information
2012-09-06 19:42:58 ----A---- C:\windows\system32\CNC5200O.dll
2012-09-06 19:42:51 ----A---- C:\windows\system32\CNMIUAE.DLL
2012-09-06 19:42:40 ----HD---- C:\Program Files\CanonBJ
2012-09-06 19:42:24 ----D---- C:\windows\system32\STRING
2012-09-06 19:42:24 ----A---- C:\windows\system32\CNMNPUI.DLL
2012-09-06 19:42:24 ----A---- C:\windows\system32\CNMNPPM.DLL
2012-09-06 19:41:52 ----D---- C:\Program Files\Canon
2012-08-26 20:09:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\APN
2012-08-25 15:42:21 ----A---- C:\windows\system32\drivers\85966516.sys
2012-08-25 11:33:18 ----A---- C:\windows\system32\drivers\0048461drv.sys
2012-08-24 22:15:14 ----A---- C:\windows\system32\drivers\41280367.sys
2012-08-24 16:02:11 ----A---- C:\windows\system32\drivers\31115512.sys
2012-08-14 19:57:19 ----D---- C:\Program Files\Microsoft Silverlight
2012-08-14 19:56:14 ----D---- C:\Program Files\CrystalDiskInfo
2012-08-14 19:56:14 ----D---- C:\Documents and Settings\Spravce\Data aplikací\OpenCandy
2012-08-14 17:57:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2012-08-14 17:56:53 ----D---- C:\Documents and Settings\Spravce\Data aplikací\AVG Secure Search
2012-08-14 17:56:50 ----A---- C:\windows\system32\drivers\avgtpx86.sys
2012-08-14 17:56:48 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-08-14 17:56:47 ----D---- C:\Program Files\AVG Secure Search
2012-08-14 17:55:33 ----D---- C:\Documents and Settings\Spravce\Data aplikací\AVG2012
2012-08-14 17:54:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2012
2012-08-14 00:32:02 ----A---- C:\windows\system32\drivers\23316757.sys
2012-08-14 00:28:01 ----SHD---- C:\RECYCLER
2012-08-13 23:10:35 ----A---- C:\ComboFix.txt
2012-08-13 20:57:39 ----D---- C:\Documents and Settings\Spravce\Data aplikací\Malwarebytes
2012-08-13 20:57:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes

======List of files/folders modified in the last 1 month======

2012-09-11 22:55:01 ----RD---- C:\Program Files
2012-09-11 22:54:57 ----D---- C:\windows\Prefetch
2012-09-11 22:44:15 ----D---- C:\windows\Temp
2012-09-11 22:26:17 ----D---- C:\Program Files\Mozilla Firefox
2012-09-11 22:13:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2012-09-11 22:13:22 ----D---- C:\windows\system32\drivers\AVG
2012-09-11 22:11:38 ----D---- C:\windows\system32
2012-09-11 10:05:13 ----A---- C:\windows\NeroDigital.ini
2012-09-11 10:04:30 ----D---- C:\WINDOWS
2012-09-11 10:04:24 ----D---- C:\windows\system32\CatRoot2
2012-09-11 10:01:21 ----D---- C:\windows\system32\drivers
2012-09-11 10:00:07 ----A---- C:\windows\SchedLgU.Txt
2012-09-11 09:38:31 ----SHD---- C:\windows\Installer
2012-09-11 09:38:26 ----D---- C:\Config.Msi
2012-09-11 09:38:16 ----RSHDC---- C:\windows\system32\dllcache
2012-09-11 09:37:05 ----HD---- C:\windows\inf
2012-09-10 21:53:07 ----D---- C:\Documents and Settings\Spravce\Data aplikací\Canon
2012-09-10 14:46:30 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-09-10 10:53:23 ----RD---- C:\Dokumenty
2012-09-10 09:09:37 ----D---- C:\Program Files\Spyware Terminator
2012-09-10 09:09:37 ----D---- C:\Documents and Settings\Spravce\Data aplikací\uTorrent
2012-09-10 09:09:37 ----D---- C:\Documents and Settings\Spravce\Data aplikací\Skype
2012-09-07 08:10:37 ----D---- C:\Program Files\CyberLink
2012-09-07 08:10:03 ----D---- C:\Documents and Settings\Spravce\Data aplikací\COWON
2012-09-07 08:09:58 ----D---- C:\Program Files\Common Files
2012-09-06 20:00:50 ----D---- C:\windows\twain_32
2012-09-03 08:57:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-09-03 08:49:23 ----A---- C:\windows\system32\FlashPlayerApp.exe
2012-08-29 16:29:05 ----AC---- C:\windows\system32\PerfStringBackup.INI
2012-08-25 22:00:47 ----D---- C:\windows\system32\cs-cz
2012-08-25 22:00:46 ----D---- C:\windows\Help
2012-08-25 22:00:46 ----D---- C:\Program Files\Internet Explorer
2012-08-25 21:53:18 ----D---- C:\windows\ie8updates
2012-08-25 21:52:34 ----D---- C:\windows\WBEM
2012-08-25 21:34:52 ----HD---- C:\windows\$hf_mig$
2012-08-25 21:25:27 ----D---- C:\Program Files\Java
2012-08-25 21:25:26 ----D---- C:\Program Files\Common Files\Java
2012-08-19 22:33:10 ----SD---- C:\windows\Tasks
2012-08-14 19:57:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-14 17:58:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2012-08-14 17:54:20 ----D---- C:\Program Files\AVG
2012-08-14 09:19:41 ----SHD---- C:\System Volume Information
2012-08-14 09:19:41 ----D---- C:\windows\system32\Restore
2012-08-13 23:10:40 ----AD---- C:\Qoobox
2012-08-13 23:05:37 ----A---- C:\windows\system.ini
2012-08-13 23:05:20 ----D---- C:\windows\system32\drivers\etc
2012-08-13 23:03:00 ----D---- C:\windows\system32\config
2012-08-13 23:02:51 ----D---- C:\windows\ERDNT
2012-08-13 23:01:12 ----D---- C:\windows\AppPatch
2012-08-13 22:39:40 ----HDC---- C:\windows\$NtUninstallKB954600$
2012-08-13 14:23:09 ----D---- C:\Documents and Settings\Spravce\Data aplikací\Spyware Terminator
2012-08-13 13:39:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 31115512;31115512; C:\windows\system32\DRIVERS\31115512.sys [2012-08-13 133208]
R0 41280367;41280367; C:\windows\system32\DRIVERS\41280367.sys [2012-08-13 133208]
R0 AVGIDSHX;AVGIDSHX; C:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 giveio;giveio; C:\windows\system32\drivers\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\windows\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-02-24 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2005-09-29 66048]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 Avgldx86;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 kbfilter;Keyboard Filter Driver; C:\windows\system32\drivers\kbfilter.sys [2002-07-11 12856]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2009-09-26 278984]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2009-09-26 25416]
R2 regi;regi; C:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-28 218688]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\windows\System32\Drivers\gHidPnp.Sys [2009-06-27 20480]
R3 gMouUsb;USB Mouse Device Drv; C:\windows\system32\DRIVERS\gMouUsb.sys [2009-06-25 11520]
R3 gMouUsb16;USB 16-bit Mouse Device Drv; C:\windows\system32\DRIVERS\gMouUsb16.sys [2009-06-25 9216]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2008-06-13 4754944]
R3 Iviaspi;IVI ASPI Shell; C:\windows\system32\drivers\iviaspi.sys [2005-09-20 10368]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\l1e51x86.sys [2008-06-25 36864]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2008-03-11 6593376]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 xcpip;Ovladač protokolu TCP/IP; C:\windows\system32\drivers\xcpip.sys []
R3 xpsec;Ovladač IPSEC; C:\windows\system32\drivers\xpsec.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys []
S3 60ke205xi.sys;60ke205xi.sys; \??\C:\windows\system32\drivers\60ke205xi.sys []
S3 61883;61883 Unit Device; C:\windows\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\windows\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\windows\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\windows\system32\DRIVERS\gMouPS2.sys [2009-06-30 17408]
S3 MSDV;Microsoft DV Camera and VCR; C:\windows\system32\DRIVERS\msdv.sys [2004-07-09 52096]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 snpstd2;Trust WB-3400T Webcam; C:\windows\system32\DRIVERS\snpstd2.sys [2004-10-14 347264]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 SynasUSB;SynasUSB; C:\windows\system32\drivers\SynasUSB.sys []
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 mchInjDrv;mchInjDrv; \??\C:\windows\TEMP\mc21.tmp []
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2008-09-29 717296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-26 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-25 153352]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2008-03-11 155716]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2009-03-21 181312]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2012-08-13 496128]
R2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe [2004-08-05 117760]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2008-06-09 53392]
R2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [2012-08-14 927840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-29 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 250568]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-29 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-27 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE []
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-10 114144]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-07-04 267560]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 11 zář 2012 22:06

Zdravim

Muzete dat prosim screen toho hlaseni?

Co jste provadel s ComboFixem 13.8.?? vy s nim umite pracovat?

hkotrc · #3 Příspěvek od **hkotrc** » 11 zář 2012 22:12

- Screen je v příloze

- V srpnu jsem u pc nebyl já, tak jsem nakázal radši odvézt počítač někomu fundovanějšímu - kamarád s nimi pracuje, tak datem to odpovídá

#4 Příspěvek od **vyosek** » 11 zář 2012 22:16

Ale pochybuji ze kamarad ma kompletni navod a umi tvorit pro CF skripty - coz dokazuje i pritomnost haveti po jeho aplikovani

Poprosim o log c:\combofix.txt

Mrknu na to rano, ted jdu spat, pac brzy vstavam

hkotrc · #5 Příspěvek od **hkotrc** » 11 zář 2012 22:30

Já tušil, že se něco podělalo, samotnýmu mi to chování prostě nesedělo.

Takový log tam už bohůžel není

Zatím děkuji za váš čas

#6 Příspěvek od **vyosek** » 12 zář 2012 07:57

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/dl ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/dl ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/dl ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

hkotrc · #7 Příspěvek od **hkotrc** » 12 zář 2012 08:25

Zkoušel jsem ten rkill.com, normálně se pustí, pak se objeví hláška, že teď můžu scanovat s antivirem - OK je jediná možnost a pak naskočí poznámkový blok s tím, že nelze nalézt cestu k umístění nebo takhle nějak ta věta je

hkotrc · #8 Příspěvek od **hkotrc** » 12 zář 2012 08:27

Jo a to hlavní, pak se mi objevila modrá obrazovka, že proces byl raději ukončen a musel jsem restartovat počítač. Byla tam i nějaká poznámka k tomu, mám ji sem přepsat?

#9 Příspěvek od **vyosek** » 12 zář 2012 09:05

Neni treba, pokracujte ComboFixem

hkotrc · #10 Příspěvek od **hkotrc** » 12 zář 2012 09:30

Log z ComboFix. Ta konzola pro zotavování nešla nainstalovat.

ComboFix 12-09-11.02 - Spravce 12.09.2012 10:14:20.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1459 [GMT 2:00]
Spuštěný z: c:\documents and settings\Spravce\Plocha\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Vytvořen nový Bod Obnovení
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\SET8A.tmp
c:\windows\system32\SET8B.tmp
c:\windows\system32\SET8D.tmp
c:\windows\system32\SET8E.tmp
c:\windows\system32\SET8F.tmp
c:\windows\system32\SET90.tmp
I:\Autorun.inf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_xcpip
-------\Service_xpsec
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-12 do 2012-09-12 )))))))))))))))))))))))))))))))
.
.
2012-09-11 20:55 . 2012-09-11 20:55 -------- d-----w- C:\rsit
2012-09-11 20:55 . 2012-09-11 20:55 -------- d-----w- c:\program files\trend micro
2012-09-10 19:53 . 2012-09-10 19:53 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\CanonIJScan
2012-09-10 12:46 . 2012-09-10 12:46 73696 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2012-09-08 12:25 . 2012-09-08 12:25 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\CanonIJEGV
2012-09-06 18:05 . 2012-09-06 18:05 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\CanonIJEPPEX2
2012-09-06 18:05 . 2012-09-06 18:05 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\CanonEPP
2012-09-06 18:00 . 2010-03-18 17:25 307200 ----a-w- c:\windows\system32\CNC5200L.dll
2012-09-06 18:00 . 2010-03-18 15:12 1335296 ----a-w- c:\windows\system32\CNC5200C.dll
2012-09-06 18:00 . 2010-03-18 15:12 114688 ----a-w- c:\windows\system32\CNC5200I.dll
2012-09-06 18:00 . 2010-03-18 15:11 106496 ----a-w- c:\windows\system32\CNC5200U.dll
2012-09-06 18:00 . 2008-08-25 16:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2012-09-06 17:48 . 2012-09-06 17:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CanonIJMSetup
2012-09-06 17:47 . 2012-09-06 17:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CanonIJWSpt
2012-09-06 17:43 . 2012-09-06 17:43 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\CanonBJ
2012-09-06 17:43 . 2010-08-25 03:00 73216 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPAE.DLL
2012-09-06 17:43 . 2010-08-25 03:00 290816 ----a-w- c:\windows\system32\CNMLMAE.DLL
2012-09-06 17:43 . 2010-08-25 03:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDAE.DLL
2012-09-06 17:43 . 2012-09-06 17:43 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2012-09-06 17:42 . 2010-06-03 06:12 94208 ----a-w- c:\windows\system32\CNC5200O.dll
2012-09-06 17:42 . 2010-03-10 23:56 180224 ----a-w- c:\windows\system32\CNMIUAE.DLL
2012-09-06 17:42 . 2012-09-06 17:42 -------- d-----w- c:\windows\system32\STRING
2012-09-06 17:42 . 2010-02-05 01:37 34816 ----a-w- c:\windows\system32\CNMNPUI.DLL
2012-09-06 17:42 . 2010-02-05 01:37 340992 ----a-w- c:\windows\system32\CNMNPPM.DLL
2012-09-06 17:41 . 2012-09-06 17:47 -------- d-----w- c:\program files\Canon
2012-08-26 18:09 . 2012-08-26 18:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\APN
2012-08-25 20:00 . 2012-08-25 20:00 -------- d-----w- c:\documents and settings\Spravce\Dokumenty
2012-08-25 13:42 . 2012-08-13 11:37 133208 ----a-w- c:\windows\system32\drivers\85966516.sys
2012-08-25 09:33 . 2012-08-13 11:37 475736 ----a-w- c:\windows\system32\drivers\0048461drv.sys
2012-08-24 20:15 . 2012-08-13 11:37 133208 ----a-w- c:\windows\system32\drivers\41280367.sys
2012-08-24 14:02 . 2012-08-13 11:37 133208 ----a-w- c:\windows\system32\drivers\31115512.sys
2012-08-14 17:57 . 2012-08-14 17:57 -------- d-----w- c:\program files\Microsoft Silverlight
2012-08-14 17:56 . 2012-08-14 17:58 -------- d-----w- c:\program files\CrystalDiskInfo
2012-08-14 17:56 . 2012-08-14 17:56 -------- d-----w- c:\documents and settings\Spravce\Data aplikací\OpenCandy
2012-08-14 15:57 . 2012-08-14 15:57 -------- d-----w- c:\documents and settings\Spravce\Local Settings\Data aplikací\AVG Secure Search
2012-08-14 15:57 . 2012-08-24 14:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG Secure Search
2012-08-14 15:56 . 2012-08-14 15:56 -------- d-----w- c:\documents and settings\Spravce\Data aplikací\AVG Secure Search
2012-08-14 15:56 . 2012-08-14 15:56 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-14 15:56 . 2012-08-14 15:56 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2012-08-14 15:56 . 2012-08-14 15:57 -------- d-----w- c:\program files\AVG Secure Search
2012-08-14 15:55 . 2012-08-14 15:55 -------- d-----w- c:\documents and settings\Spravce\Data aplikací\AVG2012
2012-08-14 15:54 . 2012-08-25 16:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG2012
2012-08-13 22:32 . 2012-08-13 11:37 133208 ----a-w- c:\windows\system32\drivers\23316757.sys
2012-08-13 18:57 . 2012-08-13 18:57 -------- d-----w- c:\documents and settings\Spravce\Data aplikací\Malwarebytes
2012-08-13 18:57 . 2012-08-13 20:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-05 16:32 . 2009-06-06 19:07 900 --sha-w- c:\documents and settings\All Users\Data aplikací\KGyGaAvL.sys
2012-09-03 06:49 . 2012-03-29 07:07 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-03 06:49 . 2011-05-16 16:10 73416 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-24 13:43 . 2011-04-04 22:59 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-08-13 11:38 . 2008-09-26 01:14 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2012-07-26 01:21 . 2011-01-07 04:41 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-06-25 06:11 . 2008-10-11 10:45 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-25 06:11 . 2012-06-25 06:11 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-25 06:11 . 2010-04-17 08:31 472840 -c--a-w- c:\windows\system32\deployJava1.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 -c--a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 -c--a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-09-10 12:46 . 2011-04-04 17:30 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\system32\DRIVERS\atapi.sys
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 22:10 . F6584BD8E76EFE3FA37397D90F982265 . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-14 15:56 2045024 ----a-w- c:\program files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll" [2012-08-14 2045024]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files\ASUS\EPU-4 Engine\FourEngine.exe" [2008-06-25 5625344]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-12-31 500208]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-08-14 1162848]
"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-08-14 1020512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-11 13520896]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.cz/cz.special-uninstalla ... =10.0.1424" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 12:01 148776 -c--a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Alcmtr"=ALCMTR.EXE
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"ioCentre"=c:\genius\ioCentre\gTaskBar.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Game Files\\Test Drive Unlimited\\TestDriveUnlimited.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\mozilla.org\\SeaMonkey\\seamonkey.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Corel\\DVD9\\WinDVD.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Namu6\\Namu6.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"e:\\Game Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
.
R0 31115512;31115512;c:\windows\system32\drivers\31115512.sys [24.8.2012 16:02 133208]
R0 41280367;41280367;c:\windows\system32\drivers\41280367.sys [24.8.2012 22:15 133208]
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 4:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16.3.2011 16:03 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.1.2011 6:41 237408]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5.4.2011 0:59 301920]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [14.8.2012 17:56 27496]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [25.7.2010 18:54 12856]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [26.9.2008 3:14 142592]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [13.8.2012 3:24 5167736]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14.2.2012 4:53 193288]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.4.2007 20:09 11032]
R2 vToolbarUpdater12.2.0;vToolbarUpdater12.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe [14.8.2012 17:56 927840]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23.12.2011 13:32 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [23.12.2011 13:32 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 13:32 17232]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [28.5.2011 13:30 218688]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [27.7.2010 22:20 20480]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [27.7.2010 22:20 11520]
R3 gMouUsb16;USB 16-bit Mouse Device Drv;c:\windows\system32\drivers\gMouUsb16.sys [27.7.2010 22:20 9216]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.10.2009 23:58 133104]
S3 60ke205xi.sys;60ke205xi.sys;\??\c:\windows\system32\drivers\60ke205xi.sys --> c:\windows\system32\drivers\60ke205xi.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29.3.2012 9:07 250568]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [27.7.2010 22:20 17408]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29.10.2009 23:58 133104]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26.4.2012 18:28 114144]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynasUSB.sys --> c:\windows\system32\drivers\SynasUSB.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.9.2008 18:36 717296]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mchInjDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 10:47 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2004\SystemOptimizer.exe [2004-11-09 20:11]
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 06:49]
.
2012-08-27 c:\windows\Tasks\AdobeAAMUpdater-1.0-PC-Spravce.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-12-31 20:07]
.
2012-08-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-29 21:58]
.
2012-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-29 21:58]
.
2012-09-12 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 19:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://www.sezna.cz/
IE: Download by VersalSoft Internet Download - c:\program files\VersalSoft\InternetDownload\adddownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 77.236.192.130 88.86.107.235
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\jdj2bd2r.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU3&o=15380&locale=en_EU&apn_uid=de525448-fa13-406c-998c-7543f9433d88&apn_ptnrs=UJ&apn_sauid=DD32D935-E94A-4F35-AF91-7F9CC844C321&apn_dtid=YYYYYYYYCZ&&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-12 10:24
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet018\Services\mchInjDrv]
"ImagePath"="\??\c:\windows\TEMP\mc21.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1409082233-287218729-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*P%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1409082233-287218729-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*P%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1409082233-287218729-1417001333-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:3a,a8,2a,97,9f,79,03,81,32,b3,c1,f0,95,9d,4a,73,a3,21,14,19,a8,ee,dc,
ba,b5,80,aa,16,a3,4c,66,19,50,60,b0,4b,2f,f5,18,86,b6,fd,42,50,77,b8,32,40,\
"??"=hex:59,e5,97,70,47,08,a5,1e,f6,13,83,cc,52,0d,a6,6c
.
[HKEY_USERS\S-1-5-21-1409082233-287218729-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:3e,ef,b3,20,6d,0d,28,67,0d,a5,9c,ed,5b,75,96,36,0f,9c,19,3a,cb,
4a,05,a9,64,b9,35,47,54,ba,ca,3e,aa,9e,95,6b,8f,50,28,8c,dc,23,e8,8c,13,f0,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2608)
c:\progra~1\WINDOW~2\wmpband.dll
c:\program files\Ask.com\GenericAskToolbar.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2012-09-12 10:26:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-12 08:26
ComboFix2.txt 2010-09-09 20:36
ComboFix3.txt 2010-09-08 20:12
.
Před spuštěním: Volných bajtů: 13.270.196.224
Po spuštění: Volných bajtů: 13.273.608.192
.
- - End Of File - - A54265484D6B771FA4602A9A6D39ACD2

#11 Příspěvek od **vyosek** » 12 zář 2012 09:31

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

Ulozte nejlepe na plochu
Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Report
Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

hkotrc · #12 Příspěvek od **hkotrc** » 12 zář 2012 09:40

Tady je log z Mbrscan, teď jdu na TDSSKILLER

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/09/12 (ISO 8601) at 10:38:31
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD2500AAKS-22B3A0 (01.03A01)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR3 __5000AAV External (1.65)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	232.9 Go  [Fixed] ==> Unknown MBR Code

MBR_MD5   : 6A57122E0BA43400FE936CB0F8F473E4
MBR_SHA1  : 3457D40BC1193FB475E226E44E12CEF2A12F58D9

Device\Harddisk0\Partition1	116.2 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	116.7 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR3	465.8 Go  [Fixed] ==> Unknown MBR Code ....

MBR_MD5   : 07886398F5223B638CFDA8B3EBD2FFD6
MBR_SHA1  : E219C445649F05E1E0AA27540F7D17A296984DCC

Device\Harddisk1\Partition1	465.8 Go  	0x0C FAT32 [LBA] 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\windows\system32\drivers\xpsec.sys => Invisible on the disk
ADDRESS : 0xB3A4E000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\system32\drivers\xcpip.sys => Invisible on the disk
ADDRESS : 0xB39F5000
SIZE    : 356.0 Ko

DRIVER  : C:\windows\TEMP\mc21.tmp => Invisible on the disk
ADDRESS : 0xBAEB1000
SIZE    : 4.0 Ko

DRIVER  : C:\ComboFix\catchme.sys => Invisible on the disk
ADDRESS : 0xBAC60000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\system32\Drivers\PROCEXP113.SYS => Invisible on the disk
ADDRESS : 0xBAE60000
SIZE    : 8.0 Ko

SystemStartOptions : 

________________________________________________________________________________

_____FAKED   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D8 8E C0 8E D0 BC 00 7C BE 1A 7C BF 00   3À.Ø.À.Ð¼.|¾.|¿.
0x00000010   06 B9 E6 01 50 57 FC F3 A4 CB BE A4 07 B1 04 90   .¹æ.PWüó¤Ë¾¤.±..
0x00000020   80 3C 80 74 0D 38 2C 0F 85 C0 00 83 C6 10 E2 F0   .<.t.8,..À..Æ.âð
0x00000030   CD 18 66 8B 44 08 8B 14 89 E3 B9 01 00 E8 64 00   Í.f.D....ã¹..èd.
0x00000040   73 0C 8B 4C 02 B8 01 02 CD 13 0F 82 B8 00 B9 55   s..L.¸..Í...¸.¹U
0x00000050   AA 2B 0E FE 7D 0F 85 CF 00 66 B8 00 00 00 00 66   ª+.þ}..Ï.f¸....f
0x00000060   39 44 08 72 08 66 8B 44 08 66 03 44 0C 83 C6 10   9D.r.f.D.f.D..Æ.
0x00000070   81 FE E4 07 72 E9 66 09 C0 74 1E B9 09 00 81 C3   .þä.réf.Àt.¹...Ã
0x00000080   00 02 E8 1F 00 72 12 89 DE 81 C6 0C 02 8D 54 F4   ..è..r..Þ.Æ...Tô
0x00000090   66 81 3C 75 2F F3 A4 74 05 EA 00 7C 00 00 89 DE   f.<u/ó¤t.ê.|...Þ
0x000000A0   FF D2 EB F5 66 60 B2 80 BB AA 55 B4 41 CD 13 73   .Òëõf`².»ªU´AÍ.s
0x000000B0   04 F9 66 61 C3 81 FB 55 AA 75 F6 F6 C1 01 74 F1   .ùfaÃ.ûUªuööÁ.tñ
0x000000C0   66 61 66 60 6A 00 6A 00 66 50 06 53 51 6A 10 B4   faf`j.j.fP.SQj.´
0x000000D0   42 89 E6 CD 13 61 66 61 C3 5E AC 08 C0 74 FC 56   B.æÍ.afaÃ^¬.ÀtüV
0x000000E0   1E BB 07 00 B4 0E CD 10 1F EB EE E8 EB FF 49 6E   .»..´.Í..ëîèë.In
0x000000F0   76 61 6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20   valid partition 
0x00000100   74 61 62 6C 65 00 E8 D0 FF 45 72 72 6F 72 20 6C   table.èÐ.Error l
0x00000110   6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E 67   oading operating
0x00000120   20 73 79 73 74 65 6D 00 E8 AE FF 4D 69 73 73 69    system.è®.Missi
0x00000130   6E 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73   ng operating sys
0x00000140   74 65 6D 00 00 00 00 00 00 00 00 00 00 00 00 00   tem.............
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A 77 47 78 47 00 00 80 01   .....,DjwGxG....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 83 A8 86 0E 00 FE   ...þ..?....¨...þ
0x000001D0   FF FF 0F FE FF FF C2 A8 86 0E FE 5D 95 0E 00 00   ...þ..Â¨..þ]....
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__ORIGINAL   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 4E 65 70 6C   2ä.V.Í.ëÖaùÃNepl
0x00000130   61 74 6E A0 20 74 61 62 75 6C 6B 61 20 6F 64 64   atn. tabulka odd
0x00000140   A1 6C 85 00 43 68 79 62 61 20 70 FD 69 20 6E 61   ¡l..Chyba pýi na
0x00000150   9F A1 74 A0 6E A1 20 6F 70 65 72 61 9F 6E A1 68   .¡t.n¡ opera.n¡h
0x00000160   6F 20 73 79 73 74 82 6D 75 00 4F 70 65 72 61 9F   o syst.mu.Opera.
0x00000170   6E A1 20 73 79 73 74 82 6D 20 6E 65 6E 61 6C 65   n¡ syst.m nenale
0x00000180   7A 65 6E 00 00 00 00 00 00 00 00 00 00 00 00 00   zen.............
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 6A 77 47 78 47 00 00 80 01   .....,DjwGxG....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 83 A8 86 0E 00 FE   ...þ..?....¨...þ
0x000001D0   FF FF 0F FE FF FF C2 A8 86 0E FE 5D 95 0E 00 00   ...þ..Â¨..þ]....
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk1\DR3  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BE BE 07 B1 04   ¿..PW¹å.ó¤Ë¾¾.±.
0x00000020   38 2C 7C 09 75 15 83 C6 10 E2 F5 CD 18 8B 14 8B   8,|.u..Æ.âõÍ....
0x00000030   EE 83 C6 10 49 74 16 38 2C 74 F6 BE 10 07 4E AC   î.Æ.It.8,tö¾..N¬
0x00000040   3C 00 74 FA BB 07 00 B4 0E CD 10 EB F2 89 46 25   <.tú»..´.Í.ëò.F%
0x00000050   96 8A 46 04 B4 06 3C 0E 74 11 B4 0B 3C 0C 74 05   ..F.´.<.t.´.<.t.
0x00000060   3A C4 75 2B 40 C6 46 25 06 75 24 BB AA 55 50 B4   :Äu+@ÆF%.u$»ªUP´
0x00000070   41 CD 13 58 72 16 81 FB 55 AA 75 10 F6 C1 01 74   AÍ.Xr..ûUªu.öÁ.t
0x00000080   0B 8A E0 88 56 24 C7 06 A1 06 EB 1E 88 66 04 BF   ..à.V$Ç.¡.ë..f.¿
0x00000090   0A 00 B8 01 02 8B DC 33 C9 83 FF 05 7F 03 8B 4E   ..¸...Ü3É......N
0x000000A0   25 03 4E 02 CD 13 72 29 BE 46 07 81 3E FE 7D 55   %.N.Í.r)¾F..>þ}U
0x000000B0   AA 74 5A 83 EF 05 7F DA 85 F6 75 83 BE 27 07 EB   ªtZ.ï..Ú.öu.¾'.ë
0x000000C0   8A 98 91 52 99 03 46 08 13 56 0A E8 12 00 5A EB   ...R..F..V.è..Zë
0x000000D0   D5 4F 74 E4 33 C0 CD 13 EB B8 00 00 81 36 19 13   ÕOtä3ÀÍ.ë¸...6..
0x000000E0   56 33 F6 56 56 52 50 06 53 51 BE 10 00 56 8B F4   V3öVVRP.SQ¾..V.ô
0x000000F0   50 52 B8 00 42 8A 56 24 CD 13 5A 58 8D 64 10 72   PR¸.B.V$Í.ZX.d.r
0x00000100   0A 40 75 01 42 80 C7 02 E2 F7 F8 5E C3 EB 74 49   .@u.B.Ç.â÷ø^ÃëtI
0x00000110   6E 76 61 6C 69 64 20 70 61 72 74 69 74 69 6F 6E   nvalid partition
0x00000120   20 74 61 62 6C 65 00 45 72 72 6F 72 20 6C 6F 61    table.Error loa
0x00000130   64 69 6E 67 20 6F 70 65 72 61 74 69 6E 67 20 73   ding operating s
0x00000140   79 73 74 65 6D 00 4D 69 73 73 69 6E 67 20 6F 70   ystem.Missing op
0x00000150   65 72 61 74 69 6E 67 20 73 79 73 74 65 6D 00 00   erating system..
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 8B FC 1E 57 8B F5 CB 00 00 00 00 00 00   ....ü.W.õË......
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 C0 9B 39 8D 00 00 00 01   ........À.9.....
0x000001C0   01 00 0C FE 7F 7F 3F 00 00 00 41 0D 38 3A 00 00   ...þ..?...A.8:..
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

hkotrc · #13 Příspěvek od **hkotrc** » 12 zář 2012 09:52

Log z Tdsskiller je moc dlouhý a nejde mi sem vložit. Jak to mám udělat?

#14 Příspěvek od **vyosek** » 12 zář 2012 09:55

Rozdelte do vice prispevku

Mate moznost vypalit CD, je tam velmi silna havet a musime provest opravu pres tzv LiveCD

hkotrc · #15 Příspěvek od **hkotrc** » 12 zář 2012 09:58

CD mám možnost vypálit

10:44:45.0203 1872 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
10:44:45.0406 1872 ============================================================
10:44:45.0406 1872 Current date / time: 2012/09/12 10:44:45.0406
10:44:45.0406 1872 SystemInfo:
10:44:45.0406 1872
10:44:45.0406 1872 OS Version: 5.1.2600 ServicePack: 3.0
10:44:45.0406 1872 Product type: Workstation
10:44:45.0406 1872 ComputerName: PC
10:44:45.0406 1872 UserName: Spravce
10:44:45.0406 1872 Windows directory: C:\windows
10:44:45.0406 1872 System windows directory: C:\windows
10:44:45.0406 1872 Processor architecture: Intel x86
10:44:45.0406 1872 Number of processors: 2
10:44:45.0406 1872 Page size: 0x1000
10:44:45.0406 1872 Boot type: Normal boot
10:44:45.0406 1872 ============================================================
10:44:53.0875 1872 BG loaded
10:44:54.0093 1872 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A4
10:44:54.0093 1872 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:44:54.0671 1872 ============================================================
10:44:54.0671 1872 \Device\Harddisk0\DR0:
10:44:54.0671 1872 MBR partitions:
10:44:54.0671 1872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE86A883
10:44:54.0671 1872 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE86A901, BlocksNum 0xE955DBF
10:44:54.0671 1872 \Device\Harddisk1\DR3:
10:44:54.0671 1872 MBR partitions:
10:44:54.0671 1872 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A380D41
10:44:54.0671 1872 ============================================================
10:44:54.0718 1872 C: <-> \Device\Harddisk0\DR0\Partition1
10:44:54.0734 1872 E: <-> \Device\Harddisk0\DR0\Partition2
10:44:54.0734 1872 I: <-> \Device\Harddisk1\DR3\Partition1
10:44:54.0750 1872 ============================================================
10:44:54.0750 1872 Initialize success
10:44:54.0750 1872 ============================================================
10:48:30.0859 1968 ============================================================
10:48:30.0859 1968 Scan started
10:48:30.0859 1968 Mode: Manual; SigCheck; TDLFS;
10:48:30.0859 1968 ============================================================
10:48:31.0281 1968 ================ Scan system memory ========================
10:48:32.0437 1968 System memory ( MEM:Backdoor.Win32.Sinowal.d ) - infected
10:48:32.0437 1968 System memory - detected MEM:Backdoor.Win32.Sinowal.d (0)
10:48:32.0437 1968 ================ Scan services =============================
10:48:32.0531 1968 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] 31115512 C:\windows\system32\DRIVERS\31115512.sys
10:48:32.0609 1968 31115512 - ok
10:48:32.0640 1968 [ 186B54479D98E48AEE0E9ADA4B3C4D31 ] 41280367 C:\windows\system32\DRIVERS\41280367.sys
10:48:32.0640 1968 41280367 - ok
10:48:32.0640 1968 60ke205xi.sys - ok
10:48:32.0671 1968 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\windows\system32\DRIVERS\61883.sys
10:48:33.0078 1968 61883 - ok
10:48:33.0187 1968 [ 17067069B9A7865028C1F2E6971D0CCC ] aawservice C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
10:48:33.0203 1968 aawservice - ok
10:48:33.0203 1968 Abiosdsk - ok
10:48:33.0203 1968 abp480n5 - ok
10:48:33.0234 1968 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
10:48:33.0312 1968 ACPI - ok
10:48:33.0343 1968 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\windows\system32\drivers\ACPIEC.sys
10:48:33.0406 1968 ACPIEC - ok
10:48:33.0468 1968 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:48:33.0484 1968 AdobeFlashPlayerUpdateSvc - ok
10:48:33.0484 1968 adpu160m - ok
10:48:33.0515 1968 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\windows\system32\drivers\aec.sys
10:48:33.0578 1968 aec - ok
10:48:33.0609 1968 [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD C:\windows\System32\drivers\afd.sys
10:48:33.0640 1968 AFD - ok
10:48:33.0656 1968 Aha154x - ok
10:48:33.0656 1968 aic78u2 - ok
10:48:33.0656 1968 aic78xx - ok
10:48:33.0671 1968 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\windows\system32\alrsvc.dll
10:48:33.0734 1968 Alerter - ok
10:48:33.0750 1968 [ 88842DE939A827577BF24243699AC80A ] ALG C:\windows\System32\alg.exe
10:48:33.0796 1968 ALG - ok
10:48:33.0796 1968 AliIde - ok
10:48:33.0796 1968 amsint - ok
10:48:33.0828 1968 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
10:48:33.0828 1968 Apple Mobile Device - ok
10:48:33.0828 1968 AppMgmt - ok
10:48:33.0843 1968 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\windows\system32\DRIVERS\arp1394.sys
10:48:33.0890 1968 Arp1394 - ok
10:48:33.0890 1968 asc - ok
10:48:33.0906 1968 asc3350p - ok
10:48:33.0906 1968 asc3550 - ok
10:48:33.0921 1968 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\windows\system32\drivers\AsIO.sys
10:48:33.0921 1968 AsIO - ok
10:48:33.0984 1968 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:48:34.0031 1968 aspnet_state - ok
10:48:34.0031 1968 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:48:34.0093 1968 AsyncMac - ok
10:48:34.0125 1968 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\windows\system32\DRIVERS\atapi.sys
10:48:34.0187 1968 atapi - ok
10:48:34.0187 1968 Atdisk - ok
10:48:34.0203 1968 [ 3C4B9850A2631C2263507400D029057B ] atksgt C:\windows\system32\DRIVERS\atksgt.sys
10:48:34.0203 1968 atksgt - ok
10:48:34.0218 1968 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\windows\system32\DRIVERS\atmarpc.sys
10:48:34.0265 1968 Atmarpc - ok
10:48:34.0281 1968 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\windows\System32\audiosrv.dll
10:48:34.0343 1968 AudioSrv - ok
10:48:34.0375 1968 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\windows\system32\DRIVERS\audstub.sys
10:48:34.0421 1968 audstub - ok
10:48:34.0453 1968 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\windows\system32\DRIVERS\avc.sys
10:48:34.0515 1968 Avc - ok
10:48:34.0953 1968 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe
10:48:35.0078 1968 AVGIDSAgent - ok
10:48:35.0109 1968 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdriverx.sys
10:48:35.0109 1968 AVGIDSDriver - ok
10:48:35.0125 1968 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfilterx.sys
10:48:35.0140 1968 AVGIDSFilter - ok
10:48:35.0156 1968 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\windows\system32\DRIVERS\avgidshx.sys
10:48:35.0156 1968 AVGIDSHX - ok
10:48:35.0187 1968 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\windows\system32\DRIVERS\avgidsshimx.sys
10:48:35.0187 1968 AVGIDSShim - ok
10:48:35.0203 1968 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\windows\system32\DRIVERS\avgldx86.sys
10:48:35.0203 1968 Avgldx86 - ok
10:48:35.0234 1968 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\windows\system32\DRIVERS\avgmfx86.sys
10:48:35.0250 1968 Avgmfx86 - ok
10:48:35.0281 1968 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\windows\system32\DRIVERS\avgrkx86.sys
10:48:35.0281 1968 Avgrkx86 - ok
10:48:35.0296 1968 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\windows\system32\DRIVERS\avgtdix.sys
10:48:35.0296 1968 Avgtdix - ok
10:48:35.0328 1968 [ 493F32BA712319CA1B720E6A17EC38D7 ] avgtp C:\windows\system32\drivers\avgtpx86.sys
10:48:35.0328 1968 avgtp - ok
10:48:35.0359 1968 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
10:48:35.0375 1968 avgwd - ok
10:48:35.0390 1968 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\windows\system32\drivers\Beep.sys
10:48:35.0453 1968 Beep - ok
10:48:35.0500 1968 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\windows\system32\qmgr.dll
10:48:35.0718 1968 BITS - ok
10:48:35.0812 1968 [ 249276D3EF1E74B992299CB96099E4D7 ] Browser C:\windows\System32\browser.dll
10:48:35.0859 1968 Browser - ok
10:48:35.0890 1968 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
10:48:35.0953 1968 BthEnum - ok
10:48:35.0984 1968 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
10:48:36.0046 1968 BTHMODEM - ok
10:48:36.0078 1968 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
10:48:36.0125 1968 BthPan - ok
10:48:36.0156 1968 [ F338662A6C1FC11DD9508F6DFF2C06A2 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
10:48:36.0187 1968 BTHPORT - ok
10:48:36.0218 1968 [ 70CA4B3F634C9DCA200832F8DA76E009 ] BthServ C:\windows\System32\bthserv.dll
10:48:36.0281 1968 BthServ - ok
10:48:36.0312 1968 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
10:48:36.0375 1968 BTHUSB - ok
10:48:36.0390 1968 [ 3014CA345E8AD68587BABFB162DDDEC5 ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
10:48:36.0406 1968 Capture Device Service ( UnsignedFile.Multi.Generic ) - warning
10:48:36.0406 1968 Capture Device Service - detected UnsignedFile.Multi.Generic (1)
10:48:36.0406 1968 catchme - ok
10:48:36.0437 1968 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\windows\system32\drivers\cbidf2k.sys
10:48:36.0500 1968 cbidf2k - ok
10:48:36.0531 1968 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\windows\system32\DRIVERS\CCDECODE.sys
10:48:36.0562 1968 CCDECODE - ok
10:48:36.0562 1968 cd20xrnt - ok
10:48:36.0593 1968 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\windows\system32\drivers\Cdaudio.sys
10:48:36.0656 1968 Cdaudio - ok
10:48:36.0687 1968 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\windows\system32\drivers\Cdfs.sys
10:48:36.0734 1968 Cdfs - ok
10:48:36.0765 1968 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\windows\system32\DRIVERS\cdrom.sys
10:48:36.0828 1968 Cdrom - ok
10:48:36.0828 1968 Changer - ok
10:48:36.0843 1968 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\windows\system32\cisvc.exe
10:48:36.0906 1968 CiSvc - ok
10:48:36.0906 1968 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\windows\system32\clipsrv.exe
10:48:36.0984 1968 ClipSrv - ok
10:48:37.0015 1968 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:48:37.0078 1968 clr_optimization_v2.0.50727_32 - ok
10:48:37.0093 1968 CmdIde - ok
10:48:37.0093 1968 COMSysApp - ok
10:48:37.0093 1968 Cpqarray - ok
10:48:37.0109 1968 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\windows\System32\cryptsvc.dll
10:48:37.0171 1968 CryptSvc - ok
10:48:37.0187 1968 CrystalSysInfo - ok
10:48:37.0203 1968 dac2w2k - ok
10:48:37.0203 1968 dac960nt - ok
10:48:37.0234 1968 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\windows\system32\rpcss.dll
10:48:37.0265 1968 DcomLaunch - ok
10:48:37.0281 1968 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\windows\System32\dhcpcsvc.dll
10:48:37.0343 1968 Dhcp - ok
10:48:37.0359 1968 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\windows\system32\DRIVERS\disk.sys
10:48:37.0437 1968 Disk - ok
10:48:37.0437 1968 dmadmin - ok
10:48:37.0468 1968 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\windows\system32\drivers\dmboot.sys
10:48:37.0546 1968 dmboot - ok
10:48:37.0593 1968 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\windows\system32\drivers\dmio.sys
10:48:37.0671 1968 dmio - ok
10:48:37.0687 1968 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\windows\system32\drivers\dmload.sys
10:48:37.0765 1968 dmload - ok
10:48:37.0781 1968 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\windows\System32\dmserver.dll
10:48:37.0859 1968 dmserver - ok
10:48:37.0875 1968 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\windows\system32\drivers\DMusic.sys
10:48:37.0937 1968 DMusic - ok
10:48:37.0953 1968 [ 0634B791684B84F4A331F3D3536FEEF8 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:48:38.0015 1968 Dnscache - ok
10:48:38.0031 1968 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\windows\System32\dot3svc.dll
10:48:38.0093 1968 Dot3svc - ok
10:48:38.0093 1968 dpti2o - ok
10:48:38.0109 1968 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:48:38.0171 1968 drmkaud - ok
10:48:38.0203 1968 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
10:48:38.0203 1968 dtsoftbus01 - ok
10:48:38.0218 1968 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\windows\System32\eapsvc.dll
10:48:38.0296 1968 EapHost - ok
10:48:38.0312 1968 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\windows\System32\ersvc.dll
10:48:38.0375 1968 ERSvc - ok
10:48:38.0390 1968 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\windows\system32\services.exe
10:48:38.0406 1968 Eventlog - ok
10:48:38.0437 1968 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
10:48:38.0453 1968 EventSystem - ok
10:48:38.0484 1968 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\windows\system32\drivers\Fastfat.sys
10:48:38.0546 1968 Fastfat - ok
10:48:38.0593 1968 [ B927443008910B412BEC72FC41C1BAD0 ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
10:48:38.0656 1968 FastUserSwitchingCompatibility - ok
10:48:38.0656 1968 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\windows\system32\DRIVERS\fdc.sys
10:48:38.0734 1968 Fdc - ok
10:48:38.0750 1968 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\windows\system32\drivers\Fips.sys
10:48:38.0812 1968 Fips - ok
10:48:38.0812 1968 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
10:48:38.0875 1968 Flpydisk - ok
10:48:38.0906 1968 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\windows\system32\DRIVERS\fltMgr.sys
10:48:38.0953 1968 FltMgr - ok
10:48:39.0046 1968 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:48:39.0046 1968 FontCache3.0.0.0 - ok
10:48:39.0062 1968 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:48:39.0125 1968 Fs_Rec - ok
10:48:39.0125 1968 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\windows\system32\DRIVERS\ftdisk.sys
10:48:39.0187 1968 Ftdisk - ok
10:48:39.0203 1968 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
10:48:39.0203 1968 GEARAspiWDM - ok
10:48:39.0218 1968 [ F1F63A30F0CDF2BDD4BBE77E669F9CBD ] gHidPnp C:\windows\system32\Drivers\gHidPnp.Sys
10:48:39.0250 1968 gHidPnp - ok
10:48:39.0281 1968 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\windows\system32\drivers\giveio.sys
10:48:39.0281 1968 giveio ( UnsignedFile.Multi.Generic ) - warning
10:48:39.0281 1968 giveio - detected UnsignedFile.Multi.Generic (1)
10:48:39.0312 1968 [ 93AB8D8345D0B90EB255EC5F4E5B3852 ] gMouPS2 C:\windows\system32\DRIVERS\gMouPS2.sys
10:48:39.0328 1968 gMouPS2 - ok
10:48:39.0343 1968 [ 035A23D34CBD31E38BD963D5E773E768 ] gMouUsb C:\windows\system32\DRIVERS\gMouUsb.sys
10:48:39.0375 1968 gMouUsb - ok
10:48:39.0390 1968 [ 471EF34C2E279535A442A4EB83CBBBA5 ] gMouUsb16 C:\windows\system32\DRIVERS\gMouUsb16.sys
10:48:39.0406 1968 gMouUsb16 - ok
10:48:39.0421 1968 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\windows\system32\DRIVERS\msgpc.sys
10:48:39.0484 1968 Gpc - ok
10:48:39.0562 1968 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:48:39.0562 1968 gupdate - ok
10:48:39.0562 1968 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:48:39.0578 1968 gupdatem - ok
10:48:39.0593 1968 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:48:39.0609 1968 gusvc - ok
10:48:39.0640 1968 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
10:48:39.0687 1968 HDAudBus - ok
10:48:39.0734 1968 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:48:39.0796 1968 helpsvc - ok
10:48:39.0843 1968 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\windows\System32\hidserv.dll
10:48:39.0890 1968 HidServ - ok
10:48:39.0906 1968 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
10:48:39.0953 1968 HidUsb - ok
10:48:39.0984 1968 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\windows\System32\kmsvc.dll
10:48:40.0031 1968 hkmsvc - ok
10:48:40.0046 1968 hpn - ok
10:48:40.0062 1968 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\windows\system32\Drivers\HTTP.sys
10:48:40.0125 1968 HTTP - ok
10:48:40.0156 1968 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\windows\System32\w3ssl.dll
10:48:40.0203 1968 HTTPFilter - ok
10:48:40.0203 1968 i2omgmt - ok
10:48:40.0203 1968 i2omp - ok
10:48:40.0234 1968 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
10:48:40.0296 1968 i8042prt - ok
10:48:40.0359 1968 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:48:40.0375 1968 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:48:40.0375 1968 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:48:40.0437 1968 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:48:40.0468 1968 idsvc - ok
10:48:40.0531 1968 IJPLMSVC - ok
10:48:40.0531 1968 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\windows\system32\DRIVERS\imapi.sys
10:48:40.0593 1968 Imapi - ok
10:48:40.0625 1968 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\windows\system32\imapi.exe
10:48:40.0687 1968 ImapiService - ok
10:48:40.0687 1968 ini910u - ok
10:48:40.0781 1968 [ 74B482F8B2A9EBE8473381A7A58F801D ] IntcAzAudAddService C:\windows\system32\drivers\RtkHDAud.sys
10:48:40.0906 1968 IntcAzAudAddService - ok
10:48:40.0906 1968 IntelIde - ok
10:48:40.0937 1968 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
10:48:40.0984 1968 intelppm - ok
10:48:41.0000 1968 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\windows\system32\DRIVERS\Ip6Fw.sys
10:48:41.0062 1968 Ip6Fw - ok
10:48:41.0062 1968 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:48:41.0125 1968 IpFilterDriver - ok
10:48:41.0125 1968 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\windows\system32\DRIVERS\ipinip.sys
10:48:41.0187 1968 IpInIp - ok
10:48:41.0203 1968 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\windows\system32\DRIVERS\ipnat.sys
10:48:41.0265 1968 IpNat - ok
10:48:41.0421 1968 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:48:41.0437 1968 iPod Service - ok
10:48:41.0468 1968 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\windows\system32\DRIVERS\ipsec.sys
10:48:41.0515 1968 IPSec - ok
10:48:41.0531 1968 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\windows\system32\DRIVERS\irenum.sys
10:48:41.0546 1968 IRENUM - ok
10:48:41.0578 1968 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
10:48:41.0640 1968 isapnp - ok
10:48:41.0687 1968 [ 4AC11B2250106774F694DF2DB4FFED61 ] Iviaspi C:\windows\system32\drivers\iviaspi.sys
10:48:41.0687 1968 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
10:48:41.0687 1968 Iviaspi - detected UnsignedFile.Multi.Generic (1)
10:48:41.0703 1968 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
10:48:41.0718 1968 IviRegMgr - ok
10:48:41.0843 1968 [ DE5D05FD449798EF88CC34AD4B1E7F85 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
10:48:41.0843 1968 JavaQuickStarterService - ok
10:48:41.0875 1968 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
10:48:41.0937 1968 Kbdclass - ok
10:48:41.0984 1968 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
10:48:42.0031 1968 kbdhid - ok
10:48:42.0046 1968 [ 5C8D9984005F4D67AC58A94FB05AFF2E ] kbfilter C:\windows\system32\drivers\kbfilter.sys
10:48:42.0062 1968 kbfilter ( UnsignedFile.Multi.Generic ) - warning
10:48:42.0062 1968 kbfilter - detected UnsignedFile.Multi.Generic (1)
10:48:42.0062 1968 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\windows\system32\drivers\kmixer.sys
10:48:42.0125 1968 kmixer - ok
10:48:42.0140 1968 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\windows\system32\drivers\KSecDD.sys
10:48:42.0218 1968 KSecDD - ok
10:48:42.0250 1968 [ 93E64BAB9DEE162CA0CA5258D132A047 ] L1e C:\windows\system32\DRIVERS\l1e51x86.sys
10:48:42.0281 1968 L1e - ok
10:48:42.0296 1968 [ 21920AC69594AB021237054FA728FE46 ] LanmanServer C:\windows\System32\srvsvc.dll
10:48:42.0343 1968 LanmanServer - ok
10:48:42.0375 1968 [ 5190783F51A2D7A8495202C664D7C963 ] lanmanworkstation C:\windows\System32\wkssvc.dll
10:48:42.0421 1968 lanmanworkstation - ok
10:48:42.0421 1968 lbrtfdc - ok
10:48:42.0468 1968 [ 98D884ADC0B8C0FEBCC9D7BEE6D86F90 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:48:42.0468 1968 LightScribeService - ok
10:48:42.0484 1968 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\windows\system32\DRIVERS\lirsgt.sys
10:48:42.0500 1968 lirsgt - ok
10:48:42.0515 1968 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\windows\System32\lmhsvc.dll
10:48:42.0562 1968 LmHosts - ok
10:48:42.0625 1968 mchInjDrv - ok
10:48:42.0656 1968 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
10:48:42.0671 1968 MDM - ok
10:48:42.0687 1968 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\windows\System32\msgsvc.dll
10:48:42.0750 1968 Messenger - ok
10:48:42.0796 1968 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:48:42.0812 1968 Microsoft Office Groove Audit Service - ok
10:48:42.0828 1968 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\windows\system32\drivers\mnmdd.sys
10:48:42.0875 1968 mnmdd - ok
10:48:42.0921 1968 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:48:42.0984 1968 mnmsrvc - ok
10:48:43.0000 1968 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\windows\system32\drivers\Modem.sys
10:48:43.0046 1968 Modem - ok
10:48:43.0062 1968 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\windows\system32\DRIVERS\mouclass.sys
10:48:43.0125 1968 Mouclass - ok
10:48:43.0140 1968 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:48:43.0203 1968 mouhid - ok
10:48:43.0203 1968 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\windows\system32\drivers\MountMgr.sys
10:48:43.0265 1968 MountMgr - ok
10:48:43.0312 1968 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:48:43.0312 1968 MozillaMaintenance - ok
10:48:43.0312 1968 mraid35x - ok
10:48:43.0312 1968 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\windows\system32\DRIVERS\mrxdav.sys
10:48:43.0375 1968 MRxDAV - ok
10:48:43.0406 1968 [ 60AE98742484E7AB80C3C1450E708148 ] MRxSmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:48:43.0437 1968 MRxSmb - ok
10:48:43.0484 1968 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
10:48:43.0500 1968 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
10:48:43.0500 1968 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
10:48:43.0531 1968 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:48:43.0593 1968 MSDTC - ok
10:48:43.0640 1968 [ 8575D788395C4D6378D98D1ED7CDADB9 ] MSDV C:\windows\system32\DRIVERS\msdv.sys
10:48:43.0656 1968 MSDV - ok
10:48:43.0687 1968 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\windows\system32\drivers\Msfs.sys
10:48:43.0734 1968 Msfs - ok
10:48:43.0734 1968 MSIServer - ok
10:48:43.0750 1968 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:48:43.0812 1968 MSKSSRV - ok
10:48:43.0828 1968 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:48:43.0890 1968 MSPCLOCK - ok
10:48:43.0890 1968 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:48:43.0953 1968 MSPQM - ok
10:48:43.0953 1968 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
10:48:44.0031 1968 mssmbios - ok
10:48:44.0046 1968 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:48:44.0078 1968 MSTEE - ok
10:48:44.0093 1968 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\windows\system32\DRIVERS\ASACPI.sys
10:48:44.0125 1968 MTsensor - ok
10:48:44.0125 1968 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\windows\system32\drivers\Mup.sys
10:48:44.0171 1968 Mup - ok
10:48:44.0203 1968 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\windows\system32\DRIVERS\NABTSFEC.sys
10:48:44.0203 1968 NABTSFEC - ok
10:48:44.0218 1968 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\windows\System32\qagentrt.dll
10:48:44.0296 1968 napagent - ok
10:48:44.0312 1968 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\windows\system32\drivers\NDIS.sys
10:48:44.0375 1968 NDIS - ok
10:48:44.0390 1968 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\windows\system32\DRIVERS\NdisIP.sys
10:48:44.0390 1968 NdisIP - ok
10:48:44.0406 1968 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:48:44.0468 1968 NdisTapi - ok
10:48:44.0500 1968 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:48:44.0546 1968 Ndisuio - ok
10:48:44.0578 1968 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:48:44.0625 1968 NdisWan - ok
10:48:44.0656 1968 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:48:44.0718 1968 NDProxy - ok
10:48:44.0718 1968 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:48:44.0765 1968 NetBIOS - ok
10:48:44.0796 1968 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:48:44.0859 1968 NetBT - ok
10:48:44.0875 1968 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\windows\system32\netdde.exe
10:48:44.0937 1968 NetDDE - ok
10:48:44.0937 1968 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\windows\system32\netdde.exe
10:48:45.0000 1968 NetDDEdsdm - ok
10:48:45.0031 1968 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\windows\system32\lsass.exe
10:48:45.0078 1968 Netlogon - ok
10:48:45.0109 1968 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\windows\System32\netman.dll
10:48:45.0171 1968 Netman - ok
10:48:45.0203 1968 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:48:45.0218 1968 NetTcpPortSharing - ok
10:48:45.0218 1968 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\windows\system32\DRIVERS\nic1394.sys
10:48:45.0296 1968 NIC1394 - ok
10:48:45.0328 1968 [ 1289B7611CCD6CB27596AE92CBF03E35 ] Nla C:\windows\System32\mswsock.dll
10:48:45.0359 1968 Nla - ok
10:48:45.0406 1968 [ CB3267C4CEED06A6CB1EF127522D581B ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:48:45.0421 1968 NMIndexingService - ok
10:48:45.0437 1968 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\windows\system32\drivers\ccdcmb.sys
10:48:45.0578 1968 nmwcd - ok
10:48:45.0593 1968 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\windows\system32\drivers\ccdcmbo.sys
10:48:45.0640 1968 nmwcdc - ok
10:48:45.0656 1968 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\windows\system32\drivers\Npfs.sys
10:48:45.0718 1968 Npfs - ok
10:48:45.0750 1968 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:48:45.0843 1968 Ntfs - ok
10:48:45.0859 1968 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\windows\system32\lsass.exe
10:48:45.0906 1968 NtLmSsp - ok
10:48:45.0937 1968 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\windows\system32\ntmssvc.dll
10:48:46.0015 1968 NtmsSvc - ok
10:48:46.0046 1968 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\windows\system32\drivers\Null.sys
10:48:46.0093 1968 Null - ok
10:48:46.0218 1968 [ 1FC95A1BC5330617C60814FBE73C4FDA ] nv C:\windows\system32\DRIVERS\nv4_mini.sys
10:48:46.0375 1968 nv - ok
10:48:46.0390 1968 [ 9899AB715229C0E6DC935AE121E6EDBB ] NVSvc C:\windows\system32\nvsvc32.exe
10:48:46.0390 1968 NVSvc - ok
10:48:46.0421 1968 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\windows\system32\DRIVERS\nwlnkflt.sys
10:48:46.0484 1968 NwlnkFlt - ok
10:48:46.0515 1968 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\windows\system32\DRIVERS\nwlnkfwd.sys
10:48:46.0578 1968 NwlnkFwd - ok
10:48:46.0593 1968 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:48:46.0609 1968 odserv - ok
10:48:46.0640 1968 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
10:48:46.0703 1968 ohci1394 - ok
10:48:46.0765 1968 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:48:46.0765 1968 ose - ok
10:48:46.0781 1968 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
10:48:46.0796 1968 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
10:48:46.0796 1968 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
10:48:46.0796 1968 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\windows\system32\drivers\Parport.sys
10:48:46.0859 1968 Parport - ok
10:48:46.0859 1968 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\windows\system32\drivers\PartMgr.sys
10:48:46.0906 1968 PartMgr - ok
10:48:46.0937 1968 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\windows\system32\drivers\ParVdm.sys
10:48:46.0984 1968 ParVdm - ok
10:48:47.0015 1968 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\windows\system32\DRIVERS\pccsmcfd.sys
10:48:47.0062 1968 pccsmcfd - ok
10:48:47.0078 1968 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\windows\system32\DRIVERS\pci.sys
10:48:47.0156 1968 PCI - ok
10:48:47.0156 1968 PCIDump - ok
10:48:47.0156 1968 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\windows\system32\DRIVERS\pciide.sys
10:48:47.0203 1968 PCIIde - ok
10:48:47.0234 1968 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\windows\system32\drivers\Pcmcia.sys
10:48:47.0296 1968 Pcmcia - ok
10:48:47.0296 1968 PDCOMP - ok
10:48:47.0296 1968 PDFRAME - ok
10:48:47.0296 1968 PDRELI - ok
10:48:47.0296 1968 PDRFRAME - ok
10:48:47.0296 1968 perc2 - ok
10:48:47.0296 1968 perc2hib - ok
10:48:47.0312 1968 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\windows\system32\services.exe
10:48:47.0328 1968 PlugPlay - ok
10:48:47.0343 1968 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\windows\system32\lsass.exe
10:48:47.0390 1968 PolicyAgent - ok
10:48:47.0406 1968 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:48:47.0453 1968 PptpMiniport - ok
10:48:47.0484 1968 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\windows\System32\drivers\prodrv06.sys
10:48:47.0484 1968 prodrv06 ( UnsignedFile.Multi.Generic ) - warning
10:48:47.0484 1968 prodrv06 - detected UnsignedFile.Multi.Generic (1)
10:48:47.0515 1968 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\windows\system32\drivers\prohlp02.sys
10:48:47.0531 1968 prohlp02 ( UnsignedFile.Multi.Generic ) - warning
10:48:47.0531 1968 prohlp02 - detected UnsignedFile.Multi.Generic (1)
10:48:47.0531 1968 prosync1 - ok
10:48:47.0531 1968 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\windows\system32\lsass.exe
10:48:47.0578 1968 ProtectedStorage - ok
10:48:47.0609 1968 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\windows\system32\DRIVERS\psched.sys
10:48:47.0656 1968 PSched - ok
10:48:47.0687 1968 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
10:48:47.0703 1968 PSI_SVC_2 - ok
10:48:47.0703 1968 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\windows\system32\DRIVERS\ptilink.sys
10:48:47.0765 1968 Ptilink - ok
10:48:47.0781 1968 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
10:48:47.0781 1968 PxHelp20 - ok
10:48:47.0796 1968 ql1080 - ok
10:48:47.0796 1968 Ql10wnt - ok
10:48:47.0796 1968 ql12160 - ok
10:48:47.0796 1968 ql1240 - ok
10:48:47.0796 1968 ql1280 - ok

VIRY.CZ

Prosím o pomoc - AVG mi detekuje stále trojany

Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany

Re: Prosím o pomoc - AVG mi detekuje stále trojany