VIRY.CZ

Dobry den, zda se mi, ze mi neco na PC blokuje aplikace souvisejici s internetem... Presneji receno, aplikace pisi, ze internet neni pripojen, pritom mi funguje normalne... A celkove se mi PC zda pomale, jakoby zasekane... Zde je log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukáš at 2010-09-06 13:33:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 321 GB (67%) free of 477 GB
Total RAM: 1023 MB (54% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll [2009-10-01 599336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-09-29 2054360]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-07-19 202256]
"Local Security Authortity Process"=C:\Documents and Settings\Vašek\Data aplikací\Microsoft\lsass.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Nsacon"=C:\WINDOWS\nvrali.dll [2008-04-14 72704]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Kuba\Plocha\PES 2009\pes2009.exe"="C:\Documents and Settings\Kuba\Plocha\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Documents and Settings\Kuba\Plocha\PES 2009\CSP2009.exe"="C:\Documents and Settings\Kuba\Plocha\PES 2009\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\SMART Technologies\SMART Board Drivers\UCGui.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\UCGui.exe:*:Enabled:SMART Universal Controller Interface"
"C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe:*:Enabled:SMART SNMPAgent"
"C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\UCService.exe:*:Enabled:SMART Universal Controller Service"
"C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe:*:Enabled:SMART Web Server"
"C:\Documents and Settings\Kuba\Dokumenty\PES 2009\CSP2009.exe"="C:\Documents and Settings\Kuba\Dokumenty\PES 2009\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Warcraft III\Frozen Throne.exe"="C:\Program Files\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - Ledový trůn"
"C:\Documents and Settings\Kuba\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\Kuba\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe"="C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Kuba\Plocha\Heroes of Might and Magic III Complete\Heroes3.exe"="C:\Documents and Settings\Kuba\Plocha\Heroes of Might and Magic III Complete\Heroes3.exe:*:Enabled:Heroes of Might and Magic® III"
"C:\Program Files\Ubisoft\Heroes of Might and Magic V\bina1\H5_Game.exe"="C:\Program Files\Ubisoft\Heroes of Might and Magic V\bina1\H5_Game.exe:*:Enabled:Heroes of Might and Magic V: Hammers of Fate"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Documents and Settings\Kuba\Plocha\Counter-Strike 1.6 + Half-Life\hl.exe"="C:\Documents and Settings\Kuba\Plocha\Counter-Strike 1.6 + Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\League of Legends\Air\LolClient.exe"="C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Program Files\League of Legends\Game\League of Legends.exe"="C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2010-09-04 07:22:04 ----D---- C:\Program Files\League of Legends
2010-09-03 13:32:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2010-09-03 13:31:34 ----D---- C:\Program Files\Pando Networks
2010-08-31 11:00:06 ----D---- C:\Program Files\Garena
2010-08-29 19:09:21 ----D---- C:\Program Files\Combined Community Codec Pack
2010-08-29 11:43:27 ----A---- C:\Documents and Settings\Lukáš\Data aplikací\LiveUpdater.exe
2010-08-22 17:06:39 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\TS3Client
2010-08-22 17:05:19 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-08-18 21:04:56 ----N---- C:\Documents and Settings\Lukáš\Data aplikací\ccpep.exe
2010-08-18 21:04:50 ----A---- C:\setup.exe
2010-08-18 21:04:48 ----A---- C:\Documents and Settings\Lukáš\Data aplikací\WinLatestUpdPack2.exe
2010-08-18 21:04:30 ----A---- C:\Documents and Settings\Lukáš\Data aplikací\WinUpdateMon.exe
2010-08-18 21:04:30 ----A---- C:\Documents and Settings\Lukáš\Data aplikací\WinPackServices.exe
2010-08-13 15:55:34 ----AH---- C:\WINDOWS\system32\hamachi.sys
2010-08-13 15:49:50 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2010-08-08 18:23:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage

======List of files/folders modified in the last 1 months======

2010-09-06 13:33:47 ----D---- C:\Program Files\trend micro
2010-09-06 13:33:29 ----D---- C:\WINDOWS\Temp
2010-09-06 13:02:29 ----D---- C:\WINDOWS\Prefetch
2010-09-06 10:21:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-06 03:47:39 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\Skype
2010-09-05 22:51:32 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\skypePM
2010-09-04 11:08:54 ----D---- C:\WINDOWS
2010-09-04 07:25:57 ----HD---- C:\WINDOWS\inf
2010-09-04 07:25:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-04 07:25:54 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\Adobe
2010-09-04 07:22:04 ----D---- C:\Program Files
2010-09-04 02:35:46 ----RD---- C:\Lukáš
2010-09-03 06:52:18 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\uTorrent
2010-09-02 15:13:56 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\HPAppData
2010-09-02 14:10:00 ----D---- C:\Program Files\Warcraft III
2010-09-01 12:26:10 ----A---- C:\WINDOWS\NeroDigital.ini
2010-08-29 11:43:09 ----SD---- C:\Documents and Settings\Lukáš\Data aplikací\Microsoft
2010-08-29 10:25:17 ----SHD---- C:\WINDOWS\Installer
2010-08-29 10:25:17 ----HD---- C:\Config.Msi
2010-08-29 10:18:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\KONAMI
2010-08-28 16:52:32 ----D---- C:\Kapela
2010-08-28 15:56:46 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\HP
2010-08-26 15:05:47 ----A---- C:\WINDOWS\win.ini
2010-08-22 18:24:38 ----D---- C:\Documents and Settings\Lukáš\Data aplikací\ICQ
2010-08-21 15:25:00 ----A---- C:\WINDOWS\wincmd.ini
2010-08-19 10:10:49 ----D---- C:\WINDOWS\system32
2010-08-18 12:43:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2010-08-18 12:43:06 ----D---- C:\Program Files\SweetIM
2010-08-18 12:42:18 ----D---- C:\Program Files\Opera
2010-08-18 12:41:36 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-18 12:41:36 ----D---- C:\Program Files\EACOM
2010-08-14 21:13:27 ----D---- C:\Program Files\Valve
2010-08-14 18:51:57 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-20 691696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-04-14 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-04-14 13056]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 aq7w945c;aq7w945c; C:\WINDOWS\system32\drivers\aq7w945c.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\plugins\UI\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-08-14 25280]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-09-29 735960]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SMART Board Service;Služba SMART Board; C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe [2009-09-17 2647336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 byblqdp;Microsoft Universal; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-09-29 20680]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service; C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [2009-09-17 1049896]
S3 SMART Web Server;Webový server SMART; C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe [2009-09-17 1258792]

-----------------EOF-----------------

Zdravim
No mas to zasmejdovane.

Stiahnes>>Malwarebytes' Anti-Malware stiahnut-nainstalovat -aktualizovat-
spravRychly, skan ,co najde daj zmazat,log vloz sem,

PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

Zde je log z Malware....

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4554

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6. 9. 2010 17:05:10
mbam-log-2010-09-06 (17-05-10).txt

Scan type: Quick scan
Objects scanned: 169058
Time elapsed: 9 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 15

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\local security authortity process (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Lukáš\Data aplikací\LiveUpdater.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lukáš\Data aplikací\WinLatestUpdPack2.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lukáš\Data aplikací\WinUpdateMon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Data aplikací\LiveUpdater.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Data aplikací\LiveUpdate_1.0.1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Data aplikací\WinLatestUpdPack2.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Data aplikací\WinUpdateMon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lukáš\Data aplikací\Microsoft\lsass.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Data aplikací\Microsoft\lsass.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Local Settings\Temp\update.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Local Settings\Temp\setupv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Local Settings\Temp\installer.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lukáš\Local Settings\Temp\setupv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lukáš\Data aplikací\Microsoft\n (Malware.Traces) -> Quarantined and deleted successfully.
C:\Documents and Settings\Kuba\Data aplikací\Microsoft\n (Malware.Traces) -> Quarantined and deleted successfully.

A Zde je log z ComboFix:

ComboFix 10-09-04.06 - Lukáš . 09. 2010 17:22:14.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.706 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lukáš\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\Kuba\Data aplikací\7za.exe
c:\documents and settings\Lukáš\Data aplikací\7za.exe
C:\setup.exe

Nakažená kopie c:\windows\system32\drivers\pciide.sys byla nalezena a vyléčena.
Obnovena kopie z - Kitty had a snack :p
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-06 do 2010-09-06 )))))))))))))))))))))))))))))))
.

2010-09-04 05:22 . 2010-09-06 14:42 -------- d-----w- c:\program files\League of Legends
2010-09-03 11:32 . 2010-09-03 11:32 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2010-09-03 11:31 . 2010-09-03 11:31 -------- d-----w- c:\program files\Pando Networks
2010-08-31 09:00 . 2010-09-02 11:27 -------- d-----w- c:\program files\Garena
2010-08-29 17:09 . 2010-08-29 17:09 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-08-22 15:05 . 2010-08-22 15:05 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-08-13 13:55 . 2010-02-03 13:56 26176 ---ha-w- c:\windows\system32\hamachi.sys
2010-08-13 13:49 . 2010-08-14 16:51 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 11:33 . 2010-05-05 22:02 -------- d-----w- c:\program files\trend micro
2010-09-02 12:10 . 2010-02-07 16:17 -------- d-----w- c:\program files\Warcraft III
2010-08-18 10:43 . 2010-07-24 01:42 -------- d-----w- c:\program files\SweetIM
2010-08-18 10:42 . 2010-04-26 18:09 -------- d-----w- c:\program files\Opera
2010-08-18 10:41 . 2010-01-15 16:56 -------- d-----w- c:\program files\EACOM
2010-08-18 10:41 . 2010-01-14 20:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-14 19:13 . 2010-02-09 12:51 -------- d-----w- c:\program files\Valve
2010-08-06 08:54 . 2010-01-16 19:13 -------- d-----w- c:\program files\Heroes of Newerth
2010-07-30 08:02 . 2010-02-07 07:54 -------- d-----w- c:\program files\KONAMI
2010-07-27 13:33 . 2010-01-15 16:53 -------- d-----w- c:\program files\EA SPORTS
2010-07-18 22:47 . 2010-07-18 22:46 -------- d-----w- c:\program files\Common Files\Real
2010-07-18 22:47 . 2010-07-18 22:46 -------- d-----w- c:\program files\Real
2010-07-18 22:47 . 2010-07-18 22:47 -------- d-----w- c:\program files\Common Files\xing shared
2010-07-18 22:46 . 2010-01-14 21:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-18 22:46 . 2010-01-14 21:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
.

------- Sigcheck -------

[-] 2009-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 10:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-07-18 202256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI1"=vpnt.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\WebServer.exe"=
"c:\\Documents and Settings\\Kuba\\Dokumenty\\PES 2009\\CSP2009.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Documents and Settings\\Kuba\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Ubisoft\\Heroes of Might and Magic V - Tribes of the East\\bin\\H5_Game.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Ubisoft\\Heroes of Might and Magic V\\bina1\\H5_Game.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\League of Legends\\Air\\LolClient.exe"=
"c:\\Program Files\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6060:TCP"= 6060:TCP:htoqox
"58281:TCP"= 58281:TCP:Pando Media Booster
"58281:UDP"= 58281:UDP:Pando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"2099:TCP"= 2099:TCP:PvP.net
"5222:TCP"= 5222:TCP:PvP.net
"5223:TCP"= 5223:TCP:PvP.net
"5000:TCP"= 5000:TCP:LoL Game Client
"443:TCP"= 443:TCP:HTTPS Connections

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29. 9. 2009 14:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29. 9. 2009 14:05 96408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29. 9. 2009 14:03 735960]
S2 byblqdp;Microsoft Universal;c:\windows\system32\svchost.exe -k netsvcs [14. 4. 2008 8:52 14336]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp --> c:\docume~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\plugins\UI\safedrv.sys --> c:\program files\Garena\plugins\UI\safedrv.sys [?]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [17. 9. 2009 12:43 1049896]
S3 SMART Web Server;Webový server SMART;c:\program files\SMART Technologies\SMART Board Drivers\WebServer.exe [17. 9. 2009 12:43 1258792]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20. 1. 2010 20:15 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
byblqdp
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/go.php?verb=register-home&lang=cze
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
TCP: {0B7E777B-AE48-4C10-B41B-3C7420CD14F0} = 88.220.85.1,213.172.186.4
TCP: {8EC80DEF-2923-4BAE-9F69-325E3A5DE45D} = 88.220.85.1,213.172.186.4
FF - ProfilePath - c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\foj946kg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Nsacon - c:\windows\nvrali.dll
HKLM-Run-nwiz - nwiz.exe
AddRemove-GAMEFORGE Nostale(CZ)_is1 - c:\nostale(cz)\unins000.exe
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
AddRemove-Unibet Poker - c:\microg~1\Poker\UNIBET~1\UNIBET~1\UNWISE.EXE
AddRemove-ZZ-DARTS_is1 - c:\program files\zzdarts\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 17:29
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp"
.
Celkový čas: 2010-09-06 17:30:33
ComboFix-quarantined-files.txt 2010-09-06 15:30

Před spuštěním: Volných bajtů: 339 297 304 576
Po spuštění: Volných bajtů: 341 802 844 160

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - D3B684097BC40F2BA65EE27550E5DC69

este kym zacneme mazat, pouzivas proxy?? preco mas polske IP??

Nejsem si jist, co je to proxy. Bydlím na hranicích a mám wi-fi přes polského poskytovatele..

odinstaluj cez pridat/odobrat programy c:\program files\SweetIM\Toolbars

Pouzivas virtual piano??a Garenu??

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Driver::
byblqdp
NetSvc::
byblqdp
DDS::
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
FireFox::
FF - ProfilePath - c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\foj946kg.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

Snad se mi ten IMToolbars podařilo odinstalovat, i když to nějak habrovalo..
K otázkám: Problém je, že nejsem jediný uživatel tohoto PC, ale u Gareny jsem si jistý, že to jiný uživatel používá, u toho Piano nevím.. :/
Zde je nový log, snad jsem postup dodržel správně... :

ComboFix 10-09-04.06 - Lukáš . 09. 2010 18:23:21.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.381 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lukáš\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lukáš\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\setup.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BYBLQDP
-------\Service_byblqdp

((((((((((((((((((((((((( Soubory vytvořené od 2010-08-06 do 2010-09-06 )))))))))))))))))))))))))))))))
.

2010-09-04 05:22 . 2010-09-06 14:42 -------- d-----w- c:\program files\League of Legends
2010-09-03 11:32 . 2010-09-03 11:32 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2010-09-03 11:31 . 2010-09-03 11:31 -------- d-----w- c:\program files\Pando Networks
2010-08-31 09:00 . 2010-09-02 11:27 -------- d-----w- c:\program files\Garena
2010-08-29 17:09 . 2010-08-29 17:09 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-08-22 15:05 . 2010-08-22 15:05 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-08-13 13:55 . 2010-02-03 13:56 26176 ---ha-w- c:\windows\system32\hamachi.sys
2010-08-13 13:49 . 2010-08-14 16:51 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 11:33 . 2010-05-05 22:02 -------- d-----w- c:\program files\trend micro
2010-09-02 12:10 . 2010-02-07 16:17 -------- d-----w- c:\program files\Warcraft III
2010-08-18 10:42 . 2010-04-26 18:09 -------- d-----w- c:\program files\Opera
2010-08-18 10:41 . 2010-01-15 16:56 -------- d-----w- c:\program files\EACOM
2010-08-18 10:41 . 2010-01-14 20:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-14 19:13 . 2010-02-09 12:51 -------- d-----w- c:\program files\Valve
2010-08-06 08:54 . 2010-01-16 19:13 -------- d-----w- c:\program files\Heroes of Newerth
2010-07-30 08:02 . 2010-02-07 07:54 -------- d-----w- c:\program files\KONAMI
2010-07-27 13:33 . 2010-01-15 16:53 -------- d-----w- c:\program files\EA SPORTS
2010-07-18 22:47 . 2010-07-18 22:46 -------- d-----w- c:\program files\Common Files\Real
2010-07-18 22:47 . 2010-07-18 22:46 -------- d-----w- c:\program files\Real
2010-07-18 22:47 . 2010-07-18 22:47 -------- d-----w- c:\program files\Common Files\xing shared
2010-07-18 22:46 . 2010-01-14 21:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-18 22:46 . 2010-01-14 21:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
.

------- Sigcheck -------

[-] 2009-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-09-06_15.29.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-06 16:31 . 2010-09-06 16:31 16384 c:\windows\temp\Perflib_Perfdata_148.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-07-18 202256]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MIDI1"=vpnt.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Board Drivers\\WebServer.exe"=
"c:\\Documents and Settings\\Kuba\\Dokumenty\\PES 2009\\CSP2009.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Documents and Settings\\Kuba\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Ubisoft\\Heroes of Might and Magic V - Tribes of the East\\bin\\H5_Game.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Ubisoft\\Heroes of Might and Magic V\\bina1\\H5_Game.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\League of Legends\\Air\\LolClient.exe"=
"c:\\Program Files\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6060:TCP"= 6060:TCP:htoqox
"58281:TCP"= 58281:TCP:Pando Media Booster
"58281:UDP"= 58281:UDP:Pando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"2099:TCP"= 2099:TCP:PvP.net
"5222:TCP"= 5222:TCP:PvP.net
"5223:TCP"= 5223:TCP:PvP.net
"5000:TCP"= 5000:TCP:LoL Game Client
"443:TCP"= 443:TCP:HTTPS Connections

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29. 9. 2009 14:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29. 9. 2009 14:05 96408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29. 9. 2009 14:03 735960]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp --> c:\docume~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\plugins\UI\safedrv.sys --> c:\program files\Garena\plugins\UI\safedrv.sys [?]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [17. 9. 2009 12:43 1049896]
S3 SMART Web Server;Webový server SMART;c:\program files\SMART Technologies\SMART Board Drivers\WebServer.exe [17. 9. 2009 12:43 1258792]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20. 1. 2010 20:15 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/go.php?verb=register-home&lang=cze
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - c:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
TCP: {0B7E777B-AE48-4C10-B41B-3C7420CD14F0} = 88.220.85.1,213.172.186.4
TCP: {8EC80DEF-2923-4BAE-9F69-325E3A5DE45D} = 88.220.85.1,213.172.186.4
FF - ProfilePath - c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\foj946kg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-06 18:31
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Kuba\LOCALS~1\Temp\XVB18DB.tmp"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Real\RealPlayer\RealPlay.exe
c:\windows\system32\devldr32.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Celkový čas: 2010-09-06 18:35:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-06 16:34
ComboFix2.txt 2010-09-06 15:30

Před spuštěním: Volných bajtů: 341 716 856 832
Po spuštění: Volných bajtů: 341 637 001 216

- - End Of File - - 7FF38675F73C53B5A2F8E5EC9011315E

Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s


:reg
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6060:TCP"=- 

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[EMPTYFLASH]
[start explorer]
[Reboot]

Stiahnite si prosím TDSSKiller a uložte ho na plochu.

2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

Takže, program OTM provedl akci, ovšem počítač jsem musel restartovat ručně na bedně.. po dojetí scanu to několik desítek minut vůbec nic nedělalo, ale opravdu nic.. Log ovšem po restartu vyběh:

All processes killed
Error: Unable to interpret <processes> in the current context!
Error: Unable to interpret <explorer.exe> in the current context!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET2D.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET30.tmp moved successfully.
C:\WINDOWS\SET3C.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\Installer\MSI1D94.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Kuba
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 152321 bytes
->Java cache emptied: 25862860 bytes
->FireFox cache emptied: 99152102 bytes
->Google Chrome cache emptied: 8109680 bytes
->Opera cache emptied: 16713530 bytes
->Flash cache emptied: 69038 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: Lukáš
->Temp folder emptied: 706 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Java cache emptied: 27183378 bytes
->FireFox cache emptied: 50121050 bytes
->Opera cache emptied: 272 bytes
->Flash cache emptied: 31790 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Vašek
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 31403496 bytes
->FireFox cache emptied: 86617107 bytes
->Flash cache emptied: 9336 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 330,00 mb

Restore point Set: OTM Restore Point (0)

OTM by OldTimer - Version 3.1.15.0 log created on 09062010_185331

Files moved on Reboot...

Registry entries deleted on Reboot...

Ten další program nic nenašel a ani log mi to nevyjelo.. jen prostě prázdnou tabulku po scanu...

OTM, ok,
TDSS killer=to neexistuje, pozri sa sem
C:\ "TDSSKiller. _log.txt"
tu by malo byt,
ak nebude novy skan, presne podla navodu.

Aha, tak se omlouvám, log byl uložen na disku C:
Zde je:

2010/09/06 19:04:22.0187 TDSS rootkit removing tool 2.4.2.0 Sep 3 2010 10:26:06
2010/09/06 19:04:22.0187 ================================================================================
2010/09/06 19:04:22.0187 SystemInfo:
2010/09/06 19:04:22.0187
2010/09/06 19:04:22.0187 OS Version: 5.1.2600 ServicePack: 3.0
2010/09/06 19:04:22.0187 Product type: Workstation
2010/09/06 19:04:22.0187 ComputerName: HOME-AACD20BA28
2010/09/06 19:04:22.0187 UserName: Lukáš
2010/09/06 19:04:22.0187 Windows directory: C:\WINDOWS
2010/09/06 19:04:22.0187 System windows directory: C:\WINDOWS
2010/09/06 19:04:22.0187 Processor architecture: Intel x86
2010/09/06 19:04:22.0187 Number of processors: 1
2010/09/06 19:04:22.0187 Page size: 0x1000
2010/09/06 19:04:22.0187 Boot type: Normal boot
2010/09/06 19:04:22.0187 ================================================================================
2010/09/06 19:04:22.0515 Initialize success
2010/09/06 19:04:37.0296 ================================================================================
2010/09/06 19:04:37.0296 Scan started
2010/09/06 19:04:37.0296 Mode: Manual;
2010/09/06 19:04:37.0296 ================================================================================
2010/09/06 19:04:37.0578 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/09/06 19:04:37.0671 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/09/06 19:04:37.0765 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/09/06 19:04:37.0828 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
2010/09/06 19:04:37.0984 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/09/06 19:04:38.0078 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/09/06 19:04:38.0109 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/09/06 19:04:38.0140 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/09/06 19:04:38.0218 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/09/06 19:04:38.0265 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/09/06 19:04:38.0296 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/09/06 19:04:38.0343 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/09/06 19:04:38.0375 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/09/06 19:04:38.0437 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/09/06 19:04:38.0546 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
2010/09/06 19:04:38.0656 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/09/06 19:04:38.0718 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2010/09/06 19:04:38.0796 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\DRIVERS\dmio.sys
2010/09/06 19:04:38.0828 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/09/06 19:04:38.0859 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/09/06 19:04:38.0937 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/09/06 19:04:38.0984 eamon (1b5ca1caffc594bd37dcc8d7ef849e0b) C:\WINDOWS\system32\DRIVERS\eamon.sys
2010/09/06 19:04:39.0031 ehdrv (a4241545ecff3ee97041847d83936e1f) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2010/09/06 19:04:39.0078 emu10k (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
2010/09/06 19:04:39.0109 emu10k1 (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
2010/09/06 19:04:39.0125 epfwtdir (367a97a632ec5e8521f68ffa2c700610) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2010/09/06 19:04:39.0187 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/09/06 19:04:39.0218 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/09/06 19:04:39.0265 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2010/09/06 19:04:39.0296 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/09/06 19:04:39.0375 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/09/06 19:04:39.0390 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/09/06 19:04:39.0453 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/09/06 19:04:39.0468 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2010/09/06 19:04:39.0796 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/09/06 19:04:39.0859 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2010/09/06 19:04:39.0890 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/09/06 19:04:39.0968 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/09/06 19:04:39.0984 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/09/06 19:04:40.0000 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/09/06 19:04:40.0046 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/09/06 19:04:40.0171 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/09/06 19:04:40.0234 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/09/06 19:04:40.0328 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/09/06 19:04:40.0375 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/09/06 19:04:40.0390 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/09/06 19:04:40.0437 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/09/06 19:04:40.0484 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/09/06 19:04:40.0531 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/09/06 19:04:40.0609 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/09/06 19:04:40.0656 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/09/06 19:04:40.0703 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/09/06 19:04:40.0750 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/09/06 19:04:40.0812 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/09/06 19:04:40.0906 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/09/06 19:04:40.0968 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2010/09/06 19:04:41.0000 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/09/06 19:04:41.0062 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/09/06 19:04:41.0093 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/09/06 19:04:41.0125 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/09/06 19:04:41.0234 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/09/06 19:04:41.0312 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/09/06 19:04:41.0343 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/09/06 19:04:41.0390 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/09/06 19:04:41.0421 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/09/06 19:04:41.0453 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/09/06 19:04:41.0500 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/09/06 19:04:41.0593 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/09/06 19:04:41.0609 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/09/06 19:04:41.0640 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/09/06 19:04:41.0656 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/09/06 19:04:41.0671 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/09/06 19:04:41.0734 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/09/06 19:04:41.0796 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/09/06 19:04:41.0890 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/09/06 19:04:41.0921 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/09/06 19:04:41.0984 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/09/06 19:04:42.0046 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/09/06 19:04:42.0312 nv (a05d99cbf55eb493c9e82b4bca848ef5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/09/06 19:04:42.0687 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
2010/09/06 19:04:42.0765 NVENETFD (97724affdd7a5a47c3bc07ccd1b88745) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2010/09/06 19:04:42.0796 nvnetbus (82c2b3a89b9edfa6287c5aba1a4e6a99) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2010/09/06 19:04:42.0843 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/09/06 19:04:42.0859 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/09/06 19:04:42.0906 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/09/06 19:04:42.0953 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/09/06 19:04:43.0000 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/09/06 19:04:43.0031 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/09/06 19:04:43.0078 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/09/06 19:04:43.0156 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/09/06 19:04:43.0187 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/09/06 19:04:43.0328 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/09/06 19:04:43.0375 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/09/06 19:04:43.0421 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/09/06 19:04:43.0484 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/09/06 19:04:43.0640 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/09/06 19:04:43.0656 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/09/06 19:04:43.0687 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/09/06 19:04:43.0703 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/09/06 19:04:43.0781 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/09/06 19:04:43.0843 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/09/06 19:04:43.0875 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/09/06 19:04:43.0953 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/09/06 19:04:44.0046 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/09/06 19:04:44.0125 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/09/06 19:04:44.0171 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/09/06 19:04:44.0218 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/09/06 19:04:44.0296 sermouse (61490899036b14dedc24babd847d7001) C:\WINDOWS\system32\DRIVERS\sermouse.sys
2010/09/06 19:04:44.0343 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/09/06 19:04:44.0375 sfman (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
2010/09/06 19:04:44.0468 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/09/06 19:04:44.0734 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2010/09/06 19:04:44.0937 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/09/06 19:04:44.0953 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/09/06 19:04:45.0015 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/09/06 19:04:45.0031 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/09/06 19:04:45.0140 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/09/06 19:04:45.0265 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/09/06 19:04:45.0328 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/09/06 19:04:45.0390 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/09/06 19:04:45.0546 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/06 19:04:45.0640 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/09/06 19:04:45.0718 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/09/06 19:04:45.0765 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/09/06 19:04:45.0796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/09/06 19:04:45.0812 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/09/06 19:04:45.0843 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/09/06 19:04:45.0875 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/09/06 19:04:45.0890 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/09/06 19:04:45.0953 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/09/06 19:04:46.0000 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/09/06 19:04:46.0062 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/09/06 19:04:46.0109 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/09/06 19:04:46.0171 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/09/06 19:04:46.0296 ================================================================================
2010/09/06 19:04:46.0296 Scan finished
2010/09/06 19:04:46.0296 ================================================================================
2010/09/06 19:05:15.0734 ================================================================================
2010/09/06 19:05:15.0734 Scan started
2010/09/06 19:05:15.0734 Mode: Manual;
2010/09/06 19:05:15.0734 ================================================================================
2010/09/06 19:05:15.0984 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/09/06 19:05:16.0078 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/09/06 19:05:16.0125 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/09/06 19:05:16.0218 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
2010/09/06 19:05:16.0359 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2010/09/06 19:05:16.0437 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/09/06 19:05:16.0500 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/09/06 19:05:16.0531 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/09/06 19:05:16.0593 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/09/06 19:05:16.0625 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/09/06 19:05:16.0671 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/09/06 19:05:16.0734 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/09/06 19:05:16.0765 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/09/06 19:05:16.0828 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/09/06 19:05:16.0953 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
2010/09/06 19:05:17.0046 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/09/06 19:05:17.0109 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2010/09/06 19:05:17.0171 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\DRIVERS\dmio.sys
2010/09/06 19:05:17.0203 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/09/06 19:05:17.0234 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/09/06 19:05:17.0328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/09/06 19:05:17.0359 eamon (1b5ca1caffc594bd37dcc8d7ef849e0b) C:\WINDOWS\system32\DRIVERS\eamon.sys
2010/09/06 19:05:17.0421 ehdrv (a4241545ecff3ee97041847d83936e1f) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2010/09/06 19:05:17.0453 emu10k (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
2010/09/06 19:05:17.0468 emu10k1 (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
2010/09/06 19:05:17.0500 epfwtdir (367a97a632ec5e8521f68ffa2c700610) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2010/09/06 19:05:17.0546 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/09/06 19:05:17.0578 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/09/06 19:05:17.0609 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2010/09/06 19:05:17.0656 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/09/06 19:05:17.0703 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/09/06 19:05:17.0734 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/09/06 19:05:17.0781 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/09/06 19:05:17.0796 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2010/09/06 19:05:18.0109 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/09/06 19:05:18.0156 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
2010/09/06 19:05:18.0203 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/09/06 19:05:18.0265 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/09/06 19:05:18.0281 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/09/06 19:05:18.0343 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/09/06 19:05:18.0390 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/09/06 19:05:18.0484 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/09/06 19:05:18.0515 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/09/06 19:05:18.0609 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/09/06 19:05:18.0625 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/09/06 19:05:18.0656 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/09/06 19:05:18.0687 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/09/06 19:05:18.0796 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/09/06 19:05:18.0859 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/09/06 19:05:18.0906 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/09/06 19:05:18.0937 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/09/06 19:05:18.0968 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/09/06 19:05:19.0000 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/09/06 19:05:19.0062 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/09/06 19:05:19.0140 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/09/06 19:05:19.0171 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2010/09/06 19:05:19.0218 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/09/06 19:05:19.0250 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/09/06 19:05:19.0296 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/09/06 19:05:19.0328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/09/06 19:05:19.0453 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/09/06 19:05:19.0484 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/09/06 19:05:19.0531 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/09/06 19:05:19.0562 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/09/06 19:05:19.0578 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/09/06 19:05:19.0625 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/09/06 19:05:19.0687 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/09/06 19:05:19.0765 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/09/06 19:05:19.0781 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/09/06 19:05:19.0812 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/09/06 19:05:19.0828 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/09/06 19:05:19.0843 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/09/06 19:05:19.0906 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/09/06 19:05:19.0968 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/09/06 19:05:20.0015 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2010/09/06 19:05:20.0062 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/09/06 19:05:20.0109 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/09/06 19:05:20.0171 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/09/06 19:05:20.0421 nv (a05d99cbf55eb493c9e82b4bca848ef5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/09/06 19:05:20.0640 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
2010/09/06 19:05:20.0718 NVENETFD (97724affdd7a5a47c3bc07ccd1b88745) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2010/09/06 19:05:20.0734 nvnetbus (82c2b3a89b9edfa6287c5aba1a4e6a99) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2010/09/06 19:05:20.0796 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/09/06 19:05:20.0828 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/09/06 19:05:20.0875 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2010/09/06 19:05:20.0921 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/09/06 19:05:20.0953 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/09/06 19:05:21.0000 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/09/06 19:05:21.0031 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/09/06 19:05:21.0093 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/09/06 19:05:21.0140 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/09/06 19:05:21.0281 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/09/06 19:05:21.0328 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/09/06 19:05:21.0375 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/09/06 19:05:21.0390 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/09/06 19:05:21.0515 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/09/06 19:05:21.0546 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/09/06 19:05:21.0593 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/09/06 19:05:21.0609 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/09/06 19:05:21.0687 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/09/06 19:05:21.0718 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/09/06 19:05:21.0750 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/09/06 19:05:21.0812 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/09/06 19:05:21.0890 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/09/06 19:05:21.0953 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/09/06 19:05:22.0000 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/09/06 19:05:22.0046 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/09/06 19:05:22.0093 sermouse (61490899036b14dedc24babd847d7001) C:\WINDOWS\system32\DRIVERS\sermouse.sys
2010/09/06 19:05:22.0140 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/09/06 19:05:22.0171 sfman (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
2010/09/06 19:05:22.0250 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/09/06 19:05:22.0312 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2010/09/06 19:05:22.0390 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/09/06 19:05:22.0406 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/09/06 19:05:22.0453 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/09/06 19:05:22.0468 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/09/06 19:05:22.0578 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/09/06 19:05:22.0671 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/09/06 19:05:22.0718 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/09/06 19:05:22.0750 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/09/06 19:05:22.0796 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/09/06 19:05:22.0875 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/09/06 19:05:22.0921 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/09/06 19:05:22.0968 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/09/06 19:05:23.0000 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/09/06 19:05:23.0031 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/09/06 19:05:23.0046 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/09/06 19:05:23.0093 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/09/06 19:05:23.0109 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/09/06 19:05:23.0156 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/09/06 19:05:23.0203 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/09/06 19:05:23.0265 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/09/06 19:05:23.0312 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/09/06 19:05:23.0359 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/09/06 19:05:23.0468 ================================================================================
2010/09/06 19:05:23.0468 Scan finished
2010/09/06 19:05:23.0468 ================================================================================
2010/09/06 19:05:31.0781 Deinitialize success

ok,

Odinstaluj combofix
klik-start-klik-spustit-skopiruj tento prikaz do okna:
combofix /uninstall
ok.

pouzi CCleaner
Stáhni, nainstaluj program CCleaner - http://www.ccleaner.com/download/downloadpage.aspx?f=2
- PravyKlik na kos-spustit ccleaner ->>>Cakas>>na cistenie,,
PravyKlik na kos-otvorit ccleaner-záložka Windows a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na záložku Aplikace a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na Registry, stiskni Hledej problémy, po dokončení skenování klikni na Opravit vybrané problémy,
-zvol Ano pro vytvoření zálohy, ulož nabídnutý soubor a klikni na Opravit všechny problémy,

nevidim Firewall

odskusaj pc a napis ci su este problemy.

Provedeno. Problém zmizel! Děkuji mnohokrát, jste borci

S Firewallem mám problem, proužíval jsem Kerio, ale prý hodně zatěžuje PC, tak jsem ho odebral a nainstaloval McAfee nebo jak, ale ta mě štvala, tak jsem jí také odinstaloval, teď jsem neměl žádnou, kterou FREE verzi Firewallu byste doporučil prosím? Poslední otázka..

PC Tools Firewall Pro
nainstaluj podla navodu, bez spyware doctora
http://www.viry.cz/forum/viewtopic.php? ... 36#p868836

nemas zaco.

VIRY.CZ

Problemy s pc - blokovani aplikaci?

Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?

Re: Problemy s pc - blokovani aplikaci?