VIRY.CZ

Dobrý den,
přestal mi fungovat antivir, žádný nejde nainstalovat (respektive spustit) a po spuštění se objeví hláška: program .net runtime optimization service přestal fungovat a byl ukončen.

Prosím o pomoc.
Díky.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Doma at 2011-10-19 14:26:04
Microsoft® Windows Vista™ Business Service Pack 1
System drive C: has 34 GB (30%) free of 114 GB
Total RAM: 2038 MB (54% free)


======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4191211530-3450770138-195522447-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4191211530-3450770138-195522447-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\01vv8b62.default

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {04426594-bce6-4705-b811-bcdba2fd9c7b}:1.2, firebug@software.joehewitt.com:1.6.2, firefox@tvunetworks.com:2, 5, 3, 1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Windows\system32\TVUAx\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npDivxPlayerPlugin.dll
npnul32.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\01vv8b62.default\extensions\
firebug@software.joehewitt.com
firefox@tvunetworks.com
{04426594-bce6-4705-b811-bcdba2fd9c7b}
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-04 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2011-03-17 198160]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=C:\Users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-25 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-03-29 222128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE

C:\Users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Kooperativa - PDF Server.lnk - C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-10-19 14:26:04 ----D---- C:\rsit
2011-10-19 14:26:04 ----D---- C:\Program Files\trend micro
2011-10-19 11:55:26 ----D---- C:\Program Files\ESET
2011-10-19 10:31:55 ----D---- C:\Users\Doma\AppData\Roaming\Serif
2011-10-19 10:31:15 ----D---- C:\Program Files\Serif
2011-10-14 10:23:16 ----D---- C:\Program Files\NeoTracePro
2011-10-14 09:58:35 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-10-14 09:58:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-10-13 13:15:39 ----D---- C:\ProgramData\AVAST Software
2011-10-13 13:15:39 ----D---- C:\Program Files\AVAST Software
2011-10-13 12:41:01 ----D---- C:\Program Files\Microsoft Security Client

======List of files/folders modified in the last 1 month======

2011-10-19 14:26:07 ----D---- C:\Windows\Temp
2011-10-19 14:26:04 ----D---- C:\Program Files
2011-10-19 14:23:48 ----SHD---- C:\Windows\Installer
2011-10-19 14:23:37 ----RSD---- C:\Windows\assembly
2011-10-19 14:23:29 ----D---- C:\Windows\System32
2011-10-19 14:23:29 ----D---- C:\Windows\Help
2011-10-19 14:23:28 ----RSD---- C:\Windows\Fonts
2011-10-19 14:08:35 ----D---- C:\Windows\system32\drivers
2011-10-19 14:08:35 ----D---- C:\Windows
2011-10-19 14:05:14 ----D---- C:\ProgramData\Microsoft Help
2011-10-19 14:05:04 ----D---- C:\Windows\winsxs
2011-10-19 14:04:46 ----SD---- C:\ProgramData\Microsoft
2011-10-19 14:04:46 ----D---- C:\Program Files\Microsoft.NET
2011-10-19 14:04:46 ----D---- C:\Program Files\Common Files\microsoft shared
2011-10-19 14:04:43 ----D---- C:\Program Files\Common Files\DESIGNER
2011-10-19 14:04:38 ----D---- C:\Windows\ShellNew
2011-10-19 14:04:20 ----D---- C:\Program Files\MSBuild
2011-10-19 14:01:19 ----D---- C:\Program Files\Common Files\System
2011-10-19 14:01:18 ----A---- C:\Windows\win.ini
2011-10-19 13:58:22 ----SHD---- C:\System Volume Information
2011-10-19 13:37:14 ----D---- C:\Windows\system32\catroot
2011-10-19 13:37:14 ----D---- C:\Windows\inf
2011-10-19 13:34:18 ----D---- C:\Program Files\KA10
2011-10-19 13:34:17 ----D---- C:\Data-KA10
2011-10-19 13:33:25 ----D---- C:\WZP2010
2011-10-19 13:31:15 ----HD---- C:\ProgramData
2011-10-19 11:55:29 ----SD---- C:\Windows\Downloaded Program Files
2011-10-19 11:41:48 ----D---- C:\ProgramData\DivX
2011-10-19 11:41:48 ----D---- C:\Program Files\Common Files\DivX Shared
2011-10-19 11:41:45 ----D---- C:\Program Files\DivX
2011-10-19 11:40:15 ----D---- C:\Aplikace
2011-10-19 11:40:05 ----D---- C:\Program Files\Common Files\InstallShield
2011-10-19 11:40:02 ----D---- C:\Program Files\Canon
2011-10-19 11:40:01 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-19 11:39:54 ----D---- C:\Program Files\Deutscher Ring
2011-10-19 11:38:34 ----D---- C:\Program Files\Common Files
2011-10-19 11:36:28 ----D---- C:\Windows\Prefetch
2011-10-17 19:00:20 ----D---- C:\Windows\Minidump
2011-10-15 22:57:41 ----D---- C:\Windows\system32\catroot2
2011-10-14 10:23:36 ----D---- C:\Windows\system
2011-10-13 13:16:00 ----D---- C:\Program Files\Windows Sidebar
2011-10-13 12:41:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-10-13 12:39:28 ----D---- C:\Windows\SoftwareDistribution
2011-10-13 12:35:06 ----HD---- C:\Windows\system32\GroupPolicy
2011-10-13 12:16:50 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-13 07:12:44 ----A---- C:\Windows\system32\mrt.exe
2011-10-10 17:11:37 ----D---- C:\Users\Doma\AppData\Roaming\FileZilla
2011-10-10 15:39:27 ----D---- C:\Program Files\Mozilla Firefox

DDS (Ver_2011-09-30.01) - NTFS_x86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_22
Run by Doma at 17:52:39 on 2011-10-19
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.2038.951 [GMT 2:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\266439168:4285865712.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\CNAB4RPK.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wermgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uWinlogon: Shell = c:\users\doma\appdata\local\008ae10f\X
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Google Update] "c:\users\doma\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ISUSPM] "c:\programdata\macrovision\flexnet connect\6\ISUSPM.exe" -scheduler
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\doma\appdata\roaming\micros~1\windows\startm~1\programs\startup\kooper~1.lnk - c:\program files\kooperativa\kooppxbn\KoopPDFServerSA.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\canonl~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\CNAB4LAK.EXE
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &NeoTrace It! - c:\progra~1\neotra~1\NTXcontext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
LSP: mswsock.dll
Trusted Zone: pps.tv
Trusted Zone: ppstream.com
Trusted Zone: webscache.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 83.240.0.214 192.168.0.1
TCP: Interfaces\{8E5487EB-EBD7-4AA8-B57F-C11F7983D090} : DHCPNameServer = 83.240.0.214 192.168.0.1
TCP: Interfaces\{AC3215AD-A37D-4B2E-A175-9C2BD6C198BE} : DHCPNameServer = 83.240.0.214 192.168.0.1
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\doma\appdata\roaming\mozilla\firefox\profiles\01vv8b62.default\
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\doma\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\users\doma\appdata\roaming\mozilla\firefox\profiles\01vv8b62.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: Firesizer: {04426594-bce6-4705-b811-bcdba2fd9c7b} - %profile%\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-2-15 218688]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 KoopPdfService;KoopPdfService;c:\program files\kooperativa\services\KoopPDFServer.exe [2011-3-2 2459136]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;"c:\program files\emsisoft anti-malware\a2service.exe" --> c:\program files\emsisoft anti-malware\a2service.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\smhwadb.sys [2011-2-18 25728]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 Samsung UPD Service;Samsung UPD Service;c:\windows\system32\SUPDSvc.exe [2011-7-28 131888]
S3 smhwdev;SmartPhone dummy USB PNP Device (Normal);c:\windows\system32\drivers\smhwdev.sys [2011-2-18 101120]
S3 smhwser;USB Device for Legacy Serial Communication (Normal);c:\windows\system32\drivers\smhwser.sys [2011-2-18 108416]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-10-19 12:26:04 -------- d-----w- c:\program files\trend micro
2011-10-19 09:55:26 -------- d-----w- c:\program files\ESET
2011-10-19 08:33:18 -------- d-----w- c:\program files\Cherry Dolls
2011-10-19 08:31:55 -------- d-----w- c:\users\doma\appdata\roaming\Serif
2011-10-19 08:31:15 -------- d-----w- c:\program files\Serif
2011-10-19 06:41:53 -------- d-----w- c:\users\doma\share
2011-10-14 08:23:16 -------- d-----w- c:\program files\NeoTracePro
2011-10-14 07:58:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-10-14 07:58:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-13 11:15:39 -------- d-----w- c:\programdata\AVAST Software
2011-10-13 11:15:39 -------- d-----w- c:\program files\AVAST Software
2011-10-13 10:51:18 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-10-13 10:50:39 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c7a2b923-78b8-4416-8c60-4d7d14c1d6fa}\offreg.dll
2011-10-13 10:50:34 7269712 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c7a2b923-78b8-4416-8c60-4d7d14c1d6fa}\mpengine.dll
2011-10-13 10:49:54 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{146aedcb-07ac-41df-9adc-03980f8fbfed}\gapaengine.dll
2011-10-13 10:49:46 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d646879e-ce25-4f00-a7ee-7bc52df56e49}\offreg.dll
2011-10-13 10:49:41 7269712 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d646879e-ce25-4f00-a7ee-7bc52df56e49}\mpengine.dll
2011-10-13 10:41:01 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-13 10:23:28 -------- d-sh--w- c:\users\doma\appdata\local\008ae10f
.
==================== Find3M ====================
.
2011-10-19 09:42:32 17659 ----a-w- c:\windows\system32\drivers\InetLock.sys
2011-09-11 08:14:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 17:53:43,89 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-09-30.01)
.
Microsoft® Windows Vista™ Business
Boot Device: \Device\HarddiskVolume1
Install Date: 8.2.2011 22:24:37
System Uptime: 19.10.2011 16:53:13 (1 hours ago)
.
Motherboard: TOSHIBA | | ISKAA
Processor: Intel(R) Core(TM)2 Duo CPU T7100 @ 1.80GHz | U2E1 | 1801/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 33,197 GiB free.
D: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Řadič paměti na sběrnici PCI
Device ID: PCI\VEN_8086&DEV_444E&SUBSYS_444E8086&REV_01\4&3AF3AB50&0&00E3
Manufacturer:
Name: Řadič paměti na sběrnici PCI
PNP Device ID: PCI\VEN_8086&DEV_444E&SUBSYS_444E8086&REV_01\4&3AF3AB50&0&00E3
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 9.20
Acrobat.com
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Canon LBP2900
CDBurnerXP
Codec Pack - All In 1 6.0.3.0
DAEMON Tools Lite
Dialup For Android Handset
DivX Setup
DivX Version Checker
doPDF 7.2 printer
ESET Online Scanner v3
FileZilla Client 3.3.5.1
Free Image Converter
Google Chrome
Google SketchUp 6
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java Auto Updater
Java(TM) 6 Update 22
JOS - WEPOS
Microsoft .NET Framework 3.5 Language Pack SP1 - csy
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile CSY Language Pack
Microsoft Antimalware
Microsoft Antimalware Service CS-CZ Language Pack
Microsoft Security Client
Microsoft Security Client CS-CZ Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox (3.6.23)
NeoTrace Pro 3.25 Trial
QuickTime
RealPlayer
Samsung Universal Print Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)
Serif PagePlus SE 1.0
The KMPlayer (remove only)
Total Commander (Remove or Repair)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VBA (2627.01)
Výukový program deskriptivní geometrie 2.51
Windows Media Player Firefox Plugin
.
==== End Of File ===========================

18:38:33.0284 1012 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
18:38:33.0362 1012 ============================================================
18:38:33.0362 1012 Current date / time: 2011/10/19 18:38:33.0362
18:38:33.0362 1012 SystemInfo:
18:38:33.0363 1012
18:38:33.0363 1012 OS Version: 6.0.6001 ServicePack: 1.0
18:38:33.0363 1012 Product type: Workstation
18:38:33.0363 1012 ComputerName: DOMA-PC
18:38:33.0363 1012 UserName: Doma
18:38:33.0363 1012 Windows directory: C:\Windows
18:38:33.0363 1012 System windows directory: C:\Windows
18:38:33.0363 1012 Processor architecture: Intel x86
18:38:33.0363 1012 Number of processors: 2
18:38:33.0363 1012 Page size: 0x1000
18:38:33.0363 1012 Boot type: Normal boot
18:38:33.0363 1012 ============================================================
18:38:34.0316 1012 Initialize success
18:39:33.0026 2696 ============================================================
18:39:33.0026 2696 Scan started
18:39:33.0026 2696 Mode: Manual; SigCheck; TDLFS;
18:39:33.0026 2696 ============================================================
18:39:33.0565 2696 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
18:39:33.0815 2696 61883 - ok
18:39:33.0942 2696 8ae10f (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\266439168:4285865712.exe
18:39:33.0943 2696 Suspicious file (Hidden): C:\Windows\266439168:4285865712.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
18:39:33.0944 2696 8ae10f ( HiddenFile.Multi.Generic ) - warning
18:39:33.0944 2696 8ae10f - detected HiddenFile.Multi.Generic (1)
18:39:34.0013 2696 a2acc - ok
18:39:34.0042 2696 a2injectiondriver - ok
18:39:34.0055 2696 a2util - ok
18:39:34.0152 2696 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
18:39:34.0186 2696 ACPI - ok
18:39:34.0266 2696 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:39:34.0345 2696 adp94xx - ok
18:39:34.0486 2696 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:39:34.0520 2696 adpahci - ok
18:39:34.0560 2696 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:39:34.0584 2696 adpu160m - ok
18:39:34.0642 2696 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:39:34.0668 2696 adpu320 - ok
18:39:34.0843 2696 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
18:39:34.0917 2696 AFD - ok
18:39:35.0103 2696 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys
18:39:35.0563 2696 AgereSoftModem - ok
18:39:35.0750 2696 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:39:35.0772 2696 agp440 - ok
18:39:35.0835 2696 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:39:35.0858 2696 aic78xx - ok
18:39:35.0933 2696 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
18:39:35.0953 2696 aliide - ok
18:39:36.0010 2696 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:39:36.0032 2696 amdagp - ok
18:39:36.0092 2696 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:39:36.0113 2696 amdide - ok
18:39:36.0226 2696 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:39:36.0353 2696 AmdK7 - ok
18:39:36.0389 2696 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:39:36.0450 2696 AmdK8 - ok
18:39:36.0590 2696 androidusb (e94e2ea7faaa05c776a711edb198b9fd) C:\Windows\system32\Drivers\smhwadb.sys
18:39:36.0617 2696 androidusb - ok
18:39:36.0794 2696 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:39:36.0807 2696 arc - ok
18:39:36.0866 2696 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:39:36.0877 2696 arcsas - ok
18:39:36.0982 2696 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:39:37.0028 2696 AsyncMac - ok
18:39:37.0073 2696 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
18:39:37.0086 2696 atapi - ok
18:39:37.0239 2696 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
18:39:37.0299 2696 Avc - ok
18:39:37.0440 2696 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:39:37.0513 2696 Beep - ok
18:39:37.0601 2696 blbdrive - ok
18:39:37.0680 2696 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
18:39:37.0747 2696 bowser - ok
18:39:37.0879 2696 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:39:38.0050 2696 BrFiltLo - ok
18:39:38.0197 2696 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:39:38.0227 2696 BrFiltUp - ok
18:39:38.0308 2696 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:39:38.0402 2696 Brserid - ok
18:39:38.0478 2696 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:39:38.0561 2696 BrSerWdm - ok
18:39:38.0587 2696 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:39:38.0671 2696 BrUsbMdm - ok
18:39:38.0706 2696 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:39:38.0783 2696 BrUsbSer - ok
18:39:38.0902 2696 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:39:38.0986 2696 BTHMODEM - ok
18:39:39.0100 2696 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:39:39.0148 2696 cdfs - ok
18:39:39.0242 2696 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
18:39:39.0293 2696 cdrom - ok
18:39:39.0417 2696 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:39:39.0486 2696 circlass - ok
18:39:39.0548 2696 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
18:39:39.0564 2696 CLFS - ok
18:39:39.0637 2696 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:39:39.0683 2696 CmBatt - ok
18:39:39.0734 2696 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:39:39.0743 2696 cmdide - ok
18:39:39.0780 2696 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:39:39.0789 2696 Compbatt - ok
18:39:39.0809 2696 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:39:39.0820 2696 crcdisk - ok
18:39:39.0857 2696 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:39:39.0916 2696 Crusoe - ok
18:39:40.0009 2696 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys
18:39:40.0104 2696 CSC - ok
18:39:40.0285 2696 DfsC (1f16118c3a8235d25e262f06601e520a) C:\Windows\system32\Drivers\dfsc.sys
18:39:40.0287 2696 Suspicious file (Forged): C:\Windows\system32\Drivers\dfsc.sys. Real md5: 1f16118c3a8235d25e262f06601e520a, Fake md5: 95e57a190d9b37f3af674cfd8dd571a3
18:39:40.0287 2696 DfsC ( Rootkit.Win32.ZAccess.g ) - infected
18:39:40.0287 2696 DfsC - detected Rootkit.Win32.ZAccess.g (0)
18:39:40.0367 2696 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
18:39:40.0381 2696 disk - ok
18:39:40.0548 2696 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:39:40.0588 2696 drmkaud - ok
18:39:40.0711 2696 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:39:40.0800 2696 dtsoftbus01 - ok
18:39:40.0935 2696 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
18:39:41.0083 2696 DXGKrnl - ok
18:39:41.0246 2696 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:39:41.0379 2696 E1G60 - ok
18:39:41.0579 2696 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
18:39:41.0606 2696 Ecache - ok
18:39:41.0685 2696 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:39:41.0720 2696 elxstor - ok
18:39:41.0906 2696 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
18:39:42.0003 2696 exfat - ok
18:39:42.0070 2696 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
18:39:42.0141 2696 fastfat - ok
18:39:42.0204 2696 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:39:42.0338 2696 fdc - ok
18:39:42.0399 2696 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:39:42.0408 2696 FileInfo - ok
18:39:42.0462 2696 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:39:42.0507 2696 Filetrace - ok
18:39:42.0562 2696 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:39:42.0624 2696 flpydisk - ok
18:39:42.0696 2696 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
18:39:42.0709 2696 FltMgr - ok
18:39:42.0779 2696 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:39:42.0810 2696 Fs_Rec - ok
18:39:42.0857 2696 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:39:42.0867 2696 gagp30kx - ok
18:39:43.0048 2696 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:39:43.0152 2696 HdAudAddService - ok
18:39:43.0201 2696 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:39:43.0233 2696 HDAudBus - ok
18:39:43.0268 2696 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:39:43.0324 2696 HidBth - ok
18:39:43.0360 2696 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:39:43.0415 2696 HidIr - ok
18:39:43.0459 2696 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
18:39:43.0484 2696 HidUsb - ok
18:39:43.0525 2696 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:39:43.0535 2696 HpCISSs - ok
18:39:43.0587 2696 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
18:39:43.0685 2696 HTTP - ok
18:39:43.0807 2696 hwdatacard - ok
18:39:43.0847 2696 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:39:43.0859 2696 i2omp - ok
18:39:43.0931 2696 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:39:43.0993 2696 i8042prt - ok
18:39:44.0171 2696 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:39:44.0192 2696 iaStorV - ok
18:39:44.0381 2696 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:39:44.0949 2696 igfx - ok
18:39:45.0114 2696 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:39:45.0136 2696 iirsp - ok
18:39:45.0212 2696 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:39:45.0233 2696 intelide - ok
18:39:45.0273 2696 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:39:45.0342 2696 intelppm - ok
18:39:45.0535 2696 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:39:45.0593 2696 IpFilterDriver - ok
18:39:45.0637 2696 IpInIp - ok
18:39:45.0697 2696 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:39:45.0826 2696 IPMIDRV - ok
18:39:45.0956 2696 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:39:45.0984 2696 IPNAT - ok
18:39:46.0038 2696 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:39:46.0063 2696 IRENUM - ok
18:39:46.0102 2696 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:39:46.0113 2696 isapnp - ok
18:39:46.0149 2696 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
18:39:46.0162 2696 iScsiPrt - ok
18:39:46.0196 2696 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:39:46.0206 2696 iteatapi - ok
18:39:46.0237 2696 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:39:46.0246 2696 iteraid - ok
18:39:46.0291 2696 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:39:46.0301 2696 kbdclass - ok
18:39:46.0348 2696 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
18:39:46.0392 2696 kbdhid - ok
18:39:46.0582 2696 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
18:39:46.0608 2696 KSecDD - ok
18:39:46.0683 2696 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:39:46.0754 2696 lltdio - ok
18:39:46.0827 2696 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:39:46.0843 2696 LSI_FC - ok
18:39:46.0878 2696 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:39:46.0893 2696 LSI_SAS - ok
18:39:46.0927 2696 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:39:46.0943 2696 LSI_SCSI - ok
18:39:46.0995 2696 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:39:47.0063 2696 luafv - ok
18:39:47.0119 2696 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:39:47.0133 2696 megasas - ok
18:39:47.0198 2696 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:39:47.0253 2696 Modem - ok
18:39:47.0342 2696 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:39:47.0393 2696 monitor - ok
18:39:47.0446 2696 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:39:47.0456 2696 mouclass - ok
18:39:47.0568 2696 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:39:47.0595 2696 mouhid - ok
18:39:47.0662 2696 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:39:47.0672 2696 MountMgr - ok
18:39:47.0758 2696 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
18:39:47.0773 2696 MpFilter - ok
18:39:47.0846 2696 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:39:47.0861 2696 mpio - ok
18:39:47.0985 2696 MpKsl693575fb - ok
18:39:48.0020 2696 MpKsl997c9039 - ok
18:39:48.0053 2696 MpKslaef329bf - ok
18:39:48.0067 2696 MpKsld8941cee - ok
18:39:48.0097 2696 MpKsldb4fe0cf - ok
18:39:48.0111 2696 MpKslec531c9a - ok
18:39:48.0313 2696 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
18:39:48.0323 2696 MpNWMon - ok
18:39:48.0409 2696 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:39:48.0452 2696 mpsdrv - ok
18:39:48.0526 2696 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:39:48.0536 2696 Mraid35x - ok
18:39:48.0623 2696 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
18:39:48.0698 2696 MRxDAV - ok
18:39:48.0793 2696 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:39:48.0835 2696 mrxsmb - ok
18:39:48.0933 2696 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:39:48.0987 2696 mrxsmb10 - ok
18:39:49.0095 2696 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:39:49.0134 2696 mrxsmb20 - ok
18:39:49.0253 2696 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
18:39:49.0262 2696 msahci - ok
18:39:49.0300 2696 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:39:49.0311 2696 msdsm - ok
18:39:49.0499 2696 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
18:39:49.0525 2696 MSDV - ok
18:39:49.0582 2696 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:39:49.0609 2696 Msfs - ok
18:39:49.0674 2696 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:39:49.0683 2696 msisadrv - ok
18:39:49.0882 2696 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:39:49.0920 2696 MSKSSRV - ok
18:39:49.0999 2696 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:39:50.0063 2696 MSPCLOCK - ok
18:39:50.0093 2696 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:39:50.0152 2696 MSPQM - ok
18:39:50.0226 2696 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
18:39:50.0245 2696 MsRPC - ok
18:39:50.0287 2696 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:39:50.0301 2696 mssmbios - ok
18:39:50.0354 2696 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:39:50.0411 2696 MSTEE - ok
18:39:50.0464 2696 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
18:39:50.0478 2696 Mup - ok
18:39:50.0536 2696 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
18:39:50.0575 2696 NativeWifiP - ok
18:39:50.0968 2696 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
18:39:51.0057 2696 NDIS - ok
18:39:51.0241 2696 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:39:51.0286 2696 NdisTapi - ok
18:39:51.0390 2696 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:39:51.0455 2696 Ndisuio - ok
18:39:51.0540 2696 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
18:39:51.0611 2696 NdisWan - ok
18:39:51.0701 2696 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:39:51.0747 2696 NDProxy - ok
18:39:51.0830 2696 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:39:51.0899 2696 NetBIOS - ok
18:39:51.0985 2696 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
18:39:52.0058 2696 netbt - ok
18:39:52.0287 2696 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
18:39:53.0101 2696 NETw5v32 - ok
18:39:53.0246 2696 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:39:53.0261 2696 nfrd960 - ok
18:39:53.0316 2696 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:39:53.0330 2696 NisDrv - ok
18:39:53.0452 2696 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
18:39:53.0526 2696 Npfs - ok
18:39:53.0556 2696 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:39:53.0620 2696 nsiproxy - ok
18:39:53.0723 2696 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
18:39:53.0805 2696 Ntfs - ok
18:39:53.0883 2696 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:39:54.0002 2696 ntrigdigi - ok
18:39:54.0061 2696 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:39:54.0150 2696 Null - ok
18:39:54.0209 2696 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
18:39:54.0233 2696 nvraid - ok
18:39:54.0263 2696 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:39:54.0286 2696 nvstor - ok
18:39:54.0318 2696 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:39:54.0344 2696 nv_agp - ok
18:39:54.0360 2696 NwlnkFlt - ok
18:39:54.0384 2696 NwlnkFwd - ok
18:39:54.0448 2696 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
18:39:54.0529 2696 ohci1394 - ok
18:39:54.0693 2696 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:39:54.0750 2696 Parport - ok
18:39:54.0814 2696 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
18:39:54.0824 2696 partmgr - ok
18:39:54.0871 2696 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:39:54.0935 2696 Parvdm - ok
18:39:54.0983 2696 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
18:39:54.0996 2696 pci - ok
18:39:55.0020 2696 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
18:39:55.0030 2696 pciide - ok
18:39:55.0076 2696 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
18:39:55.0090 2696 pcmcia - ok
18:39:55.0179 2696 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:39:55.0365 2696 PEAUTH - ok
18:39:55.0560 2696 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\Windows\system32\drivers\pfc.sys
18:39:55.0581 2696 pfc ( UnsignedFile.Multi.Generic ) - warning
18:39:55.0581 2696 pfc - detected UnsignedFile.Multi.Generic (1)
18:39:55.0748 2696 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:39:55.0794 2696 PptpMiniport - ok
18:39:55.0845 2696 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:39:55.0915 2696 Processor - ok
18:39:55.0992 2696 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
18:39:56.0050 2696 PSched - ok
18:39:56.0188 2696 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:39:56.0323 2696 ql2300 - ok
18:39:56.0446 2696 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:39:56.0458 2696 ql40xx - ok
18:39:56.0555 2696 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:39:56.0575 2696 QWAVEdrv - ok
18:39:56.0635 2696 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:39:56.0671 2696 RasAcd - ok
18:39:56.0810 2696 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:39:56.0881 2696 Rasl2tp - ok
18:39:56.0946 2696 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
18:39:57.0015 2696 RasPppoe - ok
18:39:57.0066 2696 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
18:39:57.0138 2696 RasSstp - ok
18:39:57.0205 2696 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
18:39:57.0287 2696 rdbss - ok
18:39:57.0344 2696 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:39:57.0405 2696 RDPCDD - ok
18:39:57.0477 2696 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys
18:39:57.0544 2696 rdpdr - ok
18:39:57.0614 2696 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:39:57.0654 2696 RDPENCDD - ok
18:39:57.0714 2696 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
18:39:57.0763 2696 RDPWD - ok
18:39:57.0836 2696 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:39:57.0877 2696 rspndr - ok
18:39:57.0916 2696 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
18:39:57.0988 2696 RTL8169 - ok
18:39:58.0061 2696 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:39:58.0073 2696 sbp2port - ok
18:39:58.0245 2696 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
18:39:58.0289 2696 sdbus - ok
18:39:58.0345 2696 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:39:58.0424 2696 secdrv - ok
18:39:58.0470 2696 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:39:58.0538 2696 Serenum - ok
18:39:58.0563 2696 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:39:58.0634 2696 Serial - ok
18:39:58.0685 2696 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:39:58.0735 2696 sermouse - ok
18:39:58.0783 2696 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
18:39:58.0838 2696 sffdisk - ok
18:39:58.0869 2696 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:39:58.0933 2696 sffp_mmc - ok
18:39:58.0966 2696 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
18:39:59.0029 2696 sffp_sd - ok
18:39:59.0055 2696 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:39:59.0104 2696 sfloppy - ok
18:39:59.0147 2696 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:39:59.0158 2696 sisagp - ok
18:39:59.0187 2696 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:39:59.0197 2696 SiSRaid2 - ok
18:39:59.0224 2696 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:39:59.0235 2696 SiSRaid4 - ok
18:39:59.0287 2696 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
18:39:59.0344 2696 Smb - ok
18:39:59.0542 2696 smhwdev (5374802e32dc281e8441e2d68ee0f438) C:\Windows\system32\DRIVERS\smhwdev.sys
18:39:59.0604 2696 smhwdev - ok
18:39:59.0791 2696 smhwser (7838a9d808266e1e952eacba599c136f) C:\Windows\system32\DRIVERS\smhwser.sys
18:39:59.0844 2696 smhwser - ok
18:39:59.0924 2696 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:39:59.0945 2696 spldr - ok
18:40:00.0025 2696 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
18:40:00.0121 2696 srv - ok
18:40:00.0191 2696 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
18:40:00.0266 2696 srv2 - ok
18:40:00.0295 2696 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
18:40:00.0334 2696 srvnet - ok
18:40:00.0359 2696 StarOpen - ok
18:40:00.0408 2696 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:40:00.0417 2696 swenum - ok
18:40:00.0448 2696 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:40:00.0457 2696 Symc8xx - ok
18:40:00.0485 2696 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:40:00.0495 2696 Sym_hi - ok
18:40:00.0532 2696 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:40:00.0542 2696 Sym_u3 - ok
18:40:00.0647 2696 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
18:40:00.0777 2696 Tcpip - ok
18:40:00.0969 2696 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
18:40:01.0085 2696 Tcpip6 - ok
18:40:01.0151 2696 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
18:40:01.0178 2696 tcpipreg - ok
18:40:01.0278 2696 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:40:01.0329 2696 TDPIPE - ok
18:40:01.0366 2696 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:40:01.0416 2696 TDTCP - ok
18:40:01.0485 2696 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
18:40:01.0543 2696 tdx - ok
18:40:01.0602 2696 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
18:40:01.0613 2696 TermDD - ok
18:40:01.0682 2696 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys
18:40:01.0756 2696 tifm21 - ok
18:40:01.0874 2696 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
18:40:01.0905 2696 tosrfec - ok
18:40:01.0961 2696 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:40:02.0029 2696 tssecsrv - ok
18:40:02.0186 2696 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:40:02.0221 2696 tunmp - ok
18:40:02.0263 2696 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
18:40:02.0328 2696 tunnel - ok
18:40:02.0452 2696 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:40:02.0464 2696 TVALZ - ok
18:40:02.0540 2696 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:40:02.0556 2696 uagp35 - ok
18:40:02.0651 2696 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
18:40:02.0697 2696 udfs - ok
18:40:02.0762 2696 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:40:02.0777 2696 uliagpkx - ok
18:40:02.0815 2696 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:40:02.0836 2696 uliahci - ok
18:40:02.0866 2696 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:40:02.0877 2696 UlSata - ok
18:40:02.0914 2696 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:40:02.0926 2696 ulsata2 - ok
18:40:02.0963 2696 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:40:02.0999 2696 umbus - ok
18:40:03.0136 2696 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:40:03.0159 2696 usbccgp - ok
18:40:03.0230 2696 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:40:03.0298 2696 usbcir - ok
18:40:03.0362 2696 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
18:40:03.0396 2696 usbehci - ok
18:40:03.0430 2696 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
18:40:03.0484 2696 usbhub - ok
18:40:03.0549 2696 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:40:03.0625 2696 usbohci - ok
18:40:03.0678 2696 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:40:03.0730 2696 usbprint - ok
18:40:03.0809 2696 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:40:03.0860 2696 usbscan - ok
18:40:03.0897 2696 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:40:03.0949 2696 USBSTOR - ok
18:40:03.0986 2696 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:40:04.0023 2696 usbuhci - ok
18:40:04.0075 2696 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:40:04.0118 2696 usbvideo - ok
18:40:04.0174 2696 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:40:04.0267 2696 vga - ok
18:40:04.0326 2696 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:40:04.0389 2696 VgaSave - ok
18:40:04.0453 2696 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:40:04.0468 2696 viaagp - ok
18:40:04.0495 2696 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:40:04.0564 2696 ViaC7 - ok
18:40:04.0589 2696 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:40:04.0602 2696 viaide - ok
18:40:04.0653 2696 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:40:04.0668 2696 volmgr - ok
18:40:04.0738 2696 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
18:40:04.0762 2696 volmgrx - ok
18:40:04.0800 2696 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
18:40:04.0822 2696 volsnap - ok
18:40:04.0869 2696 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:40:04.0886 2696 vsmraid - ok
18:40:04.0933 2696 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:40:05.0012 2696 WacomPen - ok
18:40:05.0117 2696 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:40:05.0162 2696 Wanarp - ok
18:40:05.0168 2696 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:40:05.0188 2696 Wanarpv6 - ok
18:40:05.0257 2696 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:40:05.0266 2696 Wd - ok
18:40:05.0337 2696 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:40:05.0395 2696 Wdf01000 - ok
18:40:05.0510 2696 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
18:40:05.0575 2696 WmiAcpi - ok
18:40:05.0671 2696 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
18:40:05.0716 2696 WpdUsb - ok
18:40:05.0820 2696 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:40:05.0874 2696 ws2ifsl - ok
18:40:05.0980 2696 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:40:06.0036 2696 WUDFRd - ok
18:40:06.0059 2696 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:40:06.0177 2696 \Device\Harddisk0\DR0 - ok
18:40:06.0182 2696 Boot (0x1200) (22a53316fff913025d9a7a6b069fbed5) \Device\Harddisk0\DR0\Partition0
18:40:06.0184 2696 \Device\Harddisk0\DR0\Partition0 - ok
18:40:06.0185 2696 ============================================================
18:40:06.0185 2696 Scan finished
18:40:06.0185 2696 ============================================================
18:40:06.0203 3332 Detected object count: 3
18:40:06.0203 3332 Actual detected object count: 3
18:41:02.0765 3332 8ae10f ( HiddenFile.Multi.Generic ) - skipped by user
18:41:02.0765 3332 8ae10f ( HiddenFile.Multi.Generic ) - User select action: Skip
18:41:02.0767 3332 DfsC ( Rootkit.Win32.ZAccess.g ) - skipped by user
18:41:02.0767 3332 DfsC ( Rootkit.Win32.ZAccess.g ) - User select action: Skip
18:41:02.0768 3332 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
18:41:02.0768 3332 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip

ComboFix 11-10-19.04 - Doma 19.10.2011 21:00:09.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6001.1.1250.420.1029.18.2038.1381 [GMT 2:00]
Spuštěný z: c:\users\Doma\Desktop\turbina.com
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB7802$\2747154374
c:\windows\$NtUninstallKB7802$\9101583\@
c:\windows\$NtUninstallKB7802$\9101583\click.tlb
c:\windows\$NtUninstallKB7802$\9101583\L\vhtmwbun
c:\windows\$NtUninstallKB7802$\9101583\loader.tlb
c:\windows\$NtUninstallKB7802$\9101583\U\@00000001
c:\windows\$NtUninstallKB7802$\9101583\U\@000000c0
c:\windows\$NtUninstallKB7802$\9101583\U\@000000cb
c:\windows\$NtUninstallKB7802$\9101583\U\@000000cf
c:\windows\$NtUninstallKB7802$\9101583\U\@80000000
c:\windows\$NtUninstallKB7802$\9101583\U\@800000c0
c:\windows\$NtUninstallKB7802$\9101583\U\@800000cb
c:\windows\$NtUninstallKB7802$\9101583\U\@800000cf
c:\windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
c:\windows\assembly\GAC_MSIL\desktop.ini
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\security\Database\tmp.edb
c:\windows\system32\
c:\windows\$NtUninstallKB7802$ . . . . nemohl být smazán
.
Nakažená kopie c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\turbina\HarddiskVolumeShadowCopy9_!Windows!Microsoft.NET!Framework!v4.0.30319!mscorsvw.exe
.
c:\program files\Kooperativa\Services\KoopPDFServer.exe . . . je infikován!!
c:\program files\Kooperativa\Services\KoopPDFServer.exe . . . was deleted!! You should re-install the program it pertains to
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_8ae10f
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-19 do 2011-10-19 )))))))))))))))))))))))))))))))
.
.
2011-10-19 19:42 . 2011-10-19 19:48 -------- d-----w- c:\users\Doma\AppData\Local\temp
2011-10-19 19:42 . 2011-10-19 19:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-19 19:42 . 2011-10-19 19:42 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-10-19 17:28 . 2011-10-19 17:28 -------- d-----w- C:\$WINDOWS.~LS
2011-10-19 17:28 . 2011-10-19 17:28 -------- d-----w- C:\$WINDOWS.~BT
2011-10-19 12:26 . 2011-10-19 12:27 -------- d-----w- C:\rsit
2011-10-19 12:26 . 2011-10-19 12:26 -------- d-----w- c:\program files\trend micro
2011-10-19 09:55 . 2011-10-19 09:55 -------- d-----w- c:\program files\ESET
2011-10-19 08:33 . 2011-10-19 11:57 -------- d-----w- c:\program files\Cherry Dolls
2011-10-19 08:31 . 2011-10-19 08:31 -------- d-----w- c:\users\Doma\AppData\Roaming\Serif
2011-10-19 08:31 . 2011-10-19 08:31 -------- d-----w- c:\program files\Serif
2011-10-19 06:41 . 2011-10-19 06:41 -------- d-----w- c:\users\Doma\share
2011-10-14 08:23 . 2011-10-14 08:23 -------- d-----w- c:\program files\NeoTracePro
2011-10-14 07:58 . 2011-10-19 11:31 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-10-14 07:58 . 2011-10-19 11:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-10-13 11:15 . 2011-10-19 09:02 -------- d-----w- c:\programdata\AVAST Software
2011-10-13 11:15 . 2011-10-13 11:15 -------- d-----w- c:\program files\AVAST Software
2011-10-13 10:51 . 2011-09-12 14:14 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-13 10:50 . 2011-10-13 10:50 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7A2B923-78B8-4416-8C60-4D7D14C1D6FA}\offreg.dll
2011-10-13 10:50 . 2011-09-12 14:14 7269712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C7A2B923-78B8-4416-8C60-4D7D14C1D6FA}\mpengine.dll
2011-10-13 10:49 . 2011-10-13 10:49 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{146AEDCB-07AC-41DF-9ADC-03980F8FBFED}\gapaengine.dll
2011-10-13 10:49 . 2011-10-13 10:49 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D646879E-CE25-4F00-A7EE-7BC52DF56E49}\offreg.dll
2011-10-13 10:49 . 2011-09-12 14:14 7269712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D646879E-CE25-4F00-A7EE-7BC52DF56E49}\mpengine.dll
2011-10-13 10:41 . 2011-10-13 10:42 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-13 10:23 . 2011-10-19 10:21 -------- d-sh--w- c:\users\Doma\AppData\Local\008ae10f
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 09:42 . 2008-07-07 07:00 17659 ----a-w- c:\windows\system32\drivers\InetLock.sys
2011-09-11 08:14 . 2011-09-11 08:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 2153472]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-03-16 198160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-3-11 2464768]
.
c:\users\Doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-3-11 2464768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2011-3-8 50848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [x]
R1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [x]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [x]
R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\smhwadb.sys [2009-12-24 25728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4191211530-3450770138-195522447-1000Core.job
- c:\users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-25 18:22]
.
2011-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4191211530-3450770138-195522447-1000UA.job
- c:\users\Doma\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-25 18:22]
.
.
------- Doplňkový sken -------
.
IE: &NeoTrace It! - c:\progra~1\NEOTRA~1\NTXcontext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: pps.tv
Trusted Zone: ppstream.com
Trusted Zone: webscache.com
TCP: DhcpNameServer = 83.240.0.214 192.168.0.1
FF - ProfilePath - c:\users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\01vv8b62.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: Firesizer: {04426594-bce6-4705-b811-bcdba2fd9c7b} - %profile%\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 - c:\program files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\CNAB4RPK.EXE
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-10-19 21:55:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-19 19:55
.
Před spuštěním: Volných bajtů: 34 832 924 672
Po spuštění: Volných bajtů: 34 666 475 520
.
- - End Of File - - 2349643D1F877F66F769E8B3CD8E30BA

SystemLook 30.07.11 by jpshortstuff
Log created at 22:04 on 19/10/2011 by Doma
Administrator - Elevation successful

========== filefind ==========

Searching for "explorer.exe"
C:\Windows\explorer.exe --a---- 2927104 bytes [06:31 10/02/2011] [06:31 10/02/2011] 4F554999D7D5F05DAAEBBA7B5BA1089D
C:\Windows\ERDNT\cache\explorer.exe --a---- 2927104 bytes [19:53 19/10/2011] [06:31 10/02/2011] 4F554999D7D5F05DAAEBBA7B5BA1089D
C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe --a---- 2926592 bytes [09:23 24/02/2011] [06:27 11/04/2009] D07D4C3038F3578FFCE1C0237F2A1253
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe --a---- 2923520 bytes [08:47 02/11/2006] [09:45 02/11/2006] FD8C53FB002217F6F888BCF6F5D7084D
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe --a---- 2923520 bytes [21:23 10/02/2011] [21:23 10/02/2011] 6D06CD98D954FE87FB2DB8108793B399
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe --a---- 2923520 bytes [06:31 10/02/2011] [06:31 10/02/2011] 37440D09DEAE0B672A04DCCF7ABF06BE
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe --a---- 2923520 bytes [21:23 10/02/2011] [21:23 10/02/2011] BD06F0BF753BC704B653C3A50F89D362
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe --a---- 2923520 bytes [06:31 10/02/2011] [06:31 10/02/2011] E7156B0B74762D9DE0E66BDCDE06E5FB
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe --a---- 2927104 bytes [08:37 12/02/2011] [07:33 19/01/2008] FFA764631CB70A30065C12EF8E174F9F
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe --a---- 2927104 bytes [06:31 10/02/2011] [06:31 10/02/2011] 4F554999D7D5F05DAAEBBA7B5BA1089D
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe --a---- 2927616 bytes [06:31 10/02/2011] [06:31 10/02/2011] 50BA5850147410CDE89C523AD3BC606E

-= EOF =-