Více spuštěných procesů iexplore.exe

[sccotty]

Dobrý den.
Mám prosbu a dotaz zároveň.
Po spuštění prohlížeče Internet explorer se mi ve správci úloh spustí více procesů iexporer.exe,někdy dva i více najednou jejichž využití paměti je u jednoho kolem 3500 kb a další dosahují 70000 kb.Využití CPU je i přes 50% a stránkovací soubor někdy i 1,50 GB.
Prosím o radu a pomoc jak tomuto zabránit.Děkuji.

[Rudy]

Iexplore.exe se spustí tolikrát, kolik je otevřeno oken IE. Pokud máte otevřeno pouze jedno okno a věží více procesů iexplore, dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

[sccotty]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2012-01-07 11:57:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 204 GB (67%) free of 305 GB
Total RAM: 3326 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:58:00, on 7.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSHDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Petr\Dokumenty\Software\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [SmartSync - ScheduleSync] "C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-606747145-1085031214-839522115-1005\..\Run: [CTFMON.EXE] "C:\WINDOWS\system32\CTFMON.EXE" (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4062279062
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

--
End of file - 10176 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1085031214-839522115-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1085031214-839522115-1004.job
C:\WINDOWS\tasks\Scheduled scanning task.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\yicipq9c.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"litmus-ff@f-secure.com"=C:\Program Files\F-Secure\NRS\litmus-ff@f-secure.com
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-15 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll [2011-12-08 548552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll [2011-12-08 548552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2011-09-12 201384]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2011-09-12 1655464]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-10-15 273528]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"SmartSync - ScheduleSync"=C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE [2006-07-21 45056]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2011-10-24 421888]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-22 3621040]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-13 190768]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-10-08 16744256]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2011-10-08 1632360]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2000-01-01 20055144]
"ADUserMon"=C:\Program Files\Iomega\AutoDisk\ADUserMon.exe [2002-09-24 147456]
"Iomega Drive Icons"=C:\Program Files\Iomega\DriveIcons\ImgIcon.exe [2002-08-13 86016]
"Deskup"=C:\Program Files\Iomega\DriveIcons\deskup.exe [2002-07-16 32768]
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2011-10-08 4441944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-01-07 11:57:53 ----D---- C:\Program Files\trend micro
2012-01-07 11:57:52 ----D---- C:\rsit
2012-01-07 11:50:23 ----D---- C:\WINDOWS\LastGood
2012-01-05 10:04:11 ----D---- C:\Program Files\Auran
2012-01-04 11:55:05 ----A---- C:\WINDOWS\system32\xvidcore.dll
2012-01-04 11:32:12 ----D---- C:\Program Files\E.M. PowerPoint Video Converter
2012-01-02 15:54:48 ----SHD---- C:\Config.Msi
2012-01-02 11:38:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easy Driver Pro
2012-01-02 11:27:16 ----A---- C:\WINDOWS\system32\drivers\ppa3.sys
2012-01-02 11:26:49 ----D---- C:\Documents and Settings\Petr\Data aplikací\Active Disk
2012-01-02 11:19:05 ----A---- C:\WINDOWS\unvise32.exe
2012-01-02 11:11:37 ----D---- C:\Program Files\Iomega
2012-01-02 07:51:43 ----A---- C:\WINDOWS\system32\javaws.exe
2012-01-02 07:51:43 ----A---- C:\WINDOWS\system32\javaw.exe
2012-01-02 07:51:43 ----A---- C:\WINDOWS\system32\java.exe
2012-01-02 07:16:42 ----D---- C:\Program Files\Intel
2012-01-02 07:16:42 ----A---- C:\WINDOWS\system32\CSVer.dll
2012-01-02 07:15:48 ----D---- C:\Intel
2011-12-30 19:57:55 ----D---- C:\Documents and Settings\Petr\Data aplikací\NVIDIA
2011-12-30 19:49:07 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2011-12-30 19:49:06 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2011-12-30 19:48:09 ----D---- C:\NVIDIA
2011-12-30 18:56:38 ----D---- C:\Program Files\N3V Games
2011-12-25 08:40:51 ----A---- C:\WINDOWS\system32\btrez.dll
2011-12-25 08:17:38 ----D---- C:\Program Files\WIDCOMM
2011-12-24 09:14:13 ----D---- C:\Program Files\Conduit
2011-12-24 09:14:09 ----D---- C:\Documents and Settings\Petr\Data aplikací\All Free 3GP Video Converter
2011-12-24 09:14:01 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2011-12-24 09:14:01 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2011-12-24 09:14:01 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2011-12-24 09:14:01 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2011-12-24 09:14:01 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2011-12-24 09:14:01 ----A---- C:\WINDOWS\system32\msvcr70.dll
2011-12-24 09:13:59 ----D---- C:\Program Files\All Free 3GP Video Converter
2011-12-22 20:09:38 ----A---- C:\WINDOWS\system32\msxml3a.dll
2011-12-22 20:06:39 ----D---- C:\Program Files\Trend
2011-12-18 10:48:46 ----A---- C:\WINDOWS\msxml3r.dll
2011-12-18 10:48:45 ----A---- C:\WINDOWS\msxml3a.dll
2011-12-18 10:48:45 ----A---- C:\WINDOWS\msxml3.dll
2011-12-10 08:41:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess

======List of files/folders modified in the last 1 month======

2012-01-07 11:57:53 ----RD---- C:\Program Files
2012-01-07 11:57:43 ----SD---- C:\WINDOWS\Tasks
2012-01-07 11:50:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-01-07 11:50:35 ----HD---- C:\WINDOWS\inf
2012-01-07 11:50:23 ----D---- C:\WINDOWS
2012-01-07 11:08:03 ----D---- C:\WINDOWS\Temp
2012-01-06 21:21:34 ----D---- C:\Documents and Settings\Petr\Data aplikací\Skype
2012-01-06 13:49:14 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-06 13:16:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-06 11:41:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2012-01-06 06:14:17 ----D---- C:\Documents and Settings\Petr\Data aplikací\SoftGrid Client
2012-01-05 19:30:29 ----D---- C:\Documents and Settings\Petr\Data aplikací\ICQ
2012-01-04 11:55:13 ----SHD---- C:\WINDOWS\Installer
2012-01-04 11:55:13 ----D---- C:\WINDOWS\WinSxS
2012-01-04 11:55:06 ----D---- C:\WINDOWS\system32
2012-01-04 11:48:25 ----SD---- C:\Documents and Settings\Petr\Data aplikací\Microsoft
2012-01-04 11:32:19 ----RSD---- C:\WINDOWS\Fonts
2012-01-02 17:21:44 ----D---- C:\Documents and Settings\Petr\Data aplikací\vlc
2012-01-02 16:29:36 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-01-02 16:04:24 ----D---- C:\WINDOWS\system32\config
2012-01-02 11:38:55 ----RSD---- C:\WINDOWS\assembly
2012-01-02 11:29:56 ----D---- C:\WINDOWS\system32\drivers
2012-01-02 11:27:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-02 07:51:39 ----D---- C:\Program Files\Java
2012-01-02 07:49:30 ----D---- C:\Program Files\Mozilla Firefox
2012-01-02 07:37:51 ----D---- C:\WINDOWS\system32\RTCOM
2012-01-02 07:37:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-01-02 07:17:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-01-02 07:02:58 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-02 06:51:10 ----D---- C:\WINDOWS\Logs
2012-01-02 03:04:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-31 20:52:12 ----D---- C:\Program Files\SUPERAntiSpyware
2011-12-31 18:30:25 ----D---- C:\WINDOWS\system32\DirectX
2011-12-30 19:49:26 ----D---- C:\Program Files\NVIDIA Corporation
2011-12-30 19:42:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-12-30 19:33:33 ----D---- C:\Documents and Settings\Petr\Data aplikací\Mozilla
2011-12-25 09:20:47 ----D---- C:\Program Files\Common Files\Nokia
2011-12-25 09:20:46 ----D---- C:\Program Files\Nokia
2011-12-25 09:19:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2011-12-25 07:41:00 ----D---- C:\Program Files\CCleaner
2011-12-24 09:36:21 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-24 09:32:24 ----A---- C:\WINDOWS\system32\BtwRSupport.dll
2011-12-22 20:06:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-20 11:53:29 ----D---- C:\Program Files\F-Secure
2011-12-18 07:00:07 ----D---- C:\WINDOWS\Debug
2011-12-18 06:57:47 ----D---- C:\Program Files\SlimCleaner
2011-12-15 11:26:39 ----D---- C:\Program Files\Internet Explorer
2011-12-15 11:26:26 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-15 11:24:22 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-10 08:35:50 ----D---- C:\Documents and Settings\Petr\Data aplikací\Spy Emergency

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2011-09-12 42672]
R0 FSFW;F-Secure Firewall Driver; C:\WINDOWS\System32\drivers\fsdfw.sys [2011-09-12 82824]
R0 iomdisk;Iomega Devices Disk Filter Services; C:\WINDOWS\System32\DRIVERS\iomdisk.sys [2002-09-04 30258]
R0 ppa3;Iomega Parallel Port Legacy Filter Driver; C:\WINDOWS\system32\DRIVERS\ppa3.sys [2008-04-14 17664]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys [2011-04-21 14168]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 actser;actser; C:\WINDOWS\system32\drivers\actser.sys [2006-02-17 29184]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-11-29 399616]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-11-29 30299]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2004-11-29 1337850]
R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2004-11-29 30125]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-11-29 55320]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2000-01-01 6427240]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-10-08 12791488]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 Sftfs;Sftfs; C:\WINDOWS\system32\DRIVERS\Sftfsxp.sys [2010-09-14 581480]
R3 Sftplay;Sftplay; C:\WINDOWS\system32\DRIVERS\Sftplayxp.sys [2010-09-14 209640]
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys [2010-09-14 20584]
R3 Sftvol;Sftvol; C:\WINDOWS\system32\DRIVERS\Sftvolxp.sys [2010-09-14 18280]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\WINDOWS\System32\Drivers\spyemrg_guard.sys [2011-04-21 16216]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2005-09-12 15264]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 MpKslf94a6366;MpKslf94a6366; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{45658013-06E3-4842-A64C-79224A290E69}\MpKslf94a6366.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2000-01-01 1691480]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-11-29 148040]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2000-01-01 1395800]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; C:\WINDOWS\System32\Drivers\spyemrg_access.sys [2011-04-21 20056]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2005-09-12 47744]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-11-06 116608]
R2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; C:\Program Files\Iomega\AutoDisk\ADService.exe [2002-09-24 151552]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-11-29 254007]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2011-09-12 221864]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2011-09-12 189096]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-10-08 820568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-10-08 298304]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-08 2253120]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-09-28 482992]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2011-09-12 529064]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2011-09-12 61088]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2002-09-04 73728]
S2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 SpyEmrgSrv;Spy Emergency Engine Service; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [2011-08-16 2338000]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Nic nebezpečného nevidím. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[sccotty]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
www.malwarebytes.org

Verze databáze: v2012.01.07.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Petr :: HOME-PC [administrátor]

Ochrana: Povolena

7.1.2012 12:22:11
mbam-log-2012-01-07 (12-22-11).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 278885
Uplynulý čas: 1 hodin, 4 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Rudy]

Takže OK. Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[sccotty]

ComboFix 12-01-06.03 - Petr 07.01.2012 19:44:49.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3326.2755 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
AV: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: F-Secure Internet Security 2011 10.51 *Enabled* {D4747503-0346-49EB-9262-997542F79BF4}
SP: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {0651C4B0-1D7E-4682-B965-2E9523C483A5}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Petr\ntuser.tmp
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 18:05 . 2012-01-07 18:05 -------- d-----w- C:\Plocha
2012-01-07 15:32 . 2009-06-30 09:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2012-01-07 15:32 . 2012-01-07 15:32 -------- d-----w- c:\program files\Panda Security
2012-01-07 14:49 . 2012-01-07 14:56 -------- d-----w- c:\documents and settings\Petr\Data aplikací\QuickScan
2012-01-07 11:20 . 2012-01-07 11:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 1
2012-01-07 10:57 . 2012-01-07 10:58 -------- d-----w- c:\program files\trend micro
2012-01-07 10:57 . 2012-01-07 10:58 -------- d-----w- C:\rsit
2012-01-05 09:04 . 2012-01-05 09:04 -------- d-----w- c:\program files\Auran
2012-01-04 10:55 . 2008-11-20 10:07 438272 ----a-w- c:\windows\system32\Mpeg2DecFilter.ax
2012-01-04 10:55 . 2008-10-08 09:16 139264 ----a-w- c:\windows\system32\xvid.ax
2012-01-04 10:55 . 2008-10-08 08:25 606208 ----a-w- c:\windows\system32\xvidcore.dll
2012-01-04 10:47 . 2012-01-04 10:47 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\GHISLER
2012-01-04 10:32 . 2012-01-04 10:51 -------- d-----w- c:\program files\E.M. PowerPoint Video Converter
2012-01-02 10:38 . 2012-01-02 10:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Easy Driver Pro
2012-01-02 10:27 . 2008-04-13 23:11 17664 -c--a-w- c:\windows\system32\dllcache\ppa3.sys
2012-01-02 10:27 . 2008-04-13 23:11 17664 ----a-w- c:\windows\system32\drivers\ppa3.sys
2012-01-02 10:26 . 2012-01-06 20:48 -------- d-----w- c:\documents and settings\Petr\Data aplikací\Active Disk
2012-01-02 10:19 . 1999-12-17 09:13 86016 ----a-w- c:\windows\unvise32.exe
2012-01-02 10:11 . 2012-01-02 10:19 -------- d-----w- c:\program files\Iomega
2012-01-02 06:49 . 2012-01-02 06:49 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-02 06:49 . 2012-01-02 06:49 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-02 06:49 . 2012-01-02 06:49 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-02 06:49 . 2012-01-02 06:49 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-02 06:16 . 2012-01-02 06:16 -------- d-----w- c:\program files\Intel
2012-01-02 06:16 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-01-02 06:15 . 2012-01-02 06:15 -------- d-----w- C:\Intel
2011-12-30 18:57 . 2011-12-30 18:57 -------- d-----w- c:\documents and settings\Petr\Data aplikací\NVIDIA
2011-12-30 18:49 . 2011-10-08 04:50 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2011-12-30 18:49 . 2011-10-08 04:50 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2011-12-30 18:48 . 2011-12-30 18:48 -------- d-----w- C:\NVIDIA
2011-12-30 17:56 . 2011-12-30 17:56 -------- d-----w- c:\program files\N3V Games
2011-12-25 08:21 . 2011-12-25 08:21 73728 ----a-r- c:\documents and settings\Petr\Data aplikací\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2011-12-25 08:21 . 2011-12-25 08:21 73728 ----a-r- c:\documents and settings\Petr\Data aplikací\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2011-12-25 08:21 . 2011-12-25 08:21 53248 ----a-r- c:\documents and settings\Petr\Data aplikací\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe
2011-12-25 08:21 . 2011-12-25 08:21 49152 ----a-r- c:\documents and settings\Petr\Data aplikací\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2011-12-25 08:21 . 2011-12-25 08:21 49152 ----a-r- c:\documents and settings\Petr\Data aplikací\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2011-12-25 07:40 . 2005-05-31 13:10 3100672 ----a-w- c:\windows\system32\btrez.dll
2011-12-25 07:17 . 2011-12-25 07:17 -------- d-----w- c:\program files\WIDCOMM
2011-12-24 08:14 . 2011-12-24 08:14 -------- d-----w- c:\program files\Conduit
2011-12-24 08:14 . 2011-12-25 06:48 -------- d-----w- c:\documents and settings\Petr\Local Settings\Data aplikací\Conduit
2011-12-24 08:14 . 2011-12-24 08:14 -------- d-----w- c:\documents and settings\Petr\Data aplikací\All Free 3GP Video Converter
2011-12-24 08:14 . 2005-05-18 10:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2011-12-24 08:14 . 2005-05-17 11:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2011-12-24 08:14 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2011-12-24 08:14 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2011-12-24 08:14 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2011-12-24 08:14 . 2002-01-05 15:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2011-12-24 08:13 . 2011-12-24 08:14 -------- d-----w- c:\program files\All Free 3GP Video Converter
2011-12-22 19:09 . 2003-09-20 10:09 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-12-22 19:06 . 2011-12-22 19:06 -------- d-----w- c:\program files\Trend
2011-12-18 09:48 . 2003-09-20 09:09 44032 ----a-w- c:\windows\msxml3r.dll
2011-12-18 09:48 . 2003-09-20 09:09 24576 ----a-w- c:\windows\msxml3a.dll
2011-12-18 09:48 . 2003-09-20 09:09 1118720 ----a-w- c:\windows\msxml3.dll
2011-12-10 07:41 . 2011-12-10 07:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\boost_interprocess
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-24 08:32 . 2011-10-09 15:40 237568 ----a-w- c:\windows\system32\BtwRSupport.dll
2011-12-24 08:32 . 2011-10-09 15:40 93736 ----a-w- c:\windows\system32\drivers\btwsecfl.sys
2011-12-18 05:46 . 2011-08-22 15:28 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 14:24 . 2011-11-27 08:51 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-23 14:40 . 2006-03-02 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 04:54 . 2011-09-01 17:44 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-10 02:27 . 2011-09-01 17:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-04 19:13 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2006-03-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 10:37 . 2011-10-31 10:37 148736 ----a-w- c:\documents and settings\All Users\Data aplikací\hpe13.dll
2011-10-28 05:32 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2006-03-02 12:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2004-08-17 15:45 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-18 11:13 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-15 19:50 . 2011-10-15 19:50 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-10-15 19:50 . 2011-10-15 19:50 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-10-10 14:22 . 2011-08-21 17:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2012-01-02 06:49 . 2011-08-22 16:07 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2011-09-12 201384]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2011-09-12 1655464]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-10-15 273528]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"SpywareTerminatorUpdater"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-11-22 3621040]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2011-12-13 190768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 20055144]
"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]
"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware 1\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-11-29 569405]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [12.9.2011 16:46 42672]
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [12.9.2011 16:45 82824]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [7.1.2012 16:32 28552]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [12.9.2011 16:45 72520]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 22:55 67664]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [11.9.2011 1:31 32768]
R1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\drivers\spyemrg.sys [13.11.2011 11:41 14168]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [19.7.2011 1:02 116608]
R2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [20.10.2010 14:23 821664]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [3.11.2011 18:21 820568]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [24.8.2011 15:20 2253120]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [3.11.2011 20:04 140848]
R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [14.9.2010 4:46 508264]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [12.11.2011 8:46 482992]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [12.9.2011 16:45 148632]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [12.9.2011 16:45 61088]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [22.8.2011 15:07 44032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [27.11.2011 9:51 20464]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [31.10.2011 11:02 27632]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfsxp.sys [2.12.2009 21:23 581480]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplayxp.sys [2.12.2009 21:23 209640]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2.12.2009 21:23 20584]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolxp.sys [2.12.2009 21:23 18280]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [14.9.2010 4:46 219496]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;c:\windows\system32\drivers\spyemrg_guard.sys [13.11.2011 11:41 16216]
S1 MpKslf94a6366;MpKslf94a6366;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{45658013-06E3-4842-A64C-79224A290E69}\MpKslf94a6366.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{45658013-06E3-4842-A64C-79224A290E69}\MpKslf94a6366.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware 1\mbamservice.exe [7.1.2012 12:20 652872]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [31.10.2011 11:36 90112]
S2 SpyEmrgSrv;Spy Emergency Engine Service;c:\program files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [13.11.2011 11:41 2338000]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22.8.2011 15:06 1691480]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [31.10.2011 18:16 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [31.10.2011 18:16 8576]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 20:37 4640000]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [3.11.2011 18:21 30368]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [31.10.2011 11:37 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [31.10.2011 11:37 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [31.10.2011 11:37 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [31.10.2011 11:37 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [31.10.2011 11:37 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [31.10.2011 11:37 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [31.10.2011 11:37 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [31.10.2011 11:37 86824]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver;c:\windows\system32\drivers\spyemrg_access.sys [13.11.2011 11:41 20056]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [3.11.2011 18:21 16208]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [3.11.2011 18:21 239472]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-01-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1085031214-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40]
.
2012-01-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1085031214-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
TCP: DhcpNameServer = 192.168.111.1 77.48.254.254
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\yicipq9c.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-07 19:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD3200AAKS-00SBA0 rev.12.01B01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys iomdisk.sys hal.dll ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS
c:\docume~1\Petr\LOCALS~1\Temp\catchme.sys
c:\windows\system32\drivers\iomdisk.sys Iomega Corporation Microsoft(R) Windows NT(R) Operating System
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8AF04AB8]
3 CLASSPNP[0xB80E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8AF32AE0]
5 iomdisk[0xB8348BC3] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000073[0x8AF384F0]
7 ACPI[0xB7F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8AF0C940]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Parallel0.5 -> \??\LPTENUM#IMGVP0#5&322e237d&0&LPT1.5#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user & kernel MBR OK
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(504)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\program files\f-secure\hips\fshook32.dll
c:\program files\F-Secure\FWES\Program\fsdc32.dll
.
- - - - - - - > 'lsass.exe'(560)
c:\program files\F-Secure\FSPS\program\FSLSP.DLL
c:\program files\f-secure\hips\fshook32.dll
c:\program files\F-Secure\FWES\Program\fsdc32.dll
.
- - - - - - - > 'csrss.exe'(480)
c:\program files\F-Secure\FWES\Program\fsdc32.dll
.
Celkový čas: 2012-01-07 19:53:36
ComboFix-quarantined-files.txt 2012-01-07 18:53
.
Před spuštěním: Volných bajtů: 213 190 234 112
Po spuštění: Volných bajtů: 213 174 308 864
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - C0A2F427727FC3C67BF36F83D0831A98

[Rudy]

MBR sektor vypadá nějak divně. Stáhněte a rozbalte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Spusťte a nechte pracovat. Log sem zkopírujte.

[sccotty]

20:43:17.0912 0752 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:43:18.0100 0752 ============================================================
20:43:18.0100 0752 Current date / time: 2012/01/07 20:43:18.0100
20:43:18.0100 0752 SystemInfo:
20:43:18.0100 0752
20:43:18.0100 0752 OS Version: 5.1.2600 ServicePack: 3.0
20:43:18.0100 0752 Product type: Workstation
20:43:18.0100 0752 ComputerName: HOME-PC
20:43:18.0100 0752 UserName: Petr
20:43:18.0100 0752 Windows directory: C:\WINDOWS
20:43:18.0100 0752 System windows directory: C:\WINDOWS
20:43:18.0100 0752 Processor architecture: Intel x86
20:43:18.0100 0752 Number of processors: 2
20:43:18.0100 0752 Page size: 0x1000
20:43:18.0100 0752 Boot type: Normal boot
20:43:18.0100 0752 ============================================================
20:43:19.0162 0752 Initialize success
20:43:26.0006 3504 ============================================================
20:43:26.0006 3504 Scan started
20:43:26.0006 3504 Mode: Manual;
20:43:26.0006 3504 ============================================================
20:43:26.0928 3504 Abiosdsk - ok
20:43:26.0928 3504 abp480n5 - ok
20:43:26.0975 3504 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:43:26.0975 3504 ACPI - ok
20:43:27.0006 3504 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:43:27.0006 3504 ACPIEC - ok
20:43:27.0037 3504 actser (55c1a273a08e076a3bb7d080ffe06b06) C:\WINDOWS\system32\drivers\actser.sys
20:43:27.0037 3504 actser - ok
20:43:27.0037 3504 adpu160m - ok
20:43:27.0084 3504 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:43:27.0100 3504 aec - ok
20:43:27.0131 3504 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:43:27.0131 3504 AFD - ok
20:43:27.0147 3504 Aha154x - ok
20:43:27.0147 3504 aic78u2 - ok
20:43:27.0162 3504 aic78xx - ok
20:43:27.0162 3504 AliIde - ok
20:43:27.0240 3504 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
20:43:27.0240 3504 Ambfilt - ok
20:43:27.0256 3504 amsint - ok
20:43:27.0256 3504 asc - ok
20:43:27.0272 3504 asc3350p - ok
20:43:27.0272 3504 asc3550 - ok
20:43:27.0303 3504 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:43:27.0303 3504 AsyncMac - ok
20:43:27.0334 3504 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:43:27.0334 3504 atapi - ok
20:43:27.0334 3504 Atdisk - ok
20:43:27.0365 3504 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:43:27.0365 3504 Atmarpc - ok
20:43:27.0397 3504 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:43:27.0397 3504 audstub - ok
20:43:27.0428 3504 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:43:27.0428 3504 Beep - ok
20:43:27.0475 3504 btaudio (5d0ba6d229996a5f640f571ad478e532) C:\WINDOWS\system32\drivers\btaudio.sys
20:43:27.0475 3504 btaudio - ok
20:43:27.0490 3504 BTDriver (0cd9a9aadabe621b3872e54283cd4bee) C:\WINDOWS\system32\DRIVERS\btport.sys
20:43:27.0490 3504 BTDriver - ok
20:43:27.0553 3504 BTKRNL (b637f1d425e13c206ef3c2028dd72e6a) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
20:43:27.0553 3504 BTKRNL - ok
20:43:27.0584 3504 BTSERIAL (ca33ae514a49105f2b6b9bd48c49d4de) C:\WINDOWS\system32\drivers\btserial.sys
20:43:27.0584 3504 BTSERIAL - ok
20:43:27.0600 3504 BTSLBCSP (2718bb436b801b32b3bce8b1ee23968d) C:\WINDOWS\system32\drivers\btslbcsp.sys
20:43:27.0600 3504 BTSLBCSP - ok
20:43:27.0631 3504 BTWDNDIS (59a6c89408366364ad3d8ab66c771bd5) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
20:43:27.0631 3504 BTWDNDIS - ok
20:43:27.0662 3504 btwmodem (cb66cd60bd2e82507d9ec84d683d39ce) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
20:43:27.0662 3504 btwmodem - ok
20:43:27.0678 3504 BTWUSB (a93097a2962b14809939ff3259684327) C:\WINDOWS\system32\Drivers\btwusb.sys
20:43:27.0678 3504 BTWUSB - ok
20:43:27.0803 3504 catchme - ok
20:43:27.0818 3504 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:43:27.0818 3504 cbidf2k - ok
20:43:27.0834 3504 cd20xrnt - ok
20:43:27.0850 3504 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:43:27.0850 3504 Cdaudio - ok
20:43:27.0865 3504 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:43:27.0865 3504 Cdfs - ok
20:43:27.0881 3504 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:43:27.0881 3504 Cdrom - ok
20:43:27.0897 3504 Changer - ok
20:43:27.0912 3504 CmdIde - ok
20:43:27.0928 3504 Cpqarray - ok
20:43:27.0928 3504 dac2w2k - ok
20:43:27.0943 3504 dac960nt - ok
20:43:27.0959 3504 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:43:27.0959 3504 Disk - ok
20:43:27.0990 3504 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
20:43:27.0990 3504 dmboot - ok
20:43:28.0022 3504 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
20:43:28.0022 3504 dmio - ok
20:43:28.0037 3504 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:43:28.0037 3504 dmload - ok
20:43:28.0068 3504 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:43:28.0068 3504 DMusic - ok
20:43:28.0068 3504 dpti2o - ok
20:43:28.0084 3504 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:43:28.0084 3504 drmkaud - ok
20:43:28.0193 3504 F-Secure Gatekeeper (29d12e1e45d93b45d2598e2663bbeff4) C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys
20:43:28.0193 3504 F-Secure Gatekeeper - ok
20:43:28.0287 3504 F-Secure HIPS (91fc6a3c01a771a5aa65959a361c22c5) C:\Program Files\F-Secure\HIPS\drivers\fshs.sys
20:43:28.0287 3504 F-Secure HIPS - ok
20:43:28.0287 3504 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:43:28.0287 3504 Fastfat - ok
20:43:28.0334 3504 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:43:28.0334 3504 Fdc - ok
20:43:28.0397 3504 FileMonitor (f1fc45d2712d0aafee45a728fbe16062) C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
20:43:28.0397 3504 FileMonitor - ok
20:43:28.0428 3504 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
20:43:28.0428 3504 Fips - ok
20:43:28.0443 3504 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:43:28.0443 3504 Flpydisk - ok
20:43:28.0459 3504 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:43:28.0459 3504 FltMgr - ok
20:43:28.0475 3504 fsbts (343786e182b9c9ae3066e00dec650f50) C:\WINDOWS\system32\Drivers\fsbts.sys
20:43:28.0475 3504 fsbts - ok
20:43:28.0490 3504 FSFW (b7feb06217a421ffd9eee6604e60f903) C:\WINDOWS\system32\drivers\fsdfw.sys
20:43:28.0490 3504 FSFW - ok
20:43:28.0506 3504 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:43:28.0506 3504 Fs_Rec - ok
20:43:28.0537 3504 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:43:28.0537 3504 Ftdisk - ok
20:43:28.0537 3504 gdrv - ok
20:43:28.0553 3504 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:43:28.0553 3504 Gpc - ok
20:43:28.0568 3504 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:43:28.0568 3504 HDAudBus - ok
20:43:28.0584 3504 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:43:28.0584 3504 hidusb - ok
20:43:28.0600 3504 hpn - ok
20:43:28.0647 3504 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:43:28.0647 3504 HTTP - ok
20:43:28.0662 3504 i2omgmt - ok
20:43:28.0662 3504 i2omp - ok
20:43:28.0678 3504 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:43:28.0678 3504 i8042prt - ok
20:43:28.0693 3504 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:43:28.0693 3504 Imapi - ok
20:43:28.0693 3504 ini910u - ok
20:43:28.0928 3504 IntcAzAudAddService (440317795d6f9af27bf305036ad43d1d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:43:28.0975 3504 IntcAzAudAddService - ok
20:43:28.0990 3504 IntelIde - ok
20:43:29.0006 3504 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:43:29.0006 3504 intelppm - ok
20:43:29.0037 3504 iomdisk (9d7069d72c0c72952f05e1688a5ae89d) C:\WINDOWS\system32\DRIVERS\iomdisk.sys
20:43:29.0037 3504 iomdisk - ok
20:43:29.0053 3504 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:43:29.0053 3504 Ip6Fw - ok
20:43:29.0084 3504 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:43:29.0084 3504 IpFilterDriver - ok
20:43:29.0100 3504 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:43:29.0100 3504 IpInIp - ok
20:43:29.0115 3504 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:43:29.0115 3504 IpNat - ok
20:43:29.0147 3504 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:43:29.0147 3504 IPSec - ok
20:43:29.0162 3504 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:43:29.0162 3504 IRENUM - ok
20:43:29.0193 3504 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:43:29.0193 3504 isapnp - ok
20:43:29.0193 3504 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:43:29.0193 3504 Kbdclass - ok
20:43:29.0225 3504 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:43:29.0225 3504 kbdhid - ok
20:43:29.0256 3504 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:43:29.0256 3504 kmixer - ok
20:43:29.0287 3504 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:43:29.0287 3504 KSecDD - ok
20:43:29.0303 3504 L1c (96478fe91c5a37c673ebe3da87c1a115) C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
20:43:29.0303 3504 L1c - ok
20:43:29.0334 3504 Lavasoft Kernexplorer - ok
20:43:29.0350 3504 lbrtfdc - ok
20:43:29.0397 3504 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
20:43:29.0397 3504 MBAMProtector - ok
20:43:29.0412 3504 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:43:29.0412 3504 mnmdd - ok
20:43:29.0443 3504 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
20:43:29.0443 3504 Modem - ok
20:43:29.0490 3504 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
20:43:29.0506 3504 Monfilt - ok
20:43:29.0522 3504 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:43:29.0537 3504 Mouclass - ok
20:43:29.0537 3504 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:43:29.0537 3504 mouhid - ok
20:43:29.0553 3504 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:43:29.0553 3504 MountMgr - ok
20:43:29.0631 3504 MpKslf94a6366 - ok
20:43:29.0631 3504 mraid35x - ok
20:43:29.0647 3504 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:43:29.0647 3504 MRxDAV - ok
20:43:29.0678 3504 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:43:29.0678 3504 Msfs - ok
20:43:29.0709 3504 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:43:29.0709 3504 MSKSSRV - ok
20:43:29.0725 3504 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:43:29.0725 3504 MSPCLOCK - ok
20:43:29.0725 3504 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:43:29.0725 3504 MSPQM - ok
20:43:29.0740 3504 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:43:29.0740 3504 mssmbios - ok
20:43:29.0772 3504 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:43:29.0772 3504 Mup - ok
20:43:29.0803 3504 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:43:29.0803 3504 NDIS - ok
20:43:29.0834 3504 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:43:29.0834 3504 NdisTapi - ok
20:43:29.0850 3504 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:43:29.0865 3504 Ndisuio - ok
20:43:29.0865 3504 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:43:29.0865 3504 NdisWan - ok
20:43:29.0881 3504 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:43:29.0881 3504 NDProxy - ok
20:43:29.0897 3504 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:43:29.0897 3504 NetBT - ok
20:43:29.0943 3504 nmwcd (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\WINDOWS\system32\drivers\ccdcmb.sys
20:43:29.0943 3504 nmwcd - ok
20:43:29.0959 3504 nmwcdc (8f2a94f991f8c73cec26b4b5620d1edc) C:\WINDOWS\system32\drivers\ccdcmbo.sys
20:43:29.0959 3504 nmwcdc - ok
20:43:29.0990 3504 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
20:43:29.0990 3504 nmwcdnsu - ok
20:43:30.0022 3504 nmwcdnsuc (faee7b61c6885b091cec1ff06da2e1ab) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
20:43:30.0022 3504 nmwcdnsuc - ok
20:43:30.0037 3504 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:43:30.0037 3504 Npfs - ok
20:43:30.0068 3504 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:43:30.0068 3504 Ntfs - ok
20:43:30.0100 3504 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:43:30.0100 3504 Null - ok
20:43:30.0397 3504 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:43:30.0475 3504 nv - ok
20:43:30.0506 3504 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:43:30.0522 3504 NwlnkFlt - ok
20:43:30.0522 3504 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:43:30.0522 3504 NwlnkFwd - ok
20:43:30.0553 3504 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
20:43:30.0553 3504 Parport - ok
20:43:30.0568 3504 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:43:30.0568 3504 PartMgr - ok
20:43:30.0584 3504 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
20:43:30.0584 3504 ParVdm - ok
20:43:30.0615 3504 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
20:43:30.0615 3504 pavboot - ok
20:43:30.0647 3504 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:43:30.0647 3504 pccsmcfd - ok
20:43:30.0678 3504 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
20:43:30.0678 3504 PCI - ok
20:43:30.0678 3504 PCIDump - ok
20:43:30.0709 3504 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:43:30.0709 3504 PCIIde - ok
20:43:30.0725 3504 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:43:30.0725 3504 Pcmcia - ok
20:43:30.0725 3504 PDCOMP - ok
20:43:30.0740 3504 PDFRAME - ok
20:43:30.0740 3504 PDRELI - ok
20:43:30.0756 3504 PDRFRAME - ok
20:43:30.0756 3504 perc2 - ok
20:43:30.0772 3504 perc2hib - ok
20:43:30.0881 3504 PfFilter (8512a7a19959218711f884eecc1dbaeb) C:\Program Files\IObit\Protected Folder\pffilter.sys
20:43:30.0881 3504 PfFilter - ok
20:43:31.0006 3504 ppa3 (c740d0cb238670629af1b740414a8f3c) C:\WINDOWS\system32\DRIVERS\ppa3.sys
20:43:31.0006 3504 ppa3 - ok
20:43:31.0131 3504 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:43:31.0131 3504 PptpMiniport - ok
20:43:31.0162 3504 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:43:31.0162 3504 PSched - ok
20:43:31.0178 3504 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:43:31.0178 3504 Ptilink - ok
20:43:31.0193 3504 ql1080 - ok
20:43:31.0193 3504 Ql10wnt - ok
20:43:31.0209 3504 ql12160 - ok
20:43:31.0209 3504 ql1240 - ok
20:43:31.0225 3504 ql1280 - ok
20:43:31.0240 3504 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:43:31.0240 3504 RasAcd - ok
20:43:31.0272 3504 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:43:31.0272 3504 Rasl2tp - ok
20:43:31.0272 3504 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:43:31.0272 3504 RasPppoe - ok
20:43:31.0287 3504 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:43:31.0287 3504 Raspti - ok
20:43:31.0303 3504 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:43:31.0303 3504 RDPCDD - ok
20:43:31.0334 3504 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
20:43:31.0334 3504 RDPWD - ok
20:43:31.0350 3504 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:43:31.0350 3504 redbook - ok
20:43:31.0397 3504 RegFilter (2ca761ce3abb7bbbb9c5519b2fb54f5e) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
20:43:31.0397 3504 RegFilter - ok
20:43:31.0412 3504 s0016bus (59509ad6cbc28f2c73056268985b3e48) C:\WINDOWS\system32\DRIVERS\s0016bus.sys
20:43:31.0428 3504 s0016bus - ok
20:43:31.0443 3504 s0016mdfl (b98c3a6f91f4fba285af9606a240c6b4) C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys
20:43:31.0443 3504 s0016mdfl - ok
20:43:31.0459 3504 s0016mdm (8a83426f4fb7b5212825d9de76368b1a) C:\WINDOWS\system32\DRIVERS\s0016mdm.sys
20:43:31.0475 3504 s0016mdm - ok
20:43:31.0490 3504 s0016mgmt (7a78bba97feb5e6d24c49e93a3bf7287) C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys
20:43:31.0490 3504 s0016mgmt - ok
20:43:31.0506 3504 s0016nd5 (34ef7b5f611957b73e7219dd5a222ad1) C:\WINDOWS\system32\DRIVERS\s0016nd5.sys
20:43:31.0506 3504 s0016nd5 - ok
20:43:31.0522 3504 s0016obex (36792935847143e4a3cda0dc87248487) C:\WINDOWS\system32\DRIVERS\s0016obex.sys
20:43:31.0522 3504 s0016obex - ok
20:43:31.0537 3504 s0016unic (927208754fb27fc3e7a659e77500c5d1) C:\WINDOWS\system32\DRIVERS\s0016unic.sys
20:43:31.0537 3504 s0016unic - ok
20:43:31.0568 3504 s0017bus (594ff5620661d1386475406e78cb6f2f) C:\WINDOWS\system32\DRIVERS\s0017bus.sys
20:43:31.0568 3504 s0017bus - ok
20:43:31.0600 3504 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:43:31.0600 3504 SASDIFSV - ok
20:43:31.0615 3504 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:43:31.0615 3504 SASKUTIL - ok
20:43:31.0631 3504 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:43:31.0631 3504 Secdrv - ok
20:43:31.0678 3504 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
20:43:31.0678 3504 seehcri - ok
20:43:31.0678 3504 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:43:31.0678 3504 serenum - ok
20:43:31.0725 3504 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
20:43:31.0740 3504 Serial - ok
20:43:31.0772 3504 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:43:31.0772 3504 Sfloppy - ok
20:43:31.0834 3504 Sftfs (44d20201a6c3fe4a634a559f8105f5b4) C:\WINDOWS\system32\DRIVERS\Sftfsxp.sys
20:43:31.0834 3504 Sftfs - ok
20:43:31.0881 3504 Sftplay (0e108d75f8db551669e5eb37cbf5bc02) C:\WINDOWS\system32\DRIVERS\Sftplayxp.sys
20:43:31.0881 3504 Sftplay - ok
20:43:31.0928 3504 Sftredir (65b31b4ba9efeace4dd95ed94051139f) C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys
20:43:31.0928 3504 Sftredir - ok
20:43:31.0928 3504 Sftvol (97604f605310f50dc49a2994c3264a42) C:\WINDOWS\system32\DRIVERS\Sftvolxp.sys
20:43:31.0943 3504 Sftvol - ok
20:43:31.0943 3504 Simbad - ok
20:43:31.0959 3504 Sparrow - ok
20:43:31.0975 3504 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:43:31.0975 3504 splitter - ok
20:43:32.0006 3504 SpyEmrg (edaef346de209f040d0c9f9effedf084) C:\WINDOWS\system32\Drivers\spyemrg.sys
20:43:32.0022 3504 SpyEmrg - ok
20:43:32.0037 3504 SpyEmrgAccess (5a1c84d84a07a3b6d389eba12c345ea4) C:\WINDOWS\system32\Drivers\spyemrg_access.sys
20:43:32.0037 3504 SpyEmrgAccess - ok
20:43:32.0053 3504 SpyEmrgGuard (9e91568feeb1c78f2f271fbc0f639365) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
20:43:32.0053 3504 SpyEmrgGuard - ok
20:43:32.0084 3504 sp_rsdrv2 (7b426b8e809edf081d771ef429345528) C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
20:43:32.0084 3504 sp_rsdrv2 - ok
20:43:32.0100 3504 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
20:43:32.0100 3504 sr - ok
20:43:32.0147 3504 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:43:32.0147 3504 Srv - ok
20:43:32.0162 3504 ss_bus (5a1d0ca8a5f1e7b4ec50b9d76c001f0e) C:\WINDOWS\system32\DRIVERS\ss_bus.sys
20:43:32.0162 3504 ss_bus - ok
20:43:32.0193 3504 ss_mdfl (f0a85580e36a3a85059037d39a9cf079) C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
20:43:32.0193 3504 ss_mdfl - ok
20:43:32.0225 3504 ss_mdm (84c3dbfd1bfa4adc0a950b3d5506cb00) C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
20:43:32.0225 3504 ss_mdm - ok
20:43:32.0318 3504 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
20:43:32.0318 3504 StarOpen - ok
20:43:32.0334 3504 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:43:32.0334 3504 swenum - ok
20:43:32.0350 3504 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:43:32.0350 3504 swmidi - ok
20:43:32.0365 3504 symc810 - ok
20:43:32.0365 3504 symc8xx - ok
20:43:32.0381 3504 sym_hi - ok
20:43:32.0381 3504 sym_u3 - ok
20:43:32.0397 3504 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:43:32.0397 3504 sysaudio - ok
20:43:32.0443 3504 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:43:32.0443 3504 Tcpip - ok
20:43:32.0475 3504 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:43:32.0475 3504 TDPIPE - ok
20:43:32.0506 3504 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:43:32.0506 3504 TDTCP - ok
20:43:32.0522 3504 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:43:32.0537 3504 TermDD - ok
20:43:32.0537 3504 TosIde - ok
20:43:32.0568 3504 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:43:32.0568 3504 Udfs - ok
20:43:32.0568 3504 ultra - ok
20:43:32.0600 3504 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:43:32.0600 3504 Update - ok
20:43:32.0631 3504 upperdev (ec01da44b090d2651fc032c8b9257232) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
20:43:32.0631 3504 upperdev - ok
20:43:32.0740 3504 UrlFilter (62551ba687f1d0f582810cfa37384bb0) C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
20:43:32.0740 3504 UrlFilter - ok
20:43:32.0756 3504 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:43:32.0756 3504 usbehci - ok
20:43:32.0787 3504 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:43:32.0787 3504 usbhub - ok
20:43:32.0803 3504 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
20:43:32.0803 3504 usbser - ok
20:43:32.0818 3504 UsbserFilt (4abd37cfbd710e64f01f9da8710c73f7) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
20:43:32.0818 3504 UsbserFilt - ok
20:43:32.0850 3504 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:43:32.0850 3504 USBSTOR - ok
20:43:32.0881 3504 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:43:32.0881 3504 usbuhci - ok
20:43:32.0881 3504 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:43:32.0881 3504 VgaSave - ok
20:43:32.0897 3504 ViaIde - ok
20:43:32.0912 3504 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
20:43:32.0912 3504 VolSnap - ok
20:43:32.0943 3504 vsbus (1c8a783e90c34d205596f1ab4a97e261) C:\WINDOWS\system32\DRIVERS\vsb.sys
20:43:32.0943 3504 vsbus - ok
20:43:32.0959 3504 vserial (3377daa1cb8cac46a538c236f5f3d58f) C:\WINDOWS\system32\DRIVERS\vserial.sys
20:43:32.0959 3504 vserial - ok
20:43:32.0990 3504 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:43:32.0990 3504 Wanarp - ok
20:43:33.0022 3504 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:43:33.0022 3504 Wdf01000 - ok
20:43:33.0037 3504 WDICA - ok
20:43:33.0068 3504 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:43:33.0068 3504 wdmaud - ok
20:43:33.0115 3504 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:43:33.0115 3504 WpdUsb - ok
20:43:33.0147 3504 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:43:33.0147 3504 WS2IFSL - ok
20:43:33.0178 3504 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:43:33.0178 3504 WudfPf - ok
20:43:33.0209 3504 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:43:33.0209 3504 WudfRd - ok
20:43:33.0240 3504 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
20:43:33.0381 3504 \Device\Harddisk0\DR0 - ok
20:43:33.0381 3504 Boot (0x1200) (e1a3bfdbddb1c56d6b1b878ff21383a0) \Device\Harddisk0\DR0\Partition0
20:43:33.0381 3504 \Device\Harddisk0\DR0\Partition0 - ok
20:43:33.0381 3504 ============================================================
20:43:33.0381 3504 Scan finished
20:43:33.0381 3504 ============================================================
20:43:33.0397 3016 Detected object count: 0
20:43:33.0397 3016 Actual detected object count: 0

[Rudy]

Toto je v pořádku. Nastala nějaká změna?

[sccotty]

Bohužel ne,jen jsem otevřel okno Internet explorer,tak se mi ve správcí úloh opět zobrazily dva spuštěné procesy iexplore.exe využití paměti 18480 kb a druhý má 58024 kb.Pokud jsem otevřel dalží záložku tak se otevřel další proces iexplore.exe takže u dvou záložek je využití paměti 19876 kb , 57304 kb , 22472 kb.Když jsem zavřel jednu záložku zůstaly ve správci úloh spuštěné všechny tři procesy.Po ukončení internet exporeru se procesy vyply postupně.

[Rudy]

Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log. Nikde nic není vidět.

[sccotty]

Nedaří se mi se vložit log,je to pěkně dlouhý výpis. Nevím jak jej sem vložit.Má velikost 53,5 MB.

[Rudy]

Pokud se nic nezměnilo, někam jej uložte a dejte odkaz.

[sccotty]

Moc se v tom nevyznám,ale zkusil jsem to :
https://skydrive.live.com/?cid=9969E569 ... 97BA%21105

jinak spouštění procesů iexplore.exe beze změn.