kontrola

Zpráva

Swiftik · #1 Příspěvek od **Swiftik** » 15 dub 2012 23:27

Prosim o kontrolu logu, v poslednom case je notebook neaky hlucny...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomi at 2012-04-16 00:25:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (5%) free of 150 GB
Total RAM: 3071 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:26:04, on 16.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Globe Software\StatBar\StatBar.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Tomi\Desktop\RSIT.exe
C:\Program Files\trend micro\Tomi.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.4\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.4\youtubedownloaderToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.4\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [StatBar] C:\Program Files\Globe Software\StatBar\StatBar.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9575861870
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bentley SELECT Server Gateway - Bentley Systems, Incorporated - C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe

--
End of file - 10937 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default

prefs.js - "extensions.enabledItems" - "{DDABDBA1-2377-4A30-A027-25697B99E254}:3.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, toolbar@ask.com:3.11.3.15590, personas@christopher.beard:1.6.2, sk@dictionaries.addons.mozilla.org:2.03.2, {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.3.3.2, firefox@tvunetworks.com:2, 5, 3, 1, cs@dictionaries.addons.mozilla.org:1.0.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, engine@conduit.com:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =937811&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\WINDOWS\system32\TVUAx\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\
battlefieldplay4free@ea.com
cs@dictionaries.addons.mozilla.org
engine@conduit.com
personas@christopher.beard
sk@dictionaries.addons.mozilla.org
staged
toolbar@ask.com
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-04-04 65952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-24 59272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-16 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\5.4\youtubedownloaderToolbarIE.dll [2012-04-12 1123680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\5.4\youtubedownloaderToolbarIE.dll [2012-04-12 1123680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2008-10-20 166456]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-24 159744]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-07-31 1343488]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-04-12 980832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StatBar"=C:\Program Files\Globe Software\StatBar\StatBar.exe [2003-07-25 335872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Časovač"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager]
C:\Program Files\Belkin Storage Manager\StorageManager.exe [2009-02-03 858624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk]
C:\PROGRA~1\Clarus\SAMSUN~1\ISFGuage.exe [2010-07-28 823296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Real-Time Daemon.lnk]
C:\PROGRA~1\Clarus\SAMSUN~1\ISFREA~1.EXE [2010-07-28 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Scheduler.lnk]
C:\PROGRA~1\Clarus\SAMSUN~1\ISFTIM~1.EXE [2010-07-28 102400]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Tomi\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-04-22 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe"="C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires III"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE"="C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE:*:Enabled:Need for Speed Underground 2"
"C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe"="C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:Need for Speed™ Most Wanted"
"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:aomx"
"C:\Program Files\Microsoft Games\Age of Mythology\aom.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aom.exe:*:Enabled:aom"
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe"="C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"C:\Program Files\Ultima Online 2D\Client_6.0.4.0.exe"="C:\Program Files\Ultima Online 2D\Client_6.0.4.0.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\Ultima Online 2D\Client_6.0.11.0.exe"="C:\Program Files\Ultima Online 2D\Client_6.0.11.0.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\Ultima Online 2D\Client.exe"="C:\Program Files\Ultima Online 2D\Client.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\UOAM\uoam.exe"="C:\Program Files\UOAM\uoam.exe:*:Enabled:Ultima Online's premier mapping tool."
"C:\Program Files\Counter-Strike\hl.exe"="C:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Tomi\Desktop\portable_programy_na_flashku\portable_programy_na_flashku_by_Hojas86\Internet\Phone\Skype.exe"="C:\Documents and Settings\Tomi\Desktop\portable_programy_na_flashku\portable_programy_na_flashku_by_Hojas86\Internet\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=serwvdrv.dll
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-04-14 22:44:55 ----D---- C:\Documents and Settings\Tomi\Application Data\Search Settings
2012-04-14 22:44:46 ----D---- C:\Program Files\YouTube Downloader Toolbar
2012-04-14 22:44:46 ----D---- C:\Program Files\Common Files\Spigot
2012-04-14 22:44:46 ----D---- C:\Program Files\Application Updater
2012-04-14 01:42:19 ----D---- C:\Documents and Settings\Tomi\Application Data\YouTube Downloader
2012-04-13 23:15:57 ----D---- C:\Documents and Settings\Tomi\Application Data\InterTrust
2012-04-13 22:39:12 ----D---- C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter
2012-04-12 00:05:35 ----D---- C:\Program Files\Yamicsoft
2012-04-11 22:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-04-06 14:50:36 ----D---- C:\Documents and Settings\Tomi\Application Data\AIMP3
2012-03-30 19:08:03 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-03-24 22:15:37 ----D---- C:\Program Files\Common Files\Java
2012-03-24 22:15:11 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-03-24 22:15:10 ----A---- C:\WINDOWS\system32\javaws.exe
2012-03-24 22:15:10 ----A---- C:\WINDOWS\system32\javaw.exe
2012-03-24 22:15:10 ----A---- C:\WINDOWS\system32\java.exe
2012-03-23 21:07:36 ----D---- C:\Casino

======List of files/folders modified in the last 1 month======

2012-04-16 00:25:52 ----D---- C:\WINDOWS\Prefetch
2012-04-16 00:25:48 ----D---- C:\Program Files\trend micro
2012-04-15 22:48:11 ----D---- C:\Program Files\QIP Infium
2012-04-15 22:25:54 ----D---- C:\Documents and Settings\Tomi\Application Data\Mumble
2012-04-15 22:09:23 ----D---- C:\WINDOWS\Temp
2012-04-15 13:12:23 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-15 10:03:42 ----D---- C:\WINDOWS
2012-04-15 02:53:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-15 00:48:21 ----D---- C:\Documents and Settings\Tomi\Application Data\uTorrent
2012-04-14 22:44:55 ----SHD---- C:\WINDOWS\Installer
2012-04-14 22:44:53 ----D---- C:\Config.Msi
2012-04-14 22:44:47 ----D---- C:\WINDOWS\WinSxS
2012-04-14 22:44:46 ----RD---- C:\Program Files
2012-04-14 22:44:46 ----D---- C:\Program Files\Common Files
2012-04-14 21:04:39 ----D---- C:\Program Files\UOAM
2012-04-14 15:50:07 ----D---- C:\WINDOWS\system32
2012-04-13 23:42:27 ----D---- C:\Program Files\Microsoft Games
2012-04-13 23:40:54 ----HD---- C:\WINDOWS\inf
2012-04-13 23:15:58 ----D---- C:\WINDOWS\system32\Adobe
2012-04-13 23:15:58 ----D---- C:\Program Files\Adobe
2012-04-13 23:15:57 ----D---- C:\Program Files\Common Files\Adobe
2012-04-13 22:39:08 ----D---- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
2012-04-13 22:39:00 ----D---- C:\Program Files\YouTube Downloader
2012-04-13 20:41:42 ----SHD---- C:\System Volume Information
2012-04-11 23:07:52 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-11 23:07:49 ----RSD---- C:\WINDOWS\assembly
2012-04-11 23:05:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-11 23:04:55 ----D---- C:\Program Files\Internet Explorer
2012-04-11 23:04:24 ----D---- C:\WINDOWS\ie8updates
2012-04-11 23:04:12 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-11 23:04:03 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-04-11 23:00:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-11 22:44:48 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-11 22:44:26 ----A---- C:\WINDOWS\imsins.BAK
2012-04-08 01:16:18 ----AD---- C:\Program Files\Ultima Online 2D
2012-04-07 14:36:15 ----A---- C:\WINDOWS\win.ini
2012-04-06 14:50:46 ----D---- C:\Program Files\AIMP2
2012-04-03 19:42:25 ----D---- C:\Program Files\wkokes_6_70
2012-03-31 03:11:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-03-30 19:08:05 ----SD---- C:\WINDOWS\Tasks
2012-03-28 22:19:43 ----RSD---- C:\WINDOWS\Fonts
2012-03-24 22:14:41 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-03-24 22:14:34 ----D---- C:\Program Files\Java
2012-03-23 18:30:49 ----D---- C:\Program Files\The KMPlayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-19 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-09-18 1326528]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-23 2880000]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-04-15 534440]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-04-15 990632]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384]
R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-03-27 47272]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mdf15;mdf15; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys []
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-03-31 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 mvd21;mvd21; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys []
R3 RTSTOR;USB Mass Storage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-10-25 46976]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-05 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-07-31 230464]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S3 akdcwcpx;akdcwcpx; C:\WINDOWS\system32\drivers\akdcwcpx.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-09-20 156392]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2008-03-03 43392]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2008-09-26 467028]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-04-12 784792]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-04-22 536576]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 Bentley SELECT Server Gateway;Bentley SELECT Server Gateway; C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe [2007-03-26 102400]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-14 342624]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-16 153376]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-02-06 75136]
R2 SZASSIST;SecretZone Assist Service; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R2 UxTuneUp;TuneUp rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-26 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-20 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-26 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 16 dub 2012 07:08

Zdravím.

Vydž minutku, na logu se intenzivně pracuje. Obrázek

#3 Příspěvek od **Mc_Murphy** » 16 dub 2012 07:31

No, máš to celkem zaliskané, takže kroky prováděj pečlivě.

Pokud je tam najdeš, odinstaluj YouTube Downloader Toolbar a ICQ Toolbar.

Potom fixni v HJT níže uvedené položky.

Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
Položky, které v seznamu nenajdeš, prostě přeskoč.
HJT najdeš zde: C:\Program Files\trend micro\Tomi.exe

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.4\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

Dále stáhni utilitu OTM z jednoho z těchto odkazů:

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
Adobe LM Service
AdobeFlashPlayerUpdateSvc
Application Updater
gupdate
gupdatem
JavaQuickStarterService
MBAMService
MBAMProtector
UxTuneUp

:Files
C:\Program Files\Application Updater
C:\Program Files\YouTube Downloader Toolbar
C:\Program Files\Common Files\Spigot
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\battlefieldplay4free@ea.com
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\staged
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\searchplugins\icqplugin.xml
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
"{F3FEE66E-E034-436a-86E4-9690573BEE8A}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 2"=-
"Adobe ARM"=-
"QuickTime Task"=-
"GrooveMonitor"=-
""=-
"SearchSettings"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StatBar"=-
"Časovač"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Real-Time Daemon.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Scheduler.lnk]

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

Swiftik · #4 Příspěvek od **Swiftik** » 16 dub 2012 22:56

All processes killed
========== COMMANDS ==========

Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1308865 bytes

User: Tomi
->Temp folder emptied: 298392550 bytes
->Temporary Internet Files folder emptied: 3435459049 bytes
->Java cache emptied: 14901767 bytes
->FireFox cache emptied: 602092030 bytes
->Google Chrome cache emptied: 235144561 bytes
->Flash cache emptied: 27062 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2902888 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 97152506 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4 470,00 mb

[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Tomi
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service Adobe LM Service stopped successfully!
Service Adobe LM Service deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service MBAMService stopped successfully!
Service MBAMService deleted successfully!
Error: Unable to stop service MBAMProtector!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector deleted successfully.
Service UxTuneUp stopped successfully!
Service UxTuneUp deleted successfully!
========== FILES ==========
File/Folder C:\Program Files\Application Updater not found.
File/Folder C:\Program Files\YouTube Downloader Toolbar not found.
File/Folder C:\Program Files\Common Files\Spigot not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\battlefieldplay4free@ea.com\plugins folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\battlefieldplay4free@ea.com\META-INF folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\battlefieldplay4free@ea.com folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\engine@conduit.com folder moved successfully.
File/Folder C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\staged not found.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-27-Apr-2011-20-27-51-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-20-Jul-2010-11-58-44-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Mar-2011-19-13-14-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-27-Mar-2011-10-14-32-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-24-Oct-2010-09-19-38-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-24-Jul-2010-11-02-50-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-17-Mar-2012-13-30-45-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-30-May-2011-19-09-02-GMT folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\modules folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} folder moved successfully.
C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\searchplugins\icqplugin.xml moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP106D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP109E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1183.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11B7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP265.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP42A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP470.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4FB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF1.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI14.tmp moved successfully.
C:\WINDOWS\Installer\MSI181B.tmp moved successfully.
C:\WINDOWS\Installer\MSI1B48.tmp moved successfully.
C:\WINDOWS\Installer\MSI63.tmp moved successfully.
C:\WINDOWS\Installer\MSI65.tmp moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Wireless Console 2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\StatBar deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Časovač deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Belkin Storage Manager\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Guage.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Real-Time Daemon.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^Samsung Auto Backup Scheduler.lnk\ deleted successfully.

OTM by OldTimer - Version 3.1.19.0 log created on 04162012_234342

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#5 Příspěvek od **Mc_Murphy** » 17 dub 2012 06:12

No, pěkně jsi to měl i zaneřáděné, fuj.

4,5 GB bordela vysypáno:

Total Files Cleaned = 4 470,00 mb

Jak je na tom počítač? Mělo by to být znatelně lepší nebo už úplně v pořádku. Udělej mi ale ještě pro jistotu scan s MBAM.

Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.

Proveď aktualizaci virové databáze.
V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
Předem nic nemaž!!
MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!

Swiftik · #6 Příspěvek od **Swiftik** » 17 dub 2012 14:32

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verzia databázy: v2012.04.17.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Tomi :: TOMAS [administrátor]

17.4.2012 11:25:10
mbam-log-2012-04-17 (15-31-15)2.txt

Typ kontroly: Úplná kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 425114
Uplynutý čas: 3 hod, 52 min, 53 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\32 Vegas Casino (PUP.Casino) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EuroGrand Casino (PUP.Casino) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\William Hill CASINO CLUB (PUP.Casino) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\32 Vegas Casino (Adware.21Nova) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 11
C:\Casino\21Nova Casino\_SetupCasino_5e6522_cs.exe (PUP.Casino) -> Žiadna úloha nevykonaná.
C:\Casino\EuroGrand Casino\_SetupCasino_51a653_cs.exe (PUP.Casino) -> Žiadna úloha nevykonaná.
C:\Casino\EuroGrand Casino\_SetupCasino_55d7d0_cs.exe (PUP.Casino) -> Žiadna úloha nevykonaná.
C:\Casino\William Hill CASINO CLUB\_SetupCasino_1975ab_cs.exe (PUP.Casino) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Tomi\Desktop\portable_programy_na_flashku\portable_programy_na_flashku_by_Hojas86\Photoshop CS3\CSDATA\1000000600002i\svchost.exe (Rootkit.Dropper) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Tomi\Desktop\portable_programy_na_flashku\portable_programy_na_flashku_by_Hojas86\Photoshop CS3\CSDATA\1000000b00002i\rundll32.exe (Rootkit.Dropper) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\Tomi\My Documents\Downloads\MGControl65.EXE (Virus.Sality) -> Žiadna úloha nevykonaná.
D:\Programy\ventrilo-2.1.4.exe (Trojan.Dropper) -> Žiadna úloha nevykonaná.
D:\Programy\eavsk\eavsk\MiNODLogin-3.8.1.2\ESET Antivirus License Finder (MiNODLogin) 3.8.1.2.exe (Riskware.KG) -> Žiadna úloha nevykonaná.
D:\Skola DVD\Zadania\Adobe Acrobat Pro 8.0\keygen.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
D:\Skola DVD\Zadania\MathType v5.2a\keygen.exe (Riskware.Keygen) -> Žiadna úloha nevykonaná.

(koniec)

#7 Příspěvek od **Mc_Murphy** » 17 dub 2012 15:13

Nálezy MBAMu dej všechny smazat.

Odinstaluj všechny tý krávoviny, co se týče Casina, Vegas a podobně - jak sám vidíš, je to samá havěť.

Pomaž z PC ty cracky, hlavně na ESETa - to u Tebe ještě jednou najdu a budeme mazat, to tu netrpíme!!

Stejně tak i ostatní cracky a keygeny!

A než kolem toho začneš pyskovat, tak pravděpodobně tam máš rootkit - zřejmě z toho cracku na Photoshop.

Až to smázneš, hoď mi sem znovu výsledný log z MBAM pro kontrolu - postup stejný jako předtím.

Swiftik · #8 Příspěvek od **Swiftik** » 20 dub 2012 19:11

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Verzia databázy: v2012.04.17.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Tomi :: TOMAS [administrátor]

20.4.2012 14:51:20
mbam-log-2012-04-20 (20-10-21)2.txt

Typ kontroly: Úplná kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 425821
Uplynutý čas: 3 hod, 52 min, 15 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 7
C:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135618.EXE (Virus.Sality) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135623.exe (Rootkit.Dropper) -> Žiadna úloha nevykonaná.
C:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135624.exe (Rootkit.Dropper) -> Žiadna úloha nevykonaná.
D:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135709.exe (Trojan.Dropper) -> Žiadna úloha nevykonaná.
D:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135710.exe (Riskware.Keygen) -> Žiadna úloha nevykonaná.
D:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135711.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
D:\System Volume Information\_restore{2C660F2F-C658-489D-AAC7-3D002D491E00}\RP394\A0135717.exe (Riskware.KG) -> Žiadna úloha nevykonaná.

(koniec)

#9 Příspěvek od **Mc_Murphy** » 21 dub 2012 06:47

Nálezy MBAMu dej smazat.

Podle tohoto návodu smaž body obnovy pro svůj počítač, v těch starých máš havěť. Nový zatím nevytvářej (čili nech vytváření bodů obnovy prozatím vypnuto)!!

Stáhni si TDSSKiller z tohoto odkazu.

Klikni na volbu Change parameters.
V obou oknech (Objects to scan i Additional options) zaklikni všechny možnosti = ve všech čtverečcích musí být fajfka!
Klikni na [OK].
Klikni na [Start Scan].
Po dokončení scanu se objeví okno, zkontroluj, zda-li je všude možnost Skip.
Pokud nebude možnost Skip primárně nastavena, překlikni na ni!!
Pokud máš opravdu všude Skip, klikni na [Continue].
Na disku, kde máš Windows (obvykle je to C:\) bude ve tvaru TDSSKiller.nějaká čísílka _log.txt log - jeho obsah mi sem vlož.

Swiftik · #10 Příspěvek od **Swiftik** » 21 dub 2012 20:27

21:24:45.0500 0728 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
21:24:45.0937 0728 ============================================================
21:24:45.0937 0728 Current date / time: 2012/04/21 21:24:45.0937
21:24:45.0937 0728 SystemInfo:
21:24:45.0937 0728
21:24:45.0937 0728 OS Version: 5.1.2600 ServicePack: 3.0
21:24:45.0937 0728 Product type: Workstation
21:24:45.0937 0728 ComputerName: TOMAS
21:24:45.0937 0728 UserName: Tomi
21:24:45.0937 0728 Windows directory: C:\WINDOWS
21:24:45.0937 0728 System windows directory: C:\WINDOWS
21:24:45.0937 0728 Processor architecture: Intel x86
21:24:45.0937 0728 Number of processors: 2
21:24:45.0937 0728 Page size: 0x1000
21:24:45.0937 0728 Boot type: Normal boot
21:24:45.0937 0728 ============================================================
21:24:47.0812 0728 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:24:47.0843 0728 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:24:50.0703 0728 \Device\Harddisk0\DR0:
21:24:50.0703 0728 MBR partitions:
21:24:50.0703 0728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x124FAAB4
21:24:50.0718 0728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x124FAB32, BlocksNum 0x12F2ECCE
21:24:50.0718 0728 \Device\Harddisk1\DR3:
21:24:50.0718 0728 MBR partitions:
21:24:50.0718 0728 \Device\Harddisk1\DR3\Partition0: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x3A384C01
21:24:50.0765 0728 C: <-> \Device\Harddisk0\DR0\Partition0
21:24:50.0812 0728 D: <-> \Device\Harddisk0\DR0\Partition1
21:24:50.0812 0728 K: <-> \Device\Harddisk1\DR3\Partition0
21:24:50.0828 0728 Initialize success
21:24:50.0828 0728 ============================================================
21:25:34.0937 3240 ============================================================
21:25:34.0937 3240 Scan started
21:25:34.0937 3240 Mode: Manual; SigCheck; TDLFS;
21:25:34.0937 3240 ============================================================
21:25:35.0437 3240 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
21:25:36.0484 3240 6to4 - ok
21:25:36.0593 3240 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
21:25:36.0671 3240 Aavmker4 - ok
21:25:36.0687 3240 Abiosdsk - ok
21:25:36.0718 3240 abp480n5 - ok
21:25:36.0750 3240 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:25:36.0937 3240 ACPI - ok
21:25:36.0984 3240 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:25:37.0156 3240 ACPIEC - ok
21:25:37.0203 3240 ACS (007e768dda852d0037817e5c415b883a) C:\WINDOWS\system32\acs.exe
21:25:37.0234 3240 ACS ( UnsignedFile.Multi.Generic ) - warning
21:25:37.0234 3240 ACS - detected UnsignedFile.Multi.Generic (1)
21:25:37.0234 3240 adpu160m - ok
21:25:37.0296 3240 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:25:37.0453 3240 aec - ok
21:25:37.0484 3240 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:25:37.0515 3240 AFD - ok
21:25:37.0562 3240 AgereModemAudio (efbc44fbd75e4f80bd927aebf6e7eade) C:\WINDOWS\system32\agrsmsvc.exe
21:25:37.0578 3240 AgereModemAudio - ok
21:25:37.0687 3240 AgereSoftModem (1cfeba39fc613e45b49d3eddfbcda289) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
21:25:37.0828 3240 AgereSoftModem - ok
21:25:37.0843 3240 Aha154x - ok
21:25:37.0859 3240 aic78u2 - ok
21:25:37.0875 3240 aic78xx - ok
21:25:37.0937 3240 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
21:25:38.0062 3240 Alerter - ok
21:25:38.0093 3240 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
21:25:38.0156 3240 ALG - ok
21:25:38.0171 3240 AliIde - ok
21:25:38.0187 3240 amsint - ok
21:25:38.0218 3240 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
21:25:38.0281 3240 AppMgmt - ok
21:25:38.0359 3240 AR5416 (7d53e5646ba23fd51296f7ef8979a000) C:\WINDOWS\system32\DRIVERS\athw.sys
21:25:38.0468 3240 AR5416 - ok
21:25:38.0484 3240 asc - ok
21:25:38.0500 3240 asc3350p - ok
21:25:38.0515 3240 asc3550 - ok
21:25:38.0593 3240 ASMMAP (7b4d08d2017ac06689d422e06c43f0aa) C:\Program Files\ATKGFNEX\ASMMAP.sys
21:25:38.0609 3240 ASMMAP - ok
21:25:38.0687 3240 ASNDIS5 (05a56c3156e1b6cc7bbd8e1d54d491f2) C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS
21:25:38.0718 3240 ASNDIS5 ( UnsignedFile.Multi.Generic ) - warning
21:25:38.0718 3240 ASNDIS5 - detected UnsignedFile.Multi.Generic (1)
21:25:38.0812 3240 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:25:38.0859 3240 aspnet_state - ok
21:25:38.0921 3240 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:25:38.0937 3240 aswFsBlk - ok
21:25:38.0953 3240 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
21:25:38.0968 3240 aswMon2 - ok
21:25:38.0984 3240 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
21:25:39.0000 3240 aswRdr - ok
21:25:39.0031 3240 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
21:25:39.0062 3240 aswSnx - ok
21:25:39.0125 3240 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
21:25:39.0156 3240 aswSP - ok
21:25:39.0187 3240 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
21:25:39.0218 3240 aswTdi - ok
21:25:39.0265 3240 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:25:39.0437 3240 AsyncMac - ok
21:25:39.0453 3240 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:25:39.0593 3240 atapi - ok
21:25:39.0609 3240 Atdisk - ok
21:25:39.0656 3240 Ati HotKey Poller (795b413bee60a410d831946043d228c9) C:\WINDOWS\system32\Ati2evxx.exe
21:25:39.0781 3240 Ati HotKey Poller - ok
21:25:39.0953 3240 ati2mtag (e168986d07d7c41f63677eea5dd3f95b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:25:40.0062 3240 ati2mtag - ok
21:25:40.0171 3240 ATKGFNEXSrv (7c157574a181b19b9dcf5f339e25337e) C:\Program Files\ATKGFNEX\GFNEXSrv.exe
21:25:40.0203 3240 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
21:25:40.0203 3240 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
21:25:40.0281 3240 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:25:40.0453 3240 Atmarpc - ok
21:25:40.0500 3240 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
21:25:40.0640 3240 AudioSrv - ok
21:25:40.0687 3240 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:25:40.0796 3240 audstub - ok
21:25:40.0906 3240 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:25:40.0921 3240 avast! Antivirus - ok
21:25:40.0968 3240 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:25:41.0093 3240 Beep - ok
21:25:41.0171 3240 Bentley SELECT Server Gateway (5922444c2c55e2dc6cddb7902a85bf8a) C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
21:25:41.0187 3240 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - warning
21:25:41.0187 3240 Bentley SELECT Server Gateway - detected UnsignedFile.Multi.Generic (1)
21:25:41.0343 3240 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
21:25:41.0562 3240 BITS - ok
21:25:41.0703 3240 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
21:25:41.0843 3240 Browser - ok
21:25:41.0890 3240 btaudio (faba1418646a2b433c0bded6ff92d2fa) C:\WINDOWS\system32\drivers\btaudio.sys
21:25:41.0921 3240 btaudio - ok
21:25:41.0984 3240 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
21:25:42.0000 3240 BTDriver - ok
21:25:42.0062 3240 BTKRNL (aef038061bc1cafb4865d43a85beb1a1) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
21:25:42.0109 3240 BTKRNL - ok
21:25:42.0250 3240 btwdins (f20629ff9ed48efa98fdc5d99919e8c0) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
21:25:42.0281 3240 btwdins - ok
21:25:42.0359 3240 BTWDNDIS (80f61de965c116051614ac2f04222ff7) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
21:25:42.0375 3240 BTWDNDIS - ok
21:25:42.0390 3240 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
21:25:42.0421 3240 btwhid - ok
21:25:42.0468 3240 btwmodem (5922bae0cd84924b9cd7e6bb515ee070) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
21:25:42.0500 3240 btwmodem - ok
21:25:42.0546 3240 BTWUSB (179a37c86fd2b9cc28eb93d093d394c7) C:\WINDOWS\system32\Drivers\btwusb.sys
21:25:42.0562 3240 BTWUSB - ok
21:25:42.0609 3240 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:25:42.0796 3240 cbidf2k - ok
21:25:42.0843 3240 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:25:42.0984 3240 CCDECODE - ok
21:25:43.0078 3240 cd20xrnt - ok
21:25:43.0125 3240 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:25:43.0250 3240 Cdaudio - ok
21:25:43.0296 3240 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:25:43.0406 3240 Cdfs - ok
21:25:43.0421 3240 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:25:43.0578 3240 Cdrom - ok
21:25:43.0593 3240 Changer - ok
21:25:43.0687 3240 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
21:25:43.0828 3240 CiSvc - ok
21:25:43.0843 3240 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
21:25:43.0984 3240 ClipSrv - ok
21:25:44.0078 3240 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:25:44.0109 3240 clr_optimization_v2.0.50727_32 - ok
21:25:44.0187 3240 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:25:44.0312 3240 CmBatt - ok
21:25:44.0328 3240 CmdIde - ok
21:25:44.0375 3240 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:25:44.0515 3240 Compbatt - ok
21:25:44.0515 3240 COMSysApp - ok
21:25:44.0578 3240 Cpqarray - ok
21:25:44.0687 3240 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
21:25:44.0796 3240 CryptSvc - ok
21:25:44.0812 3240 dac2w2k - ok
21:25:44.0828 3240 dac960nt - ok
21:25:44.0890 3240 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
21:25:44.0921 3240 DcomLaunch - ok
21:25:44.0968 3240 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
21:25:45.0093 3240 Dhcp - ok
21:25:45.0140 3240 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:25:45.0281 3240 Disk - ok
21:25:45.0296 3240 dmadmin - ok
21:25:45.0343 3240 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
21:25:45.0500 3240 dmboot - ok
21:25:45.0578 3240 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
21:25:45.0718 3240 dmio - ok
21:25:45.0734 3240 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:25:45.0843 3240 dmload - ok
21:25:45.0906 3240 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
21:25:46.0015 3240 dmserver - ok
21:25:46.0062 3240 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:25:46.0187 3240 DMusic - ok
21:25:46.0234 3240 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
21:25:46.0265 3240 Dnscache - ok
21:25:46.0312 3240 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
21:25:46.0453 3240 Dot3svc - ok
21:25:46.0453 3240 dpti2o - ok
21:25:46.0515 3240 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:25:46.0640 3240 drmkaud - ok
21:25:46.0687 3240 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
21:25:46.0703 3240 DrvAgent32 ( UnsignedFile.Multi.Generic ) - warning
21:25:46.0703 3240 DrvAgent32 - detected UnsignedFile.Multi.Generic (1)
21:25:46.0781 3240 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
21:25:46.0921 3240 EapHost - ok
21:25:46.0968 3240 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
21:25:47.0093 3240 ERSvc - ok
21:25:47.0156 3240 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:25:47.0203 3240 Eventlog - ok
21:25:47.0281 3240 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
21:25:47.0296 3240 EventSystem - ok
21:25:47.0343 3240 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:25:47.0468 3240 Fastfat - ok
21:25:47.0515 3240 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:25:47.0531 3240 FastUserSwitchingCompatibility - ok
21:25:47.0562 3240 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
21:25:47.0671 3240 Fdc - ok
21:25:47.0718 3240 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
21:25:47.0828 3240 Fips - ok
21:25:47.0828 3240 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:25:47.0953 3240 Flpydisk - ok
21:25:48.0000 3240 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:25:48.0125 3240 FltMgr - ok
21:25:48.0218 3240 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:25:48.0234 3240 FontCache3.0.0.0 - ok
21:25:48.0296 3240 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:25:48.0421 3240 Fs_Rec - ok
21:25:48.0468 3240 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:25:48.0625 3240 Ftdisk - ok
21:25:48.0656 3240 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:25:48.0765 3240 Gpc - ok
21:25:48.0796 3240 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:25:48.0812 3240 hamachi - ok
21:25:48.0921 3240 Hamachi2Svc (fa89c0429821c7c429eec7a0ce1c02d3) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
21:25:48.0968 3240 Hamachi2Svc - ok
21:25:49.0031 3240 Haspnt (669feb0894322ca1f80d463a0a5edea5) C:\WINDOWS\system32\drivers\Haspnt.sys
21:25:49.0046 3240 Haspnt ( UnsignedFile.Multi.Generic ) - warning
21:25:49.0046 3240 Haspnt - detected UnsignedFile.Multi.Generic (1)
21:25:49.0093 3240 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:25:49.0203 3240 HDAudBus - ok
21:25:49.0265 3240 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:25:49.0406 3240 helpsvc - ok
21:25:49.0453 3240 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
21:25:49.0609 3240 HidServ - ok
21:25:49.0640 3240 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:25:49.0843 3240 hidusb - ok
21:25:49.0906 3240 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
21:25:50.0062 3240 hkmsvc - ok
21:25:50.0078 3240 hpn - ok
21:25:50.0140 3240 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:25:50.0156 3240 HTTP - ok
21:25:50.0203 3240 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
21:25:50.0375 3240 HTTPFilter - ok
21:25:50.0390 3240 i2omgmt - ok
21:25:50.0406 3240 i2omp - ok
21:25:50.0453 3240 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:25:50.0593 3240 i8042prt - ok
21:25:50.0734 3240 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:25:50.0750 3240 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:25:50.0750 3240 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:25:50.0890 3240 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:25:50.0953 3240 idsvc - ok
21:25:51.0078 3240 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:25:51.0234 3240 Imapi - ok
21:25:51.0265 3240 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
21:25:51.0500 3240 ImapiService - ok
21:25:51.0531 3240 ini910u - ok
21:25:51.0750 3240 IntcAzAudAddService (b00bb702f990797cc9e1062adcfb654d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:25:51.0968 3240 IntcAzAudAddService - ok
21:25:51.0968 3240 IntelIde - ok
21:25:52.0015 3240 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:25:52.0125 3240 intelppm - ok
21:25:52.0156 3240 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:25:52.0281 3240 ip6fw - ok
21:25:52.0328 3240 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:25:52.0453 3240 IpFilterDriver - ok
21:25:52.0500 3240 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:25:52.0609 3240 IpInIp - ok
21:25:52.0640 3240 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:25:52.0750 3240 IpNat - ok
21:25:52.0765 3240 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:25:52.0890 3240 IPSec - ok
21:25:52.0906 3240 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:25:52.0968 3240 IRENUM - ok
21:25:52.0984 3240 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:25:53.0109 3240 isapnp - ok
21:25:53.0140 3240 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:25:53.0250 3240 Kbdclass - ok
21:25:53.0296 3240 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:25:53.0437 3240 kbdhid - ok
21:25:53.0484 3240 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:25:53.0625 3240 kmixer - ok
21:25:53.0687 3240 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:25:53.0703 3240 KSecDD - ok
21:25:53.0750 3240 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
21:25:53.0812 3240 lanmanserver - ok
21:25:53.0890 3240 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
21:25:53.0906 3240 lanmanworkstation - ok
21:25:53.0921 3240 lbrtfdc - ok
21:25:53.0984 3240 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
21:25:54.0078 3240 LmHosts - ok
21:25:54.0125 3240 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
21:25:54.0125 3240 MBAMProtector - ok
21:25:54.0265 3240 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:25:54.0296 3240 MBAMService - ok
21:25:54.0390 3240 mdf15 (5264306c82ed8b51cc8273f377976e3c) C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys
21:25:54.0390 3240 mdf15 ( UnsignedFile.Multi.Generic ) - warning
21:25:54.0390 3240 mdf15 - detected UnsignedFile.Multi.Generic (1)
21:25:54.0515 3240 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
21:25:54.0656 3240 Messenger - ok
21:25:54.0812 3240 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
21:25:54.0843 3240 Microsoft Office Groove Audit Service - ok
21:25:54.0875 3240 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:25:55.0015 3240 mnmdd - ok
21:25:55.0062 3240 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
21:25:55.0203 3240 mnmsrvc - ok
21:25:55.0250 3240 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
21:25:55.0359 3240 Modem - ok
21:25:55.0421 3240 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:25:55.0562 3240 MODEMCSA - ok
21:25:55.0593 3240 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:25:55.0718 3240 Mouclass - ok
21:25:55.0718 3240 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:25:55.0843 3240 mouhid - ok
21:25:55.0906 3240 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:25:56.0015 3240 MountMgr - ok
21:25:56.0031 3240 mraid35x - ok
21:25:56.0046 3240 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:25:56.0171 3240 MRxDAV - ok
21:25:56.0234 3240 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:25:56.0265 3240 MRxSmb - ok
21:25:56.0296 3240 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
21:25:56.0421 3240 MSDTC - ok
21:25:56.0468 3240 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:25:56.0593 3240 Msfs - ok
21:25:56.0609 3240 MSIServer - ok
21:25:56.0656 3240 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:25:56.0781 3240 MSKSSRV - ok
21:25:56.0812 3240 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:25:56.0937 3240 MSPCLOCK - ok
21:25:56.0968 3240 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:25:57.0093 3240 MSPQM - ok
21:25:57.0125 3240 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:25:57.0234 3240 mssmbios - ok
21:25:57.0296 3240 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
21:25:57.0421 3240 MSTEE - ok
21:25:57.0500 3240 MTsensor (97affa9d95ffe20eee6229bc6be166cf) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
21:25:57.0515 3240 MTsensor - ok
21:25:57.0578 3240 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:25:57.0593 3240 Mup - ok
21:25:57.0734 3240 mvd21 (2ffe3b3bebc8570b111aaaa5befeabcc) C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys
21:25:57.0781 3240 mvd21 ( UnsignedFile.Multi.Generic ) - warning
21:25:57.0781 3240 mvd21 - detected UnsignedFile.Multi.Generic (1)
21:25:57.0890 3240 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:25:58.0093 3240 NABTSFEC - ok
21:25:58.0156 3240 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
21:25:58.0281 3240 napagent - ok
21:25:58.0312 3240 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:25:58.0421 3240 NDIS - ok
21:25:58.0437 3240 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:25:58.0578 3240 NdisIP - ok
21:25:58.0687 3240 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:25:58.0703 3240 NdisTapi - ok
21:25:58.0734 3240 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:25:58.0859 3240 Ndisuio - ok
21:25:58.0906 3240 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:25:59.0015 3240 NdisWan - ok
21:25:59.0078 3240 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:25:59.0093 3240 NDProxy - ok
21:25:59.0109 3240 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:25:59.0234 3240 NetBIOS - ok
21:25:59.0250 3240 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:25:59.0390 3240 NetBT - ok
21:25:59.0453 3240 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:25:59.0609 3240 NetDDE - ok
21:25:59.0625 3240 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
21:25:59.0750 3240 NetDDEdsdm - ok
21:25:59.0796 3240 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:25:59.0921 3240 Netlogon - ok
21:25:59.0937 3240 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
21:26:00.0062 3240 Netman - ok
21:26:00.0171 3240 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:26:00.0187 3240 NetTcpPortSharing - ok
21:26:00.0265 3240 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
21:26:00.0296 3240 Nla - ok
21:26:00.0312 3240 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
21:26:00.0375 3240 nmwcd - ok
21:26:00.0421 3240 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
21:26:00.0531 3240 nmwcdc - ok
21:26:00.0578 3240 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
21:26:00.0640 3240 nmwcdnsu - ok
21:26:00.0656 3240 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
21:26:00.0703 3240 nmwcdnsuc - ok
21:26:00.0734 3240 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:26:00.0859 3240 Npfs - ok
21:26:00.0890 3240 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:26:01.0031 3240 Ntfs - ok
21:26:01.0062 3240 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
21:26:01.0187 3240 NtLmSsp - ok
21:26:01.0218 3240 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
21:26:01.0343 3240 NtmsSvc - ok
21:26:01.0390 3240 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:26:01.0531 3240 Null - ok
21:26:01.0578 3240 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:26:01.0703 3240 NwlnkFlt - ok
21:26:01.0796 3240 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:26:01.0906 3240 NwlnkFwd - ok
21:26:02.0078 3240 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:26:02.0109 3240 odserv - ok
21:26:02.0187 3240 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:26:02.0203 3240 ose - ok
21:26:02.0328 3240 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
21:26:02.0453 3240 Parport - ok
21:26:02.0484 3240 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:26:02.0656 3240 PartMgr - ok
21:26:02.0687 3240 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
21:26:02.0828 3240 ParVdm - ok
21:26:02.0906 3240 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
21:26:02.0937 3240 pccsmcfd - ok
21:26:02.0984 3240 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
21:26:03.0109 3240 PCI - ok
21:26:03.0125 3240 PCIDump - ok
21:26:03.0171 3240 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:26:03.0296 3240 PCIIde - ok
21:26:03.0312 3240 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:26:03.0453 3240 Pcmcia - ok
21:26:03.0468 3240 PDCOMP - ok
21:26:03.0484 3240 PDFRAME - ok
21:26:03.0500 3240 PDRELI - ok
21:26:03.0531 3240 PDRFRAME - ok
21:26:03.0546 3240 perc2 - ok
21:26:03.0546 3240 perc2hib - ok
21:26:03.0734 3240 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
21:26:03.0765 3240 PlugPlay - ok
21:26:03.0828 3240 PnkBstrA (1713d9de407313138118d501b0e3c05b) C:\WINDOWS\system32\PnkBstrA.exe
21:26:03.0843 3240 PnkBstrA - ok
21:26:03.0890 3240 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:26:04.0015 3240 PolicyAgent - ok
21:26:04.0078 3240 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:26:04.0203 3240 PptpMiniport - ok
21:26:04.0218 3240 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
21:26:04.0343 3240 Processor - ok
21:26:04.0359 3240 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:26:04.0468 3240 ProtectedStorage - ok
21:26:04.0484 3240 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:26:04.0609 3240 PSched - ok
21:26:04.0671 3240 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:26:04.0812 3240 Ptilink - ok
21:26:04.0843 3240 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:26:04.0859 3240 PxHelp20 - ok
21:26:04.0875 3240 ql1080 - ok
21:26:04.0890 3240 Ql10wnt - ok
21:26:04.0906 3240 ql12160 - ok
21:26:04.0921 3240 ql1240 - ok
21:26:04.0937 3240 ql1280 - ok
21:26:04.0953 3240 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:26:05.0078 3240 RasAcd - ok
21:26:05.0125 3240 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
21:26:05.0265 3240 RasAuto - ok
21:26:05.0312 3240 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:26:05.0437 3240 Rasl2tp - ok
21:26:05.0484 3240 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
21:26:05.0609 3240 RasMan - ok
21:26:05.0640 3240 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:26:05.0765 3240 RasPppoe - ok
21:26:05.0812 3240 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:26:05.0921 3240 Raspti - ok
21:26:05.0937 3240 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:26:06.0078 3240 Rdbss - ok
21:26:06.0093 3240 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:26:06.0218 3240 RDPCDD - ok
21:26:06.0265 3240 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
21:26:06.0453 3240 rdpdr - ok
21:26:06.0500 3240 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
21:26:06.0531 3240 RDPWD - ok
21:26:06.0593 3240 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
21:26:06.0734 3240 RDSessMgr - ok
21:26:06.0781 3240 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:26:06.0906 3240 redbook - ok
21:26:06.0968 3240 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
21:26:07.0093 3240 RemoteAccess - ok
21:26:07.0156 3240 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
21:26:07.0281 3240 RemoteRegistry - ok
21:26:07.0328 3240 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
21:26:07.0437 3240 RpcLocator - ok
21:26:07.0500 3240 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
21:26:07.0531 3240 RpcSs - ok
21:26:07.0578 3240 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
21:26:07.0703 3240 RSVP - ok
21:26:07.0750 3240 RTSTOR (b1c9626c5089a85de411c1bedbc5620e) C:\WINDOWS\system32\drivers\RTSTOR.SYS
21:26:07.0765 3240 RTSTOR - ok
21:26:07.0796 3240 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
21:26:07.0906 3240 SamSs - ok
21:26:07.0953 3240 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
21:26:08.0078 3240 SCardSvr - ok
21:26:08.0125 3240 SCDEmu (f441ba47bd8610cb9536965bd7d1f943) C:\WINDOWS\system32\drivers\SCDEmu.sys
21:26:08.0140 3240 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
21:26:08.0140 3240 SCDEmu - detected UnsignedFile.Multi.Generic (1)
21:26:08.0187 3240 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
21:26:08.0296 3240 Schedule - ok
21:26:08.0343 3240 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:26:08.0421 3240 Secdrv - ok
21:26:08.0468 3240 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
21:26:08.0593 3240 seclogon - ok
21:26:08.0687 3240 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
21:26:08.0796 3240 SENS - ok
21:26:08.0859 3240 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
21:26:08.0953 3240 Serial - ok
21:26:09.0062 3240 ServiceLayer (5bf59c6bc737baaf541168e5cb2ec1d9) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:26:09.0109 3240 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:26:09.0109 3240 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
21:26:09.0250 3240 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:26:09.0375 3240 Sfloppy - ok
21:26:09.0421 3240 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
21:26:09.0578 3240 SharedAccess - ok
21:26:09.0625 3240 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:26:09.0656 3240 ShellHWDetection - ok
21:26:09.0671 3240 Simbad - ok
21:26:09.0718 3240 SiSGbeXP (a86e52c55de3488b3fc0ff2b8ad711bf) C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys
21:26:09.0734 3240 SiSGbeXP - ok
21:26:09.0796 3240 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:26:09.0921 3240 SLIP - ok
21:26:10.0015 3240 SNP2UVC (a709dfa1674c1ed61ef7b5f29b38eeb1) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
21:26:10.0140 3240 SNP2UVC - ok
21:26:10.0156 3240 Sparrow - ok
21:26:10.0187 3240 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:26:10.0296 3240 splitter - ok
21:26:10.0343 3240 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
21:26:10.0375 3240 Spooler - ok
21:26:10.0437 3240 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
21:26:10.0437 3240 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
21:26:10.0437 3240 sptd ( LockedFile.Multi.Generic ) - warning
21:26:10.0437 3240 sptd - detected LockedFile.Multi.Generic (1)
21:26:10.0484 3240 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\System32\DRIVERS\sr.sys
21:26:10.0531 3240 sr - ok
21:26:10.0578 3240 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
21:26:10.0640 3240 srservice - ok
21:26:10.0687 3240 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:26:10.0734 3240 Srv - ok
21:26:10.0812 3240 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
21:26:10.0906 3240 SSDPSRV - ok
21:26:10.0937 3240 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
21:26:11.0093 3240 stisvc - ok
21:26:11.0125 3240 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:26:11.0265 3240 streamip - ok
21:26:11.0281 3240 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:26:11.0421 3240 swenum - ok
21:26:11.0453 3240 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:26:11.0593 3240 swmidi - ok
21:26:11.0609 3240 SwPrv - ok
21:26:11.0625 3240 symc810 - ok
21:26:11.0640 3240 symc8xx - ok
21:26:11.0656 3240 sym_hi - ok
21:26:11.0656 3240 sym_u3 - ok
21:26:11.0765 3240 SynTP (c8cc806f0506e9f168750371d37eee18) C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:26:11.0781 3240 SynTP - ok
21:26:11.0828 3240 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:26:11.0953 3240 sysaudio - ok
21:26:11.0968 3240 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
21:26:12.0093 3240 SysmonLog - ok
21:26:12.0187 3240 SZASSIST (be4ee0c8be3fc077cc0536702517e140) C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
21:26:12.0187 3240 SZASSIST ( UnsignedFile.Multi.Generic ) - warning
21:26:12.0187 3240 SZASSIST - detected UnsignedFile.Multi.Generic (1)
21:26:12.0265 3240 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
21:26:12.0406 3240 TapiSrv - ok
21:26:12.0468 3240 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:26:12.0500 3240 Tcpip - ok
21:26:12.0562 3240 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
21:26:12.0593 3240 Tcpip6 - ok
21:26:12.0671 3240 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:26:12.0781 3240 TDPIPE - ok
21:26:12.0796 3240 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:26:12.0921 3240 TDTCP - ok
21:26:12.0937 3240 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:26:13.0062 3240 TermDD - ok
21:26:13.0078 3240 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
21:26:13.0203 3240 TermService - ok
21:26:13.0265 3240 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
21:26:13.0281 3240 Themes - ok
21:26:13.0312 3240 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
21:26:13.0375 3240 TlntSvr - ok
21:26:13.0390 3240 TosIde - ok
21:26:13.0421 3240 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
21:26:13.0562 3240 TrkWks - ok
21:26:13.0593 3240 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
21:26:13.0718 3240 tunmp - ok
21:26:13.0765 3240 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:26:13.0890 3240 Udfs - ok
21:26:13.0890 3240 ultra - ok
21:26:13.0937 3240 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:26:14.0062 3240 Update - ok
21:26:14.0093 3240 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
21:26:14.0156 3240 upnphost - ok
21:26:14.0203 3240 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
21:26:14.0281 3240 upperdev - ok
21:26:14.0281 3240 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
21:26:14.0406 3240 UPS - ok
21:26:14.0484 3240 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:26:14.0609 3240 usbccgp - ok
21:26:14.0625 3240 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:26:14.0734 3240 usbehci - ok
21:26:14.0781 3240 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:26:14.0906 3240 usbhub - ok
21:26:14.0921 3240 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:26:15.0062 3240 usbohci - ok
21:26:15.0093 3240 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:26:15.0218 3240 usbprint - ok
21:26:15.0265 3240 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
21:26:15.0375 3240 usbser - ok
21:26:15.0406 3240 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
21:26:15.0453 3240 UsbserFilt - ok
21:26:15.0500 3240 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:26:15.0609 3240 usbstor - ok
21:26:15.0656 3240 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
21:26:15.0781 3240 usbvideo - ok
21:26:15.0828 3240 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:26:15.0937 3240 VgaSave - ok
21:26:15.0937 3240 ViaIde - ok
21:26:15.0984 3240 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
21:26:16.0093 3240 VolSnap - ok
21:26:16.0125 3240 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
21:26:16.0203 3240 VSS - ok
21:26:16.0218 3240 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
21:26:16.0343 3240 W32Time - ok
21:26:16.0390 3240 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:26:16.0546 3240 Wanarp - ok
21:26:16.0609 3240 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
21:26:16.0828 3240 Wdf01000 - ok
21:26:16.0859 3240 WDICA - ok
21:26:16.0906 3240 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:26:17.0046 3240 wdmaud - ok
21:26:17.0062 3240 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
21:26:17.0187 3240 WebClient - ok
21:26:17.0250 3240 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
21:26:17.0359 3240 winmgmt - ok
21:26:17.0421 3240 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
21:26:17.0437 3240 WmdmPmSN - ok
21:26:17.0515 3240 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
21:26:17.0546 3240 Wmi - ok
21:26:17.0625 3240 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:26:17.0875 3240 WmiApSrv - ok
21:26:17.0906 3240 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:26:17.0937 3240 WpdUsb - ok
21:26:18.0000 3240 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
21:26:18.0171 3240 wscsvc - ok
21:26:18.0203 3240 WSIMD (21ac4f228f3d36876a42277c76a766c0) C:\WINDOWS\system32\DRIVERS\wsimd.sys
21:26:18.0218 3240 WSIMD ( UnsignedFile.Multi.Generic ) - warning
21:26:18.0218 3240 WSIMD - detected UnsignedFile.Multi.Generic (1)
21:26:18.0265 3240 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:26:18.0421 3240 WSTCODEC - ok
21:26:18.0468 3240 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
21:26:18.0609 3240 wuauserv - ok
21:26:18.0671 3240 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:26:18.0718 3240 WudfPf - ok
21:26:18.0750 3240 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:26:18.0765 3240 WudfRd - ok
21:26:18.0796 3240 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
21:26:18.0843 3240 WudfSvc - ok
21:26:18.0890 3240 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
21:26:19.0093 3240 WZCSVC - ok
21:26:19.0125 3240 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
21:26:19.0375 3240 xmlprov - ok
21:26:19.0406 3240 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
21:26:19.0781 3240 \Device\Harddisk0\DR0 - ok
21:26:19.0781 3240 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk1\DR3
21:26:26.0812 3240 \Device\Harddisk1\DR3 - ok
21:26:26.0890 3240 Boot (0x1200) (3970bd1adce447bc488edaa5c9ab1f14) \Device\Harddisk0\DR0\Partition0
21:26:27.0000 3240 \Device\Harddisk0\DR0\Partition0 - ok
21:26:27.0015 3240 Boot (0x1200) (eca08e6ce7bdad0ca356641fe411d306) \Device\Harddisk0\DR0\Partition1
21:26:27.0062 3240 \Device\Harddisk0\DR0\Partition1 - ok
21:26:27.0078 3240 Boot (0x1200) (257d8a1fc6e6490aab1f4b4e18c43aea) \Device\Harddisk1\DR3\Partition0
21:26:27.0078 3240 \Device\Harddisk1\DR3\Partition0 - ok
21:26:27.0078 3240 ============================================================
21:26:27.0078 3240 Scan finished
21:26:27.0078 3240 ============================================================
21:26:27.0203 1064 Detected object count: 14
21:26:27.0203 1064 Actual detected object count: 14
21:27:08.0250 1064 ACS ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0250 1064 ACS ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 ASNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 ASNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 DrvAgent32 ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 Haspnt ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 Haspnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0265 1064 mdf15 ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0265 1064 mdf15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0281 1064 mvd21 ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0281 1064 mvd21 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0281 1064 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0281 1064 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0281 1064 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0281 1064 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0281 1064 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:27:08.0281 1064 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:27:08.0281 1064 SZASSIST ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0281 1064 SZASSIST ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:27:08.0296 1064 WSIMD ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:08.0296 1064 WSIMD ( UnsignedFile.Multi.Generic ) - User select action: Skip

#11 Příspěvek od **Mc_Murphy** » 23 dub 2012 06:15

Dobře. Nálezů si nevšímej, vše by mělo být v pořádku. Jak se chová náš pacient?

Swiftik · #12 Příspěvek od **Swiftik** » 23 dub 2012 20:43

no rychlost je v pohode, reaguje dobre ale stale neak huci ventilator.
Asi ho rozoberem a skusim vycistit a premazat

#13 Příspěvek od **Mc_Murphy** » 24 dub 2012 06:03

OK, jestli jsi předtím dal smáznout ty body obnovy, tak je teď zkus zapnout a udělej ještě další scan s MBAM, prosím. Když bude log čistý, tak ho sem ani nedávej, jen napiš, že bylo všechno v pořádku. Když tam bude nález, log mi sem zase zkopíruj.

Pokud bude log čistý (žádný nález), udělej mi další scan RSITem a hoď mi sem aktuální log, ať se mrknu, co všechno se provedlo.

Swiftik · #14 Příspěvek od **Swiftik** » 28 dub 2012 18:34

nemal som moc casu tak to sem davam teraz

MBAM: Kontrola bola uspesne dokoncena. Skodlive polozky neboli najdene.

RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomi at 2012-04-28 19:29:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 28 GB (18%) free of 150 GB
Total RAM: 3071 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:29:41, on 28.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Globe Software\StatBar\StatBar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Tomi\Desktop\RSIT.exe
C:\Program Files\trend micro\Tomi.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StatBar] C:\Program Files\Globe Software\StatBar\StatBar.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9575861870
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bentley SELECT Server Gateway - Bentley Systems, Incorporated - C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe

--
End of file - 7989 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default

prefs.js - "extensions.enabledItems" - "{DDABDBA1-2377-4A30-A027-25697B99E254}:3.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, toolbar@ask.com:3.11.3.15590, personas@christopher.beard:1.6.2, sk@dictionaries.addons.mozilla.org:2.03.2, {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.3.3.2, firefox@tvunetworks.com:2, 5, 3, 1, cs@dictionaries.addons.mozilla.org:1.0.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, engine@conduit.com:3.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =937811&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\WINDOWS\system32\TVUAx\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Tomi\Application Data\Mozilla\Firefox\Profiles\bwid785m.default\extensions\
cs@dictionaries.addons.mozilla.org
personas@christopher.beard
sk@dictionaries.addons.mozilla.org
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-24 59272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-16 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2008-08-18 117304]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2008-10-20 166456]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-24 159744]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-07-31 1343488]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"StatBar"=C:\Program Files\Globe Software\StatBar\StatBar.exe [2003-07-25 335872]
"Časovač"= []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Tomi\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-04-22 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe"="C:\Program Files\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires III"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE"="C:\Program Files\EA GAMES\Need for Speed Underground 2\SPEED2.EXE:*:Enabled:Need for Speed Underground 2"
"C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe"="C:\Program Files\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:Need for Speed™ Most Wanted"
"C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:aomx"
"C:\Program Files\Microsoft Games\Age of Mythology\aom.exe"="C:\Program Files\Microsoft Games\Age of Mythology\aom.exe:*:Enabled:aom"
"C:\Program Files\EA SPORTS\NHL07\nhl2007.exe"="C:\Program Files\EA SPORTS\NHL07\nhl2007.exe:*:Enabled:nhl2007"
"C:\Program Files\Ultima Online 2D\Client_6.0.4.0.exe"="C:\Program Files\Ultima Online 2D\Client_6.0.4.0.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\Ultima Online 2D\Client_6.0.11.0.exe"="C:\Program Files\Ultima Online 2D\Client_6.0.11.0.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\Ultima Online 2D\Client.exe"="C:\Program Files\Ultima Online 2D\Client.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\UOAM\uoam.exe"="C:\Program Files\UOAM\uoam.exe:*:Enabled:Ultima Online's premier mapping tool."
"C:\Program Files\Counter-Strike\hl.exe"="C:\Program Files\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Tomi\Desktop\portable_programy_na_flashku\portable_programy_na_flashku_by_Hojas86\Internet\Phone\Skype.exe"="C:\Documents and Settings\Tomi\Desktop\portable_programy_na_flashku\portable_programy_na_flashku_by_Hojas86\Internet\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=serwvdrv.dll
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-04-25 18:32:51 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla
2012-04-25 18:32:50 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-04-22 16:12:30 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-04-22 12:22:22 ----D---- C:\Program Files\Bentley2
2012-04-21 21:24:45 ----A---- C:\TDSSKiller.2.7.31.0_21.04.2012_21.24.45_log.txt
2012-04-13 23:15:57 ----D---- C:\Documents and Settings\Tomi\Application Data\InterTrust
2012-04-13 22:39:12 ----D---- C:\Documents and Settings\All Users\Application Data\YTD YouTube Downloader & Converter
2012-04-11 22:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-04-06 14:50:36 ----D---- C:\Documents and Settings\Tomi\Application Data\AIMP3
2012-03-30 19:08:03 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2012-04-28 19:29:30 ----D---- C:\Program Files\trend micro
2012-04-28 19:29:25 ----D---- C:\WINDOWS\Prefetch
2012-04-28 15:50:59 ----D---- C:\WINDOWS\Temp
2012-04-28 12:00:02 ----D---- C:\WINDOWS\system32\drivers
2012-04-28 11:46:57 ----D---- C:\WINDOWS
2012-04-28 01:15:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-28 00:41:45 ----D---- C:\Sphere 0.56b
2012-04-27 19:14:22 ----D---- C:\Documents and Settings\Tomi\Application Data\Mumble
2012-04-27 13:24:15 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-27 11:32:31 ----D---- C:\Program Files\QIP Infium
2012-04-25 22:45:16 ----SHD---- C:\System Volume Information
2012-04-25 22:45:16 ----D---- C:\WINDOWS\system32\Restore
2012-04-25 18:33:01 ----D---- C:\Program Files\Mozilla Firefox
2012-04-25 18:32:50 ----RD---- C:\Program Files
2012-04-24 20:47:18 ----D---- C:\Program Files\wkokes_6_70
2012-04-22 16:14:30 ----SHD---- C:\WINDOWS\Installer
2012-04-22 16:14:30 ----HD---- C:\Config.Msi
2012-04-22 16:14:24 ----D---- C:\WINDOWS\WinSxS
2012-04-22 16:12:30 ----D---- C:\Program Files\Common Files
2012-04-22 16:12:30 ----D---- C:\Program Files\Bentley
2012-04-22 16:12:30 ----D---- C:\Documents and Settings\All Users\Application Data\Bentley
2012-04-22 16:09:51 ----D---- C:\BentleyDownloads
2012-04-22 16:05:29 ----D---- C:\Documents and Settings\Tomi\Application Data\uTorrent
2012-04-22 12:24:35 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-21 10:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-04-20 15:30:37 ----D---- C:\Program Files\UOAM
2012-04-18 15:07:16 ----AD---- C:\Program Files\Ultima Online 2D
2012-04-17 16:34:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2012-04-17 11:23:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-04-16 23:49:51 ----SD---- C:\WINDOWS\Tasks
2012-04-16 23:48:36 ----D---- C:\WINDOWS\system32
2012-04-16 23:43:53 ----D---- C:\WINDOWS\system32\drivers\etc
2012-04-13 23:42:27 ----D---- C:\Program Files\Microsoft Games
2012-04-13 23:40:54 ----HD---- C:\WINDOWS\inf
2012-04-13 23:15:58 ----D---- C:\WINDOWS\system32\Adobe
2012-04-13 23:15:58 ----D---- C:\Program Files\Adobe
2012-04-13 23:15:57 ----D---- C:\Program Files\Common Files\Adobe
2012-04-13 22:39:08 ----D---- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
2012-04-13 22:39:00 ----D---- C:\Program Files\YouTube Downloader
2012-04-11 23:07:52 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-11 23:07:49 ----RSD---- C:\WINDOWS\assembly
2012-04-11 23:05:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-11 23:04:55 ----D---- C:\Program Files\Internet Explorer
2012-04-11 23:04:24 ----D---- C:\WINDOWS\ie8updates
2012-04-11 23:04:12 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-11 23:04:03 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-04-11 23:00:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-11 22:44:48 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-11 22:44:26 ----A---- C:\WINDOWS\imsins.BAK
2012-04-07 14:36:15 ----A---- C:\WINDOWS\win.ini
2012-04-06 14:50:46 ----D---- C:\Program Files\AIMP2
2012-03-31 03:11:16 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-19 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-09-18 1326528]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-23 2880000]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-04-15 534440]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-04-15 990632]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384]
R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-03-27 47272]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mdf15;mdf15; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys []
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-03-31 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 mvd21;mvd21; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys []
R3 RTSTOR;USB Mass Storage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-10-25 46976]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-05 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-07-31 230464]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S3 a39kex9x;a39kex9x; C:\WINDOWS\system32\drivers\a39kex9x.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-09-20 156392]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2008-03-03 43392]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2008-09-26 467028]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-04-22 536576]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 Bentley SELECT Server Gateway;Bentley SELECT Server Gateway; C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe [2007-03-26 102400]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-14 342624]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-02-06 75136]
R2 SZASSIST;SecretZone Assist Service; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-20 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-25 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#15 Příspěvek od **Mc_Murphy** » 29 dub 2012 06:17

Výborně, tak pokud jsi tak neučinil, zapni znovu ty Body obnovy, teď už bude vše v pořádku.

S tím hučením to bude opravdu ventilátorem. Rozeber PC a ventilátor profoukni nejlépe stlačeným vzduchem. Pokud tomu opravdu rozumíš, klidně ho sundej, vyčisti a vrať zpět. Hlavně opatrně, ať si někde nic neutrhneš. Pokud jde promazat, tak to udělej, ale ne všechna ložiska se mažou - většinou jsou všechny ventilátory "samomazné" (nebo samokluzné?

), tak nějak.

Odinstaluj MBAM, už ho nebudeš potřebovat. Pokud si ho chceš nechat, tak ho ale každopádně v jeho nastaveních odeber ze spouštění po startu a vypni ho z rezidentní ochrany nebo se Ti bude tlouct s antivirem a může způsobovat zpomalení systému i neočekávané pády!

Podívej se do plug-inů u Firefoxu, vidím tam ještě nějaké zbytky po Ask Toolbaru a Conduit Engine.
toolbar@ask.com:3.11.3.15590, engine@conduit.com:3.3.3.2 a ještě prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =937811&p="
Pokud tam něco takového najdeš, odpal do do pryč. Pokud to nepůjde, můžeme to odpálit ještě přes další utilitu OTL, která si na tohle umí šikovně sáhnout.

VIRY.CZ

kontrola

kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola

Re: kontrola