VIRY.CZ

Zdravim experti.
Prosim o pomoc s jednim pracovnim, malo vyuzivanym, PC.
Po delsi dobe jsem ho chtel pripojit prez wifi k netu a neslo to. Nakonec jsem odinstaloval stary a zrejme i nefunkcni AVG a pripojeni se povedlo a web chodi.
Jenze po pokusu stahnout nejaky AV jsem zjistil, ze se na zadny web vyrobcu nepripojim.
Podezreni o nakaze uz hranici s jistotou.
Proto se obracim na Vas s prosbou o pomoc.
Dle pozadavku jsem chtel stahnout RSIT a udelat log, ale ani to se mi stahnout nedari - neda.
Jeste jedna mala poznamka - na PC az do utery mohu pracovat pouze vzdalene - pomoci Team Vieweru, takze to bude vsechno asi ztizene, nektere veci nemozne

Dekuji predem!!!!

Také zdravím ,
jedná se o pracovní pc?

"Silent Runners.vbs", revision 64, http://www.silentrunners.org/
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (32-bit)
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe [MS]
MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background [MS]
SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [Safer Networking Limited]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
LaunchApp = Alaunch [Acer Inc.]
SoundMan = SOUNDMAN.EXE [Realtek Semiconductor Corp.]
ntiMUI = c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [null data]
(Default) = (empty string) [file not found]
RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [Cyberlink Corp.]
IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 [MS]
MSPY2002 = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [null data]
PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC [MS]
PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName [MS]
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [MS]
nwiz = nwiz.exe /install [NVIDIA Corporation]
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [MS]
eRecoveryService = C:\Acer\Empowering Technology\eRecovery\Monitor.exe [acer Inc.]
WinVNC = "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper [RealVNC Ltd.]
pdfFactory Dispatcher v1 = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe [FinePrint Software, LLC]
WinampAgent = C:\Program Files\Winamp\winampa.exe [null data]
OrderReminder = C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [Hewlett-Packard]
SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Sun Microsystems, Inc.]
ApnUpdater = "C:\Program Files\Ask.com\Updater\Updater.exe" [Ask]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM…CLSID} = AcroIEHlprObj Class
\InProcServer32\(Default) = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe Systems Incorporated]

{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\PROGRA~1\SPYBOT~1\SDHelper.dll [Safer Networking Limited]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM…CLSID} = Java(tm) Plug-In SSV Helper
\InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\ssv.dll [Sun Microsystems, Inc.]

{D4027C7F-154A-4066-A1AD-4243D8127440}\(Default) = Ask Toolbar BHO
-> {HKLM…CLSID} = Ask Toolbar
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM…CLSID} = Java(tm) Plug-In 2 SSV Helper
\InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\jp2ssv.dll [Sun Microsystems, Inc.]

{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = JQSIEStartDetectorImpl
-> {HKLM…CLSID} = JQSIEStartDetectorImpl Class
\InProcServer32\(Default) = C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Sun Microsystems, Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{42071714-76d4-11d1-8b24-00a0c9068ff3} = Rozšíření panelu Zobrazení pro panoramatické zobrazení
-> {HKLM…CLSID} = Rozšíření panelu Zobrazení pro panoramatické zobrazení
\InProcServer32\(Default) = deskpan.dll [file not found]

{88895560-9AA2-1069-930E-00AA0030EBC8} = Rozšíření ikony programu HyperTerminal
-> {HKLM…CLSID} = HyperTerminal Icon Ext
\InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.]

{5E6AB780-7743-11CF-A12B-00AA004AE837} = Panel nástrojů Microsoft pro síť Internet
-> {HKLM…CLSID} = Panel nástrojů Microsoft pro síť Internet
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{22BF0C20-6DA7-11D0-B373-00A0C9034938} = Stav stahování
-> {HKLM…CLSID} = Stav stahování
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{91EA3F8B-C99B-11d0-9815-00C04FD91972} = Rozšířená složka prostředí
-> {HKLM…CLSID} = Rozšířená složka prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{6413BA2C-B461-11d1-A18A-080036B11A03} = Augmented Shell Folder 2
-> {HKLM…CLSID} = Augmented Shell Folder 2
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{F61FFEC1-754F-11d0-80CA-00AA005B4383} = BandProxy
-> {HKLM…CLSID} = BandProxy
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{7BA4C742-9E81-11CF-99D3-00AA004AE837} = Microsoft BrowserBand
-> {HKLM…CLSID} = Microsoft BrowserBand
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{169A0691-8DF9-11d1-A1C4-00C04FD75D13} = Vyhledávat v podokně
-> {HKLM…CLSID} = Vyhledávat v podokně
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{07798131-AF23-11d1-9111-00A0C98BA67D} = Hledání na webu
-> {HKLM…CLSID} = Hledání na webu
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{AF4F6510-F982-11d0-8595-00AA004CD6D8} = Nástroj možností registrového stromu
-> {HKLM…CLSID} = Nástroj možností registrového stromu
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{01E04581-4EEE-11d0-BFE9-00AA005B4383} = &Adresa
-> {HKLM…CLSID} = &Adresa
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{A08C11D2-A228-11d0-825B-00AA005B4383} = Textové pole adresy
-> {HKLM…CLSID} = Textové pole adresy
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{00BB2763-6A77-11D0-A535-00C04FD7D062} = Automatické dokončování Microsoft
-> {HKLM…CLSID} = Automatické dokončování Microsoft
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{7376D660-C583-11d0-A3A5-00C04FD706EC} = TridentImageExtractor
-> {HKLM…CLSID} = TridentImageExtractor
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{6756A641-DE71-11d0-831B-00AA005B4383} = Automaticky dokončovaný seznam MRU
-> {HKLM…CLSID} = Automaticky dokončovaný seznam MRU
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} = Custom MRU AutoCompleted List
-> {HKLM…CLSID} = Custom MRU AutoCompleted List
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{7e653215-fa25-46bd-a339-34a2790f3cb7} = Přístupný
-> {HKLM…CLSID} = Přístupný
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{acf35015-526e-4230-9596-becbe19f0ac9} = Track Popup Bar
-> {HKLM…CLSID} = Track Popup Bar
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{00BB2764-6A77-11D0-A535-00C04FD7D062} = Automaticky dokončovaný seznam historie
-> {HKLM…CLSID} = Automaticky dokončovaný seznam historie
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{03C036F1-A186-11D0-824A-00AA005B4383} = Automaticky se doplňující seznam složky prostředí společnosti Microsoft
-> {HKLM…CLSID} = Automaticky se doplňující seznam složky prostředí společnosti Microsoft
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{00BB2765-6A77-11D0-A535-00C04FD7D062} = Kontejner automatického dokončování více seznamů
-> {HKLM…CLSID} = Kontejner automatického dokončování více seznamů
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{ECD4FC4E-521C-11D0-B792-00A0C90312E1} = Nabídka serveru pruhu prostředí
-> {HKLM…CLSID} = Nabídka serveru pruhu prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{3CCF8A41-5C85-11d0-9796-00AA00B90ADF} = Panel plochy aplikací prostředí
-> {HKLM…CLSID} = Panel plochy aplikací prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{ECD4FC4C-521C-11D0-B792-00A0C90312E1} = Panel plochy prostředí
-> {HKLM…CLSID} = Panel plochy prostředí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{ECD4FC4D-521C-11D0-B792-00A0C90312E1} = Shell Rebar BandSite
-> {HKLM…CLSID} = Shell Rebar BandSite
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{DD313E04-FEFF-11d1-8ECD-0000F87A470C} = Asistence uživatele
-> {HKLM…CLSID} = Asistence uživatele
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} = Globální nastavení složek
-> {HKLM…CLSID} = Globální nastavení složek
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class
-> {HKLM…CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

{FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper
-> {HKLM…CLSID} = NVIDIA CPL Extension
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

{1CDB2949-8F65-4355-8456-263E7C208A5D} = Desktop Explorer
-> {HKLM…CLSID} = Desktop Explorer
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} = Desktop Explorer Menu
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} = nView Desktop Context Menu
-> {HKLM…CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

{21569614-B795-46b1-85F4-E737A8DC09AD} = Shell Search Band
-> {HKLM…CLSID} = Shell Search Band
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice.org Column Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice.org Infotip Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice.org Property Sheet Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice.org Thumbnail Viewer
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
-> {HKLM…CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler
-> {HKLM…CLSID} = Microsoft Office Metadata Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler
-> {HKLM…CLSID} = Microsoft Office Thumbnail Handler
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\

<<!>> {438755C2-A8BA-11D1-B96B-00A0C90312E1} = Browseui preloader
-> {HKLM…CLSID} = Browseui preloader
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

<<!>> {8C7461EF-2B13-11d2-BE35-3078302C2030} = Proces mezipaměti kategorií součástí
-> {HKLM…CLSID} = Proces mezipaměti kategorií součástí
\InProcServer32\(Default) = C:\WINDOWS\system32\browseui.dll [Společnost Microsoft]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

WPDShServiceObj = {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
-> {HKLM…CLSID} = WPDShServiceObj Class
\InProcServer32\(Default) = C:\WINDOWS\system32\WPDShServiceObj.dll [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}
-> {HKLM…CLSID} = Microsoft Office InfoPath XML Mime Filter
\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294}
-> {HKLM…CLSID} = HxProtocol Class
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

00nView\(Default) = {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
-> {HKLM…CLSID} = nView Desktop Context Menu
\InProcServer32\(Default) = C:\WINDOWS\system32\nvshell.dll [NVIDIA Corporation]

NvCplDesktopContext\(Default) = {A70C977A-BF00-412C-90B7-034C51DA2439}
-> {HKLM…CLSID} = DesktopContext Class
\InProcServer32\(Default) = C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice.org Column Handler
-> {HKLM…CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll" [Sun Microsystems, Inc.]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info
-> {HKLM…CLSID} = PDF Shell Extension
\InProcServer32\(Default) = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}
-> {HKLM…CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
Wallpaper = F:\obrázky táta\2009-07-06 dovolená 2009\dovolená 2009 184.JPG

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

MSWPDShellNamespaceHandler\
Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine =
-> {HKLM…CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS]

NTIBurner\
Provider = NTI CD-Maker
InvokeProgID = NTIBurnerOpen
InvokeVerb = open
HKLM\SOFTWARE\Classes\NTIBurnerOpen\shell\open\command\(Default) = "c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\Cdmkr32.exe" [NewTech Infosystems, Inc.]

PDVDPlayCDAudioOnArrival\
Provider = PowerDVD
InvokeProgID = AudioCD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%L" [CyberLink Corp.]

PDVDPlayDVDMovieOnArrival\
Provider = PowerDVD
InvokeProgID = DVD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" [CyberLink Corp.]

PDVDPlayVCDMovieOnArrival\
Provider = PowerDVD
InvokeProgID = VCD
InvokeVerb = PlayWithPowerDVD
HKLM\SOFTWARE\Classes\VCD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" [CyberLink Corp.]


Startup items in "uzivatel" & "All Users" startup folders:
----------------------------------------------------------

C:\Documents and Settings\uzivatel\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0 -> shortcut to: C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [null data]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch -> shortcut to: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [Adobe Systems Incorporated]
Wireless Utility -> shortcut to: C:\Program Files\EDIMAX\Common\RaUI.exe -s [Edimax Technology Co.]


Enabled Scheduled Tasks:
------------------------

Scheduled Update for Ask Toolbar -> launches: C:\Program Files\Ask.com\UpdateTask.exe [null data]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 04, 07 - 14
%SystemRoot%\system32\rsvpsp.dll [MS], 05 - 06


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

{D4027C7F-154A-4066-A1AD-4243D8127440}
-> {HKLM…CLSID} = Ask Toolbar
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
{D4027C7F-154A-4066-A1AD-4243D8127440} = (no title provided)
-> {HKLM…CLSID} = Ask Toolbar
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]

Explorer Bars

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Zdroje informací
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{2670000A-7350-4F3C-8081-5663EE0C6C49}\
ButtonText = Odeslat do aplikace OneNote
MenuText = Od&eslat do aplikace OneNote
CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C}
-> {HKLM…CLSID} = Send to OneNote from Internet Explorer button
\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [MS]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
ButtonText = Research

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
MenuText = @xpsp3res.dll,-20001
Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
ButtonText = Messenger
MenuText = Windows Messenger
Exec = C:\Program Files\Messenger\msmsgs.exe [MS]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> {00000000-6E41-4FD3-8538-502F5495E5FC} = ∀`ƈ`?ţ
-> {HKLM…CLSID} = UrlSearchHook Class
\InProcServer32\(Default) = C:\Program Files\Ask.com\GenericAskToolbar.dll [Ask]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Adaptér výkonu služby WMI, WmiApSrv, C:\WINDOWS\system32\wbem\wmiapsrv.exe [MS]
Java Quick Starter, JavaQuickStarterService, "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [Sun Microsystems, Inc.]
NVIDIA Display Driver Service, NVSvc, C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation]
Ralink Registry Writer, RalinkRegistryWriter, C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe [Ralink Technology, Corp.]
TeamViewer 7, TeamViewer7, C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [TeamViewer GmbH]
VNC Server, winvnc, "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -service [RealVNC Ltd.]


Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> {1a3e09be-1e45-494b-9174-d7385b45bbf5},


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
FPP1:\Driver = fppmon1.dll [FinePrint Software, LLC]
HPLJ1018LM\Driver = ZLhp1018.DLL [Zenographics, Inc.]
Microsoft Shared Fax Monitor\Driver = FXSMON.DLL [MS]
Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS]


---------- (launch time: 2012-05-04 21:22:39)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 46 seconds, including 18 seconds for message boxes)

Zdravim take.
Ano, je to PC v ordinaci lekare.

A pc vyléčit neumíte?
Předpokládám že lékař tam nemá žádného IT odborníka...my tu léčíme jen domácí pc, protože v práci za to obvykle bývá někdo placený a mi tu fungujeme zadarmo a dobrovolně.

to uz by v ordinaci mely dost sirokej zaber, kdyby umely i toto.
no, ono to je tak ze jedna mala ordinace na vesnici neni ani firmou ale spis modlou pro vsechny zname - par spoluobcaanu, kteri to zrovna potrebuji.
Ani ja nejsem v tomto pripade ve vztahu zakaznik - placeny odbornik. Spis jako skorosoused (kamarad a obcasny pacient), co do pocitacu vidi asi o milion procent vic nez nas pan doktor a o milion procent min nez vy. A na pozadani - pratelskou vypomoc se snazi svemu priteli pomoci. Jednou s rozchozenim internetu, potom s instalaci programu nebo tiskarny, ale odvirovani uz je uplne mimo moje vedomosti.
Koukam, ze jsem se nejak rozepsal - asi to jinak neumim - ale diky, ze jste to docetli az sem.
Prosim o objektivni posouzeni, protoze tady o zadnou komerci nejde, nybrz o nezistnou pomoc priteli.
Ale Vas nazor - rozhodnuti budu samozrejme plne respektovat...

jj vim a za tu minulou pomoc dekuji! kdyz clovek do IT dela o malinko vic nez asi kazdej doma vecer po praci na seznamu, tak se tech "kamosu" a znamejch vyroji najednou docela hodne
diky za Tvuj postoj!

Vyjímečně....pokračuj Naughty

DEKUJU !!!!

hm, webova stranka nejde zorazit
ale napadlo me stahnout to tady na svem PC a pomoci Prenosu souboru TeamViewera to poslat na ono PC a spustit. co tak?

povedlo se

22:26:58.0093 1592 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
22:26:58.0109 1592 ============================================================
22:26:58.0109 1592 Current date / time: 2012/05/04 22:26:58.0109
22:26:58.0109 1592 SystemInfo:
22:26:58.0109 1592
22:26:58.0109 1592 OS Version: 5.1.2600 ServicePack: 3.0
22:26:58.0109 1592 Product type: Workstation
22:26:58.0109 1592 ComputerName: RYCHLY-PC
22:26:58.0109 1592 UserName: uzivatel
22:26:58.0109 1592 Windows directory: C:\WINDOWS
22:26:58.0109 1592 System windows directory: C:\WINDOWS
22:26:58.0109 1592 Processor architecture: Intel x86
22:26:58.0109 1592 Number of processors: 1
22:26:58.0109 1592 Page size: 0x1000
22:26:58.0109 1592 Boot type: Normal boot
22:26:58.0109 1592 ============================================================
22:26:59.0234 1592 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:26:59.0234 1592 ============================================================
22:26:59.0234 1592 \Device\Harddisk0\DR0:
22:26:59.0234 1592 MBR partitions:
22:26:59.0234 1592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x7CC5BD, BlocksNum 0x90234C0
22:26:59.0234 1592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x97EFA7D, BlocksNum 0x9229044
22:26:59.0234 1592 ============================================================
22:26:59.0281 1592 C: <-> \Device\Harddisk0\DR0\Partition0
22:26:59.0296 1592 D: <-> \Device\Harddisk0\DR0\Partition1
22:26:59.0296 1592 ============================================================
22:26:59.0296 1592 Initialize success
22:26:59.0296 1592 ============================================================
22:27:26.0453 3556 ============================================================
22:27:26.0453 3556 Scan started
22:27:26.0453 3556 Mode: Manual; SigCheck; TDLFS;
22:27:26.0453 3556 ============================================================
22:27:27.0218 3556 Abiosdsk - ok
22:27:27.0250 3556 abp480n5 - ok
22:27:27.0296 3556 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:27:27.0968 3556 ACPI - ok
22:27:27.0984 3556 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:27:28.0140 3556 ACPIEC - ok
22:27:28.0171 3556 adpu160m - ok
22:27:28.0234 3556 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:27:28.0375 3556 aec - ok
22:27:28.0421 3556 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:27:28.0437 3556 AegisP ( UnsignedFile.Multi.Generic ) - warning
22:27:28.0437 3556 AegisP - detected UnsignedFile.Multi.Generic (1)
22:27:28.0484 3556 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
22:27:28.0515 3556 AFD - ok
22:27:28.0531 3556 Aha154x - ok
22:27:28.0546 3556 aic78u2 - ok
22:27:28.0562 3556 aic78xx - ok
22:27:28.0781 3556 ALCXWDM (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:27:29.0031 3556 ALCXWDM - ok
22:27:29.0109 3556 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
22:27:29.0296 3556 Alerter - ok
22:27:29.0343 3556 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
22:27:29.0500 3556 ALG - ok
22:27:29.0531 3556 AliIde - ok
22:27:29.0562 3556 AmdK8 (99bd5596b5d06c2ead3cecc6f11999f5) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
22:27:29.0609 3556 AmdK8 - ok
22:27:29.0609 3556 amsint - ok
22:27:29.0687 3556 AppMgmt - ok
22:27:29.0718 3556 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:27:29.0843 3556 Arp1394 - ok
22:27:29.0843 3556 asc - ok
22:27:29.0859 3556 asc3350p - ok
22:27:29.0890 3556 asc3550 - ok
22:27:30.0031 3556 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:27:30.0031 3556 aspnet_state - ok
22:27:30.0062 3556 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:27:30.0187 3556 AsyncMac - ok
22:27:30.0203 3556 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:27:30.0343 3556 atapi - ok
22:27:30.0359 3556 Atdisk - ok
22:27:30.0375 3556 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:27:30.0515 3556 Atmarpc - ok
22:27:30.0593 3556 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
22:27:30.0734 3556 AudioSrv - ok
22:27:30.0750 3556 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:27:30.0906 3556 audstub - ok
22:27:30.0921 3556 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:27:31.0078 3556 Beep - ok
22:27:31.0140 3556 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
22:27:31.0296 3556 BITS - ok
22:27:31.0359 3556 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
22:27:31.0500 3556 Browser - ok
22:27:31.0515 3556 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:27:31.0687 3556 cbidf2k - ok
22:27:31.0703 3556 cd20xrnt - ok
22:27:31.0718 3556 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:27:31.0890 3556 Cdaudio - ok
22:27:31.0906 3556 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:27:32.0015 3556 Cdfs - ok
22:27:32.0031 3556 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:27:32.0140 3556 Cdrom - ok
22:27:32.0140 3556 Changer - ok
22:27:32.0203 3556 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
22:27:32.0328 3556 CiSvc - ok
22:27:32.0375 3556 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
22:27:32.0500 3556 ClipSrv - ok
22:27:32.0546 3556 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:27:32.0578 3556 clr_optimization_v2.0.50727_32 - ok
22:27:32.0578 3556 CmdIde - ok
22:27:32.0640 3556 COMSysApp - ok
22:27:32.0656 3556 Cpqarray - ok
22:27:32.0734 3556 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
22:27:32.0875 3556 CryptSvc - ok
22:27:32.0875 3556 dac2w2k - ok
22:27:32.0890 3556 dac960nt - ok
22:27:32.0968 3556 DcomLaunch (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
22:27:33.0125 3556 DcomLaunch - ok
22:27:33.0156 3556 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
22:27:33.0296 3556 Dhcp - ok
22:27:33.0312 3556 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:27:33.0453 3556 Disk - ok
22:27:33.0484 3556 dmadmin - ok
22:27:33.0578 3556 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:27:33.0796 3556 dmboot - ok
22:27:33.0812 3556 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:27:33.0953 3556 dmio - ok
22:27:33.0984 3556 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:27:34.0140 3556 dmload - ok
22:27:34.0203 3556 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
22:27:34.0343 3556 dmserver - ok
22:27:34.0390 3556 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:27:34.0515 3556 DMusic - ok
22:27:34.0562 3556 Dnscache (0634b791684b84f4a331f3d3536feef8) C:\WINDOWS\System32\dnsrslvr.dll
22:27:34.0703 3556 Dnscache - ok
22:27:34.0781 3556 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
22:27:34.0937 3556 Dot3svc - ok
22:27:34.0953 3556 dpti2o - ok
22:27:34.0984 3556 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:27:35.0125 3556 drmkaud - ok
22:27:35.0156 3556 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
22:27:35.0328 3556 EapHost - ok
22:27:35.0390 3556 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
22:27:35.0515 3556 ERSvc - ok
22:27:35.0578 3556 Eventlog (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
22:27:35.0703 3556 Eventlog - ok
22:27:35.0750 3556 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
22:27:35.0781 3556 EventSystem - ok
22:27:35.0812 3556 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:27:35.0937 3556 Fastfat - ok
22:27:36.0000 3556 FastUserSwitchingCompatibility (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
22:27:36.0125 3556 FastUserSwitchingCompatibility - ok
22:27:36.0187 3556 Fax (2cd14c70d1d81af054aa5ed8024dcae6) C:\WINDOWS\system32\fxssvc.exe
22:27:36.0343 3556 Fax - ok
22:27:36.0375 3556 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:27:36.0484 3556 Fdc - ok
22:27:36.0500 3556 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:27:36.0656 3556 Fips - ok
22:27:36.0671 3556 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:27:36.0812 3556 Flpydisk - ok
22:27:36.0843 3556 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:27:37.0000 3556 FltMgr - ok
22:27:37.0000 3556 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:27:37.0156 3556 Fs_Rec - ok
22:27:37.0171 3556 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:27:37.0328 3556 Ftdisk - ok
22:27:37.0359 3556 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:27:37.0468 3556 Gpc - ok
22:27:37.0578 3556 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:27:37.0625 3556 gusvc - ok
22:27:37.0671 3556 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:27:37.0796 3556 helpsvc - ok
22:27:37.0843 3556 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\WINDOWS\System32\hidserv.dll
22:27:38.0000 3556 HidServ - ok
22:27:38.0046 3556 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:27:38.0187 3556 hidusb - ok
22:27:38.0234 3556 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
22:27:38.0375 3556 hkmsvc - ok
22:27:38.0390 3556 hpn - ok
22:27:38.0437 3556 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
22:27:38.0562 3556 HTTP - ok
22:27:38.0609 3556 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
22:27:38.0734 3556 HTTPFilter - ok
22:27:38.0734 3556 i2omgmt - ok
22:27:38.0750 3556 i2omp - ok
22:27:38.0781 3556 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:27:38.0937 3556 i8042prt - ok
22:27:38.0968 3556 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:27:39.0093 3556 Imapi - ok
22:27:39.0156 3556 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
22:27:39.0296 3556 ImapiService - ok
22:27:39.0312 3556 ini910u - ok
22:27:39.0375 3556 int15.sys (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys
22:27:39.0406 3556 int15.sys ( UnsignedFile.Multi.Generic ) - warning
22:27:39.0406 3556 int15.sys - detected UnsignedFile.Multi.Generic (1)
22:27:39.0421 3556 IntelIde - ok
22:27:39.0453 3556 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:27:39.0562 3556 Ip6Fw - ok
22:27:39.0593 3556 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:27:39.0734 3556 IpFilterDriver - ok
22:27:39.0750 3556 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:27:39.0875 3556 IpInIp - ok
22:27:39.0906 3556 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:27:40.0078 3556 IpNat - ok
22:27:40.0093 3556 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:27:40.0234 3556 IPSec - ok
22:27:40.0281 3556 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
22:27:40.0421 3556 irda - ok
22:27:40.0453 3556 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:27:40.0578 3556 IRENUM - ok
22:27:40.0625 3556 Irmon (8024ea8c5b2d2a4d201f418b0aadb804) C:\WINDOWS\System32\irmon.dll
22:27:40.0750 3556 Irmon - ok
22:27:40.0765 3556 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
22:27:40.0828 3556 irsir - ok
22:27:40.0859 3556 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:27:40.0984 3556 isapnp - ok
22:27:41.0062 3556 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
22:27:41.0078 3556 JavaQuickStarterService - ok
22:27:41.0093 3556 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:27:41.0218 3556 Kbdclass - ok
22:27:41.0250 3556 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:27:41.0375 3556 kbdhid - ok
22:27:41.0406 3556 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:27:41.0531 3556 kmixer - ok
22:27:41.0562 3556 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
22:27:41.0703 3556 KSecDD - ok
22:27:41.0750 3556 lanmanserver (21920ac69594ab021237054fa728fe46) C:\WINDOWS\System32\srvsvc.dll
22:27:41.0875 3556 lanmanserver - ok
22:27:41.0937 3556 lanmanworkstation (5190783f51a2d7a8495202c664d7c963) C:\WINDOWS\System32\wkssvc.dll
22:27:42.0062 3556 lanmanworkstation - ok
22:27:42.0062 3556 lbrtfdc - ok
22:27:42.0140 3556 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
22:27:42.0265 3556 LmHosts - ok
22:27:42.0296 3556 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
22:27:42.0421 3556 Messenger - ok
22:27:42.0421 3556 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:27:42.0578 3556 mnmdd - ok
22:27:42.0625 3556 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
22:27:42.0734 3556 mnmsrvc - ok
22:27:42.0765 3556 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:27:42.0875 3556 Modem - ok
22:27:42.0906 3556 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:27:43.0015 3556 Mouclass - ok
22:27:43.0031 3556 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:27:43.0203 3556 mouhid - ok
22:27:43.0203 3556 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:27:43.0312 3556 MountMgr - ok
22:27:43.0343 3556 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:27:43.0406 3556 MozillaMaintenance - ok
22:27:43.0421 3556 mraid35x - ok
22:27:43.0453 3556 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:27:43.0609 3556 MRxDAV - ok
22:27:43.0640 3556 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:27:43.0687 3556 MRxSmb - ok
22:27:43.0750 3556 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
22:27:43.0843 3556 MSDTC - ok
22:27:43.0859 3556 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:27:44.0000 3556 Msfs - ok
22:27:44.0062 3556 MSIServer - ok
22:27:44.0093 3556 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:27:44.0250 3556 MSKSSRV - ok
22:27:44.0265 3556 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:27:44.0390 3556 MSPCLOCK - ok
22:27:44.0406 3556 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:27:44.0515 3556 MSPQM - ok
22:27:44.0546 3556 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:27:44.0671 3556 mssmbios - ok
22:27:44.0671 3556 Suspicious service (NoAccess): mtpjueuhy
22:27:44.0781 3556 mtpjueuhy (5a596acc916f37f266498535ebfc8d9e) C:\WINDOWS\system32\ujwwomdn.dll
22:27:44.0781 3556 Suspicious file (NoAccess): C:\WINDOWS\system32\ujwwomdn.dll. md5: 5a596acc916f37f266498535ebfc8d9e
22:27:44.0781 3556 mtpjueuhy ( LockedService.Multi.Generic ) - warning
22:27:44.0781 3556 mtpjueuhy - detected LockedService.Multi.Generic (1)
22:27:44.0812 3556 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
22:27:44.0906 3556 Mup - ok
22:27:45.0000 3556 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
22:27:45.0125 3556 napagent - ok
22:27:45.0156 3556 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:27:45.0265 3556 NDIS - ok
22:27:45.0296 3556 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:27:45.0453 3556 NdisTapi - ok
22:27:45.0484 3556 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:27:45.0609 3556 Ndisuio - ok
22:27:45.0625 3556 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:27:45.0750 3556 NdisWan - ok
22:27:45.0765 3556 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
22:27:45.0890 3556 NDProxy - ok
22:27:45.0890 3556 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:27:46.0015 3556 NetBIOS - ok
22:27:46.0046 3556 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:27:46.0203 3556 NetBT - ok
22:27:46.0234 3556 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:27:46.0359 3556 NetDDE - ok
22:27:46.0359 3556 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
22:27:46.0484 3556 NetDDEdsdm - ok
22:27:46.0546 3556 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:46.0640 3556 Netlogon - ok
22:27:46.0718 3556 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
22:27:46.0828 3556 Netman - ok
22:27:46.0859 3556 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:27:46.0984 3556 NIC1394 - ok
22:27:47.0046 3556 Nla (1289b7611ccd6cb27596ae92cbf03e35) C:\WINDOWS\System32\mswsock.dll
22:27:47.0093 3556 Nla - ok
22:27:47.0125 3556 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:27:47.0250 3556 Npfs - ok
22:27:47.0312 3556 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:27:47.0453 3556 Ntfs - ok
22:27:47.0484 3556 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
22:27:47.0484 3556 NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
22:27:47.0484 3556 NTIDrvr - detected UnsignedFile.Multi.Generic (1)
22:27:47.0500 3556 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:47.0656 3556 NtLmSsp - ok
22:27:47.0765 3556 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
22:27:47.0906 3556 NtmsSvc - ok
22:27:47.0921 3556 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:27:48.0109 3556 Null - ok
22:27:48.0296 3556 nv (6f6f92603a4311a466f0241e8ef951fb) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:27:48.0531 3556 nv - ok
22:27:48.0609 3556 NVENETFD (2a7a2c6ab9631028b6e3a4159aa65705) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
22:27:48.0640 3556 NVENETFD - ok
22:27:48.0687 3556 nvnetbus (20526a8827dc0956b5526aebcb6751a0) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
22:27:48.0718 3556 nvnetbus - ok
22:27:48.0828 3556 NVSvc (fb028320103b37ebbc683ea3afa507cb) C:\WINDOWS\system32\nvsvc32.exe
22:27:48.0843 3556 NVSvc - ok
22:27:48.0843 3556 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:27:49.0031 3556 NwlnkFlt - ok
22:27:49.0046 3556 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:27:49.0171 3556 NwlnkFwd - ok
22:27:49.0296 3556 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:27:49.0328 3556 odserv - ok
22:27:49.0343 3556 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:27:49.0468 3556 ohci1394 - ok
22:27:49.0484 3556 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:27:49.0515 3556 ose - ok
22:27:49.0531 3556 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
22:27:49.0656 3556 Parport - ok
22:27:49.0671 3556 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:27:49.0812 3556 PartMgr - ok
22:27:49.0828 3556 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:27:49.0984 3556 ParVdm - ok
22:27:50.0000 3556 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:27:50.0140 3556 PCI - ok
22:27:50.0140 3556 PCIDump - ok
22:27:50.0156 3556 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:27:50.0281 3556 PCIIde - ok
22:27:50.0328 3556 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:27:50.0437 3556 Pcmcia - ok
22:27:50.0453 3556 PDCOMP - ok
22:27:50.0468 3556 PDFRAME - ok
22:27:50.0500 3556 PDRELI - ok
22:27:50.0515 3556 PDRFRAME - ok
22:27:50.0531 3556 perc2 - ok
22:27:50.0546 3556 perc2hib - ok
22:27:50.0625 3556 PlugPlay (f0d2ae69035092bf22dad6b50fab85c2) C:\WINDOWS\system32\services.exe
22:27:50.0765 3556 PlugPlay - ok
22:27:50.0812 3556 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:50.0921 3556 PolicyAgent - ok
22:27:50.0937 3556 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:27:51.0062 3556 PptpMiniport - ok
22:27:51.0078 3556 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:27:51.0203 3556 Processor - ok
22:27:51.0218 3556 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:51.0343 3556 ProtectedStorage - ok
22:27:51.0359 3556 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:27:51.0468 3556 PSched - ok
22:27:51.0484 3556 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:27:51.0625 3556 Ptilink - ok
22:27:51.0640 3556 PxHelp20 (0c8da0a8b0d227319c285e0eae65defd) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:27:51.0656 3556 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:27:51.0656 3556 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:27:51.0671 3556 ql1080 - ok
22:27:51.0687 3556 Ql10wnt - ok
22:27:51.0703 3556 ql12160 - ok
22:27:51.0718 3556 ql1240 - ok
22:27:51.0734 3556 ql1280 - ok
22:27:51.0843 3556 RalinkRegistryWriter (432f5b15e21a54b48072593f03570326) C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
22:27:51.0843 3556 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - warning
22:27:51.0843 3556 RalinkRegistryWriter - detected UnsignedFile.Multi.Generic (1)
22:27:51.0875 3556 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:27:52.0015 3556 RasAcd - ok
22:27:52.0078 3556 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
22:27:52.0218 3556 RasAuto - ok
22:27:52.0234 3556 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
22:27:52.0296 3556 Rasirda - ok
22:27:52.0312 3556 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:27:52.0421 3556 Rasl2tp - ok
22:27:52.0484 3556 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
22:27:52.0609 3556 RasMan - ok
22:27:52.0640 3556 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:27:52.0781 3556 RasPppoe - ok
22:27:52.0796 3556 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:27:52.0937 3556 Raspti - ok
22:27:53.0015 3556 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:27:53.0140 3556 Rdbss - ok
22:27:53.0171 3556 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:27:53.0343 3556 RDPCDD - ok
22:27:53.0453 3556 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
22:27:53.0578 3556 RDPWD - ok
22:27:53.0734 3556 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
22:27:53.0875 3556 RDSessMgr - ok
22:27:53.0937 3556 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:27:54.0062 3556 redbook - ok
22:27:54.0156 3556 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
22:27:54.0296 3556 RemoteAccess - ok
22:27:54.0328 3556 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\system32\locator.exe
22:27:54.0453 3556 RpcLocator - ok
22:27:54.0765 3556 RpcSs (c868f3ae15cf71a93f2aa3a32856d839) C:\WINDOWS\system32\rpcss.dll
22:27:54.0906 3556 RpcSs - ok
22:27:55.0000 3556 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
22:27:55.0140 3556 RSVP - ok
22:27:55.0250 3556 rt2870 (5532f69d0a845ffe9d70b9e0392fe50a) C:\WINDOWS\system32\DRIVERS\rt2870.sys
22:27:55.0390 3556 rt2870 - ok
22:27:55.0390 3556 RT61 - ok
22:27:55.0453 3556 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
22:27:55.0562 3556 SamSs - ok
22:27:55.0625 3556 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
22:27:55.0750 3556 SCardSvr - ok
22:27:55.0796 3556 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
22:27:55.0937 3556 Schedule - ok
22:27:55.0968 3556 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:27:56.0125 3556 Secdrv - ok
22:27:56.0187 3556 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
22:27:56.0328 3556 seclogon - ok
22:27:56.0390 3556 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
22:27:56.0515 3556 SENS - ok
22:27:56.0531 3556 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:27:56.0640 3556 serenum - ok
22:27:56.0656 3556 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
22:27:56.0765 3556 Serial - ok
22:27:56.0796 3556 sfdrv01a (4d0ce0fadca29e7da68ce597ac9010bd) C:\WINDOWS\system32\drivers\sfdrv01a.sys
22:27:56.0953 3556 sfdrv01a - ok
22:27:56.0968 3556 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\WINDOWS\system32\drivers\sfhlp02.sys
22:27:57.0015 3556 sfhlp02 - ok
22:27:57.0046 3556 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:27:57.0156 3556 Sfloppy - ok
22:27:57.0171 3556 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\WINDOWS\system32\drivers\sfsync02.sys
22:27:57.0187 3556 sfsync02 - ok
22:27:57.0218 3556 sfvfs02 (107b772690050d3b19cbc637ad8fd96e) C:\WINDOWS\system32\drivers\sfvfs02.sys
22:27:57.0265 3556 sfvfs02 - ok
22:27:57.0312 3556 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
22:27:57.0468 3556 SharedAccess - ok
22:27:57.0531 3556 ShellHWDetection (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
22:27:57.0656 3556 ShellHWDetection - ok
22:27:57.0671 3556 Simbad - ok
22:27:57.0687 3556 Sparrow - ok
22:27:57.0734 3556 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:27:57.0875 3556 splitter - ok
22:27:57.0921 3556 Spooler (cb1090bca0e7b40d0b5b4e4d66531809) C:\WINDOWS\system32\spoolsv.exe
22:27:58.0031 3556 Spooler - ok
22:27:58.0046 3556 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:27:58.0187 3556 sr - ok
22:27:58.0234 3556 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
22:27:58.0343 3556 srservice - ok
22:27:58.0390 3556 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys
22:27:58.0453 3556 Srv - ok
22:27:58.0500 3556 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
22:27:58.0625 3556 SSDPSRV - ok
22:27:58.0703 3556 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
22:27:58.0859 3556 stisvc - ok
22:27:58.0890 3556 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:27:59.0015 3556 swenum - ok
22:27:59.0046 3556 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:27:59.0171 3556 swmidi - ok
22:27:59.0218 3556 SwPrv - ok
22:27:59.0250 3556 symc810 - ok
22:27:59.0265 3556 symc8xx - ok
22:27:59.0296 3556 sym_hi - ok
22:27:59.0312 3556 sym_u3 - ok
22:27:59.0328 3556 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:27:59.0468 3556 sysaudio - ok
22:27:59.0531 3556 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
22:27:59.0671 3556 SysmonLog - ok
22:27:59.0718 3556 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
22:27:59.0890 3556 TapiSrv - ok
22:27:59.0921 3556 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:27:59.0968 3556 Tcpip - ok
22:28:00.0015 3556 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:28:00.0125 3556 TDPIPE - ok
22:28:00.0156 3556 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:28:00.0281 3556 TDTCP - ok
22:28:00.0546 3556 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
22:28:00.0703 3556 TeamViewer7 - ok
22:28:00.0859 3556 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:28:01.0000 3556 TermDD - ok
22:28:01.0125 3556 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
22:28:01.0281 3556 TermService - ok
22:28:01.0312 3556 Themes (b927443008910b412bec72fc41c1bad0) C:\WINDOWS\System32\shsvcs.dll
22:28:01.0468 3556 Themes - ok
22:28:01.0484 3556 TosIde - ok
22:28:01.0562 3556 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
22:28:01.0687 3556 TrkWks - ok
22:28:01.0718 3556 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
22:28:01.0734 3556 UBHelper ( UnsignedFile.Multi.Generic ) - warning
22:28:01.0734 3556 UBHelper - detected UnsignedFile.Multi.Generic (1)
22:28:01.0781 3556 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:28:01.0906 3556 Udfs - ok
22:28:01.0906 3556 ultra - ok
22:28:01.0953 3556 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:28:02.0093 3556 Update - ok
22:28:02.0156 3556 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
22:28:02.0312 3556 upnphost - ok
22:28:02.0375 3556 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
22:28:02.0515 3556 UPS - ok
22:28:02.0546 3556 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:28:02.0703 3556 usbccgp - ok
22:28:02.0718 3556 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:28:02.0843 3556 usbehci - ok
22:28:02.0859 3556 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:28:02.0984 3556 usbhub - ok
22:28:03.0015 3556 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:28:03.0125 3556 usbohci - ok
22:28:03.0171 3556 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:28:03.0281 3556 usbprint - ok
22:28:03.0328 3556 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:28:03.0437 3556 USBSTOR - ok
22:28:03.0453 3556 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:28:03.0578 3556 VgaSave - ok
22:28:03.0593 3556 ViaIde - ok
22:28:03.0625 3556 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:28:03.0750 3556 VolSnap - ok
22:28:03.0812 3556 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
22:28:03.0937 3556 VSS - ok
22:28:03.0984 3556 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
22:28:04.0140 3556 W32Time - ok
22:28:04.0171 3556 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:28:04.0281 3556 Wanarp - ok
22:28:04.0296 3556 WDICA - ok
22:28:04.0328 3556 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:28:04.0437 3556 wdmaud - ok
22:28:04.0484 3556 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
22:28:04.0609 3556 WebClient - ok
22:28:04.0671 3556 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
22:28:04.0781 3556 winmgmt - ok
22:28:04.0890 3556 winvnc (b84873b030e66ddf3964a31793bb4211) C:\Program Files\RealVNC\WinVNC\WinVNC.exe
22:28:04.0937 3556 winvnc ( UnsignedFile.Multi.Generic ) - warning
22:28:04.0937 3556 winvnc - detected UnsignedFile.Multi.Generic (1)
22:28:04.0968 3556 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
22:28:05.0015 3556 WmdmPmSN - ok
22:28:05.0062 3556 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:28:05.0203 3556 WmiApSrv - ok
22:28:05.0296 3556 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
22:28:05.0375 3556 WMPNetworkSvc - ok
22:28:05.0437 3556 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
22:28:05.0562 3556 wscsvc - ok
22:28:05.0625 3556 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
22:28:05.0781 3556 wuauserv - ok
22:28:05.0812 3556 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:28:05.0843 3556 WudfPf - ok
22:28:05.0843 3556 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:28:05.0875 3556 WudfRd - ok
22:28:05.0906 3556 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
22:28:05.0937 3556 WudfSvc - ok
22:28:06.0015 3556 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
22:28:06.0203 3556 WZCSVC - ok
22:28:06.0265 3556 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
22:28:06.0406 3556 xmlprov - ok
22:28:06.0406 3556 Suspicious service (NoAccess): ymzid
22:28:06.0437 3556 ymzid (5a596acc916f37f266498535ebfc8d9e) C:\Program Files\Movie Maker\ujwwomdn.dll
22:28:06.0453 3556 ymzid ( LockedService.Multi.Generic ) - warning
22:28:06.0453 3556 ymzid - detected LockedService.Multi.Generic (1)
22:28:06.0484 3556 MBR (0x1B8) (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
22:28:09.0765 3556 \Device\Harddisk0\DR0 - ok
22:28:09.0796 3556 Boot (0x1200) (bf6b28a39af7498ae39a198abbe52092) \Device\Harddisk0\DR0\Partition0
22:28:09.0796 3556 \Device\Harddisk0\DR0\Partition0 - ok
22:28:09.0812 3556 Boot (0x1200) (a523d1357696058d46799c86a8a55c31) \Device\Harddisk0\DR0\Partition1
22:28:09.0812 3556 \Device\Harddisk0\DR0\Partition1 - ok
22:28:09.0828 3556 ============================================================
22:28:09.0828 3556 Scan finished
22:28:09.0828 3556 ============================================================
22:28:09.0953 3476 Detected object count: 9
22:28:09.0953 3476 Actual detected object count: 9
22:29:08.0937 3476 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 mtpjueuhy ( LockedService.Multi.Generic ) - skipped by user
22:29:08.0937 3476 mtpjueuhy ( LockedService.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 RalinkRegistryWriter ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0937 3476 winvnc ( UnsignedFile.Multi.Generic ) - skipped by user
22:29:08.0937 3476 winvnc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:29:08.0953 3476 ymzid ( LockedService.Multi.Generic ) - skipped by user
22:29:08.0953 3476 ymzid ( LockedService.Multi.Generic ) - User select action: Skip
22:29:27.0343 3468 Deinitialize success

provedeno, ale web AV nelze zobrazit - konretne zkouseno avg.com, avast.cz, eset.cz, eset.com

v priloze jsou zazipovane soubory OTL.txt a Extras.txt

Preji prijemnou noc, pro dnesek musim bezet.
Diky!!!

Zdravicko,
tak jsem po propracovanem dnu zpet.
Brajgl? Neco oskliveho, co by funkcni AV na jinych PC neodhalil? Nejaka ta flashka prez toto PC urcite presla. Doufam, ze se to opravdu nerozlezlo dal, to by byla nakazena pulka vesnice