asi nějaký vir

Zpráva

fretom · #1 Příspěvek od **fretom** » 24 čer 2012 07:48

od rána bojuju se samovolným psaním klávesnice a vyskakování oken.
Pomůžete mi?

Díky TF

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-06-24 08:44:18
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 398 MB (2%) free of 26 GB
Total RAM: 512 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:45:24, on 24.6.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ClamWin\bin\ClamWin.exe
C:\Program Files\ClamWin\bin\clamscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://1/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} -
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE

--
End of file - 5979 bytes

fretom · #2 Příspěvek od **fretom** » 24 čer 2012 08:11

rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrririrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrirrrrrrrrrrrrrrriiiiiririrriirrrrriiiriiiriirriirirriiriirirrrrrrrrrrrrrrrrr

fretom · #3 Příspěvek od **fretom** » 24 čer 2012 08:18

qqpíše mi to samovolně písmenka i v tom log.txt8+777777qqq7qe aqe aq 7 7qeqewo9wopwwpooeoop9w9999uuuuuu

#4 Příspěvek od **motji** » 24 čer 2012 08:18

Zdravím

Co tu na nás vrčíte?

Já Vás předám kolegům, neboť odcházím na celý den pryč.

Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

fretom · #5 Příspěvek od **fretom** » 24 čer 2012 14:25

Prosím znovu o pomoc - spybot našel:
Mybabylon TB.exe .
Faglaro.express.files
SweetlM

babylon se nedaří smazat.Kaspersky nepomohl. Nemuzu psat normalne na klavesnici, tak jsem musel prejit na druhy PC.

Help LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by tf at 2012-06-24 15:15:08
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (4%) free of 26 GB
Total RAM: 512 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:16:01, on 24.6.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
G:\RSIT.exe
C:\Program Files\trend micro\tf.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10005’
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.securitystronghold.com/uninstall_rt.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-21-117609710-2049760794-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Tomas Frei')
O4 - HKUS\S-1-5-21-117609710-2049760794-725345543-1003\..\Run: [] (User 'Tomas Frei')
O4 - HKUS\S-1-5-21-117609710-2049760794-725345543-1003\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe (User 'Tomas Frei')
O4 - HKUS\S-1-5-21-117609710-2049760794-725345543-1003\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon (User 'Tomas Frei')
O4 - HKUS\S-1-5-21-117609710-2049760794-725345543-500\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} (Java Plug-in 1.6.0_15) -
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) -
O20 - Winlogon Notify: avgrsstarter - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE

--
End of file - 7587 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\tf\Data aplikací\Mozilla\Firefox\Profiles\vpzonecb.default

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIFillerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npagent.dll
npdeploytk.dll
npfiller.dll
TVicHW32.sys
TVICHW32.VXD
TVicHW64.sys

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuz2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuz2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-12-12 335872]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL]
cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExpressFiles]
C:\Program Files\ExpressFiles\ExpressFiles.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-26 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-11-07 95536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~1\Raptr\raptrstub.exe --startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2006-02-23 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WTClient]
C:\WINDOWS\system32\WTClient.exe [2007-04-11 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^EPSI ToolBar.lnk]
D:\AUTO_S~1\Toolbar\EPSIBar.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\audiograbber\audiograbber.exe"="C:\audiograbber\audiograbber.exe:*:Disabled:Audiograbber"
"C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe"="C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe:*:Disabled:EVEREST Home Edition"
"C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe"="C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe:*:Disabled:Nero StartSmart"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Asus\AsusUpdate\Update.exe"="C:\Program Files\Asus\AsusUpdate\Update.exe:*:Enabled:AsusUpdate"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Cerberus\Cerberus.exe"="C:\Program Files\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:AC3 zvuk (ac3)"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\AVG\AVG8\avgui.exe"="C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgscanx.exe"="C:\Program Files\AVG\AVG8\avgscanx.exe:*:Enabled:ENABLE"
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:*:Enabled:ENABLE"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgcsrvx.exe"="C:\Program Files\AVG\AVG8\avgcsrvx.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\dwwin.exe"="C:\WINDOWS\system32\dwwin.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\Ati2evxx.exe"="C:\WINDOWS\system32\Ati2evxx.exe:*:Enabled:ENABLE"
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe:*:Enabled:ENABLE"
"C:\Program Files\Winamp\winampa.exe"="C:\Program Files\Winamp\winampa.exe:*:Enabled:ENABLE"
"C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgtray.exe"="C:\Program Files\AVG\AVG8\avgtray.exe:*:Enabled:ENABLE"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ENABLE"
"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe:*:Enabled:ENABLE"
"C:\Program Files\Rainlendar2\Rainlendar2.exe"="C:\Program Files\Rainlendar2\Rainlendar2.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ENABLE"
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ENABLE"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Java\jre6\bin\javaws.exe"="C:\Program Files\Java\jre6\bin\javaws.exe:*:Enabled:Java(TM) Web Start Launcher"
"C:\Program Files\Nitro PDF\PrimoPDF\PrimoPDF.exe"="C:\Program Files\Nitro PDF\PrimoPDF\PrimoPDF.exe:*:Enabled:PrimoPDF"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Raptr\raptr.exe"="C:\Program Files\Raptr\raptr.exe:*:Enabled:Raptr Client"
"C:\Program Files\Raptr\raptr_im.exe"="C:\Program Files\Raptr\raptr_im.exe:*:Enabled:Raptr IM"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Tomas Frei\Plocha\winbox.exe"="C:\Documents and Settings\Tomas Frei\Plocha\winbox.exe:*:Enabled:winbox"
"D:\ganes\CS\Counter-Strike 1.6 Standalone\launcher.exe"="D:\ganes\CS\Counter-Strike 1.6 Standalone\launcher.exe:*:Disabled:Creted by Martin.cz"
"C:\Documents and Settings\Tomas Frei\Plocha\motor_qg18.pdf_downloader_190a.exe"="C:\Documents and Settings\Tomas Frei\Plocha\motor_qg18.pdf_downloader_190a.exe:*:Enabled:ExpressFilesInstaller"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"vidc.xvid"=xvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"MIDI3"=SYNCOR11.DLL
"VIDC.YV12"=xvidvfw.dll
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.txt - open - Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-06-24 14:59:28 ----D---- C:\Documents and Settings\tf\Data aplikací\Macromedia
2012-06-24 14:59:28 ----D---- C:\Documents and Settings\tf\Data aplikací\Adobe
2012-06-24 13:25:09 ----D---- C:\Documents and Settings\tf\Data aplikací\Mozilla
2012-06-24 11:29:19 ----D---- C:\Documents and Settings\tf\Data aplikací\ATI
2012-06-24 11:28:54 ----D---- C:\Documents and Settings\tf\Data aplikací\Identities
2012-06-24 11:27:35 ----ASH---- C:\Documents and Settings\tf\Data aplikací\desktop.ini
2012-06-24 11:27:34 ----SD---- C:\Documents and Settings\tf\Data aplikací\Microsoft
2012-06-24 11:27:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-06-24 11:26:00 ----D---- C:\WINDOWS\temp
2012-06-24 11:08:20 ----RASHD---- C:\cmdcons
2012-06-24 11:04:56 ----A---- C:\WINDOWS\PEV.exe
2012-06-24 11:04:56 ----A---- C:\WINDOWS\MBR.exe
2012-06-24 11:04:29 ----SD---- C:\ComboFix
2012-06-24 11:02:47 ----SD---- C:\32788R22FWJFW
2012-06-24 10:58:37 ----A---- C:\TDSSKiller.2.7.41.0_24.06.2012_10.58.37_log.txt
2012-06-24 10:09:57 ----A---- C:\store.db
2012-06-24 09:28:48 ----D---- C:\Program Files\Babylon Client Removal Tool
2012-06-24 09:20:05 ----A---- C:\TDSSKiller.2.7.41.0_24.06.2012_09.20.05_log.txt
2012-06-24 08:44:33 ----D---- C:\Program Files\trend micro
2012-06-24 08:44:18 ----D---- C:\rsit
2012-06-24 08:16:19 ----D---- C:\WINDOWS\CSC
2012-06-24 07:32:22 ----ASH---- C:\pagefile.sys
2012-06-18 12:20:10 ----D---- C:\Kesa
2012-06-10 11:53:36 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2012-05-31 17:39:55 ----D---- C:\Epodpis

======List of files/folders modified in the last 1 month======

2012-06-24 14:34:36 ----D---- C:\WINDOWS
2012-06-24 12:00:28 ----D---- C:\WINDOWS\Registration
2012-06-24 11:42:38 ----D---- C:\WINDOWS\system32\drivers\etc
2012-06-24 11:40:28 ----D---- C:\WINDOWS\Prefetch
2012-06-24 11:37:45 ----SHD---- C:\WINDOWS\Installer
2012-06-24 11:37:39 ----D---- C:\Program Files\Google
2012-06-24 11:36:36 ----RD---- C:\Program Files
2012-06-24 11:35:38 ----SHD---- C:\System Volume Information
2012-06-24 11:35:38 ----D---- C:\WINDOWS\system32\Restore
2012-06-24 11:34:33 ----SHD---- C:\RECYCLER
2012-06-24 11:27:34 ----D---- C:\Documents and Settings
2012-06-24 11:25:22 ----D---- C:\WINDOWS\system32
2012-06-24 11:23:13 ----D---- C:\WINDOWS\system32\drivers
2012-06-24 11:22:13 ----D---- C:\WINDOWS\AppPatch
2012-06-24 11:22:10 ----D---- C:\Program Files\Common Files
2012-06-24 11:12:41 ----SD---- C:\WINDOWS\Tasks
2012-06-24 11:12:29 ----D---- C:\WINDOWS\system32\CatRoot2
2012-06-24 11:08:33 ----RASH---- C:\boot.ini
2012-06-24 11:05:00 ----D---- C:\Qoobox
2012-06-24 10:51:41 ----A---- C:\WINDOWS\wininit.ini
2012-06-24 10:09:46 ----RD---- C:\WINDOWS\Web
2012-06-24 10:08:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-06-24 08:59:22 ----D---- C:\WINDOWS\system32\appmgmt
2012-06-24 08:35:28 ----HD---- C:\Program Files\InstallShield Installation Information
2012-06-24 08:28:56 ----D---- C:\WINDOWS\Debug
2012-06-24 07:06:41 ----A---- C:\WINDOWS\WINCMD.INI
2012-06-23 14:42:19 ----D---- C:\Program Files\Mozilla Firefox
2012-06-18 12:31:53 ----D---- C:\Program Files\PROTECH
2012-06-07 14:01:32 ----A---- C:\WINDOWS\CSTBox.INI
2012-06-02 11:19:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-07-24 36528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sisagp;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2005-12-19 32768]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-27 578304]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sbpci;Sound Blaster PCI128 Audio Driver (WDM); C:\WINDOWS\system32\drivers\sbpci.sys [2001-10-26 492672]
S3 SiS7018;Služba pro ovladač vzorků AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97sis.sys [2001-08-17 297728]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
S3 Tablet2k;Serial Tablet Port Driver; C:\WINDOWS\System32\Drivers\Tablet2k.sys []
S3 TClass2k;Tablet Class Driver; C:\WINDOWS\system32\DRIVERS\TClass2k.sys [2007-04-23 18432]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 UCTblHid;HID Tablet Port Driver; C:\WINDOWS\system32\DRIVERS\UCTblHid.sys [2007-05-31 12800]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2006-02-22 405504]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WinTabService;WinTab Service; C:\WINDOWS\System32\Drivers\WTSRV.EXE [2007-05-31 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-02-21 520192]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE [2011-06-26 256000]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-06-14 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-08 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-08 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#6 Příspěvek od **motji** » 24 čer 2012 18:38

Už jsem Vám psala, at dáte log z Tdss killeru. Vy jste spouštěl combofix?

fretom · #7 Příspěvek od **fretom** » 25 čer 2012 11:50

Bohužel ano nějak jsem to nedočetl. Combofix byl spuštěn.
tady je nový log z RSIT a jdu udělat ten z killerru, jestli to zmákne.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tomas Frei at 2012-06-25 12:30:13
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (4%) free of 26 GB
Total RAM: 512 MB (22% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Tomas Frei\Data aplikací\Mozilla\Firefox\Profiles\gp7uu3rw.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, tineye@ideeinc.com:1.1, {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02, toolbar@ask.com:3.9.1.14019, 2020Player@2020Technologies.com:5.0.4.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.57"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=109980 ... ccba358&q="

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Adobe\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
ffxtlbr@babylon.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js
nsIFillerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npagent.dll
npdeploytk.dll
npfiller.dll
TVicHW32.sys
TVICHW32.VXD
TVicHW64.sys

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Tomas Frei\Data aplikací\Mozilla\Firefox\Profiles\gp7uu3rw.default\extensions\
2020Player@2020Technologies.com
2020Player_IKEA@2020Technologies.com
blockfall
jid1-yZwVFzbsyfMrqQ@jetpack
tineye@ideeinc.com
{20a82645-c095-46ed-80e3-08825760534b}
{26bf010a-c934-4f38-868d-e8419d9e82ff}
{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
{87934c42-161d-45bc-8cef-ef18abe2a30c}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

C:\Documents and Settings\Tomas Frei\Data aplikací\Mozilla\Firefox\Profiles\gp7uu3rw.default\searchplugins\
dumfinancicz.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
Ad-Aware Security Toolbar - C:\Program Files\adawaretb\adawareDx.dll [2012-04-11 87440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6c97a91e-4524-4019-86af-2aa2d567bf5c} - Ad-Aware Security Toolbar - C:\Program Files\adawaretb\adawareDx.dll [2012-04-11 87440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-12-12 335872]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Ad-Aware Browsing Protection"=C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe [2011-10-21 198032]
"Ad-Aware Antivirus"=C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher --windows-run []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
""= []
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-07-24 1298432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL]
cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExpressFiles]
C:\Program Files\ExpressFiles\ExpressFiles.exe -tray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-26 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2008-11-07 95536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~1\Raptr\raptrstub.exe --startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2006-02-23 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WTClient]
C:\WINDOWS\system32\WTClient.exe [2007-04-11 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^EPSI ToolBar.lnk]
D:\AUTO_S~1\Toolbar\EPSIBar.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\audiograbber\audiograbber.exe"="C:\audiograbber\audiograbber.exe:*:Disabled:Audiograbber"
"C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe"="C:\Program Files\Lavalys\EVEREST Home Edition\everest.exe:*:Disabled:EVEREST Home Edition"
"C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe"="C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe:*:Disabled:Nero StartSmart"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Asus\AsusUpdate\Update.exe"="C:\Program Files\Asus\AsusUpdate\Update.exe:*:Enabled:AsusUpdate"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Cerberus\Cerberus.exe"="C:\Program Files\Cerberus\Cerberus.exe:*:Enabled:Cerberus FTP Server"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:AC3 zvuk (ac3)"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\AVG\AVG8\avgui.exe"="C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgscanx.exe"="C:\Program Files\AVG\AVG8\avgscanx.exe:*:Enabled:ENABLE"
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:*:Enabled:ENABLE"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgcsrvx.exe"="C:\Program Files\AVG\AVG8\avgcsrvx.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\dwwin.exe"="C:\WINDOWS\system32\dwwin.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\Ati2evxx.exe"="C:\WINDOWS\system32\Ati2evxx.exe:*:Enabled:ENABLE"
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe:*:Enabled:ENABLE"
"C:\Program Files\Winamp\winampa.exe"="C:\Program Files\Winamp\winampa.exe:*:Enabled:ENABLE"
"C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe:*:Enabled:ENABLE"
"C:\Program Files\AVG\AVG8\avgtray.exe"="C:\Program Files\AVG\AVG8\avgtray.exe:*:Enabled:ENABLE"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ENABLE"
"C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe:*:Enabled:ENABLE"
"C:\Program Files\Rainlendar2\Rainlendar2.exe"="C:\Program Files\Rainlendar2\Rainlendar2.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ENABLE"
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ENABLE"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Java\jre6\bin\javaws.exe"="C:\Program Files\Java\jre6\bin\javaws.exe:*:Enabled:Java(TM) Web Start Launcher"
"C:\Program Files\Nitro PDF\PrimoPDF\PrimoPDF.exe"="C:\Program Files\Nitro PDF\PrimoPDF\PrimoPDF.exe:*:Enabled:PrimoPDF"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Raptr\raptr.exe"="C:\Program Files\Raptr\raptr.exe:*:Enabled:Raptr Client"
"C:\Program Files\Raptr\raptr_im.exe"="C:\Program Files\Raptr\raptr_im.exe:*:Enabled:Raptr IM"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Tomas Frei\Plocha\winbox.exe"="C:\Documents and Settings\Tomas Frei\Plocha\winbox.exe:*:Enabled:winbox"
"D:\ganes\CS\Counter-Strike 1.6 Standalone\launcher.exe"="D:\ganes\CS\Counter-Strike 1.6 Standalone\launcher.exe:*:Disabled:Creted by Martin.cz"
"C:\Documents and Settings\Tomas Frei\Plocha\motor_qg18.pdf_downloader_190a.exe"="C:\Documents and Settings\Tomas Frei\Plocha\motor_qg18.pdf_downloader_190a.exe:*:Enabled:ExpressFilesInstaller"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"C:\Program Files\adawaretb\dtUser.exe"="C:\Program Files\adawaretb\dtUser.exe:*:Enabled:Ad-Aware Security Toolbar DTX Broker"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"vidc.xvid"=xvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"MIDI3"=SYNCOR11.DLL
"VIDC.YV12"=xvidvfw.dll
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
.txt - open - Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-06-24 20:07:46 ----D---- C:\Documents and Settings\Tomas Frei\Data aplikací\adawaretb
2012-06-24 20:02:12 ----D---- C:\Documents and Settings\Tomas Frei\Data aplikací\Ad-Aware Antivirus
2012-06-24 18:14:12 ----A---- C:\WINDOWS\system32\eEmpty.exe
2012-06-24 18:13:49 ----A---- C:\WINDOWS\system32\T.COM
2012-06-24 18:13:48 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2012-06-24 18:13:48 ----A---- C:\WINDOWS\REGEDIT.COM
2012-06-24 18:13:48 ----A---- C:\WINDOWS\R.COM
2012-06-24 18:13:45 ----D---- C:\Program Files\Common Files\MicroWorld
2012-06-24 18:13:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2012-06-24 18:01:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\ClubSanDisk
2012-06-24 17:59:47 ----A---- C:\WINDOWS\system32\drivers\sbhips.sys
2012-06-24 17:59:47 ----A---- C:\WINDOWS\system32\drivers\sbapifs.sys
2012-06-24 17:59:47 ----A---- C:\WINDOWS\system32\drivers\sbaphd.sys
2012-06-24 17:59:46 ----A---- C:\WINDOWS\system32\drivers\sbtis.sys
2012-06-24 17:59:05 ----A---- C:\WINDOWS\system32\drivers\SbFwIm.sys
2012-06-24 17:59:05 ----A---- C:\WINDOWS\system32\drivers\SbFw.sys
2012-06-24 17:58:58 ----D---- C:\WINDOWS\system32\drivers\VDD
2012-06-24 17:58:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2012-06-24 17:58:56 ----D---- C:\Program Files\Ad-Aware Antivirus
2012-06-24 17:57:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection
2012-06-24 17:57:03 ----D---- C:\Program Files\Toolbar Cleaner
2012-06-24 17:56:40 ----D---- C:\Program Files\adawaretb
2012-06-24 16:00:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-06-24 15:58:04 ----ASH---- C:\pagefile.sys
2012-06-24 11:27:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-06-24 11:26:00 ----D---- C:\WINDOWS\temp
2012-06-24 11:08:20 ----RASHD---- C:\cmdcons
2012-06-24 11:04:56 ----A---- C:\WINDOWS\PEV.exe
2012-06-24 11:04:56 ----A---- C:\WINDOWS\MBR.exe
2012-06-24 11:04:29 ----SD---- C:\ComboFix
2012-06-24 11:02:47 ----SD---- C:\32788R22FWJFW
2012-06-24 10:58:37 ----A---- C:\TDSSKiller.2.7.41.0_24.06.2012_10.58.37_log.txt
2012-06-24 10:09:57 ----A---- C:\store.db
2012-06-24 09:28:48 ----D---- C:\Program Files\Babylon Client Removal Tool
2012-06-24 09:20:05 ----A---- C:\TDSSKiller.2.7.41.0_24.06.2012_09.20.05_log.txt
2012-06-24 08:44:33 ----D---- C:\Program Files\trend micro
2012-06-24 08:44:18 ----D---- C:\rsit
2012-06-24 08:16:19 ----D---- C:\WINDOWS\CSC
2012-06-18 12:31:36 ----D---- C:\Documents and Settings\Tomas Frei\Data aplikací\PROTECH
2012-06-10 11:56:57 ----D---- C:\Documents and Settings\Tomas Frei\Data aplikací\.RTS
2012-06-10 11:53:36 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2012-05-31 17:39:55 ----D---- C:\Epodpis

======List of files/folders modified in the last 1 month======

2012-06-25 12:29:39 ----A---- C:\WINDOWS\WINCMD.INI
2012-06-25 12:23:28 ----D---- C:\WINDOWS
2012-06-25 12:20:23 ----RD---- C:\Program Files
2012-06-24 20:23:48 ----SHD---- C:\RECYCLER
2012-06-24 20:23:47 ----D---- C:\Documents and Settings
2012-06-24 20:15:38 ----SHD---- C:\WINDOWS\Installer
2012-06-24 20:14:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2012-06-24 20:14:09 ----D---- C:\Program Files\Common Files\Autodesk Shared
2012-06-24 20:11:43 ----D---- C:\WINDOWS\system32\drivers
2012-06-24 19:38:23 ----D---- C:\WINDOWS\system32
2012-06-24 18:13:45 ----D---- C:\Program Files\Common Files
2012-06-24 18:10:46 ----SD---- C:\WINDOWS\Tasks
2012-06-24 17:59:24 ----HD---- C:\WINDOWS\inf
2012-06-24 17:59:08 ----D---- C:\WINDOWS\system32\CatRoot2
2012-06-24 17:58:58 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-06-24 17:53:22 ----SHD---- C:\System Volume Information
2012-06-24 17:53:22 ----D---- C:\WINDOWS\system32\Restore
2012-06-24 17:21:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2012-06-24 16:32:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-06-24 12:00:28 ----D---- C:\WINDOWS\Registration
2012-06-24 11:42:38 ----D---- C:\WINDOWS\system32\drivers\etc
2012-06-24 11:40:28 ----D---- C:\WINDOWS\Prefetch
2012-06-24 11:37:39 ----D---- C:\Program Files\Google
2012-06-24 11:22:13 ----D---- C:\WINDOWS\AppPatch
2012-06-24 11:08:33 ----RASH---- C:\boot.ini
2012-06-24 10:51:41 ----A---- C:\WINDOWS\wininit.ini
2012-06-24 10:09:46 ----RD---- C:\WINDOWS\Web
2012-06-24 08:59:22 ----D---- C:\WINDOWS\system32\appmgmt
2012-06-24 08:35:28 ----HD---- C:\Program Files\InstallShield Installation Information
2012-06-24 08:28:56 ----D---- C:\WINDOWS\Debug
2012-06-23 14:42:19 ----D---- C:\Program Files\Mozilla Firefox
2012-06-18 12:31:53 ----D---- C:\Program Files\PROTECH
2012-06-07 14:01:32 ----A---- C:\WINDOWS\CSTBox.INI
2012-06-02 11:19:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2012-05-31 17:44:37 ----D---- C:\Documents and Settings\Tomas Frei\Data aplikací\PriceGong

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-07-24 36528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sisagp;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys [2011-11-29 21240]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2011-12-19 335224]
R1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
R1 sbtis;sbtis; C:\WINDOWS\system32\drivers\sbtis.sys [2011-12-19 217976]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys [2011-11-29 77816]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\SBFWIM.sys [2011-09-29 94584]
R3 sbhips;sbhips; C:\WINDOWS\system32\drivers\sbhips.sys [2011-12-19 93816]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2005-12-19 32768]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-27 578304]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2011-09-29 94584]
S3 sbpci;Sound Blaster PCI128 Audio Driver (WDM); C:\WINDOWS\system32\drivers\sbpci.sys [2001-10-26 492672]
S3 SiS7018;Služba pro ovladač vzorků AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97sis.sys [2001-08-17 297728]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\sisnic.sys [2004-08-03 32768]
S3 Tablet2k;Serial Tablet Port Driver; C:\WINDOWS\System32\Drivers\Tablet2k.sys []
S3 TClass2k;Tablet Class Driver; C:\WINDOWS\system32\DRIVERS\TClass2k.sys [2007-04-23 18432]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 UCTblHid;HID Tablet Port Driver; C:\WINDOWS\system32\DRIVERS\UCTblHid.sys [2007-05-31 12800]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 402432]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ad-Aware Service;Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [2012-05-03 1226096]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2006-02-22 405504]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 SBAMSvc;Ad-Aware; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WinTabService;WinTab Service; C:\WINDOWS\System32\Drivers\WTSRV.EXE [2007-05-31 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-02-21 520192]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE [2011-06-26 256000]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-06-14 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-08 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-08 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

fretom · #8 Příspěvek od **fretom** » 25 čer 2012 11:59

TDSSkiller včera

09:20:05.0250 0592 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
09:20:05.0671 0592 ============================================================
09:20:05.0671 0592 Current date / time: 2012/06/24 09:20:05.0671
09:20:05.0671 0592 SystemInfo:
09:20:05.0671 0592
09:20:05.0671 0592 OS Version: 5.1.2600 ServicePack: 2.0
09:20:05.0671 0592 Product type: Workstation
09:20:05.0671 0592 ComputerName: PHA6
09:20:05.0671 0592 UserName: Administrator
09:20:05.0671 0592 Windows directory: C:\WINDOWS
09:20:05.0671 0592 System windows directory: C:\WINDOWS
09:20:05.0671 0592 Processor architecture: Intel x86
09:20:05.0671 0592 Number of processors: 1
09:20:05.0671 0592 Page size: 0x1000
09:20:05.0671 0592 Boot type: Safe boot with network
09:20:05.0671 0592 ============================================================
09:20:13.0203 0592 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:20:13.0234 0592 ============================================================
09:20:13.0234 0592 \Device\Harddisk0\DR0:
09:20:13.0234 0592 MBR partitions:
09:20:13.0234 0592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3362C5B
09:20:13.0250 0592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3362CD9, BlocksNum 0x61AB7E8
09:20:13.0250 0592 ============================================================
09:20:13.0312 0592 C: <-> \Device\Harddisk0\DR0\Partition0
09:20:13.0484 0592 D: <-> \Device\Harddisk0\DR0\Partition1
09:20:13.0890 0592 ============================================================
09:20:13.0890 0592 Initialize success
09:20:13.0890 0592 ============================================================
09:20:16.0437 1904 ============================================================
09:20:16.0437 1904 Scan started
09:20:16.0437 1904 Mode: Manual;
09:20:16.0437 1904 ============================================================
09:20:22.0812 1904 Abiosdsk - ok
09:20:22.0843 1904 abp480n5 - ok
09:20:23.0000 1904 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:20:23.0078 1904 ACPI - ok
09:20:23.0125 1904 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:20:23.0140 1904 ACPIEC - ok
09:20:23.0140 1904 adpu160m - ok
09:20:23.0203 1904 adusbser (b49ddd6196584aaded16ee11aa72e1e2) C:\WINDOWS\system32\DRIVERS\adusbser.sys
09:20:23.0203 1904 adusbser - ok
09:20:23.0312 1904 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
09:20:23.0312 1904 aeaudio - ok
09:20:23.0421 1904 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
09:20:23.0453 1904 aec - ok
09:20:23.0531 1904 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
09:20:23.0546 1904 Afc - ok
09:20:23.0812 1904 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
09:20:23.0812 1904 AFD - ok
09:20:23.0843 1904 Aha154x - ok
09:20:23.0890 1904 aic78u2 - ok
09:20:23.0906 1904 aic78xx - ok
09:20:23.0953 1904 Alerter (026ddaa7e6f8d49df82c7a98bae5d0d1) C:\WINDOWS\system32\alrsvc.dll
09:20:23.0953 1904 Alerter - ok
09:20:24.0000 1904 ALG (b3f690bf43f93a012a52f28f234faa1b) C:\WINDOWS\System32\alg.exe
09:20:24.0000 1904 ALG - ok
09:20:24.0015 1904 AliIde - ok
09:20:24.0031 1904 amsint - ok
09:20:24.0078 1904 AppMgmt (421184f91eae5c6e78e653c6b32aae84) C:\WINDOWS\System32\appmgmts.dll
09:20:24.0093 1904 AppMgmt - ok
09:20:24.0109 1904 asc - ok
09:20:24.0156 1904 asc3350p - ok
09:20:24.0203 1904 asc3550 - ok
09:20:24.0375 1904 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:20:24.0453 1904 aspnet_state - ok
09:20:24.0515 1904 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:20:24.0515 1904 AsyncMac - ok
09:20:24.0593 1904 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:20:24.0593 1904 atapi - ok
09:20:24.0625 1904 Atdisk - ok
09:20:24.0734 1904 Ati HotKey Poller (bba22521d24625c7a7b8d57fb20a812e) C:\WINDOWS\System32\Ati2evxx.exe
09:20:24.0750 1904 Ati HotKey Poller - ok
09:20:24.0875 1904 ATI Smart (d79ac81bdec6fa6cd9b94d28238e7608) C:\WINDOWS\system32\ati2sgag.exe
09:20:24.0984 1904 ATI Smart - ok
09:20:25.0218 1904 ati2mtag (07ac9a98ea70b5a6655a5797174bd282) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
09:20:25.0359 1904 ati2mtag - ok
09:20:25.0546 1904 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:20:25.0546 1904 Atmarpc - ok
09:20:25.0625 1904 AudioSrv (40d78f514c8588ef12ec718d2af0fc4e) C:\WINDOWS\System32\audiosrv.dll
09:20:25.0640 1904 AudioSrv - ok
09:20:25.0703 1904 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:20:25.0703 1904 audstub - ok
09:20:26.0062 1904 Autodesk Licensing Service (ea2d28bbe98256654397cd1f6eaebdd8) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
09:20:26.0078 1904 Autodesk Licensing Service - ok
09:20:26.0140 1904 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:20:26.0171 1904 Beep - ok
09:20:26.0265 1904 BITS (e774a26610ec92674273486612c11cfc) C:\WINDOWS\system32\qmgr.dll
09:20:26.0296 1904 BITS - ok
09:20:26.0437 1904 BRGSp50 (ee0f41fa0466189a2c8b9caf7d1cddd5) C:\WINDOWS\system32\Drivers\BRGSp50.sys
09:20:26.0437 1904 BRGSp50 - ok
09:20:26.0484 1904 Browser (f219e27e88107a50544153898dd8178e) C:\WINDOWS\System32\browser.dll
09:20:26.0484 1904 Browser - ok
09:20:26.0531 1904 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:20:26.0531 1904 cbidf2k - ok
09:20:26.0546 1904 cd20xrnt - ok
09:20:26.0609 1904 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:20:26.0609 1904 Cdaudio - ok
09:20:26.0703 1904 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
09:20:26.0703 1904 Cdfs - ok
09:20:26.0796 1904 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:20:26.0796 1904 Cdrom - ok
09:20:26.0812 1904 Changer - ok
09:20:26.0890 1904 CiSvc (9e21229e04e1d301bb40222fe4641cb2) C:\WINDOWS\system32\cisvc.exe
09:20:26.0890 1904 CiSvc - ok
09:20:26.0953 1904 ClipSrv (d3dc45553c8025338e08a60e95b1b91d) C:\WINDOWS\system32\clipsrv.exe
09:20:26.0953 1904 ClipSrv - ok
09:20:27.0234 1904 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:20:27.0421 1904 clr_optimization_v2.0.50727_32 - ok
09:20:27.0453 1904 CmdIde - ok
09:20:27.0484 1904 COMSysApp - ok
09:20:27.0546 1904 Cpqarray - ok
09:20:27.0609 1904 CryptSvc (70d2a1756f4b2067658a186c963fcabd) C:\WINDOWS\System32\cryptsvc.dll
09:20:27.0609 1904 CryptSvc - ok
09:20:27.0687 1904 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
09:20:27.0703 1904 d347bus - ok
09:20:27.0750 1904 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
09:20:27.0750 1904 d347prt - ok
09:20:27.0781 1904 dac2w2k - ok
09:20:27.0812 1904 dac960nt - ok
09:20:27.0921 1904 DcomLaunch (2b269c916766bdb43404f043b763427d) C:\WINDOWS\system32\rpcss.dll
09:20:27.0953 1904 DcomLaunch - ok
09:20:28.0015 1904 Dhcp (06a30f453ca4cb1431037e4813f697cb) C:\WINDOWS\System32\dhcpcsvc.dll
09:20:28.0031 1904 Dhcp - ok
09:20:28.0078 1904 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
09:20:28.0078 1904 Disk - ok
09:20:28.0093 1904 dmadmin - ok
09:20:28.0203 1904 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
09:20:28.0234 1904 dmboot - ok
09:20:28.0296 1904 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
09:20:28.0296 1904 dmio - ok
09:20:28.0343 1904 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:20:28.0343 1904 dmload - ok
09:20:28.0390 1904 dmserver (7b3ca72885923eb947221f17f3e3ac59) C:\WINDOWS\System32\dmserver.dll
09:20:28.0390 1904 dmserver - ok
09:20:28.0421 1904 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
09:20:28.0437 1904 DMusic - ok
09:20:28.0484 1904 Dnscache (0eef8922d46d4846b472b1f6fd0541bc) C:\WINDOWS\System32\dnsrslvr.dll
09:20:28.0484 1904 Dnscache - ok
09:20:28.0500 1904 dpti2o - ok
09:20:28.0562 1904 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
09:20:28.0578 1904 drmkaud - ok
09:20:28.0625 1904 ERSvc (d6f7428b201e33bc80066b47144cb568) C:\WINDOWS\System32\ersvc.dll
09:20:28.0625 1904 ERSvc - ok
09:20:28.0687 1904 es1371 (a55dd7d8ced5d2624a9ee2dda7be0319) C:\WINDOWS\system32\drivers\es1371mp.sys
09:20:28.0687 1904 es1371 - ok
09:20:28.0734 1904 eusk2par (38008faaa9632c2ef8e98bf1614d0527) C:\WINDOWS\system32\Drivers\eusk2par.sys
09:20:28.0734 1904 eusk2par - ok
09:20:28.0812 1904 Eventlog (4f9f7b567970b524f31d9970a23f7c24) C:\WINDOWS\system32\services.exe
09:20:28.0812 1904 Eventlog - ok
09:20:28.0890 1904 EventSystem (398314df0b21338c4996b469101750d1) C:\WINDOWS\System32\es.dll
09:20:28.0921 1904 EventSystem - ok
09:20:28.0968 1904 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
09:20:28.0968 1904 Fastfat - ok
09:20:29.0078 1904 FastUserSwitchingCompatibility (e26edc7afa8da3c528055eabc82c8c79) C:\WINDOWS\System32\shsvcs.dll
09:20:29.0093 1904 FastUserSwitchingCompatibility - ok
09:20:29.0140 1904 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:20:29.0140 1904 Fdc - ok
09:20:29.0187 1904 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
09:20:29.0187 1904 Fips - ok
09:20:29.0234 1904 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:20:29.0234 1904 Flpydisk - ok
09:20:29.0312 1904 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
09:20:29.0328 1904 FltMgr - ok
09:20:29.0484 1904 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:20:29.0500 1904 FontCache3.0.0.0 - ok
09:20:29.0531 1904 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:20:29.0531 1904 Fs_Rec - ok
09:20:29.0593 1904 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:20:29.0593 1904 Ftdisk - ok
09:20:29.0609 1904 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
09:20:29.0625 1904 gameenum - ok
09:20:29.0671 1904 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:20:29.0671 1904 Gpc - ok
09:20:29.0843 1904 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
09:20:29.0843 1904 gupdate - ok
09:20:29.0875 1904 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
09:20:29.0875 1904 gupdatem - ok
09:20:29.0953 1904 helpsvc (f59152272782fed8a8197fa788287f68) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:20:29.0968 1904 helpsvc - ok
09:20:30.0000 1904 HidServ (d2dcf769e5a70027058ad5be1f9b55bf) C:\WINDOWS\System32\hidserv.dll
09:20:30.0015 1904 HidServ - ok
09:20:30.0093 1904 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:20:30.0093 1904 HidUsb - ok
09:20:30.0109 1904 hpn - ok
09:20:30.0187 1904 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
09:20:30.0203 1904 HTTP - ok
09:20:30.0265 1904 HTTPFilter (da826826c5c9116f47e0cd0ca8cc7c11) C:\WINDOWS\System32\w3ssl.dll
09:20:30.0281 1904 HTTPFilter - ok
09:20:30.0296 1904 i2omgmt - ok
09:20:30.0343 1904 i2omp - ok
09:20:30.0375 1904 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:20:30.0390 1904 i8042prt - ok
09:20:30.0515 1904 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:20:30.0578 1904 idsvc - ok
09:20:30.0687 1904 IJPLMSVC (51516252dbbfed36f70b341dba263167) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
09:20:30.0687 1904 IJPLMSVC - ok
09:20:30.0734 1904 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:20:30.0734 1904 Imapi - ok
09:20:30.0796 1904 ImapiService (cf9d286b34cb4912f3b28b4972d5cb33) C:\WINDOWS\system32\imapi.exe
09:20:30.0796 1904 ImapiService - ok
09:20:30.0843 1904 InCDFs - ok
09:20:30.0859 1904 InCDPass - ok
09:20:30.0890 1904 InCDRm - ok
09:20:30.0937 1904 ini910u - ok
09:20:30.0984 1904 IntelIde - ok
09:20:31.0062 1904 intelppm (10a3ac0f0df720ad3c3fd13861d50eb9) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:20:31.0062 1904 intelppm - ok
09:20:31.0109 1904 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
09:20:31.0109 1904 ip6fw - ok
09:20:31.0171 1904 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:20:31.0171 1904 IpFilterDriver - ok
09:20:31.0187 1904 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:20:31.0203 1904 IpInIp - ok
09:20:31.0265 1904 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:20:31.0265 1904 IpNat - ok
09:20:31.0328 1904 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:20:31.0328 1904 IPSec - ok
09:20:31.0359 1904 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:20:31.0375 1904 IRENUM - ok
09:20:31.0437 1904 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:20:31.0437 1904 isapnp - ok
09:20:31.0546 1904 JavaQuickStarterService (74e30a41cdcf331c74bc4d97be40cc5b) C:\Program Files\Java\jre6\bin\jqs.exe
09:20:31.0546 1904 JavaQuickStarterService - ok
09:20:31.0578 1904 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:20:31.0578 1904 Kbdclass - ok
09:20:31.0640 1904 kbdhid (065b5a83aa78c0c7047bf22e0ab5c821) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:20:31.0656 1904 kbdhid - ok
09:20:31.0781 1904 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
09:20:31.0781 1904 kmixer - ok
09:20:31.0828 1904 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
09:20:31.0828 1904 KSecDD - ok
09:20:31.0906 1904 lanmanserver (9757f6e16fd1eab54d6eb9d5eb3cbcb5) C:\WINDOWS\System32\srvsvc.dll
09:20:31.0906 1904 lanmanserver - ok
09:20:31.0968 1904 lanmanworkstation (6bf7baf420dd4422d2c35dfb3e51a29c) C:\WINDOWS\System32\wkssvc.dll
09:20:31.0984 1904 lanmanworkstation - ok
09:20:32.0000 1904 lbrtfdc - ok
09:20:32.0093 1904 LmHosts (f9ee6d2aab0690b34ae35ba9921a1414) C:\WINDOWS\System32\lmhsvc.dll
09:20:32.0093 1904 LmHosts - ok
09:20:32.0140 1904 Messenger (8b2fcbd881879b55be40b41f12ffc431) C:\WINDOWS\System32\msgsvc.dll
09:20:32.0156 1904 Messenger - ok
09:20:32.0187 1904 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:20:32.0187 1904 mnmdd - ok
09:20:32.0234 1904 mnmsrvc (7d137132d6a9b41ef800e59a771ed48c) C:\WINDOWS\System32\mnmsrvc.exe
09:20:32.0234 1904 mnmsrvc - ok
09:20:32.0281 1904 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
09:20:32.0281 1904 Modem - ok
09:20:32.0312 1904 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:20:32.0312 1904 Mouclass - ok
09:20:32.0375 1904 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:20:32.0375 1904 mouhid - ok
09:20:32.0437 1904 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
09:20:32.0437 1904 MountMgr - ok
09:20:32.0453 1904 mraid35x - ok
09:20:32.0531 1904 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:20:32.0531 1904 MRxDAV - ok
09:20:32.0656 1904 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:20:32.0734 1904 MRxSmb - ok
09:20:32.0765 1904 MSDTC (944a24032aed84c59455b981f6ca1c1a) C:\WINDOWS\System32\msdtc.exe
09:20:32.0765 1904 MSDTC - ok
09:20:32.0843 1904 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
09:20:32.0843 1904 Msfs - ok
09:20:32.0875 1904 MSIServer - ok
09:20:32.0921 1904 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:20:32.0937 1904 MSKSSRV - ok
09:20:32.0984 1904 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:20:32.0984 1904 MSPCLOCK - ok
09:20:33.0015 1904 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
09:20:33.0015 1904 MSPQM - ok
09:20:33.0062 1904 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:20:33.0062 1904 mssmbios - ok
09:20:33.0109 1904 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
09:20:33.0125 1904 Mup - ok
09:20:33.0171 1904 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
09:20:33.0187 1904 NDIS - ok
09:20:33.0234 1904 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:20:33.0234 1904 NdisTapi - ok
09:20:33.0296 1904 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:20:33.0296 1904 Ndisuio - ok
09:20:33.0343 1904 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:20:33.0343 1904 NdisWan - ok
09:20:33.0390 1904 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
09:20:33.0390 1904 NDProxy - ok
09:20:33.0421 1904 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:20:33.0437 1904 NetBIOS - ok
09:20:33.0500 1904 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:20:33.0500 1904 NetBT - ok
09:20:33.0562 1904 NetDDE (818053225bf4aac5f0f718001e492f70) C:\WINDOWS\system32\netdde.exe
09:20:33.0562 1904 NetDDE - ok
09:20:33.0578 1904 NetDDEdsdm (818053225bf4aac5f0f718001e492f70) C:\WINDOWS\system32\netdde.exe
09:20:33.0593 1904 NetDDEdsdm - ok
09:20:33.0640 1904 Netlogon (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
09:20:33.0640 1904 Netlogon - ok
09:20:33.0718 1904 Netman (86ad5b0e02f2c968fbb096ab4c555c9c) C:\WINDOWS\System32\netman.dll
09:20:33.0734 1904 Netman - ok
09:20:33.0859 1904 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:20:33.0875 1904 NetTcpPortSharing - ok
09:20:33.0921 1904 Nla (a6e79b60ac73241e5721ab6a573d2b24) C:\WINDOWS\System32\mswsock.dll
09:20:33.0937 1904 Nla - ok
09:20:34.0046 1904 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
09:20:34.0046 1904 nmwcd - ok
09:20:34.0125 1904 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
09:20:34.0125 1904 nmwcdc - ok
09:20:34.0156 1904 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
09:20:34.0171 1904 Npfs - ok
09:20:34.0312 1904 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
09:20:34.0359 1904 Ntfs - ok
09:20:34.0390 1904 NtLmSsp (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\System32\lsass.exe
09:20:34.0390 1904 NtLmSsp - ok
09:20:34.0484 1904 NtmsSvc (d8d2b13ba93ae830b1a637df571d1195) C:\WINDOWS\system32\ntmssvc.dll
09:20:34.0515 1904 NtmsSvc - ok
09:20:34.0562 1904 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:20:34.0562 1904 Null - ok
09:20:34.0593 1904 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:20:34.0609 1904 NwlnkFlt - ok
09:20:34.0640 1904 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:20:34.0640 1904 NwlnkFwd - ok
09:20:34.0687 1904 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
09:20:34.0687 1904 Parport - ok
09:20:34.0750 1904 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
09:20:34.0750 1904 PartMgr - ok
09:20:34.0781 1904 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
09:20:34.0781 1904 ParVdm - ok
09:20:34.0828 1904 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:20:34.0828 1904 pccsmcfd - ok
09:20:34.0875 1904 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
09:20:34.0890 1904 PCI - ok
09:20:34.0906 1904 PCIDump - ok
09:20:34.0953 1904 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:20:34.0953 1904 PCIIde - ok
09:20:35.0000 1904 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:20:35.0015 1904 Pcmcia - ok
09:20:35.0046 1904 PDCOMP - ok
09:20:35.0078 1904 PDFRAME - ok
09:20:35.0109 1904 PDRELI - ok
09:20:35.0140 1904 PDRFRAME - ok
09:20:35.0187 1904 perc2 - ok
09:20:35.0218 1904 perc2hib - ok
09:20:35.0312 1904 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
09:20:35.0328 1904 PfModNT - ok
09:20:35.0375 1904 PlugPlay (4f9f7b567970b524f31d9970a23f7c24) C:\WINDOWS\system32\services.exe
09:20:35.0390 1904 PlugPlay - ok
09:20:35.0406 1904 PolicyAgent (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
09:20:35.0406 1904 PolicyAgent - ok
09:20:35.0468 1904 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:20:35.0468 1904 PptpMiniport - ok
09:20:35.0515 1904 Processor (9a10e4fd13824823da50d4758bd0a645) C:\WINDOWS\system32\DRIVERS\processr.sys
09:20:35.0515 1904 Processor - ok
09:20:35.0531 1904 ProtectedStorage (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
09:20:35.0531 1904 ProtectedStorage - ok
09:20:35.0593 1904 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
09:20:35.0593 1904 PSched - ok
09:20:35.0656 1904 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:20:35.0656 1904 Ptilink - ok
09:20:35.0687 1904 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:20:35.0703 1904 PxHelp20 - ok
09:20:35.0718 1904 ql1080 - ok
09:20:35.0750 1904 Ql10wnt - ok
09:20:35.0781 1904 ql12160 - ok
09:20:35.0812 1904 ql1240 - ok
09:20:35.0859 1904 ql1280 - ok
09:20:35.0890 1904 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:20:35.0890 1904 RasAcd - ok
09:20:35.0953 1904 RasAuto (e68b6f9a726a444059705ab43b5656d1) C:\WINDOWS\System32\rasauto.dll
09:20:35.0968 1904 RasAuto - ok
09:20:36.0000 1904 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:20:36.0015 1904 Rasl2tp - ok
09:20:36.0078 1904 RasMan (0d5b4272012d2addaa9c97d8bf207dea) C:\WINDOWS\System32\rasmans.dll
09:20:36.0093 1904 RasMan - ok
09:20:36.0140 1904 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:20:36.0140 1904 RasPppoe - ok
09:20:36.0171 1904 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:20:36.0171 1904 Raspti - ok
09:20:36.0234 1904 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:20:36.0250 1904 Rdbss - ok
09:20:36.0281 1904 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:20:36.0281 1904 RDPCDD - ok
09:20:36.0343 1904 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:20:36.0359 1904 rdpdr - ok
09:20:36.0421 1904 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
09:20:36.0421 1904 RDPWD - ok
09:20:36.0468 1904 RDSessMgr (125acf258da9633f748131a0e0185af3) C:\WINDOWS\system32\sessmgr.exe
09:20:36.0484 1904 RDSessMgr - ok
09:20:36.0531 1904 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:20:36.0531 1904 redbook - ok
09:20:36.0593 1904 RemoteAccess (eb5e1a601e5a1908a87e4d5a41803d98) C:\WINDOWS\System32\mprdim.dll
09:20:36.0593 1904 RemoteAccess - ok
09:20:36.0640 1904 RemoteRegistry (5b21208fcf8970bb61fe98e19d828714) C:\WINDOWS\system32\regsvc.dll
09:20:36.0640 1904 RemoteRegistry - ok
09:20:36.0687 1904 RpcLocator (c8a3b668985d61249f2dc71716c58de8) C:\WINDOWS\System32\locator.exe
09:20:36.0703 1904 RpcLocator - ok
09:20:36.0765 1904 RpcSs (2b269c916766bdb43404f043b763427d) C:\WINDOWS\System32\rpcss.dll
09:20:36.0781 1904 RpcSs - ok
09:20:36.0843 1904 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
09:20:36.0859 1904 RSVP - ok
09:20:36.0906 1904 SamSs (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
09:20:36.0906 1904 SamSs - ok
09:20:37.0015 1904 sbpci (4939d6f53ec3a18674deba8532f193ca) C:\WINDOWS\system32\drivers\sbpci.sys
09:20:37.0031 1904 sbpci - ok
09:20:37.0078 1904 SCardSvr (c177354e995cc1aa1f767bcd9980434a) C:\WINDOWS\System32\SCardSvr.exe
09:20:37.0093 1904 SCardSvr - ok
09:20:37.0140 1904 Schedule (29ac93307c6182dbe336bca314947f28) C:\WINDOWS\system32\schedsvc.dll
09:20:37.0156 1904 Schedule - ok
09:20:37.0218 1904 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:20:37.0218 1904 Secdrv - ok
09:20:37.0265 1904 seclogon (c76cb8a133374fac6805f83ff7b7da03) C:\WINDOWS\System32\seclogon.dll
09:20:37.0265 1904 seclogon - ok
09:20:37.0328 1904 SENS (220ad85ba9c5b3011296354011b901cc) C:\WINDOWS\system32\sens.dll
09:20:37.0343 1904 SENS - ok
09:20:37.0390 1904 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:20:37.0390 1904 serenum - ok
09:20:37.0453 1904 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
09:20:37.0453 1904 Serial - ok
09:20:37.0687 1904 ServiceLayer (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:20:37.0734 1904 ServiceLayer - ok
09:20:37.0843 1904 sfdrv01 (0b179a959ff6b6ca5927d4f255ab9f90) C:\WINDOWS\system32\drivers\sfdrv01.sys
09:20:37.0843 1904 sfdrv01 - ok
09:20:37.0890 1904 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
09:20:37.0890 1904 sfhlp02 - ok
09:20:37.0921 1904 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:20:37.0921 1904 Sfloppy - ok
09:20:37.0968 1904 sfsync02 (a62efe6aa55c6a599ddbb6bd00e8fb9c) C:\WINDOWS\system32\drivers\sfsync02.sys
09:20:37.0968 1904 sfsync02 - ok
09:20:38.0046 1904 SharedAccess (6a93501bcdebf159109429b022c0ff83) C:\WINDOWS\System32\ipnathlp.dll
09:20:38.0062 1904 SharedAccess - ok
09:20:38.0140 1904 ShellHWDetection (e26edc7afa8da3c528055eabc82c8c79) C:\WINDOWS\System32\shsvcs.dll
09:20:38.0140 1904 ShellHWDetection - ok
09:20:38.0187 1904 Simbad - ok
09:20:38.0265 1904 SiS7018 (d3ba744433f14e5c77107d9d82297801) C:\WINDOWS\system32\drivers\ac97sis.sys
09:20:38.0281 1904 SiS7018 - ok
09:20:38.0328 1904 sisagp (61ca562def09a782d26b3e7edec5369a) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
09:20:38.0328 1904 sisagp - ok
09:20:38.0390 1904 SiSide (b4485881bd8aed9b157a2e6cf43c2d51) C:\WINDOWS\system32\DRIVERS\siside.sys
09:20:38.0390 1904 SiSide - ok
09:20:38.0468 1904 sisidex (6225224b8e846ac230f8d9b343635910) C:\WINDOWS\system32\drivers\sisidex.sys
09:20:38.0468 1904 sisidex - ok
09:20:38.0500 1904 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
09:20:38.0515 1904 SISNIC - ok
09:20:38.0578 1904 SISNICXP (161811814f04ceb57a51561808888831) C:\WINDOWS\system32\DRIVERS\sisnicxp.sys
09:20:38.0609 1904 SISNICXP - ok
09:20:38.0656 1904 sisperf (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys
09:20:38.0656 1904 sisperf - ok
09:20:38.0796 1904 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys
09:20:38.0859 1904 smwdm - ok
09:20:39.0046 1904 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
09:20:39.0046 1904 SoundMAX Agent Service (default) - ok
09:20:39.0078 1904 Sparrow - ok
09:20:39.0140 1904 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
09:20:39.0140 1904 splitter - ok
09:20:39.0375 1904 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
09:20:39.0390 1904 Spooler - ok
09:20:39.0453 1904 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
09:20:39.0453 1904 sr - ok
09:20:39.0500 1904 srservice (3cd57f31a64d32fdb28918b16d1e6aac) C:\WINDOWS\System32\srsvc.dll
09:20:39.0515 1904 srservice - ok
09:20:39.0609 1904 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
09:20:39.0656 1904 Srv - ok
09:20:39.0703 1904 SSDPSRV (88c28f53f53438dafcd95e99c837c61e) C:\WINDOWS\System32\ssdpsrv.dll
09:20:39.0703 1904 SSDPSRV - ok
09:20:39.0812 1904 stisvc (b824215a934a24928cddd1ef7e113035) C:\WINDOWS\system32\wiaservc.dll
09:20:39.0828 1904 stisvc - ok
09:20:39.0875 1904 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:20:39.0890 1904 swenum - ok
09:20:39.0921 1904 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
09:20:39.0921 1904 swmidi - ok
09:20:39.0953 1904 SwPrv - ok
09:20:40.0015 1904 symc810 - ok
09:20:40.0046 1904 symc8xx - ok
09:20:40.0078 1904 sym_hi - ok
09:20:40.0125 1904 sym_u3 - ok
09:20:40.0156 1904 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
09:20:40.0156 1904 sysaudio - ok
09:20:40.0203 1904 SysmonLog (d9c9ecff4904e6151525c533aeedf8f4) C:\WINDOWS\system32\smlogsvc.exe
09:20:40.0218 1904 SysmonLog - ok
09:20:40.0296 1904 Tablet2k - ok
09:20:40.0343 1904 TapiSrv (250241d65ccf692aeacc318a266413c2) C:\WINDOWS\System32\tapisrv.dll
09:20:40.0359 1904 TapiSrv - ok
09:20:40.0437 1904 TClass2k (1b3c28d36e669deeb39331255a3feeeb) C:\WINDOWS\system32\DRIVERS\TClass2k.sys
09:20:40.0437 1904 TClass2k - ok
09:20:40.0531 1904 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:20:40.0578 1904 Tcpip - ok
09:20:40.0625 1904 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:20:40.0625 1904 TDPIPE - ok
09:20:40.0671 1904 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
09:20:40.0671 1904 TDTCP - ok
09:20:40.0703 1904 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:20:40.0703 1904 TermDD - ok
09:20:40.0812 1904 TermService (2f5919f2f6ee7a845893d9c3aa2bc56a) C:\WINDOWS\System32\termsrv.dll
09:20:40.0812 1904 TermService - ok
09:20:40.0890 1904 Themes (e26edc7afa8da3c528055eabc82c8c79) C:\WINDOWS\System32\shsvcs.dll
09:20:40.0890 1904 Themes - ok
09:20:40.0968 1904 TlntSvr (535c2fb97336bafa509f4783dd1e5746) C:\WINDOWS\System32\tlntsvr.exe
09:20:40.0968 1904 TlntSvr - ok
09:20:40.0984 1904 TosIde - ok
09:20:41.0046 1904 TrkWks (4dce17221b1a87fb47e36842f3e38753) C:\WINDOWS\system32\trkwks.dll
09:20:41.0046 1904 TrkWks - ok
09:20:41.0125 1904 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
09:20:41.0125 1904 TVICHW32 - ok
09:20:41.0171 1904 UCTblHid (adfa2e999bd2ddf89187dcbf0e3dd404) C:\WINDOWS\system32\DRIVERS\UCTblHid.sys
09:20:41.0171 1904 UCTblHid - ok
09:20:41.0218 1904 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
09:20:41.0234 1904 Udfs - ok
09:20:41.0250 1904 ultra - ok
09:20:41.0343 1904 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
09:20:41.0359 1904 Update - ok
09:20:41.0437 1904 upnphost (0c0c2c77c6b52181369594f2aa36af40) C:\WINDOWS\System32\upnphost.dll
09:20:41.0437 1904 upnphost - ok
09:20:41.0500 1904 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
09:20:41.0500 1904 upperdev - ok
09:20:41.0546 1904 UPS (6148a3ba4d9cc628357fc92014fea30e) C:\WINDOWS\System32\ups.exe
09:20:41.0546 1904 UPS - ok
09:20:41.0671 1904 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
09:20:41.0671 1904 usbaudio - ok
09:20:41.0750 1904 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:20:41.0750 1904 usbccgp - ok
09:20:41.0812 1904 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:20:41.0812 1904 usbehci - ok
09:20:41.0859 1904 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:20:41.0875 1904 usbhub - ok
09:20:41.0890 1904 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:20:41.0906 1904 usbohci - ok
09:20:41.0984 1904 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:20:41.0984 1904 usbprint - ok
09:20:42.0078 1904 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:20:42.0078 1904 usbscan - ok
09:20:42.0156 1904 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
09:20:42.0156 1904 usbser - ok
09:20:42.0218 1904 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:20:42.0234 1904 UsbserFilt - ok
09:20:42.0281 1904 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:20:42.0281 1904 USBSTOR - ok
09:20:42.0328 1904 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
09:20:42.0328 1904 VgaSave - ok
09:20:42.0359 1904 ViaIde - ok
09:20:42.0421 1904 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
09:20:42.0421 1904 VolSnap - ok
09:20:42.0515 1904 VSS (043539881667bb37b07524032d6ffc3e) C:\WINDOWS\System32\vssvc.exe
09:20:42.0531 1904 VSS - ok
09:20:42.0593 1904 W32Time (2ceebb402187ae56b585701f3d191fb3) C:\WINDOWS\system32\w32time.dll
09:20:42.0609 1904 W32Time - ok
09:20:42.0671 1904 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:20:42.0671 1904 Wanarp - ok
09:20:42.0812 1904 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
09:20:42.0843 1904 Wdf01000 - ok
09:20:42.0875 1904 WDICA - ok
09:20:42.0921 1904 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
09:20:42.0937 1904 wdmaud - ok
09:20:42.0984 1904 WebClient (4bd50644cf52f00091f894ab7541e538) C:\WINDOWS\System32\webclnt.dll
09:20:42.0984 1904 WebClient - ok
09:20:43.0109 1904 winmgmt (e12084ea622bdf2262c637bef15dd85c) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:20:43.0125 1904 winmgmt - ok
09:20:43.0218 1904 WinTabService (2a42c1cff2507407de81adb16748e0ef) C:\WINDOWS\System32\Drivers\WTSRV.EXE
09:20:43.0218 1904 WinTabService - ok
09:20:43.0312 1904 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
09:20:43.0312 1904 WmdmPmSN - ok
09:20:43.0437 1904 Wmi (e428eed87e8055fb995cf0e4d1532d4c) C:\WINDOWS\System32\advapi32.dll
09:20:43.0468 1904 Wmi - ok
09:20:43.0531 1904 WmiApSrv (bcd21b989f0fd4ace78287fc01b4693d) C:\WINDOWS\System32\wbem\wmiapsrv.exe
09:20:43.0546 1904 WmiApSrv - ok
09:20:43.0593 1904 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
09:20:43.0609 1904 WpdUsb - ok
09:20:43.0656 1904 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:20:43.0656 1904 WS2IFSL - ok
09:20:43.0718 1904 wscsvc (4aded1adef25041d9827f9a79c0fda13) C:\WINDOWS\system32\wscsvc.dll
09:20:43.0734 1904 wscsvc - ok
09:20:43.0781 1904 wuauserv (21f5169ca14e0b25c757644456f637df) C:\WINDOWS\system32\wuauserv.dll
09:20:43.0781 1904 wuauserv - ok
09:20:43.0843 1904 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:20:43.0843 1904 WudfPf - ok
09:20:43.0921 1904 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:20:43.0937 1904 WudfRd - ok
09:20:43.0968 1904 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
09:20:43.0984 1904 WudfSvc - ok
09:20:44.0093 1904 WZCSVC (325cedef696ef4b649ddcd3968d085c9) C:\WINDOWS\System32\wzcsvc.dll
09:20:44.0109 1904 WZCSVC - ok
09:20:44.0156 1904 xmlprov (9b835d4c64860b155a1701d5092ec9e4) C:\WINDOWS\System32\xmlprov.dll
09:20:44.0171 1904 xmlprov - ok
09:20:44.0281 1904 ZD1211BU(ZyDAS) (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
09:20:44.0312 1904 ZD1211BU(ZyDAS) - ok
09:20:44.0390 1904 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys
09:20:44.0390 1904 ZDPSp50 - ok
09:20:44.0437 1904 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
09:20:45.0156 1904 \Device\Harddisk0\DR0 - ok
09:20:45.0187 1904 Boot (0x1200) (89056d5cf8068a8411af7834c9c0bd62) \Device\Harddisk0\DR0\Partition0
09:20:45.0187 1904 \Device\Harddisk0\DR0\Partition0 - ok
09:20:45.0234 1904 Boot (0x1200) (efd96f404f7b3a90c330611dbec5c188) \Device\Harddisk0\DR0\Partition1
09:20:45.0234 1904 \Device\Harddisk0\DR0\Partition1 - ok
09:20:45.0234 1904 ============================================================
09:20:45.0234 1904 Scan finished
09:20:45.0234 1904 ============================================================
09:20:45.0312 1088 Detected object count: 0
09:20:45.0312 1088 Actual detected object count: 0
09:21:25.0468 1568 Deinitialize success

fretom · #9 Příspěvek od **fretom** » 25 čer 2012 12:01

TDDSkiller dnes a přijměte omluvu:

12:55:33.0156 2904 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
12:55:33.0343 2904 ============================================================
12:55:33.0343 2904 Current date / time: 2012/06/25 12:55:33.0343
12:55:33.0343 2904 SystemInfo:
12:55:33.0343 2904
12:55:33.0343 2904 OS Version: 5.1.2600 ServicePack: 2.0
12:55:33.0343 2904 Product type: Workstation
12:55:33.0343 2904 ComputerName: PHA6
12:55:33.0343 2904 UserName: Tomas Frei
12:55:33.0343 2904 Windows directory: C:\WINDOWS
12:55:33.0343 2904 System windows directory: C:\WINDOWS
12:55:33.0343 2904 Processor architecture: Intel x86
12:55:33.0343 2904 Number of processors: 1
12:55:33.0343 2904 Page size: 0x1000
12:55:33.0343 2904 Boot type: Normal boot
12:55:33.0343 2904 ============================================================
12:55:34.0828 2904 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:55:34.0828 2904 Drive \Device\Harddisk1\DR5 - Size: 0x3BA300000 (14.91 Gb), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:55:34.0843 2904 ============================================================
12:55:34.0843 2904 \Device\Harddisk0\DR0:
12:55:34.0843 2904 MBR partitions:
12:55:34.0843 2904 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3362C5B
12:55:34.0859 2904 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3362CD9, BlocksNum 0x61AB7E8
12:55:34.0859 2904 \Device\Harddisk1\DR5:
12:55:34.0875 2904 MBR partitions:
12:55:34.0875 2904 \Device\Harddisk1\DR5\Partition0: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
12:55:34.0875 2904 ============================================================
12:55:34.0953 2904 C: <-> \Device\Harddisk0\DR0\Partition0
12:55:35.0015 2904 D: <-> \Device\Harddisk0\DR0\Partition1
12:55:35.0015 2904 ============================================================
12:55:35.0015 2904 Initialize success
12:55:35.0015 2904 ============================================================
12:55:42.0562 0752 ============================================================
12:55:42.0562 0752 Scan started
12:55:42.0562 0752 Mode: Manual;
12:55:42.0562 0752 ============================================================
12:55:44.0062 0752 Abiosdsk - ok
12:55:44.0078 0752 abp480n5 - ok
12:55:44.0203 0752 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:55:44.0203 0752 ACPI - ok
12:55:44.0265 0752 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:55:44.0296 0752 ACPIEC - ok
12:55:44.0953 0752 Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
12:55:45.0156 0752 Ad-Aware Service - ok
12:55:45.0343 0752 adpu160m - ok
12:55:45.0421 0752 adusbser (b49ddd6196584aaded16ee11aa72e1e2) C:\WINDOWS\system32\DRIVERS\adusbser.sys
12:55:45.0421 0752 adusbser - ok
12:55:45.0484 0752 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
12:55:45.0484 0752 aeaudio - ok
12:55:45.0562 0752 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
12:55:45.0562 0752 aec - ok
12:55:45.0609 0752 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
12:55:45.0609 0752 Afc - ok
12:55:45.0687 0752 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
12:55:45.0703 0752 AFD - ok
12:55:45.0718 0752 Aha154x - ok
12:55:45.0734 0752 aic78u2 - ok
12:55:45.0750 0752 aic78xx - ok
12:55:45.0796 0752 Alerter (026ddaa7e6f8d49df82c7a98bae5d0d1) C:\WINDOWS\system32\alrsvc.dll
12:55:45.0796 0752 Alerter - ok
12:55:45.0843 0752 ALG (b3f690bf43f93a012a52f28f234faa1b) C:\WINDOWS\System32\alg.exe
12:55:45.0843 0752 ALG - ok
12:55:45.0859 0752 AliIde - ok
12:55:45.0890 0752 amsint - ok
12:55:45.0953 0752 AppMgmt (421184f91eae5c6e78e653c6b32aae84) C:\WINDOWS\System32\appmgmts.dll
12:55:45.0968 0752 AppMgmt - ok
12:55:45.0984 0752 asc - ok
12:55:46.0000 0752 asc3350p - ok
12:55:46.0015 0752 asc3550 - ok
12:55:46.0156 0752 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:55:46.0156 0752 aspnet_state - ok
12:55:46.0234 0752 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:55:46.0234 0752 AsyncMac - ok
12:55:46.0281 0752 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:55:46.0281 0752 atapi - ok
12:55:46.0296 0752 Atdisk - ok
12:55:46.0406 0752 Ati HotKey Poller (bba22521d24625c7a7b8d57fb20a812e) C:\WINDOWS\System32\Ati2evxx.exe
12:55:46.0421 0752 Ati HotKey Poller - ok
12:55:46.0546 0752 ATI Smart (d79ac81bdec6fa6cd9b94d28238e7608) C:\WINDOWS\system32\ati2sgag.exe
12:55:46.0562 0752 ATI Smart - ok
12:55:46.0828 0752 ati2mtag (07ac9a98ea70b5a6655a5797174bd282) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:55:46.0875 0752 ati2mtag - ok
12:55:47.0046 0752 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:55:47.0046 0752 Atmarpc - ok
12:55:47.0093 0752 AudioSrv (40d78f514c8588ef12ec718d2af0fc4e) C:\WINDOWS\System32\audiosrv.dll
12:55:47.0093 0752 AudioSrv - ok
12:55:47.0140 0752 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:55:47.0140 0752 audstub - ok
12:55:47.0265 0752 Autodesk Licensing Service (ea2d28bbe98256654397cd1f6eaebdd8) C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
12:55:47.0265 0752 Autodesk Licensing Service - ok
12:55:47.0328 0752 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:55:47.0328 0752 Beep - ok
12:55:47.0406 0752 BITS (e774a26610ec92674273486612c11cfc) C:\WINDOWS\system32\qmgr.dll
12:55:47.0453 0752 BITS - ok
12:55:47.0515 0752 BRGSp50 (ee0f41fa0466189a2c8b9caf7d1cddd5) C:\WINDOWS\system32\Drivers\BRGSp50.sys
12:55:47.0515 0752 BRGSp50 - ok
12:55:47.0562 0752 Browser (f219e27e88107a50544153898dd8178e) C:\WINDOWS\System32\browser.dll
12:55:47.0562 0752 Browser - ok
12:55:47.0656 0752 catchme - ok
12:55:47.0687 0752 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:55:47.0703 0752 cbidf2k - ok
12:55:47.0718 0752 cd20xrnt - ok
12:55:47.0765 0752 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:55:47.0765 0752 Cdaudio - ok
12:55:47.0828 0752 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
12:55:47.0828 0752 Cdfs - ok
12:55:47.0859 0752 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:55:47.0875 0752 Cdrom - ok
12:55:47.0890 0752 Changer - ok
12:55:47.0921 0752 CiSvc (9e21229e04e1d301bb40222fe4641cb2) C:\WINDOWS\system32\cisvc.exe
12:55:47.0937 0752 CiSvc - ok
12:55:47.0968 0752 ClipSrv (d3dc45553c8025338e08a60e95b1b91d) C:\WINDOWS\system32\clipsrv.exe
12:55:47.0968 0752 ClipSrv - ok
12:55:48.0093 0752 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:55:48.0093 0752 clr_optimization_v2.0.50727_32 - ok
12:55:48.0125 0752 CmdIde - ok
12:55:48.0140 0752 COMSysApp - ok
12:55:48.0187 0752 Cpqarray - ok
12:55:48.0234 0752 CryptSvc (70d2a1756f4b2067658a186c963fcabd) C:\WINDOWS\System32\cryptsvc.dll
12:55:48.0234 0752 CryptSvc - ok
12:55:48.0296 0752 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
12:55:48.0312 0752 d347bus - ok
12:55:48.0343 0752 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
12:55:48.0343 0752 d347prt - ok
12:55:48.0359 0752 dac2w2k - ok
12:55:48.0390 0752 dac960nt - ok
12:55:48.0468 0752 DcomLaunch (2b269c916766bdb43404f043b763427d) C:\WINDOWS\system32\rpcss.dll
12:55:48.0484 0752 DcomLaunch - ok
12:55:48.0562 0752 Dhcp (06a30f453ca4cb1431037e4813f697cb) C:\WINDOWS\System32\dhcpcsvc.dll
12:55:48.0562 0752 Dhcp - ok
12:55:48.0625 0752 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:55:48.0625 0752 Disk - ok
12:55:48.0656 0752 dmadmin - ok
12:55:48.0812 0752 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
12:55:48.0843 0752 dmboot - ok
12:55:48.0921 0752 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
12:55:48.0921 0752 dmio - ok
12:55:48.0968 0752 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:55:48.0984 0752 dmload - ok
12:55:49.0031 0752 dmserver (7b3ca72885923eb947221f17f3e3ac59) C:\WINDOWS\System32\dmserver.dll
12:55:49.0031 0752 dmserver - ok
12:55:49.0078 0752 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
12:55:49.0078 0752 DMusic - ok
12:55:49.0125 0752 Dnscache (0eef8922d46d4846b472b1f6fd0541bc) C:\WINDOWS\System32\dnsrslvr.dll
12:55:49.0125 0752 Dnscache - ok
12:55:49.0156 0752 dpti2o - ok
12:55:49.0218 0752 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
12:55:49.0218 0752 drmkaud - ok
12:55:49.0265 0752 ERSvc (d6f7428b201e33bc80066b47144cb568) C:\WINDOWS\System32\ersvc.dll
12:55:49.0265 0752 ERSvc - ok
12:55:49.0328 0752 es1371 (a55dd7d8ced5d2624a9ee2dda7be0319) C:\WINDOWS\system32\drivers\es1371mp.sys
12:55:49.0343 0752 es1371 - ok
12:55:49.0390 0752 eusk2par (38008faaa9632c2ef8e98bf1614d0527) C:\WINDOWS\system32\Drivers\eusk2par.sys
12:55:49.0406 0752 eusk2par - ok
12:55:49.0468 0752 Eventlog (4f9f7b567970b524f31d9970a23f7c24) C:\WINDOWS\system32\services.exe
12:55:49.0468 0752 Eventlog - ok
12:55:49.0546 0752 EventSystem (398314df0b21338c4996b469101750d1) C:\WINDOWS\System32\es.dll
12:55:49.0562 0752 EventSystem - ok
12:55:49.0593 0752 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
12:55:49.0609 0752 Fastfat - ok
12:55:49.0671 0752 FastUserSwitchingCompatibility (e26edc7afa8da3c528055eabc82c8c79) C:\WINDOWS\System32\shsvcs.dll
12:55:49.0671 0752 FastUserSwitchingCompatibility - ok
12:55:49.0718 0752 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:55:49.0734 0752 Fdc - ok
12:55:49.0796 0752 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
12:55:49.0796 0752 Fips - ok
12:55:49.0843 0752 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:55:49.0843 0752 Flpydisk - ok
12:55:49.0906 0752 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
12:55:49.0921 0752 FltMgr - ok
12:55:50.0031 0752 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:55:50.0031 0752 FontCache3.0.0.0 - ok
12:55:50.0078 0752 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:55:50.0093 0752 Fs_Rec - ok
12:55:50.0125 0752 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:55:50.0140 0752 Ftdisk - ok
12:55:50.0156 0752 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:55:50.0156 0752 gameenum - ok
12:55:50.0203 0752 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:55:50.0203 0752 Gpc - ok
12:55:50.0359 0752 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:55:50.0359 0752 gupdate - ok
12:55:50.0375 0752 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:55:50.0390 0752 gupdatem - ok
12:55:50.0468 0752 helpsvc (f59152272782fed8a8197fa788287f68) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:55:50.0468 0752 helpsvc - ok
12:55:50.0515 0752 HidServ (d2dcf769e5a70027058ad5be1f9b55bf) C:\WINDOWS\System32\hidserv.dll
12:55:50.0515 0752 HidServ - ok
12:55:50.0562 0752 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:55:50.0562 0752 HidUsb - ok
12:55:50.0593 0752 hpn - ok
12:55:50.0671 0752 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
12:55:50.0687 0752 HTTP - ok
12:55:50.0734 0752 HTTPFilter (da826826c5c9116f47e0cd0ca8cc7c11) C:\WINDOWS\System32\w3ssl.dll
12:55:50.0750 0752 HTTPFilter - ok
12:55:50.0765 0752 i2omgmt - ok
12:55:50.0781 0752 i2omp - ok
12:55:50.0843 0752 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:55:50.0843 0752 i8042prt - ok
12:55:51.0109 0752 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:55:51.0171 0752 idsvc - ok
12:55:51.0359 0752 IJPLMSVC (51516252dbbfed36f70b341dba263167) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
12:55:51.0359 0752 IJPLMSVC - ok
12:55:51.0406 0752 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:55:51.0406 0752 Imapi - ok
12:55:51.0484 0752 ImapiService (cf9d286b34cb4912f3b28b4972d5cb33) C:\WINDOWS\system32\imapi.exe
12:55:51.0500 0752 ImapiService - ok
12:55:51.0515 0752 InCDFs - ok
12:55:51.0531 0752 InCDPass - ok
12:55:51.0546 0752 InCDRm - ok
12:55:51.0578 0752 ini910u - ok
12:55:51.0609 0752 IntelIde - ok
12:55:51.0671 0752 intelppm (10a3ac0f0df720ad3c3fd13861d50eb9) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:55:51.0687 0752 intelppm - ok
12:55:51.0718 0752 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
12:55:51.0718 0752 ip6fw - ok
12:55:51.0781 0752 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:55:51.0781 0752 IpFilterDriver - ok
12:55:51.0812 0752 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:55:51.0812 0752 IpInIp - ok
12:55:51.0921 0752 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:55:51.0953 0752 IpNat - ok
12:55:52.0015 0752 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:55:52.0031 0752 IPSec - ok
12:55:52.0062 0752 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:55:52.0062 0752 IRENUM - ok
12:55:52.0125 0752 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:55:52.0125 0752 isapnp - ok
12:55:52.0265 0752 JavaQuickStarterService (74e30a41cdcf331c74bc4d97be40cc5b) C:\Program Files\Java\jre6\bin\jqs.exe
12:55:52.0265 0752 JavaQuickStarterService - ok
12:55:52.0296 0752 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:55:52.0296 0752 Kbdclass - ok
12:55:52.0343 0752 kbdhid (065b5a83aa78c0c7047bf22e0ab5c821) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:55:52.0359 0752 kbdhid - ok
12:55:52.0453 0752 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
12:55:52.0453 0752 kmixer - ok
12:55:52.0500 0752 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
12:55:52.0515 0752 KSecDD - ok
12:55:52.0578 0752 lanmanserver (9757f6e16fd1eab54d6eb9d5eb3cbcb5) C:\WINDOWS\System32\srvsvc.dll
12:55:52.0593 0752 lanmanserver - ok
12:55:52.0687 0752 lanmanworkstation (6bf7baf420dd4422d2c35dfb3e51a29c) C:\WINDOWS\System32\wkssvc.dll
12:55:52.0718 0752 lanmanworkstation - ok
12:55:52.0734 0752 lbrtfdc - ok
12:55:52.0812 0752 LmHosts (f9ee6d2aab0690b34ae35ba9921a1414) C:\WINDOWS\System32\lmhsvc.dll
12:55:52.0812 0752 LmHosts - ok
12:55:52.0859 0752 Messenger (8b2fcbd881879b55be40b41f12ffc431) C:\WINDOWS\System32\msgsvc.dll
12:55:52.0859 0752 Messenger - ok
12:55:52.0921 0752 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:55:52.0921 0752 mnmdd - ok
12:55:52.0968 0752 mnmsrvc (7d137132d6a9b41ef800e59a771ed48c) C:\WINDOWS\System32\mnmsrvc.exe
12:55:52.0984 0752 mnmsrvc - ok
12:55:53.0046 0752 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
12:55:53.0046 0752 Modem - ok
12:55:53.0078 0752 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:55:53.0078 0752 Mouclass - ok
12:55:53.0125 0752 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:55:53.0125 0752 mouhid - ok
12:55:53.0156 0752 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
12:55:53.0156 0752 MountMgr - ok
12:55:53.0187 0752 mraid35x - ok
12:55:53.0281 0752 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:55:53.0296 0752 MRxDAV - ok
12:55:53.0390 0752 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:55:53.0421 0752 MRxSmb - ok
12:55:53.0468 0752 MSDTC (944a24032aed84c59455b981f6ca1c1a) C:\WINDOWS\System32\msdtc.exe
12:55:53.0468 0752 MSDTC - ok
12:55:53.0531 0752 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
12:55:53.0531 0752 Msfs - ok
12:55:53.0562 0752 MSIServer - ok
12:55:53.0578 0752 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:55:53.0593 0752 MSKSSRV - ok
12:55:53.0609 0752 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:55:53.0625 0752 MSPCLOCK - ok
12:55:53.0640 0752 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
12:55:53.0656 0752 MSPQM - ok
12:55:53.0703 0752 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:55:53.0703 0752 mssmbios - ok
12:55:53.0750 0752 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
12:55:53.0750 0752 Mup - ok
12:55:53.0796 0752 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
12:55:53.0812 0752 NDIS - ok
12:55:53.0859 0752 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:55:53.0875 0752 NdisTapi - ok
12:55:53.0937 0752 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:55:53.0937 0752 Ndisuio - ok
12:55:53.0968 0752 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:55:53.0968 0752 NdisWan - ok
12:55:54.0015 0752 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
12:55:54.0015 0752 NDProxy - ok
12:55:54.0046 0752 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:55:54.0046 0752 NetBIOS - ok
12:55:54.0109 0752 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:55:54.0125 0752 NetBT - ok
12:55:54.0171 0752 NetDDE (818053225bf4aac5f0f718001e492f70) C:\WINDOWS\system32\netdde.exe
12:55:54.0171 0752 NetDDE - ok
12:55:54.0203 0752 NetDDEdsdm (818053225bf4aac5f0f718001e492f70) C:\WINDOWS\system32\netdde.exe
12:55:54.0218 0752 NetDDEdsdm - ok
12:55:54.0265 0752 Netlogon (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:55:54.0281 0752 Netlogon - ok
12:55:54.0359 0752 Netman (86ad5b0e02f2c968fbb096ab4c555c9c) C:\WINDOWS\System32\netman.dll
12:55:54.0375 0752 Netman - ok
12:55:54.0484 0752 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:55:54.0500 0752 NetTcpPortSharing - ok
12:55:54.0578 0752 Nla (a6e79b60ac73241e5721ab6a573d2b24) C:\WINDOWS\System32\mswsock.dll
12:55:54.0593 0752 Nla - ok
12:55:54.0656 0752 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
12:55:54.0656 0752 nmwcd - ok
12:55:54.0703 0752 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
12:55:54.0718 0752 nmwcdc - ok
12:55:54.0750 0752 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
12:55:54.0750 0752 Npfs - ok
12:55:54.0859 0752 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
12:55:54.0890 0752 Ntfs - ok
12:55:54.0906 0752 NtLmSsp (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\System32\lsass.exe
12:55:54.0906 0752 NtLmSsp - ok
12:55:55.0000 0752 NtmsSvc (d8d2b13ba93ae830b1a637df571d1195) C:\WINDOWS\system32\ntmssvc.dll
12:55:55.0015 0752 NtmsSvc - ok
12:55:55.0078 0752 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:55:55.0078 0752 Null - ok
12:55:55.0125 0752 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:55:55.0125 0752 NwlnkFlt - ok
12:55:55.0171 0752 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:55:55.0171 0752 NwlnkFwd - ok
12:55:55.0234 0752 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
12:55:55.0234 0752 Parport - ok
12:55:55.0281 0752 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
12:55:55.0281 0752 PartMgr - ok
12:55:55.0343 0752 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
12:55:55.0343 0752 ParVdm - ok
12:55:55.0421 0752 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:55:55.0421 0752 pccsmcfd - ok
12:55:55.0500 0752 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
12:55:55.0500 0752 PCI - ok
12:55:55.0515 0752 PCIDump - ok
12:55:55.0578 0752 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:55:55.0578 0752 PCIIde - ok
12:55:55.0656 0752 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:55:55.0656 0752 Pcmcia - ok
12:55:55.0671 0752 PDCOMP - ok
12:55:55.0687 0752 PDFRAME - ok
12:55:55.0718 0752 PDRELI - ok
12:55:55.0734 0752 PDRFRAME - ok
12:55:55.0765 0752 perc2 - ok
12:55:55.0781 0752 perc2hib - ok
12:55:56.0171 0752 PEVSystemStart (f042ee4c8d66248d9b86dcf52abae416) C:\ComboFix\pev.3XE
12:55:56.0390 0752 PEVSystemStart - ok
12:55:56.0453 0752 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
12:55:56.0453 0752 PfModNT - ok
12:55:56.0531 0752 PlugPlay (4f9f7b567970b524f31d9970a23f7c24) C:\WINDOWS\system32\services.exe
12:55:56.0546 0752 PlugPlay - ok
12:55:56.0562 0752 PolicyAgent (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:55:56.0562 0752 PolicyAgent - ok
12:55:56.0625 0752 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:55:56.0625 0752 PptpMiniport - ok
12:55:56.0671 0752 Processor (9a10e4fd13824823da50d4758bd0a645) C:\WINDOWS\system32\DRIVERS\processr.sys
12:55:56.0671 0752 Processor - ok
12:55:56.0687 0752 ProtectedStorage (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:55:56.0687 0752 ProtectedStorage - ok
12:55:56.0734 0752 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
12:55:56.0734 0752 PSched - ok
12:55:56.0812 0752 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:55:56.0812 0752 Ptilink - ok
12:55:56.0875 0752 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:55:56.0890 0752 PxHelp20 - ok
12:55:56.0906 0752 ql1080 - ok
12:55:56.0921 0752 Ql10wnt - ok
12:55:56.0937 0752 ql12160 - ok
12:55:56.0968 0752 ql1240 - ok
12:55:56.0984 0752 ql1280 - ok
12:55:57.0015 0752 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:55:57.0015 0752 RasAcd - ok
12:55:57.0078 0752 RasAuto (e68b6f9a726a444059705ab43b5656d1) C:\WINDOWS\System32\rasauto.dll
12:55:57.0093 0752 RasAuto - ok
12:55:57.0125 0752 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:55:57.0125 0752 Rasl2tp - ok
12:55:57.0218 0752 RasMan (0d5b4272012d2addaa9c97d8bf207dea) C:\WINDOWS\System32\rasmans.dll
12:55:57.0234 0752 RasMan - ok
12:55:57.0250 0752 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:55:57.0250 0752 RasPppoe - ok
12:55:57.0296 0752 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:55:57.0312 0752 Raspti - ok
12:55:57.0421 0752 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:55:57.0437 0752 Rdbss - ok
12:55:57.0468 0752 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:55:57.0468 0752 RDPCDD - ok
12:55:57.0546 0752 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:55:57.0546 0752 rdpdr - ok
12:55:57.0640 0752 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
12:55:57.0656 0752 RDPWD - ok
12:55:57.0750 0752 RDSessMgr (125acf258da9633f748131a0e0185af3) C:\WINDOWS\system32\sessmgr.exe
12:55:57.0750 0752 RDSessMgr - ok
12:55:57.0812 0752 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:55:57.0812 0752 redbook - ok
12:55:57.0890 0752 RemoteAccess (eb5e1a601e5a1908a87e4d5a41803d98) C:\WINDOWS\System32\mprdim.dll
12:55:57.0890 0752 RemoteAccess - ok
12:55:57.0953 0752 RemoteRegistry (5b21208fcf8970bb61fe98e19d828714) C:\WINDOWS\system32\regsvc.dll
12:55:57.0953 0752 RemoteRegistry - ok
12:55:58.0031 0752 RpcLocator (c8a3b668985d61249f2dc71716c58de8) C:\WINDOWS\System32\locator.exe
12:55:58.0046 0752 RpcLocator - ok
12:55:58.0156 0752 RpcSs (2b269c916766bdb43404f043b763427d) C:\WINDOWS\System32\rpcss.dll
12:55:58.0156 0752 RpcSs - ok
12:55:58.0234 0752 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
12:55:58.0250 0752 RSVP - ok
12:55:58.0281 0752 SamSs (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:55:58.0296 0752 SamSs - ok
12:55:59.0375 0752 SBAMSvc (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
12:56:00.0000 0752 SBAMSvc - ok
12:56:00.0156 0752 sbaphd (62ba65cc0b4a4bd1eaff5fed6e2b5069) C:\WINDOWS\system32\drivers\sbaphd.sys
12:56:00.0156 0752 sbaphd - ok
12:56:00.0203 0752 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\WINDOWS\system32\drivers\sbapifs.sys
12:56:00.0203 0752 sbapifs - ok
12:56:00.0312 0752 SbFw (dc19ff9879775ac86baa9c9282573e87) C:\WINDOWS\system32\drivers\SbFw.sys
12:56:00.0312 0752 SbFw - ok
12:56:00.0375 0752 SBFWIMCL (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\sbfwim.sys
12:56:00.0390 0752 SBFWIMCL - ok
12:56:00.0406 0752 SBFWIMCLMP (1dcad90cc9c0ddc7d060fd97854f8518) C:\WINDOWS\system32\DRIVERS\SBFWIM.sys
12:56:00.0421 0752 SBFWIMCLMP - ok
12:56:00.0453 0752 sbhips (1afd7178ab9c4fce2d332da7aa474fa6) C:\WINDOWS\system32\drivers\sbhips.sys
12:56:00.0468 0752 sbhips - ok
12:56:00.0546 0752 sbpci (4939d6f53ec3a18674deba8532f193ca) C:\WINDOWS\system32\drivers\sbpci.sys
12:56:00.0578 0752 sbpci - ok
12:56:00.0656 0752 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\WINDOWS\system32\drivers\SBREdrv.sys
12:56:00.0687 0752 SBRE - ok
12:56:00.0750 0752 sbtis (3ccb4c5686d23033fd01835bed868b4b) C:\WINDOWS\system32\drivers\sbtis.sys
12:56:00.0765 0752 sbtis - ok
12:56:00.0828 0752 SCardSvr (c177354e995cc1aa1f767bcd9980434a) C:\WINDOWS\System32\SCardSvr.exe
12:56:00.0828 0752 SCardSvr - ok
12:56:00.0890 0752 Schedule (29ac93307c6182dbe336bca314947f28) C:\WINDOWS\system32\schedsvc.dll
12:56:00.0890 0752 Schedule - ok
12:56:00.0937 0752 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:56:00.0937 0752 Secdrv - ok
12:56:00.0984 0752 seclogon (c76cb8a133374fac6805f83ff7b7da03) C:\WINDOWS\System32\seclogon.dll
12:56:01.0000 0752 seclogon - ok
12:56:01.0031 0752 SENS (220ad85ba9c5b3011296354011b901cc) C:\WINDOWS\system32\sens.dll
12:56:01.0031 0752 SENS - ok
12:56:01.0093 0752 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:56:01.0093 0752 serenum - ok
12:56:01.0140 0752 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
12:56:01.0156 0752 Serial - ok
12:56:01.0437 0752 ServiceLayer (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:56:01.0484 0752 ServiceLayer - ok
12:56:01.0546 0752 sfdrv01 (0b179a959ff6b6ca5927d4f255ab9f90) C:\WINDOWS\system32\drivers\sfdrv01.sys
12:56:01.0546 0752 sfdrv01 - ok
12:56:01.0578 0752 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
12:56:01.0593 0752 sfhlp02 - ok
12:56:01.0625 0752 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:56:01.0625 0752 Sfloppy - ok
12:56:01.0671 0752 sfsync02 (a62efe6aa55c6a599ddbb6bd00e8fb9c) C:\WINDOWS\system32\drivers\sfsync02.sys
12:56:01.0671 0752 sfsync02 - ok
12:56:01.0828 0752 SharedAccess (6a93501bcdebf159109429b022c0ff83) C:\WINDOWS\System32\ipnathlp.dll
12:56:01.0843 0752 SharedAccess - ok
12:56:01.0921 0752 ShellHWDetection (e26edc7afa8da3c528055eabc82c8c79) C:\WINDOWS\System32\shsvcs.dll
12:56:01.0921 0752 ShellHWDetection - ok
12:56:01.0937 0752 Simbad - ok
12:56:02.0062 0752 SiS7018 (d3ba744433f14e5c77107d9d82297801) C:\WINDOWS\system32\drivers\ac97sis.sys
12:56:02.0078 0752 SiS7018 - ok
12:56:02.0125 0752 sisagp (61ca562def09a782d26b3e7edec5369a) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
12:56:02.0125 0752 sisagp - ok
12:56:02.0187 0752 SiSide (b4485881bd8aed9b157a2e6cf43c2d51) C:\WINDOWS\system32\DRIVERS\siside.sys
12:56:02.0187 0752 SiSide - ok
12:56:02.0218 0752 sisidex (6225224b8e846ac230f8d9b343635910) C:\WINDOWS\system32\drivers\sisidex.sys
12:56:02.0218 0752 sisidex - ok
12:56:02.0265 0752 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
12:56:02.0265 0752 SISNIC - ok
12:56:02.0359 0752 SISNICXP (161811814f04ceb57a51561808888831) C:\WINDOWS\system32\DRIVERS\sisnicxp.sys
12:56:02.0359 0752 SISNICXP - ok
12:56:02.0406 0752 sisperf (596d4a7052002d2bd344d8937da6f66d) C:\WINDOWS\system32\drivers\sisperf.sys
12:56:02.0406 0752 sisperf - ok
12:56:02.0515 0752 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys
12:56:02.0546 0752 smwdm - ok
12:56:02.0671 0752 SoundMAX Agent Service (default) (3978f082274f723ad5a0a8058c2417dd) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
12:56:02.0671 0752 SoundMAX Agent Service (default) - ok
12:56:02.0687 0752 Sparrow - ok
12:56:02.0750 0752 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
12:56:02.0750 0752 splitter - ok
12:56:02.0828 0752 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
12:56:02.0828 0752 Spooler - ok
12:56:02.0890 0752 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
12:56:02.0890 0752 sr - ok
12:56:02.0968 0752 srservice (3cd57f31a64d32fdb28918b16d1e6aac) C:\WINDOWS\system32\srsvc.dll
12:56:02.0968 0752 srservice - ok
12:56:03.0109 0752 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
12:56:03.0140 0752 Srv - ok
12:56:03.0187 0752 SSDPSRV (88c28f53f53438dafcd95e99c837c61e) C:\WINDOWS\System32\ssdpsrv.dll
12:56:03.0203 0752 SSDPSRV - ok
12:56:03.0296 0752 stisvc (b824215a934a24928cddd1ef7e113035) C:\WINDOWS\system32\wiaservc.dll
12:56:03.0328 0752 stisvc - ok
12:56:03.0375 0752 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:56:03.0375 0752 swenum - ok
12:56:03.0421 0752 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
12:56:03.0437 0752 swmidi - ok
12:56:03.0437 0752 SwPrv - ok
12:56:03.0468 0752 symc810 - ok
12:56:03.0484 0752 symc8xx - ok
12:56:03.0500 0752 sym_hi - ok
12:56:03.0546 0752 sym_u3 - ok
12:56:03.0578 0752 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
12:56:03.0578 0752 sysaudio - ok
12:56:03.0640 0752 SysmonLog (d9c9ecff4904e6151525c533aeedf8f4) C:\WINDOWS\system32\smlogsvc.exe
12:56:03.0640 0752 SysmonLog - ok
12:56:03.0671 0752 Tablet2k - ok
12:56:03.0750 0752 TapiSrv (250241d65ccf692aeacc318a266413c2) C:\WINDOWS\System32\tapisrv.dll
12:56:03.0765 0752 TapiSrv - ok
12:56:03.0812 0752 TClass2k (1b3c28d36e669deeb39331255a3feeeb) C:\WINDOWS\system32\DRIVERS\TClass2k.sys
12:56:03.0812 0752 TClass2k - ok
12:56:03.0921 0752 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:56:03.0953 0752 Tcpip - ok
12:56:04.0000 0752 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:56:04.0000 0752 TDPIPE - ok
12:56:04.0031 0752 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
12:56:04.0046 0752 TDTCP - ok
12:56:04.0093 0752 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:56:04.0093 0752 TermDD - ok
12:56:04.0171 0752 TermService (2f5919f2f6ee7a845893d9c3aa2bc56a) C:\WINDOWS\System32\termsrv.dll
12:56:04.0187 0752 TermService - ok
12:56:04.0250 0752 Themes (e26edc7afa8da3c528055eabc82c8c79) C:\WINDOWS\System32\shsvcs.dll
12:56:04.0250 0752 Themes - ok
12:56:04.0328 0752 TlntSvr (535c2fb97336bafa509f4783dd1e5746) C:\WINDOWS\System32\tlntsvr.exe
12:56:04.0328 0752 TlntSvr - ok
12:56:04.0343 0752 TosIde - ok
12:56:04.0390 0752 TrkWks (4dce17221b1a87fb47e36842f3e38753) C:\WINDOWS\system32\trkwks.dll
12:56:04.0390 0752 TrkWks - ok
12:56:04.0437 0752 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
12:56:04.0453 0752 TVICHW32 - ok
12:56:04.0484 0752 UCTblHid (adfa2e999bd2ddf89187dcbf0e3dd404) C:\WINDOWS\system32\DRIVERS\UCTblHid.sys
12:56:04.0484 0752 UCTblHid - ok
12:56:04.0515 0752 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
12:56:04.0515 0752 Udfs - ok
12:56:04.0531 0752 ultra - ok
12:56:04.0671 0752 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
12:56:04.0703 0752 Update - ok
12:56:04.0812 0752 upnphost (0c0c2c77c6b52181369594f2aa36af40) C:\WINDOWS\System32\upnphost.dll
12:56:04.0828 0752 upnphost - ok
12:56:04.0859 0752 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
12:56:04.0859 0752 upperdev - ok
12:56:04.0890 0752 UPS (6148a3ba4d9cc628357fc92014fea30e) C:\WINDOWS\System32\ups.exe
12:56:04.0906 0752 UPS - ok
12:56:04.0953 0752 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
12:56:04.0953 0752 usbaudio - ok
12:56:05.0062 0752 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:56:05.0093 0752 usbccgp - ok
12:56:05.0140 0752 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:56:05.0156 0752 usbehci - ok
12:56:05.0203 0752 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:56:05.0203 0752 usbhub - ok
12:56:05.0234 0752 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:56:05.0234 0752 usbohci - ok
12:56:05.0296 0752 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:56:05.0296 0752 usbprint - ok
12:56:05.0375 0752 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:56:05.0375 0752 usbscan - ok
12:56:05.0421 0752 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
12:56:05.0421 0752 usbser - ok
12:56:05.0468 0752 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
12:56:05.0468 0752 UsbserFilt - ok
12:56:05.0531 0752 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:56:05.0546 0752 USBSTOR - ok
12:56:05.0578 0752 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
12:56:05.0578 0752 VgaSave - ok
12:56:05.0609 0752 ViaIde - ok
12:56:05.0671 0752 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
12:56:05.0687 0752 VolSnap - ok
12:56:05.0781 0752 VSS (043539881667bb37b07524032d6ffc3e) C:\WINDOWS\System32\vssvc.exe
12:56:05.0812 0752 VSS - ok
12:56:05.0875 0752 W32Time (2ceebb402187ae56b585701f3d191fb3) C:\WINDOWS\system32\w32time.dll
12:56:05.0890 0752 W32Time - ok
12:56:05.0968 0752 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:56:05.0968 0752 Wanarp - ok
12:56:06.0078 0752 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
12:56:06.0109 0752 Wdf01000 - ok
12:56:06.0125 0752 WDICA - ok
12:56:06.0171 0752 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
12:56:06.0171 0752 wdmaud - ok
12:56:06.0218 0752 WebClient (4bd50644cf52f00091f894ab7541e538) C:\WINDOWS\System32\webclnt.dll
12:56:06.0234 0752 WebClient - ok
12:56:06.0343 0752 winmgmt (e12084ea622bdf2262c637bef15dd85c) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:56:06.0343 0752 winmgmt - ok
12:56:06.0421 0752 WinTabService (2a42c1cff2507407de81adb16748e0ef) C:\WINDOWS\System32\Drivers\WTSRV.EXE
12:56:06.0437 0752 WinTabService - ok
12:56:06.0500 0752 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
12:56:06.0500 0752 WmdmPmSN - ok
12:56:06.0687 0752 Wmi (e428eed87e8055fb995cf0e4d1532d4c) C:\WINDOWS\System32\advapi32.dll
12:56:06.0734 0752 Wmi - ok
12:56:06.0796 0752 WmiApSrv (bcd21b989f0fd4ace78287fc01b4693d) C:\WINDOWS\System32\wbem\wmiapsrv.exe
12:56:06.0812 0752 WmiApSrv - ok
12:56:06.0859 0752 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
12:56:06.0859 0752 WpdUsb - ok
12:56:06.0921 0752 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:56:06.0921 0752 WS2IFSL - ok
12:56:06.0984 0752 wscsvc (4aded1adef25041d9827f9a79c0fda13) C:\WINDOWS\system32\wscsvc.dll
12:56:06.0984 0752 wscsvc - ok
12:56:07.0031 0752 wuauserv (21f5169ca14e0b25c757644456f637df) C:\WINDOWS\system32\wuauserv.dll
12:56:07.0046 0752 wuauserv - ok
12:56:07.0125 0752 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:56:07.0125 0752 WudfPf - ok
12:56:07.0171 0752 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:56:07.0171 0752 WudfRd - ok
12:56:07.0234 0752 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
12:56:07.0250 0752 WudfSvc - ok
12:56:07.0359 0752 WZCSVC (325cedef696ef4b649ddcd3968d085c9) C:\WINDOWS\System32\wzcsvc.dll
12:56:07.0390 0752 WZCSVC - ok
12:56:07.0437 0752 xmlprov (9b835d4c64860b155a1701d5092ec9e4) C:\WINDOWS\System32\xmlprov.dll
12:56:07.0453 0752 xmlprov - ok
12:56:07.0546 0752 ZD1211BU(ZyDAS) (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
12:56:07.0562 0752 ZD1211BU(ZyDAS) - ok
12:56:07.0625 0752 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys
12:56:07.0625 0752 ZDPSp50 - ok
12:56:07.0656 0752 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
12:56:08.0546 0752 \Device\Harddisk0\DR0 - ok
12:56:08.0562 0752 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR5
12:56:08.0562 0752 \Device\Harddisk1\DR5 - ok
12:56:08.0593 0752 Boot (0x1200) (89056d5cf8068a8411af7834c9c0bd62) \Device\Harddisk0\DR0\Partition0
12:56:08.0593 0752 \Device\Harddisk0\DR0\Partition0 - ok
12:56:08.0640 0752 Boot (0x1200) (efd96f404f7b3a90c330611dbec5c188) \Device\Harddisk0\DR0\Partition1
12:56:08.0656 0752 \Device\Harddisk0\DR0\Partition1 - ok
12:56:08.0671 0752 Boot (0x1200) (f5156289619d7d1cc89a5aa6187ca12e) \Device\Harddisk1\DR5\Partition0
12:56:08.0671 0752 \Device\Harddisk1\DR5\Partition0 - ok
12:56:08.0671 0752 ============================================================
12:56:08.0671 0752 Scan finished
12:56:08.0671 0752 ============================================================
12:56:08.0734 0748 Detected object count: 0
12:56:08.0734 0748 Actual detected object count: 0

#10 Příspěvek od **motji** » 25 čer 2012 12:12

Když pořád něco spouštíte, pak už v lozích žádné viry nevidím. Dělal jste i mwaw a mbam, našli něco? A už sám prosím nic nedělejte

Combofix Vám log neudělal, že?

fretom · #11 Příspěvek od **fretom** » 25 čer 2012 12:28

mbam našel a fixoval.
spybot také
adware také

Teoreticky tam nic není, ale písmenka mi běhaj samovolně jako nazačátku.
Jinak se to zlepšilo. Jede to ale pomaleji.

Díky za cokoliv. Už nebudu experimentovat

TF

#12 Příspěvek od **motji** » 25 čer 2012 12:30

Zkoušel jste i jinou klávesnici?
Prosím v mbamu v záložce protokoly najdete log, vložte ho zde.

fretom · #13 Příspěvek od **fretom** » 25 čer 2012 12:44

Hleďme tak je to asi vážně klávesnicí. Ta náhradní zabrala a už to neběhá. Je to v normálu.

Mbam jsem včera před instalací adaware odinstaloval. Takže log nemám.
Mám ještě nějaký aktuální poslat?

Díky TF

#14 Příspěvek od **motji** » 25 čer 2012 12:59

Vyčištěte nejprve disk

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

A pak zkuste znovu combofix.

fretom · #15 Příspěvek od **fretom** » 25 čer 2012 16:32

ComboFix 12-06-25.03 - Tomas Frei 25.06.2012 16:36:55.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.512.256 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tomas Frei\Plocha\ComboFix.exe
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: F-Secure Anti-Virus 2006 6.10 *Disabled* {D4747503-0346-49EB-9262-997542F79BF4}
FW: Lavasoft Ad-Aware *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\daemon.dll
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regedit.com
c:\windows\system32\CF10342.exe
c:\windows\system32\CF10863.exe
c:\windows\system32\CF11797.exe
c:\windows\system32\CF29661.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\ijl11.dll
c:\windows\system32\msssc.dll
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-25 do 2012-06-25 )))))))))))))))))))))))))))))))
.
.
2012-06-25 11:56 . 2012-06-25 11:57 -------- d-----w- c:\windows\LastGood
2012-06-24 18:07 . 2012-06-24 18:19 -------- d-----w- c:\documents and settings\Tomas Frei\Data aplikací\adawaretb
2012-06-24 18:02 . 2012-06-25 11:34 -------- d-----w- c:\documents and settings\Tomas Frei\Data aplikací\Ad-Aware Antivirus
2012-06-24 18:01 . 2012-06-24 18:19 -------- d-----w- c:\documents and settings\Tomas Frei\Local Settings\Data aplikací\adaware
2012-06-24 16:14 . 2012-06-24 16:14 34048 ----a-w- c:\windows\system32\eEmpty.exe
2012-06-24 16:13 . 2004-08-17 14:49 137216 ----a-w- c:\windows\system32\T.COM
2012-06-24 16:13 . 2004-08-17 14:49 147968 ----a-w- c:\windows\R.COM
2012-06-24 16:13 . 2012-06-24 16:13 -------- d-----w- c:\program files\Common Files\MicroWorld
2012-06-24 16:13 . 2012-06-24 16:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2012-06-24 16:01 . 2012-06-24 16:01 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Ad-Aware Antivirus
2012-06-24 16:01 . 2012-06-24 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ClubSanDisk
2012-06-24 15:59 . 2011-12-19 10:44 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-06-24 15:59 . 2011-11-29 04:59 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-06-24 15:59 . 2011-11-29 04:59 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-06-24 15:59 . 2011-12-19 10:44 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-06-24 15:59 . 2011-12-19 10:44 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-06-24 15:59 . 2011-09-29 10:16 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-06-24 15:58 . 2012-06-24 15:58 -------- d-----w- c:\windows\system32\drivers\VDD
2012-06-24 15:58 . 2012-06-24 15:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2012-06-24 15:58 . 2012-06-24 16:28 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-06-24 15:57 . 2012-06-24 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ad-Aware Browsing Protection
2012-06-24 15:57 . 2012-06-24 15:57 -------- d-----w- c:\program files\Toolbar Cleaner
2012-06-24 15:56 . 2012-06-24 15:57 -------- d-----w- c:\program files\adawaretb
2012-06-24 14:00 . 2012-06-24 14:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-06-24 08:09 . 2007-09-29 15:53 400384 ----a-w- c:\program files\Mozilla Firefox\plugins\npagent.dll
2012-06-24 08:09 . 2007-09-29 15:53 23600 ----a-w- c:\program files\Mozilla Firefox\plugins\TVicHW32.sys
2012-06-24 08:09 . 2007-09-29 15:53 21200 ----a-w- c:\program files\Mozilla Firefox\plugins\TVicHW64.sys
2012-06-24 06:44 . 2012-06-24 13:15 -------- d-----w- c:\program files\trend micro
2012-06-24 06:01 . 2012-06-24 07:44 -------- d-----w- c:\documents and settings\Administrator
2012-06-18 10:31 . 2012-06-18 10:31 -------- d-----w- c:\documents and settings\Tomas Frei\Data aplikací\PROTECH
2012-06-10 09:56 . 2012-06-10 10:00 -------- d-----w- c:\documents and settings\Tomas Frei\Data aplikací\.RTS
2012-06-10 09:53 . 2012-06-10 09:53 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-05-31 15:39 . 2012-05-31 15:41 -------- d-----w- C:\Epodpis
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-28 05:11 . 2012-03-28 05:11 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2012-04-11 20:08 87440 ----a-w- c:\program files\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files\adawaretb\adawareDx.dll" [2012-04-11 87440]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2007-07-24 1298432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-12-12 335872]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^EPSI ToolBar.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\EPSI ToolBar.lnk
backup=c:\windows\pss\EPSI ToolBar.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUninstallURL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2005-10-28 15:25 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2007-04-03 16:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-03-26 07:19 172032 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
2008-11-07 11:51 95536 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 15:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-02-23 19:10 35328 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WTClient]
2007-04-11 08:27 40960 ----a-w- c:\windows\system32\WTClient.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\audiograbber\\audiograbber.exe"=
"c:\\Program Files\\Lavalys\\EVEREST Home Edition\\everest.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero StartSmart\\NeroStartSmart.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Asus\\AsusUpdate\\Update.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dwwin.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"c:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"=
"c:\\Program Files\\Winamp\\winampa.exe"=
"c:\\Program Files\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe"=
"c:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"=
"c:\\Program Files\\Rainlendar2\\Rainlendar2.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaws.exe"=
"c:\\Program Files\\Nitro PDF\\PrimoPDF\\PrimoPDF.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\ganes\\CS\\Counter-Strike 1.6 Standalone\\launcher.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\adawaretb\\dtUser.exe"=
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [14.3.2006 23:18 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [14.3.2006 23:18 5248]
R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [18.8.2009 7:53 30656]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [24.6.2012 17:59 21240]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [24.6.2012 17:59 335224]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [24.6.2012 17:59 217976]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [3.5.2012 18:37 1226096]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [24.6.2012 17:59 77816]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [24.6.2012 17:59 94584]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [26.10.2011 14:23 101112]
S2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [19.12.2011 13:20 3289032]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [20.7.2007 18:03 93440]
S3 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.6.2011 17:21 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.6.2011 17:21 136176]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [24.6.2012 17:59 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [24.6.2012 17:59 93816]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [5.4.2006 10:44 23600]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 68280885
*NewlyCreated* - 81987198
*Deregistered* - 68280885
*Deregistered* - 81987198
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-24 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
- c:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-05-03 16:37]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://free.grisoft.com/register
uInternet Settings,ProxyServer = cache.sh.cvut.cz:3128
uInternet Settings,ProxyOverride = <local>
IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} -
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 192.168.9.1 192.168.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - ProfilePath - c:\documents and settings\Tomas Frei\Data aplikací\Mozilla\Firefox\Profiles\gp7uu3rw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109980&babsrc=KW_ss&mntrId=e0a5bc4f0000000000000050fccba358&q=
FF - prefs.js: network.proxy.type - 4
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-AtiExtEvent - (no file)
Notify-avgrsstarter - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-ExpressFiles - c:\program files\ExpressFiles\ExpressFiles.exe
MSConfigStartUp-Raptr - c:\progra~1\Raptr\raptrstub.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-25 16:50
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-06-25 16:55:48
ComboFix-quarantined-files.txt 2012-06-25 14:55
.
Před spuštěním: 887 738 368
Po spuštění: 1 017 417 728
.
- - End Of File - - 8A5DBCF6A4C1D06E5AE85FB132DAB3CE

VIRY.CZ

asi nějaký vir

asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

babylon?

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir

Re: asi nějaký vir