VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by BuBu at 2013-04-24 19:06:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (6%) free of 18 GB
Total RAM: 511 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:16, on 24.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST_Software\Avast_antivirus\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST_Software\Avast_antivirus\avastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\BuBu\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\BuBu.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tuvaro.com/ws/?source=9e9471a2&t ... 0cf15a0ec6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST_Software\Avast_antivirus\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST_Software\Avast_antivirus\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST_Software\Avast_antivirus\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{571900DA-3481-4A36-AB6C-8C3011DA5F00}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E66068-A646-42E7-95BA-374AD37B8DF5}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{59657600-C1CC-43B3-93EC-CDD64D9859D8}: NameServer = 8.26.56.26,156.154.70.22
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST_Software\Avast_antivirus\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8337 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\budliki.job
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
C:\WINDOWS\tasks\Go for FilesUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\pripomienka.job
C:\WINDOWS\tasks\YourFile Update.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "about:home"

"wrc@avast.com"=C:\Program Files\AVAST_Software\Avast_antivirus\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default\searchplugins\
tuvaro.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-28 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST_Software\Avast_antivirus\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-28 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST_Software\Avast_antivirus\aswWebRepIE.dll [2012-10-31 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST_Software\Avast_antivirus\avastUI.exe [2012-10-31 4297136]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-04-15 3012816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-05-25 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-06 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\AppServ\Apache2.2\bin\httpd.exe"="C:\AppServ\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.3"
"C:\Program Files\GoforFiles\goforfilesdl.exe"="C:\Program Files\GoforFiles\goforfilesdl.exe:*:Enabled:Go for Files"
"C:\Program Files\GoforFiles\GoforFiles.exe"="C:\Program Files\GoforFiles\GoforFiles.exe:*:Enabled:Go for Files"
"C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi"
"C:\Program Files\YourFileDownloader\Downloader.exe"="C:\Program Files\YourFileDownloader\Downloader.exe:*:Enabled:YourFile Downloader"
"C:\Program Files\YourFileDownloader\YourFile.exe"="C:\Program Files\YourFileDownloader\YourFile.exe:*:Enabled:YourFile Downloader"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-04-24 18:00:32 ----D---- C:\Program Files\ESET
2013-04-24 17:08:09 ----SHD---- C:\WINDOWS\CSC
2013-04-24 17:01:25 ----A---- C:\WINDOWS\ntbtlog.txt
2013-04-24 11:56:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Shared Space
2013-04-24 11:53:34 ----A---- C:\WINDOWS\system32\mfc71.dll
2013-04-24 11:53:30 ----A---- C:\WINDOWS\system32\gdiplus.dll
2013-04-24 11:49:26 ----D---- C:\Documents and Settings\All Users\Application Data\COMODO
2013-04-24 11:45:06 ----D---- C:\Program Files\Comodo
2013-04-24 11:44:29 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2013-04-24 10:35:22 ----D---- C:\Program Files\trend micro
2013-04-24 10:35:14 ----D---- C:\rsit
2013-04-24 10:01:41 ----D---- C:\WINDOWS\ERDNT
2013-04-24 09:58:53 ----D---- C:\Qoobox
2013-04-18 18:02:12 ----A---- C:\WINDOWS\system32\drivers\inspect.sys
2013-04-18 15:44:13 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-04-18 15:44:08 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-04-18 15:31:50 ----D---- C:\WINDOWS\symbols
2013-04-18 15:31:36 ----D---- C:\Program Files\Microsoft Help Viewer
2013-04-18 15:31:35 ----D---- C:\Program Files\Microsoft SDKs
2013-04-18 15:31:35 ----D---- C:\Program Files\Common Files\Merge Modules
2013-04-18 15:25:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958655-v2$
2013-04-18 15:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2013-04-18 01:07:16 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-04-18 01:07:16 ----A---- C:\WINDOWS\OEWABLog.txt
2013-04-18 01:06:54 ----D---- C:\Program Files\xerox
2013-04-18 01:06:48 ----D---- C:\WINDOWS\system32\xircom
2013-04-18 01:06:42 ----D---- C:\Program Files\microsoft frontpage
2013-04-18 01:05:27 ----D---- C:\WINDOWS\Prefetch
2013-04-18 00:56:47 ----A---- C:\WINDOWS\setuplog.txt
2013-04-18 00:54:33 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-04-18 00:54:33 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2013-04-18 00:54:33 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-04-18 00:54:32 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-04-18 00:54:23 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-04-18 00:54:23 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-04-18 00:54:23 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-04-18 00:54:22 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-04-18 00:54:22 ----N---- C:\WINDOWS\system32\azroles.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\credssp.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-04-18 00:54:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-04-18 00:54:15 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-04-18 00:54:11 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-04-18 00:54:11 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-04-18 00:54:10 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-04-18 00:54:10 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-04-18 00:54:09 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-04-18 00:54:09 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-04-18 00:54:08 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-04-18 00:54:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-04-18 00:54:08 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2013-04-18 00:54:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-04-18 00:54:07 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-04-18 00:54:06 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-04-18 00:54:06 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-04-18 00:54:06 ----N---- C:\WINDOWS\system32\mssha.dll
2013-04-18 00:54:05 ----N---- C:\WINDOWS\system32\napstat.exe
2013-04-18 00:54:05 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-04-18 00:54:05 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-04-18 00:54:04 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-04-18 00:54:03 ----N---- C:\WINDOWS\system32\onex.dll
2013-04-18 00:54:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-04-18 00:54:02 ----N---- C:\WINDOWS\system32\qagent.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\qutil.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slserv.exe
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slgen.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\setupn.exe
2013-04-18 00:53:59 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-04-18 00:53:55 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-04-18 00:53:49 ----N---- C:\WINDOWS\slrundll.exe
2013-04-18 00:53:45 ----D---- C:\WINDOWS\system32\scripting
2013-04-18 00:53:45 ----D---- C:\WINDOWS\l2schemas
2013-04-18 00:53:42 ----D---- C:\WINDOWS\system32\en
2013-04-18 00:53:41 ----D---- C:\WINDOWS\system32\bits
2013-04-18 00:45:35 ----D---- C:\WINDOWS\ServicePackFiles
2013-04-18 00:40:31 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-04-18 00:40:31 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-04-18 00:40:25 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-04-18 00:40:25 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-04-18 00:40:23 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-04-18 00:40:22 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-04-18 00:40:22 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2013-04-18 00:40:20 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-04-18 00:40:20 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-04-18 00:40:18 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-04-18 00:40:18 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-04-18 00:40:17 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-04-18 00:40:16 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-04-18 00:40:16 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-04-18 00:40:16 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-04-18 00:40:15 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-04-18 00:40:15 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-04-18 00:40:14 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-04-18 00:40:14 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-04-18 00:40:12 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-04-18 00:40:10 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-04-18 00:40:10 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-04-18 00:40:10 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-04-18 00:40:09 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-04-18 00:40:09 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-04-18 00:40:09 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-04-18 00:36:57 ----A---- C:\WINDOWS\003009_.tmp
2013-04-18 00:36:55 ----A---- C:\WINDOWS\imsins.BAK
2013-04-18 00:29:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-04-17 21:46:49 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache
2013-04-17 21:37:52 ----A---- C:\user.js
2013-04-17 08:47:51 ----A---- C:\WINDOWS\trncom.INI
2013-04-15 18:39:00 ----A---- C:\WINDOWS\system32\drivers\cmdhlp.sys
2013-04-15 18:39:00 ----A---- C:\WINDOWS\system32\drivers\cmdGuard.sys
2013-04-15 18:39:00 ----A---- C:\WINDOWS\system32\drivers\cmderd.sys
2013-04-15 18:38:38 ----A---- C:\WINDOWS\system32\guard32.dll
2013-04-15 18:38:38 ----A---- C:\WINDOWS\system32\cmdcsr.dll
2013-04-15 18:38:26 ----A---- C:\WINDOWS\system32\cmdvrt32.dll
2013-04-15 18:38:26 ----A---- C:\WINDOWS\system32\cmdkbd32.dll
2013-04-14 19:36:20 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-04-24 18:56:36 ----D---- C:\WINDOWS\Temp
2013-04-24 18:38:17 ----D---- C:\WINDOWS\system32\CatRoot2
2013-04-24 18:00:32 ----RD---- C:\Program Files
2013-04-24 17:08:09 ----D---- C:\WINDOWS
2013-04-24 13:46:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-04-24 12:17:37 ----HD---- C:\Config.Msi
2013-04-24 12:14:29 ----SHD---- C:\WINDOWS\Installer
2013-04-24 12:14:29 ----D---- C:\WINDOWS\WinSxS
2013-04-24 12:13:57 ----D---- C:\Program Files\Common Files
2013-04-24 12:13:53 ----HD---- C:\WINDOWS\inf
2013-04-24 12:13:48 ----D---- C:\WINDOWS\system32\drivers
2013-04-24 12:13:01 ----D---- C:\WINDOWS\system32
2013-04-24 12:00:50 ----SD---- C:\WINDOWS\Tasks
2013-04-18 16:41:03 ----D---- C:\WINDOWS\Microsoft.NET
2013-04-18 16:41:01 ----RSD---- C:\WINDOWS\assembly
2013-04-18 15:37:33 ----SD---- C:\Documents and Settings\BuBu\Application Data\Microsoft
2013-04-18 15:37:33 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-04-18 15:34:24 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-04-18 15:31:35 ----D---- C:\Program Files\MSBuild
2013-04-18 15:25:30 ----D---- C:\WINDOWS\system32\dllcache
2013-04-18 15:24:35 ----D---- C:\WINDOWS\system32\mui
2013-04-18 15:14:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-18 15:03:13 ----D---- C:\WINDOWS\system32\en-US
2013-04-18 14:59:01 ----D---- C:\Program Files\Microsoft.NET
2013-04-18 01:07:29 ----D---- C:\WINDOWS\Debug
2013-04-18 01:06:52 ----D---- C:\WINDOWS\system32\wbem
2013-04-18 01:06:52 ----D---- C:\WINDOWS\ime
2013-04-18 01:04:34 ----D---- C:\WINDOWS\system32\Setup
2013-04-18 01:04:34 ----D---- C:\WINDOWS\AppPatch
2013-04-18 01:04:30 ----RSD---- C:\WINDOWS\Fonts
2013-04-18 01:03:47 ----D---- C:\WINDOWS\security
2013-04-18 00:59:35 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-18 00:55:13 ----D---- C:\Program Files\Messenger
2013-04-18 00:54:31 ----D---- C:\WINDOWS\system32\inetsrv
2013-04-18 00:54:30 ----D---- C:\WINDOWS\Network Diagnostic
2013-04-18 00:54:30 ----D---- C:\WINDOWS\Help
2013-04-18 00:53:48 ----D---- C:\WINDOWS\system32\usmt
2013-04-18 00:53:41 ----D---- C:\WINDOWS\PeerNet
2013-04-18 00:53:40 ----D---- C:\Program Files\Movie Maker
2013-04-18 00:45:07 ----D---- C:\WINDOWS\system32\Restore
2013-04-18 00:45:07 ----D---- C:\WINDOWS\system32\npp
2013-04-18 00:45:02 ----D---- C:\WINDOWS\msagent
2013-04-18 00:44:59 ----D---- C:\WINDOWS\srchasst
2013-04-18 00:44:57 ----D---- C:\Program Files\NetMeeting
2013-04-18 00:44:54 ----D---- C:\WINDOWS\system32\Com
2013-04-18 00:44:49 ----D---- C:\Program Files\Windows Media Player
2013-04-18 00:44:48 ----D---- C:\Program Files\Windows NT
2013-04-18 00:44:48 ----D---- C:\Program Files\Outlook Express
2013-04-18 00:44:41 ----D---- C:\Program Files\Common Files\System
2013-04-18 00:44:10 ----D---- C:\WINDOWS\system32\oobe
2013-04-18 00:44:06 ----D---- C:\WINDOWS\system
2013-04-18 00:36:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-04-18 00:29:18 ----D---- C:\WINDOWS\ehome
2013-04-17 22:44:39 ----D---- C:\WINDOWS\Minidump
2013-04-17 19:39:37 ----D---- C:\Documents and Settings\BuBu\Application Data\codeblocks
2013-04-17 08:43:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2013-04-17 08:40:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-04-14 21:16:36 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2013-04-18 99392]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-06 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-31 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-31 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-31 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-31 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-31 54232]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2013-04-15 18528]
R1 cmdGuard;COMODO Internet Security Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2013-04-15 592384]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2013-04-15 32816]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2012-02-29 17801]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-31 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-31 97608]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-03-31 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-03-31 55936]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-06-16 10970]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-05 127872]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-05-25 1133056]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
R3 TwoTrack;IBM PS/2 TrackPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\TwoTrack.sys [2001-08-17 11520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w70n51;Intel(R) PRO/Wireless 7100 Adapter Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w70n51.sys [2006-07-13 674560]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273024]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2009-02-20 165496]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-09-25 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2007-09-25 20520]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-14 22016]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2007-03-06 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-06 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST_Software\Avast_antivirus\AvastSvc.exe [2012-10-31 44808]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-04-15 4443912]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 RegSrvc;RegSrvc; C:\WINDOWS\system32\RegSrvc.exe [2006-06-16 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2006-06-16 426051]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-05-25 364544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-06 116648]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-04-15 127184]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-06 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-28 161768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-14 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

A eset online scaner mi vyhodil teraz vysledok

infiltracia:
Win32/Patched.EE trójsky kôň
Cieľ:
Pamäť

Zdravím, tohle fixni v HJT :

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST_Software\Avast_antivirus\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST_Software\Avast_antivirus\aswWebRepIE.dll
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\BuBu.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo dole klikni na Search.

Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.


P.S. příště nepřidávej sám sobě odpovědi jinak upadneš v zapomění

Dakujem

vsetko som spravil čo si kazal (dufam že dobre ) a tu je ten txt:

# AdwCleaner v2.300 - Logfile created 04/29/2013 at 18:13:52
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : BuBu - NOTE-F9E38A32C3
# Boot Mode : Normal
# Running from : C:\Documents and Settings\BuBu\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\WINDOWS\Tasks\YourFile Update.job
Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found : C:\Documents and Settings\BuBu\Application Data\Babylon
Folder Found : C:\Documents and Settings\BuBu\Application Data\yourfiledownloader
Folder Found : C:\Documents and Settings\BuBu\Local Settings\Application Data\Babylon
Folder Found : C:\Documents and Settings\BuBu\Local Settings\Application Data\PackageAware

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\YourFileDownloader
Key Found : HKU\S-1-5-21-299502267-492894223-854245398-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16414

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (sk)

File : C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default\prefs.js

Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Found : user_pref("extensions.BabylonToolbar.id", "448b279a000000000000000cf15a0ec6");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15644");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.babylon.com/?affID=116222&tt=2510[...]
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.88:53:19");

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\BuBu\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3304 octets] - [29/04/2013 18:13:52]

########## EOF - C:\AdwCleaner[R1].txt - [3364 octets] ##########

Rrsto píše:........ (dufam že dobre ) ........

To poznáme


Znovu spusť AdwCleaner ale tentokrát klikni na Delete,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té na Tebe opět vypadne log který mi sem zkopíruj.

a zabudol som tu napisat

zacal sa mi note tak zapinať že nabehne čierna obrazovka s myškou , da sa s nou aj hybať, a po asi 5min sa nastartuje win , ked som to skusal cez save mod tak tam nabehne win hned , na ostatnych rezinoch je ale taka 5 min "čakacia" doba

tu je log :

# AdwCleaner v2.300 - Logfile created 04/29/2013 at 18:28:30
# Updated 28/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : BuBu - NOTE-F9E38A32C3
# Boot Mode : Normal
# Running from : C:\Documents and Settings\BuBu\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\WINDOWS\Tasks\YourFile Update.job
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\BuBu\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\BuBu\Application Data\yourfiledownloader
Folder Deleted : C:\Documents and Settings\BuBu\Local Settings\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\BuBu\Local Settings\Application Data\PackageAware

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\YourFileDownloader

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.16414

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (sk)

File : C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default\prefs.js

C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default\user.js ... Deleted !

Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "448b279a000000000000000cf15a0ec6");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15644");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.babylon.com/?affID=116222&tt=2510[...]
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.88:53:19");

-\\ Google Chrome v26.0.1410.64

File : C:\Documents and Settings\BuBu\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3433 octets] - [29/04/2013 18:13:52]
AdwCleaner[S1].txt - [3395 octets] - [29/04/2013 18:28:30]

########## EOF - C:\AdwCleaner[S1].txt - [3455 octets] ##########

tak nakoniec to prestalo ani pisat som ti to nemusel

restartoval som pc a vycistil este cclearerom a už nabehuje normalne
tak dufam že už to bude všetko v poriadku,
dakujem velmi za pomoc

a cakam ci este napises daco k tomu poslednemu logu

Rrsto píše:........ a cakam ci este napises daco k tomu poslednemu logu

Poslední log je v pohodě, ale podíváme se pro jistotu ještě hlouběji jen pozorně čti, protože tenhle softík netoleruje chyby.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

skusal som to 3x ale nic z toho

po 10tich minutach note zamrzne, prestane blikat kurzor, prestane hard disk nacitat aj systemovy cas zastal, proste uplne zamrzol, bol som aj trpezlivy nechal som to 5 hodin bezat cez noc a nic

a na disku C:\ je akurat priečinok ComboFix s ikonkou ako pocitač.

Tak ho zkus spustit v Nouzovém režimu.

ani v Safe Mode with Networking , po 15min zamrzlo,

a pri spustani operacneho sistemu sa ma pyta ktory chcem spustit,
je tam na sekundu možnosť tej reconvery console alebo win xp
to sa tak malo nainstalovat ?

jak to nepojde to nevadi jak by zas daco blblo tak preinstalujem win, a jak ma nasere
tak dam iny operacny system

DIK chlape

Ještě ale musíme uklidit.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak T-Cleaner spusť ještě jednou, stiskni klávesu R a ENTER

po restartu znova spusť T-Cleaner

stiskni klávesu A a ENTER potvrď všechny volby na smazání

pak jej spusť znova klávesou P a ENTER restartuj PC.

Tímto se zbavíš Recovery Console


Pak mi sem dej aktuální log z Rsit.

Logfile of random's system information tool 1.09 (written by random/random)
Run by BuBu at 2013-05-01 23:12:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (17%) free of 18 GB
Total RAM: 511 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:12:44, on 1.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST_Software\Avast_antivirus\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST_Software\Avast_antivirus\AvastEmUpdate.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\AVAST_Software\Avast_antivirus\avastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\BuBu\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\BuBu.exe
C:\Program Files\AVAST_Software\Avast_antivirus\setup\avast.setup

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tuvaro.com/ws/?source=9e9471a2&t ... 0cf15a0ec6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST_Software\Avast_antivirus\avastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{571900DA-3481-4A36-AB6C-8C3011DA5F00}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{57E66068-A646-42E7-95BA-374AD37B8DF5}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{59657600-C1CC-43B3-93EC-CDD64D9859D8}: NameServer = 8.26.56.26,156.154.70.22
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST_Software\Avast_antivirus\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7274 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\budliki.job
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
C:\WINDOWS\tasks\Go for FilesUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\pripomienka.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "about:home"

"wrc@avast.com"=C:\Program Files\AVAST_Software\Avast_antivirus\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\BuBu\Application Data\Mozilla\Firefox\Profiles\zwhvzli3.default\searchplugins\
tuvaro.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-28 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-28 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST_Software\Avast_antivirus\avastUI.exe [2012-10-31 4297136]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-04-15 3012816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-05-25 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-06 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\AppServ\Apache2.2\bin\httpd.exe"="C:\AppServ\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.3"
"C:\Program Files\GoforFiles\goforfilesdl.exe"="C:\Program Files\GoforFiles\goforfilesdl.exe:*:Enabled:Go for Files"
"C:\Program Files\GoforFiles\GoforFiles.exe"="C:\Program Files\GoforFiles\GoforFiles.exe:*:Enabled:Go for Files"
"C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe"="C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi"
"C:\Program Files\YourFileDownloader\Downloader.exe"="C:\Program Files\YourFileDownloader\Downloader.exe:*:Enabled:YourFile Downloader"
"C:\Program Files\YourFileDownloader\YourFile.exe"="C:\Program Files\YourFileDownloader\YourFile.exe:*:Enabled:YourFile Downloader"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-05-01 23:12:15 ----D---- C:\rsit
2013-04-30 22:13:40 ----A---- C:\WINDOWS\ntbtlog.txt
2013-04-30 00:08:42 ----ASHD---- C:\cmdcons
2013-04-24 18:00:32 ----D---- C:\Program Files\ESET
2013-04-24 17:08:09 ----SHD---- C:\WINDOWS\CSC
2013-04-24 11:56:47 ----SD---- C:\Documents and Settings\All Users\Application Data\Shared Space
2013-04-24 11:53:34 ----A---- C:\WINDOWS\system32\mfc71.dll
2013-04-24 11:53:30 ----A---- C:\WINDOWS\system32\gdiplus.dll
2013-04-24 11:49:26 ----D---- C:\Documents and Settings\All Users\Application Data\COMODO
2013-04-24 11:45:06 ----D---- C:\Program Files\Comodo
2013-04-24 11:44:29 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2013-04-24 10:35:22 ----D---- C:\Program Files\trend micro
2013-04-18 18:02:12 ----A---- C:\WINDOWS\system32\drivers\inspect.sys
2013-04-18 15:44:13 ----D---- C:\Program Files\Microsoft Synchronization Services
2013-04-18 15:44:08 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2013-04-18 15:31:50 ----D---- C:\WINDOWS\symbols
2013-04-18 15:31:36 ----D---- C:\Program Files\Microsoft Help Viewer
2013-04-18 15:31:35 ----D---- C:\Program Files\Microsoft SDKs
2013-04-18 15:31:35 ----D---- C:\Program Files\Common Files\Merge Modules
2013-04-18 15:25:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958655-v2$
2013-04-18 15:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2013-04-18 01:07:16 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-04-18 01:06:54 ----D---- C:\Program Files\xerox
2013-04-18 01:06:48 ----D---- C:\WINDOWS\system32\xircom
2013-04-18 01:06:42 ----D---- C:\Program Files\microsoft frontpage
2013-04-18 01:05:27 ----D---- C:\WINDOWS\Prefetch
2013-04-18 00:54:33 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-04-18 00:54:33 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2013-04-18 00:54:33 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-04-18 00:54:32 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-04-18 00:54:23 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-04-18 00:54:23 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-04-18 00:54:23 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-04-18 00:54:22 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-04-18 00:54:22 ----N---- C:\WINDOWS\system32\azroles.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-04-18 00:54:20 ----N---- C:\WINDOWS\system32\credssp.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-04-18 00:54:19 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-04-18 00:54:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-04-18 00:54:17 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-04-18 00:54:15 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-04-18 00:54:11 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-04-18 00:54:11 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-04-18 00:54:10 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-04-18 00:54:10 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-04-18 00:54:09 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-04-18 00:54:09 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-04-18 00:54:08 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-04-18 00:54:08 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-04-18 00:54:08 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2013-04-18 00:54:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-04-18 00:54:07 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-04-18 00:54:06 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-04-18 00:54:06 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-04-18 00:54:06 ----N---- C:\WINDOWS\system32\mssha.dll
2013-04-18 00:54:05 ----N---- C:\WINDOWS\system32\napstat.exe
2013-04-18 00:54:05 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-04-18 00:54:05 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-04-18 00:54:04 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-04-18 00:54:03 ----N---- C:\WINDOWS\system32\onex.dll
2013-04-18 00:54:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-04-18 00:54:02 ----N---- C:\WINDOWS\system32\qagent.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\qutil.dll
2013-04-18 00:54:01 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slserv.exe
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slgen.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-04-18 00:54:00 ----N---- C:\WINDOWS\system32\setupn.exe
2013-04-18 00:53:59 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-04-18 00:53:55 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-04-18 00:53:49 ----N---- C:\WINDOWS\slrundll.exe
2013-04-18 00:53:45 ----D---- C:\WINDOWS\system32\scripting
2013-04-18 00:53:45 ----D---- C:\WINDOWS\l2schemas
2013-04-18 00:53:42 ----D---- C:\WINDOWS\system32\en
2013-04-18 00:53:41 ----D---- C:\WINDOWS\system32\bits
2013-04-18 00:45:35 ----D---- C:\WINDOWS\ServicePackFiles
2013-04-18 00:40:31 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-04-18 00:40:31 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-04-18 00:40:30 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-04-18 00:40:29 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-04-18 00:40:28 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-04-18 00:40:27 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-04-18 00:40:26 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-04-18 00:40:25 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-04-18 00:40:25 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-04-18 00:40:23 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-04-18 00:40:22 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-04-18 00:40:22 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-04-18 00:40:21 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2013-04-18 00:40:20 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2013-04-18 00:40:20 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2013-04-18 00:40:18 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-04-18 00:40:18 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-04-18 00:40:17 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-04-18 00:40:16 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-04-18 00:40:16 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-04-18 00:40:16 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-04-18 00:40:15 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-04-18 00:40:15 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-04-18 00:40:14 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-04-18 00:40:14 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-04-18 00:40:12 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-04-18 00:40:11 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-04-18 00:40:10 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-04-18 00:40:10 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-04-18 00:40:10 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-04-18 00:40:09 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-04-18 00:40:09 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-04-18 00:40:09 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-04-18 00:40:08 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-04-18 00:40:07 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-04-18 00:29:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-04-17 21:46:49 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache
2013-04-17 08:47:51 ----A---- C:\WINDOWS\trncom.INI
2013-04-15 18:39:00 ----A---- C:\WINDOWS\system32\drivers\cmdhlp.sys
2013-04-15 18:39:00 ----A---- C:\WINDOWS\system32\drivers\cmdGuard.sys
2013-04-15 18:39:00 ----A---- C:\WINDOWS\system32\drivers\cmderd.sys
2013-04-15 18:38:38 ----A---- C:\WINDOWS\system32\guard32.dll
2013-04-15 18:38:38 ----A---- C:\WINDOWS\system32\cmdcsr.dll
2013-04-15 18:38:26 ----A---- C:\WINDOWS\system32\cmdvrt32.dll
2013-04-15 18:38:26 ----A---- C:\WINDOWS\system32\cmdkbd32.dll
2013-04-14 19:36:20 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-05-01 23:12:40 ----D---- C:\WINDOWS\Temp
2013-05-01 23:11:44 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-01 23:09:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-01 23:00:27 ----D---- C:\WINDOWS
2013-05-01 22:58:30 ----D---- C:\WINDOWS\system32\Restore
2013-05-01 22:56:57 ----D---- C:\WINDOWS\system32\drivers
2013-05-01 20:16:24 ----D---- C:\WINDOWS\system32
2013-04-30 17:43:30 ----D---- C:\Documents and Settings\BuBu\Application Data\codeblocks
2013-04-30 00:31:25 ----D---- C:\WINDOWS\SoftwareDistribution
2013-04-29 21:14:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-04-29 18:28:49 ----SD---- C:\WINDOWS\Tasks
2013-04-29 18:01:59 ----D---- C:\Documents and Settings\BuBu\Application Data\Media Player Classic
2013-04-29 17:55:58 ----D---- C:\Program Files\CCleaner
2013-04-29 17:49:19 ----D---- C:\WINDOWS\Debug
2013-04-24 18:00:32 ----RD---- C:\Program Files
2013-04-24 12:17:37 ----HD---- C:\Config.Msi
2013-04-24 12:14:29 ----SHD---- C:\WINDOWS\Installer
2013-04-24 12:14:29 ----D---- C:\WINDOWS\WinSxS
2013-04-24 12:13:57 ----D---- C:\Program Files\Common Files
2013-04-24 12:13:53 ----HD---- C:\WINDOWS\inf
2013-04-18 16:41:03 ----D---- C:\WINDOWS\Microsoft.NET
2013-04-18 16:41:01 ----RSD---- C:\WINDOWS\assembly
2013-04-18 15:37:33 ----SD---- C:\Documents and Settings\BuBu\Application Data\Microsoft
2013-04-18 15:37:33 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2013-04-18 15:34:24 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-04-18 15:31:35 ----D---- C:\Program Files\MSBuild
2013-04-18 15:25:30 ----D---- C:\WINDOWS\system32\dllcache
2013-04-18 15:24:35 ----D---- C:\WINDOWS\system32\mui
2013-04-18 15:03:13 ----D---- C:\WINDOWS\system32\en-US
2013-04-18 14:59:01 ----D---- C:\Program Files\Microsoft.NET
2013-04-18 01:06:52 ----D---- C:\WINDOWS\system32\wbem
2013-04-18 01:06:52 ----D---- C:\WINDOWS\ime
2013-04-18 01:04:34 ----D---- C:\WINDOWS\system32\Setup
2013-04-18 01:04:34 ----D---- C:\WINDOWS\AppPatch
2013-04-18 01:04:30 ----RSD---- C:\WINDOWS\Fonts
2013-04-18 01:03:47 ----D---- C:\WINDOWS\security
2013-04-18 00:59:35 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-18 00:55:13 ----D---- C:\Program Files\Messenger
2013-04-18 00:54:31 ----D---- C:\WINDOWS\system32\inetsrv
2013-04-18 00:54:30 ----D---- C:\WINDOWS\Network Diagnostic
2013-04-18 00:54:30 ----D---- C:\WINDOWS\Help
2013-04-18 00:53:48 ----D---- C:\WINDOWS\system32\usmt
2013-04-18 00:53:41 ----D---- C:\WINDOWS\PeerNet
2013-04-18 00:53:40 ----D---- C:\Program Files\Movie Maker
2013-04-18 00:45:07 ----D---- C:\WINDOWS\system32\npp
2013-04-18 00:45:02 ----D---- C:\WINDOWS\msagent
2013-04-18 00:44:59 ----D---- C:\WINDOWS\srchasst
2013-04-18 00:44:57 ----D---- C:\Program Files\NetMeeting
2013-04-18 00:44:54 ----D---- C:\WINDOWS\system32\Com
2013-04-18 00:44:49 ----D---- C:\Program Files\Windows Media Player
2013-04-18 00:44:48 ----D---- C:\Program Files\Windows NT
2013-04-18 00:44:48 ----D---- C:\Program Files\Outlook Express
2013-04-18 00:44:41 ----D---- C:\Program Files\Common Files\System
2013-04-18 00:44:10 ----D---- C:\WINDOWS\system32\oobe
2013-04-18 00:44:06 ----D---- C:\WINDOWS\system
2013-04-18 00:36:44 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-04-18 00:29:18 ----D---- C:\WINDOWS\ehome
2013-04-17 22:44:39 ----D---- C:\WINDOWS\Minidump
2013-04-17 08:43:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2013-04-17 08:40:09 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-04-14 21:16:36 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2013-04-25 99392]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-03-06 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-31 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-31 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-31 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-31 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-31 54232]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2013-04-15 18528]
R1 cmdGuard;COMODO Internet Security Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2013-04-15 592384]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2013-04-15 32816]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2012-02-29 17801]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-31 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-31 97608]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-03-31 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-03-31 55936]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-06-16 10970]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-05 127872]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-05-25 1133056]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
R3 TwoTrack;IBM PS/2 TrackPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\TwoTrack.sys [2001-08-17 11520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w70n51;Intel(R) PRO/Wireless 7100 Adapter Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w70n51.sys [2006-07-13 674560]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273024]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2009-02-20 165496]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2007-09-25 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2007-09-25 20520]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-14 22016]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2007-03-06 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-03-06 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST_Software\Avast_antivirus\AvastSvc.exe [2012-10-31 44808]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-04-25 4443912]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 RegSrvc;RegSrvc; C:\WINDOWS\system32\RegSrvc.exe [2006-06-16 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\system32\S24EvMon.exe [2006-06-16 426051]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-05-25 364544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-06 116648]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-04-15 127184]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-06 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-09-28 161768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-14 115608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Ještě tohle fixni v HJT :

O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')

jak na to jsem již psal.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate)

Služba Google Update (gupdatem)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


No a pokud již není žádný problém je to odmne vše.