zavirovaný PC

[uchoun]

Zdravím,

asi před týdnem se z mého PC začaly samovolně odesílat zprávy ze skypu a facebooku, které obsahovaly vir. Přišlo mi to poprvé od někoho jiného ale neotevřel jsem to, přesto se to rozesílalo dál. Od té doby se mi PC čim dál více zasekával a nakonec jen naběhl windows a pak se to kouslo. Ještě když se dal spustit tak jsem objevil jeden proces který zabíral cca 50 % CPU. Jednalo se o "LUQUUZHSMVGWKNK.exe" - byl to nějaký skrytý soubor v tempu, takže jsem ho odstranil a co jsem si všiml tak už se neobjevil. Takže alespoň v nouzovém režimu to jde rozchodit tak bych chtěl poprosit o pomoc s pročištěním PC.

Přikládám log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2013-05-07 14:29:43
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (10%) free of 50 GB
Total RAM: 511 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:01, on 7.5.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Malí\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Malí\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Malí\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator.T-8SA6LE08V3GQH\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: GomPicker - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files\GRETECH\GomPicker\GomPickerBHO.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [EPSON Stylus Photo RX620 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE /P31 "EPSON Stylus Photo RX620 Series" /O6 "USB001" /M "Stylus Photo RX620"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Windows Messages Controler] c:\windows\sms.exe
O4 - HKLM\..\Run: [AdobeART] C:\Documents and Settings\Malí\Data aplikací\AdobeART.exe
O4 - HKLM\..\Run: [Xvaaulzzmmkovylr.exe] "C:\Documents and Settings\Malí\Data aplikací\Xvaaulzzmmkovylr.exe"
O4 - HKLM\..\Run: [Wjyqktymqezxpqmq.exe] "C:\Documents and Settings\Malí\Data aplikací\Wjyqktymqezxpqmq.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: slljcdlve.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: slljcdlve.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8533F111-1F3E-454A-959B-94756D4B6CAA}: NameServer = 88.103.222.23,194.228.2.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

--
End of file - 9814 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-484763869-2147116355-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-484763869-2147116355-1003UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2B8300CA-EF19-45BD-889F-3B004DFB9A9C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-25 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-19 1929392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-09 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-09 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-10-07 1961240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}]
GretechBHO Class - C:\Program Files\GRETECH\GomPicker\GomPickerBHO.dll [2011-12-14 1184888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2010-10-07 187672]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll [2013-02-19 1929392]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-09 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\SMax4.exe [2005-09-07 716800]
"VGAUtil"=C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe [2006-07-25 544768]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-06-01 7618560]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"TWCU"=C:\Program Files\TP-LINK\TWCU\TWCU.exe [2005-08-09 413696]
"EPSON Stylus Photo RX620 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE [2004-05-19 98304]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2012-01-26 2077536]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-02-19 1151152]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Windows Messages Controler"=c:\windows\sms.exe [2013-04-23 1156394]
"AdobeART"=C:\Documents and Settings\Malí\Data aplikací\AdobeART.exe []
"Xvaaulzzmmkovylr.exe"=C:\Documents and Settings\Malí\Data aplikací\Xvaaulzzmmkovylr.exe []
"Wjyqktymqezxpqmq.exe"=C:\Documents and Settings\Malí\Data aplikací\Wjyqktymqezxpqmq.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\CTFMON.EXE [2004-08-17 15360]

C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-19 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe"="C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe:*:Enabled:Menu"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2 Trial Version\zt2demoretail.exe:*:Enabled:Zoo Tycoon 2 Demo Executable"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Malí\Data aplikací\9.exe"="c:\windows\sms.exe:*:Enabled:Windows Messages Controler"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"MSVideo"=vfwwdm32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-05-07 14:29:45 ----D---- C:\Program Files\trend micro
2013-05-07 14:29:43 ----D---- C:\rsit
2013-05-07 14:08:31 ----D---- C:\Documents and Settings\Administrator.T-8SA6LE08V3GQH\Data aplikací\Adobe
2013-05-07 14:07:50 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2013-05-07 14:07:46 ----ASH---- C:\Documents and Settings\Administrator.T-8SA6LE08V3GQH\Data aplikací\desktop.ini
2013-05-07 14:07:45 ----SD---- C:\Documents and Settings\Administrator.T-8SA6LE08V3GQH\Data aplikací\Microsoft
2013-05-07 14:07:45 ----D---- C:\Documents and Settings\Administrator.T-8SA6LE08V3GQH\Data aplikací\Macromedia
2013-05-07 14:07:44 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2013-05-07 14:07:33 ----SHD---- C:\WINDOWS\CSC
2013-05-07 14:07:26 ----A---- C:\WINDOWS\ntbtlog.txt
2013-04-28 09:19:22 ----A---- C:\WINDOWS\GPCIDrv.sys
2013-04-23 13:31:43 ----RSH---- C:\WINDOWS\sms.exe

======List of files/folders modified in the last 1 month======

2013-05-07 14:29:45 ----RD---- C:\Program Files
2013-05-07 14:24:37 ----D---- C:\WINDOWS\Temp
2013-05-07 14:18:48 ----D---- C:\WINDOWS\system32
2013-05-07 14:16:31 ----A---- C:\WINDOWS\NeroDigital.ini
2013-05-07 14:07:50 ----D---- C:\WINDOWS\system32\drivers
2013-05-07 14:07:44 ----D---- C:\Documents and Settings
2013-05-07 14:07:42 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-07 14:07:33 ----D---- C:\WINDOWS
2013-05-07 14:04:35 ----D---- C:\WINDOWS\Prefetch
2013-05-02 18:38:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-02 18:13:23 ----D---- C:\WINDOWS\system32\CatRoot_bak
2013-05-02 18:13:23 ----D---- C:\WINDOWS\system32\CatRoot
2013-05-02 18:12:47 ----HD---- C:\WINDOWS\inf
2013-05-02 18:07:29 ----SHD---- C:\WINDOWS\Installer
2013-04-12 18:40:16 ----D---- C:\WINDOWS\system32\drivers\Avg
2013-04-12 05:57:44 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype
2013-04-12 05:57:35 ----RD---- C:\Program Files\Skype
2013-04-12 05:57:35 ----D---- C:\Program Files\Common Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2005-09-01 5888]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2005-09-01 127488]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-05-06 243152]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-09-14 299424]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2013-01-15 226016]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-09-13 29712]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-03-21 17801]
S2 nvcap;nVidia WDM Video Capture (universal); C:\WINDOWS\system32\DRIVERS\nvcap.sys [2005-01-31 141246]
S2 NVXBAR;nVidia WDM A/V Crossbar; C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2005-01-31 16176]
S3 AEXPAM;Philips SmartManage Service; C:\WINDOWS\System32\Drivers\aexpamdrv.sys []
S3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-06-25 463168]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2008-07-26 23832]
S3 GPCIDrv;GPCIDrv; \??\C:\WINDOWS\GPCIDrv.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 GVTDrv;GVTDrv; \??\C:\WINDOWS\system32\Drivers\GVTDrv.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
S3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
S3 LVUVC;Logitech QuickCam E3500(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-04-10 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2005-05-05 36864]
S2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
S2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-19 308136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
S2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-06-01 155715]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-19 968880]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]

-----------------EOF-----------------

[JaRon]

v nudzovom rezime:
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Messages Controler"=-
"AdobeART"=-
"Xvaaulzzmmkovylr.exe"=-
"Wjyqktymqezxpqmq.exe"=-

File::
c:\windows\sms.exe 

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

potom odinstaluj AVG a nainstaluj nejaky antivir

[uchoun]

čau, díky za pomoc. Combofixem jsem to projel a AVG smazal a nainstaluju avast.

Tady je log

ComboFix 13-05-07.02 - Administrator 07.05.2013 15:52:35.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.309 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\CFScript.txt.txt
.
FILE ::
"c:\windows\sms.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Deti\setup_Fotostar_Offline_client2.exe
c:\documents and settings\Deti\setup_Fotostar_Offline_client3.exe
c:\documents and settings\Deti\WINDOWS
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.3.0.4160\Data\config.md
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.dat
c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.exe
c:\windows\IsUn0407.exe
c:\windows\sms.exe
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\47d04773b45bb9a0.fb
c:\windows\system32\Cache\4b0ecb6b132a328a.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\63d9c4528446def2.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\695b075255522790.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\933a2b8e22d42a2b.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\a85ed4cbdee821c3.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\b3b27c6ab3f16d6b.fb
c:\windows\system32\Cache\bdfef323f8496435.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d582fc4282cb9515.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\SETA1.tmp
c:\windows\system32\SETA5.tmp
c:\windows\system32\SETAD.tmp
c:\windows\wt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-07 do 2013-05-07 )))))))))))))))))))))))))))))))
.
.
2013-05-07 12:29 . 2013-05-07 12:30 -------- d-----w- c:\program files\trend micro
2013-05-07 12:29 . 2013-05-07 12:30 -------- d-----w- C:\rsit
2013-05-07 12:07 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2013-05-07 12:07 . 2013-05-07 13:31 -------- d-----w- c:\documents and settings\Administrator.T-8SA6LE08V3GQH
2013-05-07 12:07 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2013-04-28 07:19 . 2013-05-07 12:18 5112 ----a-w- c:\windows\GPCIDrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-07 12:18 . 2010-03-21 13:32 19039 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2013-02-19 13:27 . 2012-08-29 13:40 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-07 187672]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VGAUtil"="c:\program files\GigaByte\VGA Utility Manager\G-VGA.exe" [2006-07-25 544768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"nwiz"="nwiz.exe" [2006-06-01 1519616]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2005-08-09 413696]
"EPSON Stylus Photo RX620 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE" [2004-05-19 98304]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.894" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-2-19 66864]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\GigaByte\\VGA Utility Manager\\G-VGA.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2 Trial Version\\zt2demoretail.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [29.8.2012 15:40 33112]
R4 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys --> c:\windows\system32\Drivers\avgtdix.sys [?]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.7.2008 9:15 247608]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys --> c:\windows\system32\Drivers\aexpamdrv.sys [?]
S3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [28.4.2013 9:19 5112]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [21.3.2010 15:32 19039]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10.4.2010 15:40 47360]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NVCAP
*NewlyCreated* - NVXBAR
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 07:42]
.
2013-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 07:42]
.
2013-05-07 c:\windows\Tasks\User_Feed_Synchronization-{2B8300CA-EF19-45BD-889F-3B004DFB9A9C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.0.254
TCP: Interfaces\{8533F111-1F3E-454A-959B-94756D4B6CAA}: NameServer = 88.103.222.23,194.228.2.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-McAfee Security Scan - c:\program files\McAfee Security Scan\uninstall.exe
AddRemove-Moorhuhn 2 V1.1 - c:\windows\IsUn0407.exe
AddRemove-{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1 - c:\program files\VSO\ConvertX\4\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-07 16:02
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-05-07 16:04:58
ComboFix-quarantined-files.txt 2013-05-07 14:04
.
Před spuštěním: 8 886 882 304
Po spuštění: 9 336 057 856
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - DD233EBE7827AC5F1C582A577A315CA3

[JaRon]

c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
toto ak nepoznas, tak zakaz cez msconfig
inac OK

[uchoun]

tak ten soubor odstranit nejde...a v msconfig ho nevidim...

[JaRon]

pouzi CFScript:

Kód: Vybrat vše

File::
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\slljcdlve.exe 

[uchoun]

tak jsem to projel tim scriptem ale stale to tam je :-/ ...a PC je stale strasne zabrzdeny...

tady je log
ComboFix 13-05-07.02 - Administrator 10.05.2013 9:35.2.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.281 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\CFScript.txt.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-10 do 2013-05-10 )))))))))))))))))))))))))))))))
.
.
2013-05-07 14:20 . 2013-05-01 23:33 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-07 14:19 . 2013-05-07 14:19 -------- d-----w- c:\program files\AVAST Software
2013-05-07 14:18 . 2013-05-10 07:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2013-05-07 12:29 . 2013-05-07 12:30 -------- d-----w- c:\program files\trend micro
2013-05-07 12:29 . 2013-05-07 12:30 -------- d-----w- C:\rsit
2013-05-07 12:07 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2013-05-07 12:07 . 2013-05-07 13:31 -------- d-----w- c:\documents and settings\Administrator.T-8SA6LE08V3GQH
2013-05-07 12:07 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2013-04-28 07:19 . 2013-05-10 06:49 5112 ----a-w- c:\windows\GPCIDrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-10 06:47 . 2010-03-21 13:32 19039 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2013-02-19 13:27 . 2012-08-29 13:40 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-07 187672]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VGAUtil"="c:\program files\GigaByte\VGA Utility Manager\G-VGA.exe" [2006-07-25 544768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"nwiz"="nwiz.exe" [2006-06-01 1519616]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2005-08-09 413696]
"EPSON Stylus Photo RX620 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE" [2004-05-19 98304]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.894" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-2-19 66864]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\GigaByte\\VGA Utility Manager\\G-VGA.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2 Trial Version\\zt2demoretail.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [29.8.2012 15:40 33112]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.7.2008 9:15 247608]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys --> c:\windows\system32\Drivers\aexpamdrv.sys [?]
S3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [28.4.2013 9:19 5112]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [21.3.2010 15:32 19039]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10.4.2010 15:40 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 07:42]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 07:42]
.
2013-05-10 c:\windows\Tasks\User_Feed_Synchronization-{2B8300CA-EF19-45BD-889F-3B004DFB9A9C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.0.254
TCP: Interfaces\{8533F111-1F3E-454A-959B-94756D4B6CAA}: NameServer = 88.103.222.23,194.228.2.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-10 09:43
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-484763869-2147116355-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,cb,47,33,27,78,87,49,8e,fa,2e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,cb,47,33,27,78,87,49,8e,fa,2e,\
.
Celkový čas: 2013-05-10 09:46:03
ComboFix-quarantined-files.txt 2013-05-10 07:46
ComboFix2.txt 2013-05-07 14:04
.
Před spuštěním: 8 703 823 872
Po spuštění: 8 695 885 824
.
- - End Of File - - FFE95D78FB7417302C13A458FA84B412

[JaRon]

nespravne pomenovany script:
Použité ovládací přepínače :: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\CFScript.txt.txt - ma byt CFScript.txt
zopakuj akciu spravne

[uchoun]

tak ted uz je to snad spravne ale porad to tam je :-/

ComboFix 13-05-07.02 - Administrator 10.05.2013 10:44:27.3.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.307 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator.T-8SA6LE08V3GQH\Plocha\CFScript.txt
.
FILE ::
"c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\slljcdlve.exe"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-10 do 2013-05-10 )))))))))))))))))))))))))))))))
.
.
2013-05-10 08:22 . 2013-05-10 08:30 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z.Z.......Z.ZZ
2013-05-10 08:05 . 2013-05-10 08:22 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZZZZZ..Z
2013-05-10 07:57 . 2013-05-10 07:57 -------- d-----w- c:\program files\CCleaner
2013-05-07 14:20 . 2013-05-01 23:33 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-07 14:19 . 2013-05-07 14:19 -------- d-----w- c:\program files\AVAST Software
2013-05-07 14:18 . 2013-05-10 07:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2013-05-07 12:29 . 2013-05-07 12:30 -------- d-----w- c:\program files\trend micro
2013-05-07 12:29 . 2013-05-07 12:30 -------- d-----w- C:\rsit
2013-05-07 12:07 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2013-05-07 12:07 . 2013-05-10 08:04 -------- d-----w- c:\documents and settings\Administrator.T-8SA6LE08V3GQH
2013-05-07 12:07 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2013-04-28 07:19 . 2013-05-10 06:49 5112 ----a-w- c:\windows\GPCIDrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-10 06:47 . 2010-03-21 13:32 19039 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2013-02-19 13:27 . 2012-08-29 13:40 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-07 187672]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VGAUtil"="c:\program files\GigaByte\VGA Utility Manager\G-VGA.exe" [2006-07-25 544768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"nwiz"="nwiz.exe" [2006-06-01 1519616]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2005-08-09 413696]
"EPSON Stylus Photo RX620 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9HE.EXE" [2004-05-19 98304]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.894" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-2-19 66864]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\
slljcdlve.exe [2013-4-28 286720]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\GigaByte\\VGA Utility Manager\\G-VGA.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2 Trial Version\\zt2demoretail.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [29.8.2012 15:40 33112]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.7.2008 9:15 247608]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys --> c:\windows\system32\Drivers\aexpamdrv.sys [?]
S3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [28.4.2013 9:19 5112]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [21.3.2010 15:32 19039]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10.4.2010 15:40 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 07:42]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 07:42]
.
2013-05-10 c:\windows\Tasks\User_Feed_Synchronization-{2B8300CA-EF19-45BD-889F-3B004DFB9A9C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.0.254
TCP: Interfaces\{8533F111-1F3E-454A-959B-94756D4B6CAA}: NameServer = 88.103.222.23,194.228.2.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-10 10:52
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-484763869-2147116355-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,cb,47,33,27,78,87,49,8e,fa,2e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,cb,47,33,27,78,87,49,8e,fa,2e,\
.
Celkový čas: 2013-05-10 10:53:47
ComboFix-quarantined-files.txt 2013-05-10 08:53
ComboFix2.txt 2013-05-10 07:46
ComboFix3.txt 2013-05-07 14:04
.
Před spuštěním: 8 562 028 544
Po spuštění: 8 550 449 152
.
- - End Of File - - 58E2D0BD612D51FB47E894D102CC6426

[JaRon]

spust regedit, daj hladat klucove slovo slljcdlve
a vzdy ked ho najde, daj dany kluc zmazat
POZOR: nemaz nic ine, len uvedene (mal by sa vyskytovat asi 3x)

[uchoun]

v regeditu vyraz "slljcdlve" nenalezen :-/

[JaRon]

vloz log z TDSSKiller

[uchoun]

tady je

11:37:33.0359 1480 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:37:33.0578 1480 ============================================================
11:37:33.0578 1480 Current date / time: 2013/05/10 11:37:33.0578
11:37:33.0578 1480 SystemInfo:
11:37:33.0578 1480
11:37:33.0578 1480 OS Version: 5.1.2600 ServicePack: 2.0
11:37:33.0578 1480 Product type: Workstation
11:37:33.0578 1480 ComputerName: T-8SA6LE08V3GQH
11:37:33.0578 1480 UserName: Administrator
11:37:33.0578 1480 Windows directory: C:\WINDOWS
11:37:33.0578 1480 System windows directory: C:\WINDOWS
11:37:33.0578 1480 Processor architecture: Intel x86
11:37:33.0578 1480 Number of processors: 2
11:37:33.0578 1480 Page size: 0x1000
11:37:33.0578 1480 Boot type: Safe boot with network
11:37:33.0578 1480 ============================================================
11:37:35.0578 1480 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:37:35.0578 1480 ============================================================
11:37:35.0578 1480 \Device\Harddisk0\DR0:
11:37:35.0578 1480 MBR partitions:
11:37:35.0578 1480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
11:37:35.0578 1480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC86D25B
11:37:35.0578 1480 ============================================================
11:37:35.0609 1480 C: <-> \Device\Harddisk0\DR0\Partition1
11:37:36.0187 1480 D: <-> \Device\Harddisk0\DR0\Partition2
11:37:36.0187 1480 ============================================================
11:37:36.0187 1480 Initialize success
11:37:36.0187 1480 ============================================================
11:37:39.0328 1416 ============================================================
11:37:39.0328 1416 Scan started
11:37:39.0328 1416 Mode: Manual;
11:37:39.0328 1416 ============================================================
11:37:40.0906 1416 ================ Scan system memory ========================
11:37:40.0906 1416 System memory - ok
11:37:40.0906 1416 ================ Scan services =============================
11:37:41.0031 1416 Abiosdsk - ok
11:37:41.0046 1416 abp480n5 - ok
11:37:41.0109 1416 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:37:41.0125 1416 ACPI - ok
11:37:41.0171 1416 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
11:37:41.0171 1416 ACPIEC - ok
11:37:41.0203 1416 [ F7F9513070CC9698C02ACB747070E04C ] ACS C:\WINDOWS\system32\acs.exe
11:37:41.0203 1416 ACS - ok
11:37:41.0234 1416 adpu160m - ok
11:37:41.0296 1416 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec C:\WINDOWS\system32\drivers\aec.sys
11:37:41.0296 1416 aec - ok
11:37:41.0359 1416 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:37:41.0359 1416 AegisP - ok
11:37:41.0375 1416 AEXPAM - ok
11:37:41.0437 1416 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:37:41.0437 1416 AFD - ok
11:37:41.0468 1416 Aha154x - ok
11:37:41.0500 1416 aic78u2 - ok
11:37:41.0531 1416 aic78xx - ok
11:37:41.0593 1416 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:37:41.0593 1416 Alerter - ok
11:37:41.0640 1416 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
11:37:41.0640 1416 ALG - ok
11:37:41.0656 1416 AliIde - ok
11:37:41.0687 1416 amsint - ok
11:37:41.0750 1416 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:37:41.0765 1416 AppMgmt - ok
11:37:41.0812 1416 [ CB27109C47F900526959F4EB7E15B047 ] AR5211 C:\WINDOWS\system32\DRIVERS\ar5211.sys
11:37:41.0828 1416 AR5211 - ok
11:37:41.0843 1416 asc - ok
11:37:41.0890 1416 asc3350p - ok
11:37:41.0921 1416 asc3550 - ok
11:37:41.0968 1416 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:37:41.0984 1416 AsyncMac - ok
11:37:42.0015 1416 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:37:42.0015 1416 atapi - ok
11:37:42.0031 1416 Atdisk - ok
11:37:42.0078 1416 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:37:42.0093 1416 Atmarpc - ok
11:37:42.0125 1416 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:37:42.0125 1416 AudioSrv - ok
11:37:42.0156 1416 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:37:42.0156 1416 audstub - ok
11:37:42.0203 1416 [ CAE7B6E4D7EB17829C526153D19B9C95 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
11:37:42.0203 1416 avgtp - ok
11:37:42.0250 1416 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:37:42.0250 1416 Beep - ok
11:37:42.0312 1416 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
11:37:42.0421 1416 BITS - ok
11:37:42.0453 1416 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
11:37:42.0468 1416 Browser - ok
11:37:42.0578 1416 catchme - ok
11:37:42.0625 1416 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:37:42.0625 1416 cbidf2k - ok
11:37:42.0656 1416 [ 6163ED60B684BAB19D3352AB22FC48B2 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:37:42.0656 1416 CCDECODE - ok
11:37:42.0687 1416 cd20xrnt - ok
11:37:42.0734 1416 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:37:42.0734 1416 Cdaudio - ok
11:37:42.0796 1416 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:37:42.0796 1416 Cdfs - ok
11:37:42.0859 1416 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:37:42.0859 1416 Cdrom - ok
11:37:42.0875 1416 Changer - ok
11:37:42.0937 1416 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:37:42.0937 1416 CiSvc - ok
11:37:42.0984 1416 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:37:42.0984 1416 ClipSrv - ok
11:37:43.0000 1416 CmdIde - ok
11:37:43.0031 1416 COMSysApp - ok
11:37:43.0093 1416 Cpqarray - ok
11:37:43.0156 1416 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:37:43.0156 1416 CryptSvc - ok
11:37:43.0171 1416 dac2w2k - ok
11:37:43.0203 1416 dac960nt - ok
11:37:43.0265 1416 [ 2B269C916766BDB43404F043B763427D ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:37:43.0296 1416 DcomLaunch - ok
11:37:43.0359 1416 [ 562830EFB7CF367FB773FEA5256E67C8 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:37:43.0359 1416 Dhcp - ok
11:37:43.0406 1416 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:37:43.0406 1416 Disk - ok
11:37:43.0421 1416 dmadmin - ok
11:37:43.0500 1416 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:37:43.0531 1416 dmboot - ok
11:37:43.0562 1416 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:37:43.0562 1416 dmio - ok
11:37:43.0609 1416 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:37:43.0609 1416 dmload - ok
11:37:43.0656 1416 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:37:43.0656 1416 dmserver - ok
11:37:43.0703 1416 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:37:43.0703 1416 DMusic - ok
11:37:43.0750 1416 [ F605B3F5674D67587C4B6C9E92A3E025 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:37:43.0750 1416 Dnscache - ok
11:37:43.0765 1416 dpti2o - ok
11:37:43.0812 1416 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:37:43.0812 1416 drmkaud - ok
11:37:43.0859 1416 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:37:43.0859 1416 ERSvc - ok
11:37:43.0906 1416 [ 4F9F7B567970B524F31D9970A23F7C24 ] Eventlog C:\WINDOWS\system32\services.exe
11:37:43.0921 1416 Eventlog - ok
11:37:43.0968 1416 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\System32\es.dll
11:37:43.0968 1416 EventSystem - ok
11:37:44.0031 1416 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:37:44.0031 1416 Fastfat - ok
11:37:44.0078 1416 [ 8BA76BD2A943F642F267A296A15776D2 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:37:44.0093 1416 FastUserSwitchingCompatibility - ok
11:37:44.0125 1416 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:37:44.0125 1416 Fdc - ok
11:37:44.0187 1416 [ 50104C5F1EE1E295781CAF9521CA2E56 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
11:37:44.0187 1416 FilterService - ok
11:37:44.0234 1416 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:37:44.0234 1416 Fips - ok
11:37:44.0250 1416 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:37:44.0250 1416 Flpydisk - ok
11:37:44.0312 1416 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:37:44.0328 1416 FltMgr - ok
11:37:44.0343 1416 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:37:44.0343 1416 Fs_Rec - ok
11:37:44.0390 1416 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:37:44.0390 1416 Ftdisk - ok
11:37:44.0421 1416 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:37:44.0421 1416 Gpc - ok
11:37:44.0468 1416 [ 0F4CBE52CACFD870795511B54E1F91B1 ] GPCIDrv C:\WINDOWS\GPCIDrv.sys
11:37:44.0515 1416 GPCIDrv - ok
11:37:44.0640 1416 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:37:44.0640 1416 gupdate - ok
11:37:44.0656 1416 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:37:44.0671 1416 gupdatem - ok
11:37:44.0718 1416 [ F22BF7F345DF95C09942951246AAA28D ] GVCplDrv C:\WINDOWS\system32\drivers\GVCplDrv.sys
11:37:44.0718 1416 GVCplDrv - ok
11:37:44.0765 1416 [ 53651772B30798C13486776E6AA4786A ] GVTDrv C:\WINDOWS\system32\Drivers\GVTDrv.sys
11:37:44.0765 1416 GVTDrv - ok
11:37:44.0812 1416 [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:37:44.0812 1416 HdAudAddService - ok
11:37:44.0859 1416 [ CBC3DEF409549672B915FB9403D63F74 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:37:44.0859 1416 HDAudBus - ok
11:37:44.0921 1416 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:37:44.0921 1416 helpsvc - ok
11:37:44.0937 1416 HidServ - ok
11:37:45.0000 1416 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:37:45.0000 1416 HidUsb - ok
11:37:45.0015 1416 hpn - ok
11:37:45.0125 1416 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:37:45.0234 1416 HTTP - ok
11:37:45.0265 1416 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:37:45.0281 1416 HTTPFilter - ok
11:37:45.0296 1416 i2omgmt - ok
11:37:45.0343 1416 i2omp - ok
11:37:45.0375 1416 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:37:45.0375 1416 i8042prt - ok
11:37:45.0437 1416 [ 7A95A3AD931B97FEC5067E40636CE37F ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
11:37:45.0437 1416 ICQ Service - ok
11:37:45.0484 1416 [ 25EDD75E23C5EF6B33D0FBCCE125A601 ] imagedrv C:\WINDOWS\system32\Drivers\imagedrv.sys
11:37:45.0484 1416 imagedrv - ok
11:37:45.0515 1416 [ 9C4BBACF4E9B9543C3CE23F1FE556941 ] imagesrv C:\WINDOWS\system32\DRIVERS\imagesrv.sys
11:37:45.0515 1416 imagesrv - ok
11:37:45.0546 1416 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:37:45.0546 1416 Imapi - ok
11:37:45.0609 1416 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:37:45.0625 1416 ImapiService - ok
11:37:45.0656 1416 ini910u - ok
11:37:45.0703 1416 IntelIde - ok
11:37:45.0765 1416 [ 10A3AC0F0DF720AD3C3FD13861D50EB9 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:37:45.0765 1416 intelppm - ok
11:37:45.0812 1416 [ 4448006B6BC60E6C027932CFC38D6855 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:37:45.0812 1416 ip6fw - ok
11:37:45.0859 1416 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:37:45.0859 1416 IpFilterDriver - ok
11:37:45.0890 1416 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:37:45.0890 1416 IpInIp - ok
11:37:45.0937 1416 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:37:45.0937 1416 IpNat - ok
11:37:45.0953 1416 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:37:45.0968 1416 IPSec - ok
11:37:46.0000 1416 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:37:46.0000 1416 IRENUM - ok
11:37:46.0062 1416 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:37:46.0062 1416 isapnp - ok
11:37:46.0093 1416 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:37:46.0109 1416 Kbdclass - ok
11:37:46.0125 1416 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:37:46.0140 1416 kmixer - ok
11:37:46.0187 1416 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:37:46.0187 1416 KSecDD - ok
11:37:46.0218 1416 [ 6D6BDD68B775986577C48A8DF961A05C ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:37:46.0218 1416 lanmanserver - ok
11:37:46.0265 1416 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:37:46.0281 1416 lanmanworkstation - ok
11:37:46.0296 1416 lbrtfdc - ok
11:37:46.0390 1416 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:37:46.0390 1416 LmHosts - ok
11:37:46.0453 1416 [ 38440FE1A65B1FE3D246C5C4CAD22F53 ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
11:37:46.0453 1416 LVCOMSer - ok
11:37:46.0484 1416 [ A6919138F29AE45E90E99FA94737E04C ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
11:37:46.0484 1416 LVPr2Mon - ok
11:37:46.0546 1416 [ 28BD0E4B6C050B591B8CB35B9AD284E6 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:37:46.0546 1416 LVPrcSrv - ok
11:37:46.0609 1416 [ B895839B8743E400D7C7DAE156F74E7E ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
11:37:46.0625 1416 LVRS - ok
11:37:46.0671 1416 [ 23F8EF78BB9553E465A476F3CEE5CA18 ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
11:37:46.0671 1416 LVUSBSta - ok
11:37:46.0843 1416 [ 8BC0D5F6E3898F465A94C6D03AFB5A20 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
11:37:46.0968 1416 LVUVC - ok
11:37:47.0046 1416 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
11:37:47.0078 1416 MDM - ok
11:37:47.0125 1416 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:37:47.0125 1416 Messenger - ok
11:37:47.0171 1416 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:37:47.0171 1416 mnmdd - ok
11:37:47.0218 1416 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
11:37:47.0218 1416 mnmsrvc - ok
11:37:47.0250 1416 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:37:47.0250 1416 Modem - ok
11:37:47.0296 1416 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:37:47.0296 1416 Mouclass - ok
11:37:47.0328 1416 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:37:47.0328 1416 mouhid - ok
11:37:47.0359 1416 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:37:47.0375 1416 MountMgr - ok
11:37:47.0390 1416 mraid35x - ok
11:37:47.0437 1416 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:37:47.0437 1416 MRxDAV - ok
11:37:47.0500 1416 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:37:47.0515 1416 MRxSmb - ok
11:37:47.0562 1416 [ 944A24032AED84C59455B981F6CA1C1A ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:37:47.0578 1416 MSDTC - ok
11:37:47.0593 1416 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:37:47.0593 1416 Msfs - ok
11:37:47.0625 1416 MSIServer - ok
11:37:47.0671 1416 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:37:47.0671 1416 MSKSSRV - ok
11:37:47.0718 1416 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:37:47.0718 1416 MSPCLOCK - ok
11:37:47.0750 1416 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:37:47.0750 1416 MSPQM - ok
11:37:47.0796 1416 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:37:47.0796 1416 mssmbios - ok
11:37:47.0859 1416 [ BF13612142995096AB084F2DB7F40F77 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:37:47.0859 1416 MSTEE - ok
11:37:47.0875 1416 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:37:47.0875 1416 Mup - ok
11:37:47.0921 1416 [ 5C8DC6429C43DC6177C1FA5B76290D1A ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:37:47.0921 1416 NABTSFEC - ok
11:37:47.0968 1416 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:37:47.0968 1416 NDIS - ok
11:37:48.0000 1416 [ 520CE427A8B298F54112857BCF6BDE15 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:37:48.0000 1416 NdisIP - ok
11:37:48.0031 1416 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:37:48.0031 1416 NdisTapi - ok
11:37:48.0062 1416 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:37:48.0062 1416 Ndisuio - ok
11:37:48.0109 1416 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:37:48.0125 1416 NdisWan - ok
11:37:48.0140 1416 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:37:48.0156 1416 NDProxy - ok
11:37:48.0171 1416 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:37:48.0171 1416 NetBIOS - ok
11:37:48.0218 1416 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:37:48.0234 1416 NetBT - ok
11:37:48.0281 1416 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:37:48.0281 1416 NetDDE - ok
11:37:48.0296 1416 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:37:48.0312 1416 NetDDEdsdm - ok
11:37:48.0359 1416 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:37:48.0359 1416 Netlogon - ok
11:37:48.0406 1416 [ AF342D2781225A8769686E0D47E3123E ] Netman C:\WINDOWS\System32\netman.dll
11:37:48.0406 1416 Netman - ok
11:37:48.0468 1416 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
11:37:48.0468 1416 Nla - ok
11:37:48.0515 1416 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:37:48.0515 1416 Npfs - ok
11:37:48.0562 1416 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:37:48.0578 1416 Ntfs - ok
11:37:48.0593 1416 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
11:37:48.0609 1416 NtLmSsp - ok
11:37:48.0671 1416 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:37:48.0687 1416 NtmsSvc - ok
11:37:48.0718 1416 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:37:48.0718 1416 Null - ok
11:37:48.0875 1416 [ 2282AD3B19B00967C6E48531C25BFE01 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:37:48.0968 1416 nv - ok
11:37:49.0015 1416 [ 281169C9BBB8A0D4F1DF67F1AF791148 ] nvcap C:\WINDOWS\system32\DRIVERS\nvcap.sys
11:37:49.0015 1416 nvcap - ok
11:37:49.0046 1416 [ BE4A98439A5E26CBC70DB20E996938DC ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
11:37:49.0062 1416 NVSvc - ok
11:37:49.0093 1416 [ 8558D771E406487F200647A13A74472E ] NVXBAR C:\WINDOWS\system32\DRIVERS\NVxbar.sys
11:37:49.0093 1416 NVXBAR - ok
11:37:49.0156 1416 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:37:49.0156 1416 NwlnkFlt - ok
11:37:49.0171 1416 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:37:49.0171 1416 NwlnkFwd - ok
11:37:49.0265 1416 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:37:49.0281 1416 odserv - ok
11:37:49.0328 1416 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:37:49.0328 1416 ose - ok
11:37:49.0390 1416 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:37:49.0390 1416 Parport - ok
11:37:49.0437 1416 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:37:49.0437 1416 PartMgr - ok
11:37:49.0484 1416 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:37:49.0484 1416 ParVdm - ok
11:37:49.0515 1416 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:37:49.0515 1416 PCI - ok
11:37:49.0531 1416 PCIDump - ok
11:37:49.0593 1416 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:37:49.0609 1416 PCIIde - ok
11:37:49.0640 1416 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
11:37:49.0640 1416 Pcmcia - ok
11:37:49.0703 1416 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
11:37:49.0703 1416 pcouffin - ok
11:37:49.0734 1416 PDCOMP - ok
11:37:49.0765 1416 PDFRAME - ok
11:37:49.0796 1416 PDRELI - ok
11:37:49.0828 1416 PDRFRAME - ok
11:37:49.0859 1416 perc2 - ok
11:37:49.0890 1416 perc2hib - ok
11:37:50.0000 1416 [ 4F9F7B567970B524F31D9970A23F7C24 ] PlugPlay C:\WINDOWS\system32\services.exe
11:37:50.0015 1416 PlugPlay - ok
11:37:50.0031 1416 [ 82A362FE1D4980B71B588D9C10748511 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
11:37:50.0031 1416 PolicyAgent - ok
11:37:50.0093 1416 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:37:50.0093 1416 PptpMiniport - ok
11:37:50.0125 1416 [ 9A10E4FD13824823DA50D4758BD0A645 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
11:37:50.0125 1416 Processor - ok
11:37:50.0156 1416 [ 82A362FE1D4980B71B588D9C10748511 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:37:50.0156 1416 ProtectedStorage - ok
11:37:50.0187 1416 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
11:37:50.0187 1416 PSched - ok
11:37:50.0250 1416 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:37:50.0250 1416 Ptilink - ok
11:37:50.0265 1416 ql1080 - ok
11:37:50.0296 1416 Ql10wnt - ok
11:37:50.0328 1416 ql12160 - ok
11:37:50.0359 1416 ql1240 - ok
11:37:50.0390 1416 ql1280 - ok
11:37:50.0421 1416 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:37:50.0437 1416 RasAcd - ok
11:37:50.0484 1416 [ E68B6F9A726A444059705AB43B5656D1 ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:37:50.0500 1416 RasAuto - ok
11:37:50.0531 1416 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:37:50.0531 1416 Rasl2tp - ok
11:37:50.0578 1416 [ 6E519D777C91E90592403C9F981FDF03 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:37:50.0593 1416 RasMan - ok
11:37:50.0625 1416 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:37:50.0625 1416 RasPppoe - ok
11:37:50.0640 1416 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
11:37:50.0656 1416 Raspti - ok
11:37:50.0703 1416 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:37:50.0703 1416 Rdbss - ok
11:37:50.0734 1416 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:37:50.0734 1416 RDPCDD - ok
11:37:50.0781 1416 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:37:50.0796 1416 rdpdr - ok
11:37:50.0859 1416 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:37:50.0859 1416 RDPWD - ok
11:37:50.0890 1416 [ 125ACF258DA9633F748131A0E0185AF3 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
11:37:50.0890 1416 RDSessMgr - ok
11:37:50.0937 1416 [ ABA13D33E1F888C9A68599A48A8840D6 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
11:37:50.0937 1416 redbook - ok
11:37:50.0968 1416 [ EB5E1A601E5A1908A87E4D5A41803D98 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:37:50.0968 1416 RemoteAccess - ok
11:37:51.0015 1416 [ 5B21208FCF8970BB61FE98E19D828714 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:37:51.0015 1416 RemoteRegistry - ok
11:37:51.0046 1416 [ C8A3B668985D61249F2DC71716C58DE8 ] RpcLocator C:\WINDOWS\System32\locator.exe
11:37:51.0046 1416 RpcLocator - ok
11:37:51.0093 1416 [ 2B269C916766BDB43404F043B763427D ] RpcSs C:\WINDOWS\System32\rpcss.dll
11:37:51.0093 1416 RpcSs - ok
11:37:51.0140 1416 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\System32\rsvp.exe
11:37:51.0140 1416 RSVP - ok
11:37:51.0171 1416 [ 82A362FE1D4980B71B588D9C10748511 ] SamSs C:\WINDOWS\system32\lsass.exe
11:37:51.0187 1416 SamSs - ok
11:37:51.0218 1416 [ C177354E995CC1AA1F767BCD9980434A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
11:37:51.0218 1416 SCardSvr - ok
11:37:51.0265 1416 [ 29AC93307C6182DBE336BCA314947F28 ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:37:51.0265 1416 Schedule - ok
11:37:51.0328 1416 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:37:51.0328 1416 Secdrv - ok
11:37:51.0359 1416 [ C76CB8A133374FAC6805F83FF7B7DA03 ] seclogon C:\WINDOWS\System32\seclogon.dll
11:37:51.0359 1416 seclogon - ok
11:37:51.0390 1416 [ 220AD85BA9C5B3011296354011B901CC ] SENS C:\WINDOWS\system32\sens.dll
11:37:51.0406 1416 SENS - ok
11:37:51.0437 1416 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
11:37:51.0437 1416 serenum - ok
11:37:51.0468 1416 [ C1DDBC85251551A840212999DA3D95F3 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
11:37:51.0468 1416 Serial - ok
11:37:51.0500 1416 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
11:37:51.0500 1416 Sfloppy - ok
11:37:51.0562 1416 [ 6A93501BCDEBF159109429B022C0FF83 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:37:51.0578 1416 SharedAccess - ok
11:37:51.0609 1416 [ 8BA76BD2A943F642F267A296A15776D2 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:37:51.0609 1416 ShellHWDetection - ok
11:37:51.0640 1416 Simbad - ok
11:37:51.0750 1416 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:37:51.0750 1416 SkypeUpdate - ok
11:37:51.0796 1416 [ 5CAEED86821FA2C6139E32E9E05CCDC9 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:37:51.0796 1416 SLIP - ok
11:37:51.0812 1416 Sparrow - ok
11:37:51.0875 1416 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter C:\WINDOWS\system32\drivers\splitter.sys
11:37:51.0875 1416 splitter - ok
11:37:51.0906 1416 [ 21B6FAA88044A41640E03EBB68BE93E8 ] Spooler C:\WINDOWS\system32\spoolsv.exe
11:37:51.0906 1416 Spooler - ok
11:37:51.0953 1416 [ A74035EA526DB97D9D50D2143A55F5CF ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
11:37:51.0953 1416 sr - ok
11:37:52.0000 1416 [ 3CD57F31A64D32FDB28918B16D1E6AAC ] srservice C:\WINDOWS\system32\srsvc.dll
11:37:52.0000 1416 srservice - ok
11:37:52.0046 1416 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:37:52.0062 1416 Srv - ok
11:37:52.0109 1416 [ 88C28F53F53438DAFCD95E99C837C61E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:37:52.0125 1416 SSDPSRV - ok
11:37:52.0171 1416 [ 0645CCDDDD27F96EEA3534C1DEF736D9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
11:37:52.0187 1416 stisvc - ok
11:37:52.0218 1416 [ 284C57DF5DC7ABCA656BC2B96A667AFB ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:37:52.0218 1416 streamip - ok
11:37:52.0250 1416 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
11:37:52.0250 1416 swenum - ok
11:37:52.0265 1416 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
11:37:52.0281 1416 swmidi - ok
11:37:52.0312 1416 SwPrv - ok
11:37:52.0359 1416 symc810 - ok
11:37:52.0390 1416 symc8xx - ok
11:37:52.0421 1416 sym_hi - ok
11:37:52.0453 1416 sym_u3 - ok
11:37:52.0500 1416 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
11:37:52.0500 1416 sysaudio - ok
11:37:52.0546 1416 [ D9C9ECFF4904E6151525C533AEEDF8F4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
11:37:52.0546 1416 SysmonLog - ok
11:37:52.0578 1416 [ 37162D29CD61519E6F5EA0DE99786FF6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:37:52.0593 1416 TapiSrv - ok
11:37:52.0640 1416 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:37:52.0656 1416 Tcpip - ok
11:37:52.0703 1416 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
11:37:52.0703 1416 TDPIPE - ok
11:37:52.0734 1416 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
11:37:52.0734 1416 TDTCP - ok
11:37:52.0781 1416 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
11:37:52.0781 1416 TermDD - ok
11:37:52.0812 1416 [ 2F5919F2F6EE7A845893D9C3AA2BC56A ] TermService C:\WINDOWS\System32\termsrv.dll
11:37:52.0843 1416 TermService - ok
11:37:52.0875 1416 [ 8BA76BD2A943F642F267A296A15776D2 ] Themes C:\WINDOWS\System32\shsvcs.dll
11:37:52.0875 1416 Themes - ok
11:37:52.0921 1416 [ 535C2FB97336BAFA509F4783DD1E5746 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
11:37:52.0937 1416 TlntSvr - ok
11:37:52.0953 1416 TosIde - ok
11:37:53.0000 1416 [ 4DCE17221B1A87FB47E36842F3E38753 ] TrkWks C:\WINDOWS\system32\trkwks.dll
11:37:53.0000 1416 TrkWks - ok
11:37:53.0062 1416 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
11:37:53.0062 1416 Udfs - ok
11:37:53.0078 1416 ultra - ok
11:37:53.0140 1416 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
11:37:53.0156 1416 Update - ok
11:37:53.0187 1416 [ 984FC1518B0D5B31D76F0E63608E0500 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:37:53.0187 1416 upnphost - ok
11:37:53.0234 1416 [ 6148A3BA4D9CC628357FC92014FEA30E ] UPS C:\WINDOWS\System32\ups.exe
11:37:53.0234 1416 UPS - ok
11:37:53.0250 1416 [ 45A0D14B26C35497AD93BCE7E15C9941 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
11:37:53.0265 1416 usbaudio - ok
11:37:53.0312 1416 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:37:53.0312 1416 usbccgp - ok
11:37:53.0359 1416 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:37:53.0359 1416 usbehci - ok
11:37:53.0390 1416 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:37:53.0390 1416 usbhub - ok
11:37:53.0437 1416 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:37:53.0437 1416 usbprint - ok
11:37:53.0484 1416 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:37:53.0484 1416 usbscan - ok
11:37:53.0515 1416 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:37:53.0515 1416 USBSTOR - ok
11:37:53.0562 1416 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:37:53.0562 1416 usbuhci - ok
11:37:53.0609 1416 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
11:37:53.0609 1416 VgaSave - ok
11:37:53.0625 1416 ViaIde - ok
11:37:53.0687 1416 [ CD8CCE067F7E9CBD762C00BDDDECAA34 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
11:37:53.0687 1416 VolSnap - ok
11:37:53.0718 1416 [ 043539881667BB37B07524032D6FFC3E ] VSS C:\WINDOWS\System32\vssvc.exe
11:37:53.0734 1416 VSS - ok
11:37:53.0765 1416 [ 2CEEBB402187AE56B585701F3D191FB3 ] W32Time C:\WINDOWS\system32\w32time.dll
11:37:53.0781 1416 W32Time - ok
11:37:53.0828 1416 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:37:53.0828 1416 Wanarp - ok
11:37:53.0859 1416 WDICA - ok
11:37:53.0906 1416 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
11:37:53.0906 1416 wdmaud - ok
11:37:53.0937 1416 [ 3791ADF1D3466AC6B4B662D3F79CBFEC ] WebClient C:\WINDOWS\System32\webclnt.dll
11:37:53.0937 1416 WebClient - ok
11:37:54.0015 1416 [ E12084EA622BDF2262C637BEF15DD85C ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:37:54.0015 1416 winmgmt - ok
11:37:54.0109 1416 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
11:37:54.0109 1416 WmdmPmSN - ok
11:37:54.0171 1416 [ E428EED87E8055FB995CF0E4D1532D4C ] Wmi C:\WINDOWS\System32\advapi32.dll
11:37:54.0187 1416 Wmi - ok
11:37:54.0234 1416 [ BCD21B989F0FD4ACE78287FC01B4693D ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
11:37:54.0250 1416 WmiApSrv - ok
11:37:54.0328 1416 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
11:37:54.0359 1416 WMPNetworkSvc - ok
11:37:54.0390 1416 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:37:54.0390 1416 WS2IFSL - ok
11:37:54.0421 1416 [ 4ADED1ADEF25041D9827F9A79C0FDA13 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
11:37:54.0437 1416 wscsvc - ok
11:37:54.0468 1416 [ D5842484F05E12121C511AA93F6439EC ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:37:54.0468 1416 WSTCODEC - ok
11:37:54.0515 1416 [ 21F5169CA14E0B25C757644456F637DF ] wuauserv C:\WINDOWS\system32\wuauserv.dll
11:37:54.0515 1416 wuauserv - ok
11:37:54.0562 1416 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:37:54.0562 1416 WudfPf - ok
11:37:54.0593 1416 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:37:54.0593 1416 WudfRd - ok
11:37:54.0656 1416 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
11:37:54.0656 1416 WudfSvc - ok
11:37:54.0718 1416 [ 325CEDEF696EF4B649DDCD3968D085C9 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
11:37:54.0734 1416 WZCSVC - ok
11:37:54.0781 1416 [ 9B835D4C64860B155A1701D5092EC9E4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
11:37:54.0781 1416 xmlprov - ok
11:37:54.0843 1416 [ 87F126D0F8DC176B282924DF0417075E ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
11:37:54.0859 1416 yukonwxp - ok
11:37:54.0906 1416 ================ Scan global ===============================
11:37:54.0937 1416 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
11:37:54.0968 1416 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
11:37:55.0000 1416 [ E4E57FBA176F2752527B1D53A663D2D7 ] C:\WINDOWS\system32\winsrv.dll
11:37:55.0031 1416 [ 4F9F7B567970B524F31D9970A23F7C24 ] C:\WINDOWS\system32\services.exe
11:37:55.0031 1416 [Global] - ok
11:37:55.0031 1416 ================ Scan MBR ==================================
11:37:55.0062 1416 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
11:37:55.0218 1416 \Device\Harddisk0\DR0 - ok
11:37:55.0218 1416 ================ Scan VBR ==================================
11:37:55.0234 1416 [ 05691FA7005D766BDA7DECCAD1483DA5 ] \Device\Harddisk0\DR0\Partition1
11:37:55.0250 1416 \Device\Harddisk0\DR0\Partition1 - ok
11:37:55.0281 1416 [ CC0F74B06EA5C8AA301E14D721A5571F ] \Device\Harddisk0\DR0\Partition2
11:37:55.0296 1416 \Device\Harddisk0\DR0\Partition2 - ok
11:37:55.0296 1416 ============================================================
11:37:55.0296 1416 Scan finished
11:37:55.0296 1416 ============================================================
11:37:55.0343 1508 Detected object count: 0
11:37:55.0343 1508 Actual detected object count: 0

[JaRon]

existuje subor ? c:\documents and settings\Malí\Nabídka Start\Programy\Po spuštění\slljcdlve.exe

[uchoun]

ano..stale tam je