PC-HELP.CZ

Ahoj prosil bych o kopntrolu logu Pc je poslední dobou nejaké zpomalené.
Děkuju.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:35, on 28.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
C:\FRAPS\FRAPS.EXE
C:\Documents and Settings\XP\Local Settings\Data aplikací\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
C:\Program Files\AVG\AVG10\avgfws.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\XP\Plocha\HiJackThis.exe
C:\Program Files\Skype\Phone\Skype.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... &si=158723
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files\Claro LTD\claro\1.6.4.1\bh\claro.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
O3 - Toolbar: Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files\Claro LTD\claro\1.6.4.1\claroTlbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Soluto] C:\Program Files\Soluto\soluto.exe /init
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\XP\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Fraps] C:\FRAPS\FRAPS.EXE
O4 - Startup: Facebook Messenger.lnk = ?
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDCE6E07-D95C-41C7-9D9B-AEBC01352360}: NameServer = 10.2.56.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

--
End of file - 7868 bytes

Aktualizuj si AVG na verzi 2013. Verze 2011 už je starší a nemusí detektovat nejnovější hrozby. Pokud to je verze s keygenem (podle procesů máš Internet Security), tak to nahraď Esetem nebo Avastem. Pokud budeš upgradovat na AVG 2013, neinstaluj toolbar (musíš vybrat pokročilou instalaci a odtrhnout jej).

Odinstaluj:

AVG Security Toolbar
Claro LTD Toolbar

Fixni:


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Chtel bych se zeptat kdyžs mluvil o updatu ne AVG 2013 tak myslels koupit nebo se to dá udelat i nejak zdarma z 2011?
A jeste to Claro LTD sem odinstaloval ale AVG Security Toolbar sem nenašel ani v Ccleaneru (přidat odebrat programy) ani v mozile a ani v chromu.
Tu je ten log.

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Verze databáze: v2012.09.24.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
XP :: DOMÁCÍ [administrátor]

29.9.2012 10:10:32
mbam-log-2012-09-29 (10-10-32).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 202986
Uplynulý čas: 12 minut, 12 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

AVG 2013 je i ve free verzi.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Mohl by si mne prosím poslat odkaz ke stažení AVG 2013 free?

Log TDSSKiller:
10:52:48.0250 3776 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:52:48.0703 3776 ============================================================
10:52:48.0703 3776 Current date / time: 2012/09/29 10:52:48.0703
10:52:48.0703 3776 SystemInfo:
10:52:48.0703 3776
10:52:48.0703 3776 OS Version: 5.1.2600 ServicePack: 3.0
10:52:48.0703 3776 Product type: Workstation
10:52:48.0703 3776 ComputerName: DOMÁCÍ
10:52:48.0703 3776 UserName: XP
10:52:48.0703 3776 Windows directory: C:\WINDOWS
10:52:48.0703 3776 System windows directory: C:\WINDOWS
10:52:48.0703 3776 Processor architecture: Intel x86
10:52:48.0703 3776 Number of processors: 1
10:52:48.0703 3776 Page size: 0x1000
10:52:48.0703 3776 Boot type: Normal boot
10:52:48.0703 3776 ============================================================
10:52:49.0781 3776 Drive \Device\Harddisk0\DR0 - Size: 0x5D2710DE00 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:52:49.0796 3776 Drive \Device\Harddisk1\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:52:49.0828 3776 ============================================================
10:52:49.0828 3776 \Device\Harddisk0\DR0:
10:52:49.0828 3776 MBR partitions:
10:52:49.0828 3776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2E933DC1
10:52:49.0828 3776 \Device\Harddisk1\DR2:
10:52:49.0828 3776 MBR partitions:
10:52:49.0828 3776 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
10:52:49.0828 3776 ============================================================
10:52:49.0859 3776 C: <-> \Device\Harddisk0\DR0\Partition1
10:52:49.0875 3776 G: <-> \Device\Harddisk1\DR2\Partition1
10:52:49.0875 3776 ============================================================
10:52:49.0875 3776 Initialize success
10:52:49.0875 3776 ============================================================
10:52:52.0875 4872 ============================================================
10:52:52.0875 4872 Scan started
10:52:52.0875 4872 Mode: Manual;
10:52:52.0875 4872 ============================================================
10:52:54.0562 4872 ================ Scan system memory ========================
10:52:54.0562 4872 System memory - ok
10:52:54.0578 4872 ================ Scan services =============================
10:52:54.0671 4872 Abiosdsk - ok
10:52:54.0671 4872 abp480n5 - ok
10:52:54.0718 4872 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:52:54.0718 4872 ACPI - ok
10:52:54.0750 4872 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:52:54.0765 4872 ACPIEC - ok
10:52:54.0843 4872 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:52:54.0859 4872 AdobeFlashPlayerUpdateSvc - ok
10:52:54.0875 4872 adpu160m - ok
10:52:54.0890 4872 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:52:54.0890 4872 aec - ok
10:52:54.0937 4872 [ 30BB1BDE595CA65FD5549462080D94E5 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:52:55.0031 4872 AegisP - ok
10:52:55.0062 4872 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\WINDOWS\system32\drivers\Afc.sys
10:52:55.0062 4872 Afc - ok
10:52:55.0109 4872 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:52:55.0156 4872 AFD - ok
10:52:55.0156 4872 Aha154x - ok
10:52:55.0156 4872 aic78u2 - ok
10:52:55.0171 4872 aic78xx - ok
10:52:55.0187 4872 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:52:55.0187 4872 Alerter - ok
10:52:55.0218 4872 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
10:52:55.0218 4872 ALG - ok
10:52:55.0218 4872 AliIde - ok
10:52:55.0265 4872 [ F6F5E047369784E607F3A636AC576148 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
10:52:55.0281 4872 AmdK8 - ok
10:52:55.0281 4872 amsint - ok
10:52:55.0296 4872 asc - ok
10:52:55.0296 4872 asc3350p - ok
10:52:55.0296 4872 asc3550 - ok
10:52:55.0359 4872 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:52:55.0406 4872 aspnet_state - ok
10:52:55.0421 4872 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:52:55.0421 4872 AsyncMac - ok
10:52:55.0421 4872 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:52:55.0421 4872 atapi - ok
10:52:55.0437 4872 Atdisk - ok
10:52:55.0453 4872 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:52:55.0453 4872 Atmarpc - ok
10:52:55.0500 4872 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:52:55.0500 4872 AudioSrv - ok
10:52:55.0546 4872 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:52:55.0546 4872 audstub - ok
10:52:55.0703 4872 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
10:52:55.0734 4872 AVG Security Toolbar Service - ok
10:52:55.0750 4872 [ 0C5941AF0B6BF2FDF378937392865217 ] Avgfwdx C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
10:52:55.0750 4872 Avgfwdx - ok
10:52:55.0750 4872 [ 0C5941AF0B6BF2FDF378937392865217 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
10:52:55.0750 4872 Avgfwfd - ok
10:52:55.0875 4872 [ 2F0C5AE2352F22B587EDC2829C971262 ] avgfws C:\Program Files\AVG\AVG10\avgfws.exe
10:52:55.0937 4872 avgfws - ok
10:52:56.0218 4872 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
10:52:56.0296 4872 AVGIDSAgent - ok
10:52:56.0359 4872 [ 2D18221AAB3DB2D408D6C55C0F23090A ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
10:52:56.0390 4872 AVGIDSDriver - ok
10:52:56.0421 4872 [ 1AF676DB3F3D4CC709CFAB2571CF5FC3 ] AVGIDSEH C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
10:52:56.0421 4872 AVGIDSEH - ok
10:52:56.0453 4872 [ 4C51E233C87F9EC7598551DE554BC99D ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
10:52:56.0453 4872 AVGIDSFilter - ok
10:52:56.0453 4872 [ C3FC426E54F55C1CC3219E415B88E10C ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
10:52:56.0453 4872 AVGIDSShim - ok
10:52:56.0484 4872 [ 4E796D3D2C3182B13B3E3B5A2AD4EF0A ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
10:52:56.0500 4872 Avgldx86 - ok
10:52:56.0500 4872 [ 5639DE66B37D02BD22DF4CF3155FBA60 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
10:52:56.0500 4872 Avgmfx86 - ok
10:52:56.0515 4872 [ D1BAF652EDA0AE70896276A1FB32C2D4 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
10:52:56.0515 4872 Avgrkx86 - ok
10:52:56.0531 4872 [ AAF0EBCAD95F2164CFFB544E00392498 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
10:52:56.0546 4872 Avgtdix - ok
10:52:56.0593 4872 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
10:52:56.0609 4872 avgtp - ok
10:52:56.0625 4872 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
10:52:56.0640 4872 avgwd - ok
10:52:56.0656 4872 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:52:56.0656 4872 Beep - ok
10:52:56.0703 4872 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
10:52:56.0750 4872 BITS - ok
10:52:56.0781 4872 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
10:52:56.0781 4872 Browser - ok
10:52:56.0796 4872 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:52:56.0812 4872 cbidf2k - ok
10:52:56.0828 4872 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:52:56.0843 4872 CCDECODE - ok
10:52:56.0843 4872 cd20xrnt - ok
10:52:56.0859 4872 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:52:56.0859 4872 Cdaudio - ok
10:52:56.0859 4872 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:52:56.0859 4872 Cdfs - ok
10:52:56.0890 4872 [ 351735695E9EAD93DE6AF85D8BEB1CA8 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
10:52:56.0984 4872 cdrbsdrv - ok
10:52:57.0015 4872 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:52:57.0015 4872 Cdrom - ok
10:52:57.0046 4872 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:52:57.0046 4872 CiSvc - ok
10:52:57.0078 4872 [ 1E8D39480739E29C728BB10ED6700A5E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:52:57.0125 4872 ClipSrv - ok
10:52:57.0187 4872 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:52:57.0234 4872 clr_optimization_v2.0.50727_32 - ok
10:52:57.0265 4872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:52:57.0312 4872 clr_optimization_v4.0.30319_32 - ok
10:52:57.0328 4872 CmdIde - ok
10:52:57.0328 4872 COMSysApp - ok
10:52:57.0343 4872 Cpqarray - ok
10:52:57.0375 4872 cpuz135 - ok
10:52:57.0390 4872 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:52:57.0390 4872 CryptSvc - ok
10:52:57.0406 4872 dac2w2k - ok
10:52:57.0406 4872 dac960nt - ok
10:52:57.0468 4872 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:52:57.0484 4872 DcomLaunch - ok
10:52:57.0531 4872 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:52:57.0531 4872 Dhcp - ok
10:52:57.0546 4872 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:52:57.0546 4872 Disk - ok
10:52:57.0546 4872 dmadmin - ok
10:52:57.0609 4872 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:52:57.0625 4872 dmboot - ok
10:52:57.0640 4872 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:52:57.0640 4872 dmio - ok
10:52:57.0656 4872 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:52:57.0671 4872 dmload - ok
10:52:57.0687 4872 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:52:57.0687 4872 dmserver - ok
10:52:57.0703 4872 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:52:57.0703 4872 DMusic - ok
10:52:57.0734 4872 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:52:57.0734 4872 Dnscache - ok
10:52:57.0765 4872 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:52:57.0781 4872 Dot3svc - ok
10:52:57.0781 4872 dpti2o - ok
10:52:57.0781 4872 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:52:57.0781 4872 drmkaud - ok
10:52:57.0812 4872 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
10:52:57.0828 4872 DrvAgent32 - ok
10:52:57.0875 4872 [ FB38473835476A6FB272215A1D972AF9 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
10:52:57.0890 4872 dtsoftbus01 - ok
10:52:57.0890 4872 EagleXNt - ok
10:52:57.0921 4872 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:52:57.0921 4872 EapHost - ok
10:52:57.0953 4872 [ C47E7C5E7410C7DE98F7219E3008C23D ] EAPPkt C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
10:52:58.0015 4872 EAPPkt - ok
10:52:58.0046 4872 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:52:58.0046 4872 ERSvc - ok
10:52:58.0062 4872 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
10:52:58.0062 4872 Eventlog - ok
10:52:58.0109 4872 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
10:52:58.0125 4872 EventSystem - ok
10:52:58.0140 4872 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:52:58.0140 4872 Fastfat - ok
10:52:58.0187 4872 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:52:58.0218 4872 FastUserSwitchingCompatibility - ok
10:52:58.0234 4872 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:52:58.0234 4872 Fdc - ok
10:52:58.0250 4872 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:52:58.0250 4872 Fips - ok
10:52:58.0265 4872 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:52:58.0265 4872 Flpydisk - ok
10:52:58.0312 4872 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:52:58.0312 4872 FltMgr - ok
10:52:58.0406 4872 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:52:58.0406 4872 FontCache3.0.0.0 - ok
10:52:58.0453 4872 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
10:52:58.0531 4872 FsUsbExDisk - ok
10:52:58.0546 4872 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:52:58.0546 4872 Fs_Rec - ok
10:52:58.0562 4872 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:52:58.0562 4872 Ftdisk - ok
10:52:58.0578 4872 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys
10:52:58.0609 4872 gdrv - ok
10:52:58.0640 4872 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:52:58.0640 4872 Gpc - ok
10:52:58.0781 4872 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:52:58.0781 4872 gupdate - ok
10:52:58.0781 4872 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:52:58.0781 4872 gupdatem - ok
10:52:58.0812 4872 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
10:52:58.0812 4872 hamachi - ok
10:52:58.0921 4872 [ DA1B48FDE74125128D0D846A3701D344 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
10:52:58.0937 4872 Hamachi2Svc - ok
10:52:58.0953 4872 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:52:58.0953 4872 HDAudBus - ok
10:52:59.0015 4872 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:52:59.0015 4872 helpsvc - ok
10:52:59.0046 4872 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:52:59.0046 4872 HidUsb - ok
10:52:59.0078 4872 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:52:59.0078 4872 hkmsvc - ok
10:52:59.0078 4872 hpn - ok
10:52:59.0187 4872 [ 6CD4803F3592800F2E7BEF4D6C7F718E ] hshld C:\Program Files\Hotspot Shield\bin\openvpnas.exe
10:52:59.0187 4872 hshld - ok
10:52:59.0218 4872 [ 4E59E65A27EBF0A5250BD608C03811DC ] HssSrv C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
10:52:59.0218 4872 HssSrv - ok
10:52:59.0250 4872 [ 3BBA92E00BA44BB0ABB8B5B3BDA6C5B8 ] HssWd C:\Program Files\Hotspot Shield\bin\hsswd.exe
10:52:59.0250 4872 HssWd - ok
10:52:59.0312 4872 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:52:59.0312 4872 HTTP - ok
10:52:59.0343 4872 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:52:59.0343 4872 HTTPFilter - ok
10:52:59.0343 4872 i2omp - ok
10:52:59.0375 4872 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:52:59.0375 4872 i8042prt - ok
10:52:59.0421 4872 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:52:59.0421 4872 IDriverT - ok
10:52:59.0484 4872 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:52:59.0500 4872 idsvc - ok
10:52:59.0500 4872 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:52:59.0500 4872 Imapi - ok
10:52:59.0546 4872 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:52:59.0546 4872 ImapiService - ok
10:52:59.0562 4872 ini910u - ok
10:52:59.0765 4872 [ 1508153784633E16DC3DFCE3CD7A9B18 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:52:59.0828 4872 IntcAzAudAddService - ok
10:52:59.0843 4872 IntelIde - ok
10:52:59.0859 4872 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:52:59.0859 4872 Ip6Fw - ok
10:52:59.0890 4872 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:52:59.0890 4872 IpFilterDriver - ok
10:52:59.0906 4872 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:52:59.0906 4872 IpInIp - ok
10:52:59.0937 4872 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:52:59.0937 4872 IpNat - ok
10:52:59.0937 4872 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:52:59.0937 4872 IPSec - ok
10:52:59.0984 4872 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:52:59.0984 4872 IRENUM - ok
10:53:00.0015 4872 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:53:00.0015 4872 isapnp - ok
10:53:00.0031 4872 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:53:00.0031 4872 Kbdclass - ok
10:53:00.0046 4872 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:53:00.0046 4872 kmixer - ok
10:53:00.0078 4872 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:53:00.0078 4872 KSecDD - ok
10:53:00.0109 4872 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:53:00.0109 4872 lanmanserver - ok
10:53:00.0140 4872 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:53:00.0140 4872 lanmanworkstation - ok
10:53:00.0156 4872 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:53:00.0156 4872 LmHosts - ok
10:53:00.0187 4872 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:53:00.0187 4872 Messenger - ok
10:53:00.0203 4872 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:53:00.0203 4872 mnmdd - ok
10:53:00.0218 4872 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:53:00.0250 4872 mnmsrvc - ok
10:53:00.0265 4872 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:53:00.0265 4872 Modem - ok
10:53:00.0296 4872 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:53:00.0296 4872 Mouclass - ok
10:53:00.0343 4872 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:53:00.0343 4872 mouhid - ok
10:53:00.0343 4872 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:53:00.0343 4872 MountMgr - ok
10:53:00.0421 4872 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:53:00.0421 4872 MozillaMaintenance - ok
10:53:00.0437 4872 mraid35x - ok
10:53:00.0437 4872 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:53:00.0453 4872 MRxDAV - ok
10:53:00.0500 4872 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:53:00.0531 4872 MRxSmb - ok
10:53:00.0562 4872 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:53:00.0562 4872 MSDTC - ok
10:53:00.0593 4872 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:53:00.0593 4872 Msfs - ok
10:53:00.0609 4872 MSIServer - ok
10:53:00.0625 4872 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:53:00.0625 4872 MSKSSRV - ok
10:53:00.0640 4872 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:53:00.0640 4872 MSPCLOCK - ok
10:53:00.0656 4872 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:53:00.0656 4872 MSPQM - ok
10:53:00.0687 4872 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:53:00.0687 4872 mssmbios - ok
10:53:00.0718 4872 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:53:00.0718 4872 MSTEE - ok
10:53:00.0750 4872 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:53:00.0750 4872 Mup - ok
10:53:00.0765 4872 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:53:00.0765 4872 NABTSFEC - ok
10:53:00.0796 4872 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:53:00.0796 4872 napagent - ok
10:53:00.0828 4872 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:53:00.0843 4872 NDIS - ok
10:53:00.0875 4872 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:53:00.0875 4872 NdisIP - ok
10:53:00.0906 4872 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:53:00.0906 4872 NdisTapi - ok
10:53:00.0921 4872 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:53:00.0921 4872 Ndisuio - ok
10:53:00.0937 4872 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:53:00.0937 4872 NdisWan - ok
10:53:00.0968 4872 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:53:00.0968 4872 NDProxy - ok
10:53:00.0968 4872 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:53:00.0968 4872 NetBIOS - ok
10:53:01.0000 4872 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:53:01.0015 4872 NetBT - ok
10:53:01.0046 4872 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
10:53:01.0062 4872 NetDDE - ok
10:53:01.0062 4872 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:53:01.0062 4872 NetDDEdsdm - ok
10:53:01.0093 4872 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:53:01.0093 4872 Netlogon - ok
10:53:01.0125 4872 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
10:53:01.0125 4872 Netman - ok
10:53:01.0156 4872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:53:01.0171 4872 NetTcpPortSharing - ok
10:53:01.0203 4872 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
10:53:01.0203 4872 Nla - ok
10:53:01.0234 4872 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
10:53:01.0250 4872 nmwcd - ok
10:53:01.0265 4872 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
10:53:01.0312 4872 nmwcdc - ok
10:53:01.0343 4872 [ 99B224F8026CB534724AA3C408561E45 ] nmwcdnsu C:\WINDOWS\system32\drivers\nmwcdnsu.sys
10:53:01.0343 4872 nmwcdnsu - ok
10:53:01.0359 4872 [ D23257682D349A5E2E4507ED33DECC16 ] nmwcdnsuc C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
10:53:01.0359 4872 nmwcdnsuc - ok
10:53:01.0375 4872 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:53:01.0375 4872 Npfs - ok
10:53:01.0421 4872 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:53:01.0421 4872 Ntfs - ok
10:53:01.0437 4872 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:53:01.0437 4872 NtLmSsp - ok
10:53:01.0468 4872 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:53:01.0484 4872 NtmsSvc - ok
10:53:01.0515 4872 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:53:01.0515 4872 Null - ok
10:53:01.0890 4872 [ 5A72584C700298E82A0342DC4BB38892 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:53:02.0000 4872 nv - ok
10:53:02.0031 4872 [ EF895A872F11AC584413F6BAEA2DDB50 ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
10:53:02.0031 4872 nvsvc - ok
10:53:02.0062 4872 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:53:02.0062 4872 NwlnkFlt - ok
10:53:02.0078 4872 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:53:02.0078 4872 NwlnkFwd - ok
10:53:02.0171 4872 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:53:02.0203 4872 odserv - ok
10:53:02.0234 4872 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:02.0265 4872 ose - ok
10:53:02.0312 4872 [ AFF9A1986555E4592DE8092F9A5FA2D2 ] PAC7302 C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
10:53:02.0343 4872 PAC7302 - ok
10:53:02.0390 4872 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:53:02.0390 4872 Parport - ok
10:53:02.0406 4872 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:53:02.0406 4872 PartMgr - ok
10:53:02.0453 4872 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:53:02.0453 4872 ParVdm - ok
10:53:02.0484 4872 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
10:53:02.0484 4872 pccsmcfd - ok
10:53:02.0500 4872 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:53:02.0500 4872 PCI - ok
10:53:02.0500 4872 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:53:02.0500 4872 PCIIde - ok
10:53:02.0531 4872 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:53:02.0531 4872 Pcmcia - ok
10:53:02.0546 4872 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
10:53:02.0562 4872 pcouffin - ok
10:53:02.0562 4872 perc2 - ok
10:53:02.0562 4872 perc2hib - ok
10:53:02.0609 4872 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
10:53:02.0609 4872 PlugPlay - ok
10:53:02.0656 4872 [ 831883B107684301F48ACE752C963984 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
10:53:02.0656 4872 PnkBstrA - ok
10:53:02.0656 4872 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:53:02.0656 4872 PolicyAgent - ok
10:53:02.0687 4872 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:53:02.0687 4872 PptpMiniport - ok
10:53:02.0687 4872 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
10:53:02.0703 4872 Processor - ok
10:53:02.0703 4872 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:53:02.0703 4872 ProtectedStorage - ok
10:53:02.0718 4872 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:53:02.0718 4872 PSched - ok
10:53:02.0734 4872 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:53:02.0734 4872 Ptilink - ok
10:53:02.0750 4872 ql1080 - ok
10:53:02.0750 4872 Ql10wnt - ok
10:53:02.0750 4872 ql12160 - ok
10:53:02.0765 4872 ql1240 - ok
10:53:02.0765 4872 ql1280 - ok
10:53:02.0796 4872 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:53:02.0796 4872 RasAcd - ok
10:53:02.0828 4872 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:53:02.0843 4872 RasAuto - ok
10:53:02.0859 4872 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:53:02.0859 4872 Rasl2tp - ok
10:53:02.0921 4872 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:53:02.0921 4872 RasMan - ok
10:53:02.0921 4872 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:53:02.0921 4872 RasPppoe - ok
10:53:02.0937 4872 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:53:02.0937 4872 Raspti - ok
10:53:02.0953 4872 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:53:02.0968 4872 Rdbss - ok
10:53:02.0968 4872 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:53:02.0968 4872 RDPCDD - ok
10:53:03.0015 4872 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:53:03.0031 4872 RDPWD - ok
10:53:03.0046 4872 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:53:03.0046 4872 RDSessMgr - ok
10:53:03.0093 4872 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:53:03.0093 4872 redbook - ok
10:53:03.0125 4872 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:53:03.0125 4872 RemoteAccess - ok
10:53:03.0140 4872 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:53:03.0156 4872 RpcLocator - ok
10:53:03.0187 4872 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:53:03.0187 4872 RpcSs - ok
10:53:03.0234 4872 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:53:03.0234 4872 RSVP - ok
10:53:03.0296 4872 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
10:53:03.0312 4872 RTL8023xp - ok
10:53:03.0343 4872 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
10:53:03.0359 4872 rtl8139 - ok
10:53:03.0390 4872 [ 67CFCF9A76FAF47676393FA0BE126DDB ] rtl8180 C:\WINDOWS\system32\DRIVERS\rtl8180.SYS
10:53:03.0437 4872 rtl8180 - ok
10:53:03.0468 4872 [ 5A850259B849A899990379A75460A4EB ] RTLWUSB C:\WINDOWS\system32\DRIVERS\RTL8187.sys
10:53:03.0468 4872 RTLWUSB - ok
10:53:03.0500 4872 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\WINDOWS\system32\DRIVERS\s0017bus.sys
10:53:03.0500 4872 s0017bus - ok
10:53:03.0515 4872 [ 7258F550419D543BC5C8E80C578A5D54 ] s0017mdfl C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys
10:53:03.0531 4872 s0017mdfl - ok
10:53:03.0546 4872 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F ] s0017mdm C:\WINDOWS\system32\DRIVERS\s0017mdm.sys
10:53:03.0546 4872 s0017mdm - ok
10:53:03.0562 4872 [ 9814E6BACC06D2526CD52981C7EEEDF0 ] s0017mgmt C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys
10:53:03.0562 4872 s0017mgmt - ok
10:53:03.0593 4872 [ 2C62CD58225973F26682CD4F783DDEDE ] s0017nd5 C:\WINDOWS\system32\DRIVERS\s0017nd5.sys
10:53:03.0593 4872 s0017nd5 - ok
10:53:03.0609 4872 [ F87C3422E84B2FB1B43E0A26247AD5A5 ] s0017obex C:\WINDOWS\system32\DRIVERS\s0017obex.sys
10:53:03.0625 4872 s0017obex - ok
10:53:03.0640 4872 [ DF5E7360A0AFA5956BF75DA683D0679F ] s0017unic C:\WINDOWS\system32\DRIVERS\s0017unic.sys
10:53:03.0640 4872 s0017unic - ok
10:53:03.0671 4872 [ D0EEDC88876B20D42157CDCCA3E647F3 ] s1039bus C:\WINDOWS\system32\DRIVERS\s1039bus.sys
10:53:03.0671 4872 s1039bus - ok
10:53:03.0687 4872 [ 7B35091A7BB597C86262C589B0B57D06 ] s1039mdfl C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys
10:53:03.0703 4872 s1039mdfl - ok
10:53:03.0734 4872 [ 4CB1AB13C9813CBF3E4C6406F8043EC2 ] s1039mdm C:\WINDOWS\system32\DRIVERS\s1039mdm.sys
10:53:03.0734 4872 s1039mdm - ok
10:53:03.0765 4872 [ 2649CA09585A7531126DCC116AD1F88C ] s1039mgmt C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys
10:53:03.0765 4872 s1039mgmt - ok
10:53:03.0796 4872 [ 6D3F549EFD6DAEDD7D12F3DE2175053F ] s1039nd5 C:\WINDOWS\system32\DRIVERS\s1039nd5.sys
10:53:03.0796 4872 s1039nd5 - ok
10:53:03.0843 4872 [ 305E3E3ACA0037AF2E2C1B50A383C91B ] s1039obex C:\WINDOWS\system32\DRIVERS\s1039obex.sys
10:53:03.0843 4872 s1039obex - ok
10:53:03.0859 4872 [ 7DD02A58277C84C043442561589914F4 ] s1039unic C:\WINDOWS\system32\DRIVERS\s1039unic.sys
10:53:03.0859 4872 s1039unic - ok
10:53:03.0906 4872 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
10:53:03.0906 4872 SamSs - ok
10:53:03.0937 4872 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:53:03.0937 4872 SCardSvr - ok
10:53:03.0984 4872 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:53:03.0984 4872 Schedule - ok
10:53:04.0015 4872 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:53:04.0015 4872 Secdrv - ok
10:53:04.0046 4872 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:53:04.0046 4872 seclogon - ok
10:53:04.0109 4872 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\WINDOWS\system32\DRIVERS\seehcri.sys
10:53:04.0109 4872 seehcri - ok
10:53:04.0125 4872 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
10:53:04.0125 4872 SENS - ok
10:53:04.0156 4872 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:53:04.0156 4872 serenum - ok
10:53:04.0171 4872 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:53:04.0171 4872 Serial - ok
10:53:04.0281 4872 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
10:53:04.0281 4872 ServiceLayer - ok
10:53:04.0312 4872 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:53:04.0312 4872 Sfloppy - ok
10:53:04.0359 4872 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:53:04.0375 4872 SharedAccess - ok
10:53:04.0406 4872 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:53:04.0406 4872 ShellHWDetection - ok
10:53:04.0406 4872 Simbad - ok
10:53:04.0437 4872 [ 3D7EF286E806F9BD9339AA52E28DCD67 ] SjyPkt C:\WINDOWS\System32\Drivers\SjyPkt.sys
10:53:04.0437 4872 SjyPkt - ok
10:53:04.0500 4872 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:53:04.0531 4872 SkypeUpdate - ok
10:53:04.0546 4872 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:53:04.0546 4872 SLIP - ok
10:53:04.0593 4872 [ FF35C2D01AC36B446A1B997F305F0FC2 ] Soluto C:\WINDOWS\system32\DRIVERS\Soluto.sys
10:53:04.0609 4872 Soluto - ok
10:53:04.0703 4872 [ B91F91CF539939AC1090B83294C2EFA9 ] SolutoService C:\Program Files\Soluto\SolutoService.exe
10:53:04.0703 4872 SolutoService - ok
10:53:04.0718 4872 Sparrow - ok
10:53:04.0750 4872 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:53:04.0750 4872 splitter - ok
10:53:04.0796 4872 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:53:04.0796 4872 Spooler - ok
10:53:04.0859 4872 [ F42EFEFB765235F24B24E1D2B6F99F46 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
10:53:04.0859 4872 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: F42EFEFB765235F24B24E1D2B6F99F46
10:53:04.0859 4872 sptd ( LockedFile.Multi.Generic ) - warning
10:53:04.0859 4872 sptd - detected LockedFile.Multi.Generic (1)
10:53:04.0875 4872 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:53:04.0875 4872 sr - ok
10:53:04.0890 4872 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
10:53:04.0890 4872 srservice - ok
10:53:04.0921 4872 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:53:04.0921 4872 Srv - ok
10:53:04.0937 4872 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:53:04.0953 4872 SSDPSRV - ok
10:53:04.0968 4872 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
10:53:04.0984 4872 ss_bbus - ok
10:53:05.0000 4872 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
10:53:05.0015 4872 ss_bmdfl - ok
10:53:05.0031 4872 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
10:53:05.0046 4872 ss_bmdm - ok
10:53:05.0078 4872 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:53:05.0078 4872 stisvc - ok
10:53:05.0109 4872 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:53:05.0109 4872 streamip - ok
10:53:05.0140 4872 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:53:05.0140 4872 swenum - ok
10:53:05.0156 4872 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:53:05.0156 4872 swmidi - ok
10:53:05.0156 4872 SwPrv - ok
10:53:05.0171 4872 symc810 - ok
10:53:05.0171 4872 symc8xx - ok
10:53:05.0187 4872 sym_hi - ok
10:53:05.0187 4872 sym_u3 - ok
10:53:05.0203 4872 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:53:05.0203 4872 sysaudio - ok
10:53:05.0218 4872 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:53:05.0234 4872 SysmonLog - ok
10:53:05.0265 4872 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\WINDOWS\system32\DRIVERS\taphss.sys
10:53:05.0265 4872 taphss - ok
10:53:05.0296 4872 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:53:05.0296 4872 TapiSrv - ok
10:53:05.0359 4872 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:53:05.0359 4872 Tcpip - ok
10:53:05.0390 4872 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:53:05.0390 4872 TDPIPE - ok
10:53:05.0390 4872 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:53:05.0406 4872 TDTCP - ok
10:53:05.0421 4872 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
10:53:05.0421 4872 teamviewervpn - ok
10:53:05.0421 4872 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:53:05.0421 4872 TermDD - ok
10:53:05.0453 4872 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
10:53:05.0453 4872 TermService - ok
10:53:05.0484 4872 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:53:05.0484 4872 Themes - ok
10:53:05.0500 4872 TosIde - ok
10:53:05.0531 4872 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:53:05.0531 4872 TrkWks - ok
10:53:05.0562 4872 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:53:05.0562 4872 Udfs - ok
10:53:05.0640 4872 [ 3B7E264485F361EA5A65FEEF89F2352F ] UltiDev Cassini Web Server for ASP.NET 2.0 C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
10:53:05.0734 4872 UltiDev Cassini Web Server for ASP.NET 2.0 - ok
10:53:05.0734 4872 ultra - ok
10:53:05.0765 4872 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:53:05.0765 4872 Update - ok
10:53:05.0796 4872 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
10:53:05.0796 4872 upnphost - ok
10:53:05.0828 4872 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
10:53:05.0828 4872 upperdev - ok
10:53:05.0843 4872 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
10:53:05.0843 4872 UPS - ok
10:53:05.0890 4872 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
10:53:05.0890 4872 usbaudio - ok
10:53:05.0906 4872 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:53:05.0906 4872 usbccgp - ok
10:53:05.0921 4872 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:53:05.0921 4872 usbehci - ok
10:53:05.0968 4872 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:53:05.0968 4872 usbhub - ok
10:53:05.0984 4872 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:53:05.0984 4872 usbohci - ok
10:53:06.0031 4872 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:53:06.0031 4872 usbprint - ok
10:53:06.0062 4872 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:53:06.0062 4872 usbscan - ok
10:53:06.0078 4872 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
10:53:06.0109 4872 usbser - ok
10:53:06.0109 4872 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
10:53:06.0109 4872 UsbserFilt - ok
10:53:06.0140 4872 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:53:06.0140 4872 USBSTOR - ok
10:53:06.0156 4872 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:53:06.0156 4872 VgaSave - ok
10:53:06.0171 4872 ViaIde - ok
10:53:06.0187 4872 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:53:06.0187 4872 VolSnap - ok
10:53:06.0218 4872 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
10:53:06.0234 4872 VSS - ok
10:53:06.0328 4872 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
10:53:06.0359 4872 vToolbarUpdater12.2.6 - ok
10:53:06.0375 4872 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
10:53:06.0375 4872 W32Time - ok
10:53:06.0390 4872 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:53:06.0390 4872 Wanarp - ok
10:53:06.0437 4872 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:53:06.0453 4872 Wdf01000 - ok
10:53:06.0468 4872 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:53:06.0484 4872 wdmaud - ok
10:53:06.0500 4872 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:53:06.0500 4872 WebClient - ok
10:53:06.0609 4872 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:53:06.0609 4872 winmgmt - ok
10:53:06.0656 4872 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:53:06.0656 4872 WmdmPmSN - ok
10:53:06.0703 4872 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:53:06.0703 4872 WmiApSrv - ok
10:53:06.0765 4872 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
10:53:06.0781 4872 WMPNetworkSvc - ok
10:53:06.0796 4872 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:53:06.0812 4872 WpdUsb - ok
10:53:06.0875 4872 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:53:06.0875 4872 WPFFontCache_v0400 - ok
10:53:06.0906 4872 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:53:06.0906 4872 WS2IFSL - ok
10:53:06.0953 4872 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:53:06.0968 4872 wscsvc - ok
10:53:06.0984 4872 WSearch - ok
10:53:07.0000 4872 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:53:07.0000 4872 WSTCODEC - ok
10:53:07.0031 4872 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:53:07.0031 4872 wuauserv - ok
10:53:07.0078 4872 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:53:07.0078 4872 WudfPf - ok
10:53:07.0109 4872 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:53:07.0109 4872 WudfRd - ok
10:53:07.0140 4872 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:53:07.0140 4872 WudfSvc - ok
10:53:07.0187 4872 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:53:07.0203 4872 WZCSVC - ok
10:53:07.0234 4872 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:53:07.0234 4872 xmlprov - ok
10:53:07.0265 4872 ================ Scan global ===============================
10:53:07.0296 4872 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
10:53:07.0343 4872 [ 65882230AC369E697239277C0E6E69B3 ] C:\WINDOWS\system32\winsrv.dll
10:53:07.0359 4872 [ 65882230AC369E697239277C0E6E69B3 ] C:\WINDOWS\system32\winsrv.dll
10:53:07.0375 4872 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
10:53:07.0375 4872 [Global] - ok
10:53:07.0375 4872 ================ Scan MBR ==================================
10:53:07.0406 4872 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
10:53:07.0546 4872 \Device\Harddisk0\DR0 - ok
10:53:07.0546 4872 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
10:53:07.0546 4872 \Device\Harddisk1\DR2 - ok
10:53:07.0546 4872 ================ Scan VBR ==================================
10:53:07.0562 4872 [ 3B5154E7FFFC64E16166D735C6948C83 ] \Device\Harddisk0\DR0\Partition1
10:53:07.0562 4872 \Device\Harddisk0\DR0\Partition1 - ok
10:53:07.0562 4872 [ EA5BEA503EEC4B3EC0CF7DDDFFE35CCB ] \Device\Harddisk1\DR2\Partition1
10:53:07.0562 4872 \Device\Harddisk1\DR2\Partition1 - ok
10:53:07.0562 4872 ============================================================
10:53:07.0562 4872 Scan finished
10:53:07.0562 4872 ============================================================
10:53:07.0578 0276 Detected object count: 1
10:53:07.0578 0276 Actual detected object count: 1
10:53:15.0531 0276 sptd ( LockedFile.Multi.Generic ) - skipped by user
10:53:15.0531 0276 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
10:53:19.0406 4456 Deinitialize success

Log ComboFix:

ComboFix 12-09-27.03 - XP 29.09.2012 11:21:39.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1272 [GMT 2:00]
Spuštěný z: c:\documents and settings\XP\Plocha\ComboFix.exe
AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\avgfwdx.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\85ee68ab771c9f07.fb
c:\windows\system32\Cache\9f3525f94c0c501e.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\DEBUG.log
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-28 do 2012-09-29 )))))))))))))))))))))))))))))))
.
.
2012-09-28 12:26 . 2012-09-28 12:26 -------- d-----w- c:\program files\Activision
2012-09-25 17:58 . 2012-09-25 17:58 -------- d-----w- c:\program files\Passware
2012-09-14 07:49 . 2012-09-14 07:49 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-09-13 18:36 . 2012-09-13 18:37 -------- d-sh--w- c:\documents and settings\XP\Phone Browser
2012-09-06 14:23 . 2012-09-07 15:31 -------- d-----w- c:\documents and settings\XP\Local Settings\Data aplikací\by_dekart811
2012-09-06 14:23 . 2012-09-07 18:49 -------- d-----w- c:\documents and settings\XP\Data aplikací\FAH
2012-09-05 06:08 . 2012-09-05 06:08 -------- d-----w- c:\documents and settings\XP\Local Settings\Data aplikací\AVG Secure Search
2012-09-04 11:49 . 2012-09-04 11:49 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-24 08:30 . 2012-04-14 12:04 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-24 08:30 . 2011-05-27 18:34 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 15:04 . 2012-06-29 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-28 15:18 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-10 12:01 . 2011-04-08 09:40 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-08-10 12:00 . 2011-04-08 09:39 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-08-10 11:33 . 2011-04-08 09:39 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-08-10 11:06 . 2012-08-10 11:06 22328 ----a-w- c:\documents and settings\XP\Data aplikací\PnkBstrK.sys
2012-08-01 12:17 . 2012-08-01 12:17 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-07-10 12:37 . 2012-07-09 17:52 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-07-10 12:37 . 2012-07-09 17:52 235 ----a-w- c:\windows\system32\nxEuUninstall.bat
2012-07-06 13:58 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2011-02-24 17:31 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 08:49 . 2011-09-03 14:32 544656 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-02 08:49 . 2011-09-03 14:32 128000 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-01 17:57 . 2012-07-01 17:57 87608 ----a-w- c:\documents and settings\XP\Data aplikací\inst.exe
2012-07-01 17:57 . 2012-07-01 17:57 47360 ----a-w- c:\documents and settings\XP\Data aplikací\pcouffin.sys
2012-09-07 13:34 . 2012-09-07 13:34 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2004-08-18 12:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 3546ED37229E5911B94F26CBF8882359 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3546ED37229E5911B94F26CBF8882359 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . B25470FBF7AF7EECAB1C93804796DAB8 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . B25470FBF7AF7EECAB1C93804796DAB8 . 277504 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-03-08 . 4822664E58044D1D85450DC9D1C06E52 . 737632 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . 4822664E58044D1D85450DC9D1C06E52 . 737632 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\ie8\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-09-04 11:51 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-04 1734240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-07-09 438272]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"MP3 Skype Recorder"="c:\program files\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-11-17 1975296]
"Fraps"="c:\fraps\FRAPS.EXE" [2011-07-31 2523312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-20 13881960]
"Soluto"="c:\program files\Soluto\soluto.exe" [2012-04-11 1716784]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-09-04 947808]
"HF_G_Jul"="c:\program files\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
"ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-04 1022048]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-08-01 2345592]
.
c:\documents and settings\XP\Nabídka Start\Programy\Po spuštění\
Facebook Messenger.lnk - c:\documents and settings\XP\Local Settings\Data aplikací\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58334:TCP"= 58334:TCP:Pando Media Booster
"58334:UDP"= 58334:UDP:Pando Media Booster
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13.9.2010 15:27 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 3:48 32592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8.12.2010 4:12 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12.11.2010 13:19 297168]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [4.9.2012 13:49 27496]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG10\avgfws.exe [9.3.2011 19:24 2708024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [31.1.2012 16:02 7391072]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8.2.2011 5:33 269520]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [25.2.2011 11:58 38144]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.8.2012 12:03 1385896]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [10.7.2012 5:04 385392]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [4.9.2012 13:49 722528]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [3.8.2010 15:23 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [3.8.2010 15:23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [3.8.2010 15:23 27216]
R3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [30.12.2011 13:28 239168]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [26.2.2011 14:14 27632]
S0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [14.4.2012 13:36 51144]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2.9.2012 17:37 116648]
S2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [13.7.2012 2:52 471408]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.7.2012 13:19 160944]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [11.4.2012 20:34 583200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14.4.2012 14:04 250288]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [6.4.2012 21:02 23456]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [27.5.2011 14:32 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2.9.2012 17:37 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26.4.2012 12:02 114144]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [15.8.2012 10:34 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [15.8.2012 10:34 8576]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10.4.2011 10:50 47360]
S3 rtl8180;IEEE 802.11b Wireless Cardbus/PCI Adapter;c:\windows\system32\drivers\rtl8180.sys [16.6.2003 12:18 158848]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [25.2.2011 11:58 332928]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [26.2.2011 14:26 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [26.2.2011 14:26 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [26.2.2011 14:26 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [26.2.2011 14:26 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [26.2.2011 14:26 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [26.2.2011 14:26 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [26.2.2011 14:26 109736]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [26.2.2011 14:26 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [26.2.2011 14:26 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [26.2.2011 14:26 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [26.2.2011 14:26 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [26.2.2011 14:26 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [26.2.2011 14:26 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [26.2.2011 14:26 123504]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2.10.2002 9:57 13532]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [27.5.2011 14:32 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [27.5.2011 14:32 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [27.5.2011 14:32 121856]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [7.1.2008 10:37 25088]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [7.4.2011 15:52 167264]
S4 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [8.2.2007 0:06 49152]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 08:30]
.
2012-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-02 15:37]
.
2012-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-09-02 15:37]
.
.
------- Doplňkový sken -------
.
TCP: Interfaces\{DDCE6E07-D95C-41C7-9D9B-AEBC01352360}: NameServer = 10.2.56.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\XP\Data aplikací\Mozilla\Firefox\Profiles\1fsv49gu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsear ... searchfor=
FF - user.js: extentions.y2layers.installId - 2693f7ac-65e2-4ece-86fa-d70a681f2937
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.claro.id - dcd1dc4100000000000000ffddce6e07
FF - user.js: extensions.claro.instlDay - 15540
FF - user.js: extensions.claro.vrsn - 1.6.4.1
FF - user.js: extensions.claro.vrsni - 1.6.4.1
FF - user.js: extensions.claro_i.vrsnTs - 1.6.4.120:16
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - iclaro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-29 11:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1876)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'lsass.exe'(1932)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(368)
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG10\avgchsvx.exe
c:\progra~1\AVG\AVG10\avgrsx.exe
c:\windows\system32\nvsvc32.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
c:\program files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\AVG\AVG10\avgam.exe
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\AVG\AVG10\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2012-09-29 11:33:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-29 09:33
.
Před spuštěním: Volných bajtů: 341 996 806 144
Po spuštění: Volných bajtů: 341 967 765 504
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - EE843E7C440A4521FEF9263E772BE49C

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Log z COmbofixu:

ComboFix 12-09-27.03 - XP 29.09.2012 14:28:24.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1232 [GMT 2:00]
Spuštěný z: c:\documents and settings\XP\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\XP\Plocha\CFScript.txt
AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
FILE ::
"c:\windows\system32\drivers\EagleXNt.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\TEMP\cpuz135\cpuz135_x32.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\22.0.1229.79\22.0.1229.79_21.0.1180.89_chrome_updater.exe
c:\program files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files\Google\Update\Download\MemesChrome4.0.crx
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Google\Update\Install\{4ED49AB2-E39F-4FEB-8448-E9B1F99CD5E6}\GoogleEarth-Win-Bundle-6.2.2.6613.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ135
-------\Legacy_EAGLEXNT
-------\Legacy_GUPDATE
-------\Legacy_SKYPEUPDATE
-------\Service_cpuz135
-------\Service_EagleXNt
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-28 do 2012-09-29 )))))))))))))))))))))))))))))))
.
.
2012-09-28 12:26 . 2012-09-28 12:26 -------- d-----w- c:\program files\Activision
2012-09-25 17:58 . 2012-09-25 17:58 -------- d-----w- c:\program files\Passware
2012-09-14 07:49 . 2012-09-14 07:49 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-09-13 18:36 . 2012-09-13 18:37 -------- d-sh--w- c:\documents and settings\XP\Phone Browser
2012-09-06 14:23 . 2012-09-07 15:31 -------- d-----w- c:\documents and settings\XP\Local Settings\Data aplikací\by_dekart811
2012-09-06 14:23 . 2012-09-07 18:49 -------- d-----w- c:\documents and settings\XP\Data aplikací\FAH
2012-09-05 06:08 . 2012-09-05 06:08 -------- d-----w- c:\documents and settings\XP\Local Settings\Data aplikací\AVG Secure Search
2012-09-04 11:49 . 2012-09-04 11:49 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-24 08:30 . 2012-04-14 12:04 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-24 08:30 . 2011-05-27 18:34 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 15:04 . 2012-06-29 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-28 15:18 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-10 12:01 . 2011-04-08 09:40 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-08-10 12:00 . 2011-04-08 09:39 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-08-10 11:33 . 2011-04-08 09:39 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-08-10 11:06 . 2012-08-10 11:06 22328 ----a-w- c:\documents and settings\XP\Data aplikací\PnkBstrK.sys
2012-08-01 12:17 . 2012-08-01 12:17 428088 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-07-10 12:37 . 2012-07-09 17:52 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2012-07-10 12:37 . 2012-07-09 17:52 235 ----a-w- c:\windows\system32\nxEuUninstall.bat
2012-07-06 13:58 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2011-02-24 17:31 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 08:49 . 2011-09-03 14:32 544656 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-02 08:49 . 2011-09-03 14:32 128000 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-01 17:57 . 2012-07-01 17:57 87608 ----a-w- c:\documents and settings\XP\Data aplikací\inst.exe
2012-07-01 17:57 . 2012-07-01 17:57 47360 ----a-w- c:\documents and settings\XP\Data aplikací\pcouffin.sys
2012-09-07 13:34 . 2012-09-07 13:34 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2004-08-18 12:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 3546ED37229E5911B94F26CBF8882359 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 3546ED37229E5911B94F26CBF8882359 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . B25470FBF7AF7EECAB1C93804796DAB8 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . B25470FBF7AF7EECAB1C93804796DAB8 . 277504 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-03-08 . 4822664E58044D1D85450DC9D1C06E52 . 737632 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . 4822664E58044D1D85450DC9D1C06E52 . 737632 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\ie8\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-09-04 11:51 1734240 ----a-w- c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-04 1734240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-07-09 438272]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"MP3 Skype Recorder"="c:\program files\MP3 Skype Recorder\MP3 Skype Recorder.exe" [2011-11-17 1975296]
"Fraps"="c:\fraps\FRAPS.EXE" [2011-07-31 2523312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-20 13881960]
"Soluto"="c:\program files\Soluto\soluto.exe" [2012-04-11 1716784]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-09-04 947808]
"HF_G_Jul"="c:\program files\AVG Secure Search\HF_G_Jul.exe" [2012-07-18 36960]
"ROC_ROC_JULY_P1"="c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-04 1022048]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-08-01 2345592]
.
c:\documents and settings\XP\Nabídka Start\Programy\Po spuštění\
Facebook Messenger.lnk - c:\documents and settings\XP\Local Settings\Data aplikací\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe [2012-9-25 247728]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58334:TCP"= 58334:TCP:Pando Media Booster
"58334:UDP"= 58334:UDP:Pando Media Booster
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13.9.2010 15:27 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 3:48 32592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8.12.2010 4:12 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [12.11.2010 13:19 297168]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [4.9.2012 13:49 27496]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG10\avgfws.exe [9.3.2011 19:24 2708024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [31.1.2012 16:02 7391072]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8.2.2011 5:33 269520]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [25.2.2011 11:58 38144]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.8.2012 12:03 1385896]
R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [10.7.2012 5:04 385392]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [4.9.2012 13:49 722528]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [3.8.2010 15:23 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [3.8.2010 15:23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [3.8.2010 15:23 27216]
R3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [30.12.2011 13:28 239168]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [26.2.2011 14:14 27632]
S0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [14.4.2012 13:36 51144]
S2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [13.7.2012 2:52 471408]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [11.4.2012 20:34 583200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14.4.2012 14:04 250288]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.7.2010 4:33 30432]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [6.4.2012 21:02 23456]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [27.5.2011 14:32 36608]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [26.4.2012 12:02 114144]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [15.8.2012 10:34 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [15.8.2012 10:34 8576]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10.4.2011 10:50 47360]
S3 rtl8180;IEEE 802.11b Wireless Cardbus/PCI Adapter;c:\windows\system32\drivers\rtl8180.sys [16.6.2003 12:18 158848]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [25.2.2011 11:58 332928]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [26.2.2011 14:26 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [26.2.2011 14:26 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [26.2.2011 14:26 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [26.2.2011 14:26 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [26.2.2011 14:26 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [26.2.2011 14:26 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [26.2.2011 14:26 109736]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [26.2.2011 14:26 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [26.2.2011 14:26 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [26.2.2011 14:26 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [26.2.2011 14:26 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [26.2.2011 14:26 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [26.2.2011 14:26 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [26.2.2011 14:26 123504]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2.10.2002 9:57 13532]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [27.5.2011 14:32 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [27.5.2011 14:32 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [27.5.2011 14:32 121856]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [7.1.2008 10:37 25088]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [7.4.2011 15:52 167264]
S4 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [8.2.2007 0:06 49152]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - CPUZ135
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 08:30]
.
.
------- Doplňkový sken -------
.
TCP: Interfaces\{DDCE6E07-D95C-41C7-9D9B-AEBC01352360}: NameServer = 10.2.56.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\XP\Data aplikací\Mozilla\Firefox\Profiles\1fsv49gu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-29 14:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1496)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'lsass.exe'(1668)
c:\windows\system32\SETUPAPI.dll
.
- - - - - - - > 'explorer.exe'(3320)
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG10\avgchsvx.exe
c:\progra~1\AVG\AVG10\avgrsx.exe
c:\windows\system32\nvsvc32.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
c:\program files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files\Hotspot Shield\HssWPR\hsssrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\AVG\AVG10\avgam.exe
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\AVG\AVG10\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2012-09-29 14:40:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-29 12:40
ComboFix2.txt 2012-09-29 09:33
.
Před spuštěním: Volných bajtů: 346 372 161 536
Po spuštění: Volných bajtů: 346 290 212 864
.
- - End Of File - - B93D3D67F51D4807A55C028BE0C0008C

Tak co teda?

Otevři si složku "c:\windows\Tasks" a smaž "Adobe Flash Player Updater.job".

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Upgraduj na AVG 2013, Free verze se je taky dostupná na http://free.avg.com

Vyčisti systém CCleanerem a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Pokud je vše v pořádku, můžeš téma označit za vyřešené.