PC-HELP.CZ

Nejde mi z PC odstranit nějaký toolbat babylon co mi najde spy boot a to ani když se program spustí při startu PC.
Celý je trochu zpomalený a dnes se mi opět sami srovnaly ikony na ploše..

Prosím o kontolu logu..

Díky

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:52:55, on 27.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\Program Files\ESET\ESET Smart Security\egui.exe
H:\Program Files\ASUS\EPU\EPU.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\ESET\ESET Smart Security\ekrn.exe
H:\Program Files\Java\jre7\bin\jqs.exe
H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
H:\Program Files\PANDORA.TV\PanService\PandoraService.exe
H:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
H:\WINDOWS\system32\IoctlSvc.exe
H:\WINDOWS\system32\svchost.exe
H:\Documents and Settings\Jirka&Sarka\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IHPIEHook Class - {0eceeac0-8a08-11d4-a521-0020af300fc7} - C:\qstsjdss\HPIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - H:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "H:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Six Engine] "H:\Program Files\ASUS\EPU\EPU.exe" -r
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://H:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5277440703
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: h:\docume~1\alluse~1\dataap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET Service (ekrn) - ESET - H:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - H:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - H:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - H:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - H:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6797 bytes

Odinstaluj Spybota. Je zbytečný a zastaralý...

v logu fixni:
O2 - BHO: IHPIEHook Class - {0eceeac0-8a08-11d4-a521-0020af300fc7} - C:\qstsjdss\HPIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O20 - AppInit_DLLs: h:\docume~1\alluse~1\dataap~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

ještě se mi na ploše objevil APN log a v něm tohle

10/23/2012 23:19:59.812 encode xp => xp

10/23/2012 23:19:59.828 GetDefaultBrowser in

10/23/2012 23:19:59.828 GetDefaultBrowser xp "H:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome

10/23/2012 23:19:59.828

ale ani nevím kde se to tam vzalo... jinak udělám co píšeš a dám vědět... díky

Jo používám IE explorer a mám CC celaner a používám ho..., mám tedy ATF Cleaner vynechat?

Je to podobné. Vynechej

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.10.27.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jirka&Sarka :: JIRKA [administrátor]

27.10.2012 22:34:30
mbam-log-2012-10-27 (22-34-30).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 212251
Uplynulý čas: 3 minut, 20 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

12:26:39.0796 2688 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:26:39.0937 2688 ============================================================
12:26:39.0937 2688 Current date / time: 2012/10/28 12:26:39.0937
12:26:39.0937 2688 SystemInfo:
12:26:39.0937 2688
12:26:39.0937 2688 OS Version: 5.1.2600 ServicePack: 3.0
12:26:39.0937 2688 Product type: Workstation
12:26:39.0937 2688 ComputerName: JIRKA
12:26:39.0937 2688 UserName: Jirka&Sarka
12:26:39.0937 2688 Windows directory: H:\WINDOWS
12:26:39.0937 2688 System windows directory: H:\WINDOWS
12:26:39.0937 2688 Processor architecture: Intel x86
12:26:39.0937 2688 Number of processors: 4
12:26:39.0937 2688 Page size: 0x1000
12:26:39.0937 2688 Boot type: Normal boot
12:26:39.0937 2688 ============================================================
12:26:41.0109 2688 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:26:46.0578 2688 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:26:46.0609 2688 ============================================================
12:26:46.0609 2688 \Device\Harddisk0\DR0:
12:26:46.0609 2688 MBR partitions:
12:26:46.0609 2688 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
12:26:46.0609 2688 \Device\Harddisk1\DR1:
12:26:46.0609 2688 MBR partitions:
12:26:46.0609 2688 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
12:26:46.0609 2688 ============================================================
12:26:46.0640 2688 C: <-> \Device\Harddisk1\DR1\Partition1
12:26:46.0734 2688 H: <-> \Device\Harddisk0\DR0\Partition1
12:26:46.0734 2688 ============================================================
12:26:46.0734 2688 Initialize success
12:26:46.0734 2688 ============================================================
12:26:53.0125 3188 ============================================================
12:26:53.0125 3188 Scan started
12:26:53.0125 3188 Mode: Manual;
12:26:53.0125 3188 ============================================================
12:26:53.0515 3188 ================ Scan system memory ========================
12:26:53.0515 3188 System memory - ok
12:26:53.0515 3188 ================ Scan services =============================
12:26:53.0578 3188 Abiosdsk - ok
12:26:53.0593 3188 abp480n5 - ok
12:26:53.0609 3188 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI H:\WINDOWS\system32\DRIVERS\ACPI.sys
12:26:53.0625 3188 ACPI - ok
12:26:53.0640 3188 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC H:\WINDOWS\system32\drivers\ACPIEC.sys
12:26:53.0640 3188 ACPIEC - ok
12:26:53.0687 3188 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:53.0687 3188 AdobeFlashPlayerUpdateSvc - ok
12:26:53.0687 3188 adpu160m - ok
12:26:53.0718 3188 [ 8BED39E3C35D6A489438B8141717A557 ] aec H:\WINDOWS\system32\drivers\aec.sys
12:26:53.0718 3188 aec - ok
12:26:53.0734 3188 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD H:\WINDOWS\System32\drivers\afd.sys
12:26:53.0750 3188 AFD - ok
12:26:53.0750 3188 Aha154x - ok
12:26:53.0750 3188 aic78u2 - ok
12:26:53.0765 3188 aic78xx - ok
12:26:53.0781 3188 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter H:\WINDOWS\system32\alrsvc.dll
12:26:53.0781 3188 Alerter - ok
12:26:53.0796 3188 [ 88842DE939A827577BF24243699AC80A ] ALG H:\WINDOWS\System32\alg.exe
12:26:53.0796 3188 ALG - ok
12:26:53.0796 3188 AliIde - ok
12:26:53.0828 3188 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM H:\WINDOWS\system32\DRIVERS\AmdPPM.sys
12:26:53.0828 3188 AmdPPM - ok
12:26:53.0828 3188 amsint - ok
12:26:53.0843 3188 AppMgmt - ok
12:26:53.0843 3188 asc - ok
12:26:53.0843 3188 asc3350p - ok
12:26:53.0859 3188 asc3550 - ok
12:26:53.0875 3188 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO H:\WINDOWS\system32\drivers\AsIO.sys
12:26:53.0875 3188 AsIO - ok
12:26:53.0937 3188 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:26:53.0937 3188 aspnet_state - ok
12:26:53.0953 3188 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac H:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:26:53.0953 3188 AsyncMac - ok
12:26:53.0968 3188 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi H:\WINDOWS\system32\DRIVERS\atapi.sys
12:26:53.0968 3188 atapi - ok
12:26:53.0968 3188 Atdisk - ok
12:26:53.0984 3188 [ A08FDA1AA3B5F74F71895AE247AD9152 ] Ati HotKey Poller H:\WINDOWS\system32\Ati2evxx.exe
12:26:54.0000 3188 Ati HotKey Poller - ok
12:26:54.0046 3188 [ 20B10AF9D6A7EEBDAA5C0C9461EDAF7D ] ati2mtag H:\WINDOWS\system32\DRIVERS\ati2mtag.sys
12:26:54.0078 3188 ati2mtag - ok
12:26:54.0093 3188 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc H:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:26:54.0093 3188 Atmarpc - ok
12:26:54.0109 3188 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv H:\WINDOWS\System32\audiosrv.dll
12:26:54.0109 3188 AudioSrv - ok
12:26:54.0109 3188 [ D9F724AA26C010A217C97606B160ED68 ] audstub H:\WINDOWS\system32\DRIVERS\audstub.sys
12:26:54.0109 3188 audstub - ok
12:26:54.0125 3188 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep H:\WINDOWS\system32\drivers\Beep.sys
12:26:54.0125 3188 Beep - ok
12:26:54.0140 3188 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS H:\WINDOWS\system32\qmgr.dll
12:26:54.0156 3188 BITS - ok
12:26:54.0171 3188 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser H:\WINDOWS\System32\browser.dll
12:26:54.0171 3188 Browser - ok
12:26:54.0187 3188 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k H:\WINDOWS\system32\drivers\cbidf2k.sys
12:26:54.0187 3188 cbidf2k - ok
12:26:54.0187 3188 cd20xrnt - ok
12:26:54.0203 3188 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio H:\WINDOWS\system32\drivers\Cdaudio.sys
12:26:54.0203 3188 Cdaudio - ok
12:26:54.0234 3188 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs H:\WINDOWS\system32\drivers\Cdfs.sys
12:26:54.0234 3188 Cdfs - ok
12:26:54.0250 3188 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom H:\WINDOWS\system32\DRIVERS\cdrom.sys
12:26:54.0250 3188 Cdrom - ok
12:26:54.0250 3188 Changer - ok
12:26:54.0250 3188 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc H:\WINDOWS\system32\cisvc.exe
12:26:54.0250 3188 CiSvc - ok
12:26:54.0265 3188 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv H:\WINDOWS\system32\clipsrv.exe
12:26:54.0265 3188 ClipSrv - ok
12:26:54.0281 3188 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:26:54.0296 3188 clr_optimization_v2.0.50727_32 - ok
12:26:54.0312 3188 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:26:54.0343 3188 clr_optimization_v4.0.30319_32 - ok
12:26:54.0359 3188 CmdIde - ok
12:26:54.0359 3188 COMSysApp - ok
12:26:54.0375 3188 Cpqarray - ok
12:26:54.0390 3188 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc H:\WINDOWS\System32\cryptsvc.dll
12:26:54.0390 3188 CryptSvc - ok
12:26:54.0390 3188 dac2w2k - ok
12:26:54.0406 3188 dac960nt - ok
12:26:54.0406 3188 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch H:\WINDOWS\system32\rpcss.dll
12:26:54.0421 3188 DcomLaunch - ok
12:26:54.0437 3188 [ D8522960163FA593694E441194A9A574 ] dg_ssudbus H:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:26:54.0437 3188 dg_ssudbus - ok
12:26:54.0453 3188 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp H:\WINDOWS\System32\dhcpcsvc.dll
12:26:54.0453 3188 Dhcp - ok
12:26:54.0468 3188 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk H:\WINDOWS\system32\DRIVERS\disk.sys
12:26:54.0468 3188 Disk - ok
12:26:54.0468 3188 dmadmin - ok
12:26:54.0500 3188 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot H:\WINDOWS\system32\drivers\dmboot.sys
12:26:54.0515 3188 dmboot - ok
12:26:54.0515 3188 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio H:\WINDOWS\system32\drivers\dmio.sys
12:26:54.0531 3188 dmio - ok
12:26:54.0531 3188 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload H:\WINDOWS\system32\drivers\dmload.sys
12:26:54.0531 3188 dmload - ok
12:26:54.0546 3188 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver H:\WINDOWS\System32\dmserver.dll
12:26:54.0546 3188 dmserver - ok
12:26:54.0546 3188 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic H:\WINDOWS\system32\drivers\DMusic.sys
12:26:54.0546 3188 DMusic - ok
12:26:54.0562 3188 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache H:\WINDOWS\System32\dnsrslvr.dll
12:26:54.0562 3188 Dnscache - ok
12:26:54.0562 3188 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc H:\WINDOWS\System32\dot3svc.dll
12:26:54.0562 3188 Dot3svc - ok
12:26:54.0562 3188 dpti2o - ok
12:26:54.0578 3188 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud H:\WINDOWS\system32\drivers\drmkaud.sys
12:26:54.0578 3188 drmkaud - ok
12:26:54.0578 3188 [ 8C2B6BBC82AD12CD9A2E73E5DCBBA705 ] eamon H:\WINDOWS\system32\DRIVERS\eamon.sys
12:26:54.0578 3188 eamon - ok
12:26:54.0593 3188 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost H:\WINDOWS\System32\eapsvc.dll
12:26:54.0593 3188 EapHost - ok
12:26:54.0609 3188 [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv H:\WINDOWS\system32\DRIVERS\ehdrv.sys
12:26:54.0609 3188 ehdrv - ok
12:26:54.0656 3188 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn H:\Program Files\ESET\ESET Smart Security\ekrn.exe
12:26:54.0656 3188 ekrn - ok
12:26:54.0671 3188 [ 774BABCB1144513DC86992003740B774 ] epfw H:\WINDOWS\system32\DRIVERS\epfw.sys
12:26:54.0671 3188 epfw - ok
12:26:54.0687 3188 [ 4B86DA2C58063B647577CD669CFFAEEB ] Epfwndis H:\WINDOWS\system32\DRIVERS\Epfwndis.sys
12:26:54.0687 3188 Epfwndis - ok
12:26:54.0687 3188 [ 1B36748EA9E25549EBE5D8EA105BD981 ] epfwtdi H:\WINDOWS\system32\DRIVERS\epfwtdi.sys
12:26:54.0687 3188 epfwtdi - ok
12:26:54.0687 3188 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc H:\WINDOWS\System32\ersvc.dll
12:26:54.0687 3188 ERSvc - ok
12:26:54.0718 3188 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog H:\WINDOWS\system32\services.exe
12:26:54.0718 3188 Eventlog - ok
12:26:54.0750 3188 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem H:\WINDOWS\system32\es.dll
12:26:54.0750 3188 EventSystem - ok
12:26:54.0765 3188 [ 38D332A6D56AF32635675F132548343E ] Fastfat H:\WINDOWS\system32\drivers\Fastfat.sys
12:26:54.0765 3188 Fastfat - ok
12:26:54.0781 3188 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility H:\WINDOWS\System32\shsvcs.dll
12:26:54.0781 3188 FastUserSwitchingCompatibility - ok
12:26:54.0796 3188 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc H:\WINDOWS\system32\DRIVERS\fdc.sys
12:26:54.0796 3188 Fdc - ok
12:26:54.0796 3188 [ AC366695A0796560AA37215AD5762AAF ] Fips H:\WINDOWS\system32\drivers\Fips.sys
12:26:54.0796 3188 Fips - ok
12:26:54.0812 3188 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk H:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:26:54.0812 3188 Flpydisk - ok
12:26:54.0812 3188 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr H:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:26:54.0812 3188 FltMgr - ok
12:26:54.0843 3188 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:26:54.0843 3188 FontCache3.0.0.0 - ok
12:26:54.0843 3188 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec H:\WINDOWS\system32\drivers\Fs_Rec.sys
12:26:54.0843 3188 Fs_Rec - ok
12:26:54.0859 3188 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk H:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:26:54.0859 3188 Ftdisk - ok
12:26:54.0875 3188 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc H:\WINDOWS\system32\DRIVERS\msgpc.sys
12:26:54.0875 3188 Gpc - ok
12:26:54.0875 3188 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus H:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:26:54.0875 3188 HDAudBus - ok
12:26:54.0890 3188 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc H:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:26:54.0890 3188 helpsvc - ok
12:26:54.0890 3188 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ H:\WINDOWS\System32\hidserv.dll
12:26:54.0890 3188 HidServ - ok
12:26:54.0906 3188 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb H:\WINDOWS\system32\DRIVERS\hidusb.sys
12:26:54.0906 3188 hidusb - ok
12:26:54.0921 3188 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc H:\WINDOWS\System32\kmsvc.dll
12:26:54.0937 3188 hkmsvc - ok
12:26:54.0937 3188 hpn - ok
12:26:54.0968 3188 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP H:\WINDOWS\system32\Drivers\HTTP.sys
12:26:54.0968 3188 HTTP - ok
12:26:54.0984 3188 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter H:\WINDOWS\System32\w3ssl.dll
12:26:54.0984 3188 HTTPFilter - ok
12:26:55.0000 3188 i2omgmt - ok
12:26:55.0000 3188 i2omp - ok
12:26:55.0015 3188 [ C528E27945367191E7BAE364930B6932 ] i8042prt H:\WINDOWS\system32\drivers\i8042prt.sys
12:26:55.0015 3188 i8042prt - ok
12:26:55.0046 3188 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:26:55.0062 3188 idsvc - ok
12:26:55.0062 3188 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi H:\WINDOWS\system32\DRIVERS\imapi.sys
12:26:55.0062 3188 Imapi - ok
12:26:55.0093 3188 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService H:\WINDOWS\system32\imapi.exe
12:26:55.0093 3188 ImapiService - ok
12:26:55.0093 3188 ini910u - ok
12:26:55.0109 3188 IntelIde - ok
12:26:55.0125 3188 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw H:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:26:55.0125 3188 Ip6Fw - ok
12:26:55.0140 3188 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver H:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:26:55.0140 3188 IpFilterDriver - ok
12:26:55.0156 3188 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp H:\WINDOWS\system32\DRIVERS\ipinip.sys
12:26:55.0156 3188 IpInIp - ok
12:26:55.0156 3188 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat H:\WINDOWS\system32\DRIVERS\ipnat.sys
12:26:55.0156 3188 IpNat - ok
12:26:55.0171 3188 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec H:\WINDOWS\system32\DRIVERS\ipsec.sys
12:26:55.0171 3188 IPSec - ok
12:26:55.0171 3188 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM H:\WINDOWS\system32\DRIVERS\irenum.sys
12:26:55.0187 3188 IRENUM - ok
12:26:55.0187 3188 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp H:\WINDOWS\system32\DRIVERS\isapnp.sys
12:26:55.0187 3188 isapnp - ok
12:26:55.0234 3188 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService H:\Program Files\Java\jre7\bin\jqs.exe
12:26:55.0234 3188 JavaQuickStarterService - ok
12:26:55.0234 3188 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass H:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:26:55.0234 3188 Kbdclass - ok
12:26:55.0250 3188 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid H:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:26:55.0250 3188 kbdhid - ok
12:26:55.0265 3188 [ 692BCF44383D056AED41B045A323D378 ] kmixer H:\WINDOWS\system32\drivers\kmixer.sys
12:26:55.0265 3188 kmixer - ok
12:26:55.0265 3188 [ B467646C54CC746128904E1654C750C1 ] KSecDD H:\WINDOWS\system32\drivers\KSecDD.sys
12:26:55.0265 3188 KSecDD - ok
12:26:55.0281 3188 [ 080CF8720A306A64F7A09D1226491791 ] L1e H:\WINDOWS\system32\DRIVERS\l1e51x86.sys
12:26:55.0281 3188 L1e - ok
12:26:55.0281 3188 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer H:\WINDOWS\System32\srvsvc.dll
12:26:55.0296 3188 LanmanServer - ok
12:26:55.0312 3188 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation H:\WINDOWS\System32\wkssvc.dll
12:26:55.0312 3188 lanmanworkstation - ok
12:26:55.0312 3188 lbrtfdc - ok
12:26:55.0328 3188 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts H:\WINDOWS\System32\lmhsvc.dll
12:26:55.0328 3188 LmHosts - ok
12:26:55.0343 3188 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector H:\WINDOWS\system32\drivers\mbam.sys
12:26:55.0343 3188 MBAMProtector - ok
12:26:55.0359 3188 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:26:55.0359 3188 MBAMScheduler - ok
12:26:55.0390 3188 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:26:55.0390 3188 MBAMService - ok
12:26:55.0406 3188 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger H:\WINDOWS\System32\msgsvc.dll
12:26:55.0421 3188 Messenger - ok
12:26:55.0437 3188 [ A7DA20AB18A1BDAE28B0F349E57DA0D1 ] mf H:\WINDOWS\system32\DRIVERS\mf.sys
12:26:55.0437 3188 mf - ok
12:26:55.0437 3188 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:26:55.0437 3188 Microsoft Office Groove Audit Service - ok
12:26:55.0453 3188 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd H:\WINDOWS\system32\drivers\mnmdd.sys
12:26:55.0453 3188 mnmdd - ok
12:26:55.0453 3188 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc H:\WINDOWS\system32\mnmsrvc.exe
12:26:55.0468 3188 mnmsrvc - ok
12:26:55.0468 3188 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem H:\WINDOWS\system32\drivers\Modem.sys
12:26:55.0468 3188 Modem - ok
12:26:55.0515 3188 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt H:\WINDOWS\system32\drivers\monfilt.sys
12:26:55.0531 3188 monfilt - ok
12:26:55.0531 3188 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass H:\WINDOWS\system32\DRIVERS\mouclass.sys
12:26:55.0531 3188 Mouclass - ok
12:26:55.0546 3188 [ BB269EBA740737AB749B214D568B6812 ] mouhid H:\WINDOWS\system32\DRIVERS\mouhid.sys
12:26:55.0546 3188 mouhid - ok
12:26:55.0546 3188 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr H:\WINDOWS\system32\drivers\MountMgr.sys
12:26:55.0546 3188 MountMgr - ok
12:26:55.0546 3188 mraid35x - ok
12:26:55.0562 3188 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV H:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:26:55.0562 3188 MRxDAV - ok
12:26:55.0593 3188 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb H:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:26:55.0609 3188 MRxSmb - ok
12:26:55.0609 3188 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC H:\WINDOWS\system32\msdtc.exe
12:26:55.0609 3188 MSDTC - ok
12:26:55.0640 3188 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs H:\WINDOWS\system32\drivers\Msfs.sys
12:26:55.0640 3188 Msfs - ok
12:26:55.0640 3188 MSIServer - ok
12:26:55.0656 3188 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV H:\WINDOWS\system32\drivers\MSKSSRV.sys
12:26:55.0656 3188 MSKSSRV - ok
12:26:55.0671 3188 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK H:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:26:55.0671 3188 MSPCLOCK - ok
12:26:55.0671 3188 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM H:\WINDOWS\system32\drivers\MSPQM.sys
12:26:55.0671 3188 MSPQM - ok
12:26:55.0703 3188 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios H:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:26:55.0703 3188 mssmbios - ok
12:26:55.0703 3188 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor H:\WINDOWS\system32\DRIVERS\ASACPI.sys
12:26:55.0703 3188 MTsensor - ok
12:26:55.0718 3188 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup H:\WINDOWS\system32\drivers\Mup.sys
12:26:55.0718 3188 Mup - ok
12:26:55.0734 3188 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent H:\WINDOWS\System32\qagentrt.dll
12:26:55.0734 3188 napagent - ok
12:26:55.0750 3188 [ 1DF7F42665C94B825322FAE71721130D ] NDIS H:\WINDOWS\system32\drivers\NDIS.sys
12:26:55.0750 3188 NDIS - ok
12:26:55.0781 3188 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi H:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:26:55.0781 3188 NdisTapi - ok
12:26:55.0781 3188 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio H:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:26:55.0781 3188 Ndisuio - ok
12:26:55.0796 3188 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan H:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:26:55.0796 3188 NdisWan - ok
12:26:55.0812 3188 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy H:\WINDOWS\system32\drivers\NDProxy.sys
12:26:55.0812 3188 NDProxy - ok
12:26:55.0875 3188 [ 2AAE889742376EDC5C3203DFB74F28FD ] Nero BackItUp Scheduler 3 H:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
12:26:55.0890 3188 Nero BackItUp Scheduler 3 - ok
12:26:55.0890 3188 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS H:\WINDOWS\system32\DRIVERS\netbios.sys
12:26:55.0890 3188 NetBIOS - ok
12:26:55.0890 3188 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT H:\WINDOWS\system32\DRIVERS\netbt.sys
12:26:55.0906 3188 NetBT - ok
12:26:55.0906 3188 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE H:\WINDOWS\system32\netdde.exe
12:26:55.0906 3188 NetDDE - ok
12:26:55.0906 3188 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm H:\WINDOWS\system32\netdde.exe
12:26:55.0906 3188 NetDDEdsdm - ok
12:26:55.0921 3188 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon H:\WINDOWS\system32\lsass.exe
12:26:55.0921 3188 Netlogon - ok
12:26:55.0937 3188 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman H:\WINDOWS\System32\netman.dll
12:26:55.0937 3188 Netman - ok
12:26:55.0953 3188 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:26:55.0968 3188 NetTcpPortSharing - ok
12:26:55.0984 3188 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla H:\WINDOWS\System32\mswsock.dll
12:26:56.0000 3188 Nla - ok
12:26:56.0031 3188 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService H:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
12:26:56.0031 3188 NMIndexingService - ok
12:26:56.0046 3188 [ 241C985DE3AB9F73568FE3B181DC70F4 ] NmPar H:\WINDOWS\system32\DRIVERS\NmPar.sys
12:26:56.0046 3188 NmPar - ok
12:26:56.0046 3188 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs H:\WINDOWS\system32\drivers\Npfs.sys
12:26:56.0046 3188 Npfs - ok
12:26:56.0062 3188 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs H:\WINDOWS\system32\drivers\Ntfs.sys
12:26:56.0062 3188 Ntfs - ok
12:26:56.0078 3188 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp H:\WINDOWS\system32\lsass.exe
12:26:56.0078 3188 NtLmSsp - ok
12:26:56.0093 3188 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc H:\WINDOWS\system32\ntmssvc.dll
12:26:56.0093 3188 NtmsSvc - ok
12:26:56.0109 3188 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null H:\WINDOWS\system32\drivers\Null.sys
12:26:56.0109 3188 Null - ok
12:26:56.0125 3188 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt H:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:26:56.0125 3188 NwlnkFlt - ok
12:26:56.0140 3188 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd H:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:26:56.0140 3188 NwlnkFwd - ok
12:26:56.0171 3188 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:26:56.0187 3188 odserv - ok
12:26:56.0187 3188 [ 5A432A042DAE460ABE7199B758E8606C ] ose H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:26:56.0203 3188 ose - ok
12:26:56.0203 3188 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport H:\WINDOWS\system32\drivers\Parport.sys
12:26:56.0203 3188 Parport - ok
12:26:56.0218 3188 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr H:\WINDOWS\system32\drivers\PartMgr.sys
12:26:56.0218 3188 PartMgr - ok
12:26:56.0234 3188 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm H:\WINDOWS\system32\drivers\ParVdm.sys
12:26:56.0234 3188 ParVdm - ok
12:26:56.0250 3188 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd H:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
12:26:56.0250 3188 pccsmcfd - ok
12:26:56.0250 3188 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI H:\WINDOWS\system32\DRIVERS\pci.sys
12:26:56.0250 3188 PCI - ok
12:26:56.0265 3188 PCIDump - ok
12:26:56.0265 3188 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde H:\WINDOWS\system32\DRIVERS\pciide.sys
12:26:56.0265 3188 PCIIde - ok
12:26:56.0281 3188 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia H:\WINDOWS\system32\drivers\Pcmcia.sys
12:26:56.0281 3188 Pcmcia - ok
12:26:56.0281 3188 PDCOMP - ok
12:26:56.0281 3188 PDFRAME - ok
12:26:56.0296 3188 PDRELI - ok
12:26:56.0296 3188 PDRFRAME - ok
12:26:56.0296 3188 perc2 - ok
12:26:56.0312 3188 perc2hib - ok
12:26:56.0343 3188 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service H:\WINDOWS\system32\IoctlSvc.exe
12:26:56.0343 3188 PLFlash DeviceIoControl Service - ok
12:26:56.0359 3188 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay H:\WINDOWS\system32\services.exe
12:26:56.0359 3188 PlugPlay - ok
12:26:56.0359 3188 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent H:\WINDOWS\system32\lsass.exe
12:26:56.0359 3188 PolicyAgent - ok
12:26:56.0375 3188 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport H:\WINDOWS\system32\DRIVERS\raspptp.sys
12:26:56.0375 3188 PptpMiniport - ok
12:26:56.0375 3188 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor H:\WINDOWS\system32\DRIVERS\processr.sys
12:26:56.0375 3188 Processor - ok
12:26:56.0390 3188 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage H:\WINDOWS\system32\lsass.exe
12:26:56.0390 3188 ProtectedStorage - ok
12:26:56.0390 3188 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched H:\WINDOWS\system32\DRIVERS\psched.sys
12:26:56.0390 3188 PSched - ok
12:26:56.0390 3188 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink H:\WINDOWS\system32\DRIVERS\ptilink.sys
12:26:56.0406 3188 Ptilink - ok
12:26:56.0406 3188 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 H:\WINDOWS\system32\Drivers\PxHelp20.sys
12:26:56.0406 3188 PxHelp20 - ok
12:26:56.0406 3188 ql1080 - ok
12:26:56.0421 3188 Ql10wnt - ok
12:26:56.0421 3188 ql12160 - ok
12:26:56.0421 3188 ql1240 - ok
12:26:56.0437 3188 ql1280 - ok
12:26:56.0437 3188 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd H:\WINDOWS\system32\DRIVERS\rasacd.sys
12:26:56.0437 3188 RasAcd - ok
12:26:56.0453 3188 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto H:\WINDOWS\System32\rasauto.dll
12:26:56.0453 3188 RasAuto - ok
12:26:56.0468 3188 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp H:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:26:56.0468 3188 Rasl2tp - ok
12:26:56.0484 3188 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan H:\WINDOWS\System32\rasmans.dll
12:26:56.0484 3188 RasMan - ok
12:26:56.0484 3188 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe H:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:26:56.0484 3188 RasPppoe - ok
12:26:56.0500 3188 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti H:\WINDOWS\system32\DRIVERS\raspti.sys
12:26:56.0500 3188 Raspti - ok
12:26:56.0500 3188 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss H:\WINDOWS\system32\DRIVERS\rdbss.sys
12:26:56.0515 3188 Rdbss - ok
12:26:56.0515 3188 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD H:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:26:56.0515 3188 RDPCDD - ok
12:26:56.0546 3188 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD H:\WINDOWS\system32\drivers\RDPWD.sys
12:26:56.0562 3188 RDPWD - ok
12:26:56.0578 3188 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr H:\WINDOWS\system32\sessmgr.exe
12:26:56.0593 3188 RDSessMgr - ok
12:26:56.0593 3188 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook H:\WINDOWS\system32\DRIVERS\redbook.sys
12:26:56.0593 3188 redbook - ok
12:26:56.0609 3188 [ 127C26B5371651043450E52542099ABA ] RemoteAccess H:\WINDOWS\System32\mprdim.dll
12:26:56.0609 3188 RemoteAccess - ok
12:26:56.0625 3188 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator H:\WINDOWS\system32\locator.exe
12:26:56.0625 3188 RpcLocator - ok
12:26:56.0656 3188 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs H:\WINDOWS\system32\rpcss.dll
12:26:56.0671 3188 RpcSs - ok
12:26:56.0687 3188 [ F1ED9FFA59C369E72BC53A7631346F61 ] RSUSBSTOR H:\WINDOWS\system32\Drivers\RtsUStor.sys
12:26:56.0703 3188 RSUSBSTOR - ok
12:26:56.0718 3188 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP H:\WINDOWS\system32\rsvp.exe
12:26:56.0718 3188 RSVP - ok
12:26:56.0828 3188 [ B916D4C11EB16F6F5B91360E78DADFF7 ] RTHDMIAzAudService H:\WINDOWS\system32\drivers\RtKHDMI.sys
12:26:56.0890 3188 RTHDMIAzAudService - ok
12:26:56.0890 3188 [ ED0A176354487CEED65B80A7148AB739 ] SamSs H:\WINDOWS\system32\lsass.exe
12:26:56.0890 3188 SamSs - ok
12:26:56.0906 3188 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr H:\WINDOWS\System32\SCardSvr.exe
12:26:56.0906 3188 SCardSvr - ok
12:26:56.0921 3188 [ 3FF232A7731621B8902D81D42418C93C ] Schedule H:\WINDOWS\system32\schedsvc.dll
12:26:56.0921 3188 Schedule - ok
12:26:56.0921 3188 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv H:\WINDOWS\system32\DRIVERS\secdrv.sys
12:26:56.0937 3188 Secdrv - ok
12:26:56.0937 3188 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon H:\WINDOWS\System32\seclogon.dll
12:26:56.0937 3188 seclogon - ok
12:26:56.0953 3188 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS H:\WINDOWS\system32\sens.dll
12:26:56.0953 3188 SENS - ok
12:26:56.0968 3188 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum H:\WINDOWS\system32\DRIVERS\serenum.sys
12:26:56.0968 3188 serenum - ok
12:26:56.0968 3188 [ B842729337C9B921615C40D3C1A1AF96 ] Serial H:\WINDOWS\system32\DRIVERS\serial.sys
12:26:56.0968 3188 Serial - ok
12:26:57.0078 3188 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer H:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:26:57.0078 3188 ServiceLayer - ok
12:26:57.0125 3188 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy H:\WINDOWS\system32\drivers\Sfloppy.sys
12:26:57.0125 3188 Sfloppy - ok
12:26:57.0140 3188 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess H:\WINDOWS\System32\ipnathlp.dll
12:26:57.0140 3188 SharedAccess - ok
12:26:57.0156 3188 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection H:\WINDOWS\System32\shsvcs.dll
12:26:57.0156 3188 ShellHWDetection - ok
12:26:57.0156 3188 Simbad - ok
12:26:57.0171 3188 Sparrow - ok
12:26:57.0203 3188 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter H:\WINDOWS\system32\drivers\splitter.sys
12:26:57.0203 3188 splitter - ok
12:26:57.0218 3188 [ 60784F891563FB1B767F70117FC2428F ] Spooler H:\WINDOWS\system32\spoolsv.exe
12:26:57.0218 3188 Spooler - ok
12:26:57.0218 3188 [ 94610C8653635E4459316A0050D55CE7 ] sr H:\WINDOWS\system32\DRIVERS\sr.sys
12:26:57.0218 3188 sr - ok
12:26:57.0234 3188 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice H:\WINDOWS\system32\srsvc.dll
12:26:57.0234 3188 srservice - ok
12:26:57.0250 3188 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv H:\WINDOWS\system32\DRIVERS\srv.sys
12:26:57.0250 3188 Srv - ok
12:26:57.0265 3188 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV H:\WINDOWS\System32\ssdpsrv.dll
12:26:57.0265 3188 SSDPSRV - ok
12:26:57.0281 3188 [ 1B4052F016BA5E087689ABA536A0A927 ] ssudmdm H:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:26:57.0281 3188 ssudmdm - ok
12:26:57.0296 3188 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc H:\WINDOWS\system32\wiaservc.dll
12:26:57.0296 3188 stisvc - ok
12:26:57.0312 3188 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum H:\WINDOWS\system32\DRIVERS\swenum.sys
12:26:57.0312 3188 swenum - ok
12:26:57.0312 3188 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi H:\WINDOWS\system32\drivers\swmidi.sys
12:26:57.0312 3188 swmidi - ok
12:26:57.0312 3188 SwPrv - ok
12:26:57.0328 3188 symc810 - ok
12:26:57.0328 3188 symc8xx - ok
12:26:57.0343 3188 sym_hi - ok
12:26:57.0343 3188 sym_u3 - ok
12:26:57.0359 3188 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio H:\WINDOWS\system32\drivers\sysaudio.sys
12:26:57.0359 3188 sysaudio - ok
12:26:57.0359 3188 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog H:\WINDOWS\system32\smlogsvc.exe
12:26:57.0359 3188 SysmonLog - ok
12:26:57.0375 3188 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv H:\WINDOWS\System32\tapisrv.dll
12:26:57.0375 3188 TapiSrv - ok
12:26:57.0406 3188 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip H:\WINDOWS\system32\DRIVERS\tcpip.sys
12:26:57.0406 3188 Tcpip - ok
12:26:57.0421 3188 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE H:\WINDOWS\system32\drivers\TDPIPE.sys
12:26:57.0421 3188 TDPIPE - ok
12:26:57.0437 3188 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP H:\WINDOWS\system32\drivers\TDTCP.sys
12:26:57.0437 3188 TDTCP - ok
12:26:57.0437 3188 [ 88155247177638048422893737429D9E ] TermDD H:\WINDOWS\system32\DRIVERS\termdd.sys
12:26:57.0437 3188 TermDD - ok
12:26:57.0468 3188 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService H:\WINDOWS\System32\termsrv.dll
12:26:57.0468 3188 TermService - ok
12:26:57.0484 3188 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes H:\WINDOWS\System32\shsvcs.dll
12:26:57.0484 3188 Themes - ok
12:26:57.0500 3188 TosIde - ok
12:26:57.0515 3188 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks H:\WINDOWS\system32\trkwks.dll
12:26:57.0515 3188 TrkWks - ok
12:26:57.0546 3188 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs H:\WINDOWS\system32\drivers\Udfs.sys
12:26:57.0546 3188 Udfs - ok
12:26:57.0546 3188 ultra - ok
12:26:57.0562 3188 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update H:\WINDOWS\system32\DRIVERS\update.sys
12:26:57.0578 3188 Update - ok
12:26:57.0578 3188 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost H:\WINDOWS\System32\upnphost.dll
12:26:57.0593 3188 upnphost - ok
12:26:57.0593 3188 [ 20A0F6A11959E92908717D09E87D670D ] UPS H:\WINDOWS\System32\ups.exe
12:26:57.0593 3188 UPS - ok
12:26:57.0609 3188 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp H:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:26:57.0609 3188 usbccgp - ok
12:26:57.0625 3188 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci H:\WINDOWS\system32\DRIVERS\usbehci.sys
12:26:57.0625 3188 usbehci - ok
12:26:57.0625 3188 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub H:\WINDOWS\system32\DRIVERS\usbhub.sys
12:26:57.0625 3188 usbhub - ok
12:26:57.0656 3188 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci H:\WINDOWS\system32\DRIVERS\usbohci.sys
12:26:57.0656 3188 usbohci - ok
12:26:57.0703 3188 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser H:\WINDOWS\system32\drivers\usbser.sys
12:26:57.0703 3188 usbser - ok
12:26:57.0703 3188 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:26:57.0703 3188 usbstor - ok
12:26:57.0718 3188 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave H:\WINDOWS\System32\drivers\vga.sys
12:26:57.0718 3188 VgaSave - ok
12:26:57.0750 3188 [ AC3D98797520265B333DC54C327AA390 ] VIAHdAudAddService H:\WINDOWS\system32\drivers\viahduaa.sys
12:26:57.0765 3188 VIAHdAudAddService - ok
12:26:57.0781 3188 ViaIde - ok
12:26:57.0781 3188 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap H:\WINDOWS\system32\drivers\VolSnap.sys
12:26:57.0796 3188 VolSnap - ok
12:26:57.0796 3188 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS H:\WINDOWS\System32\vssvc.exe
12:26:57.0812 3188 VSS - ok
12:26:57.0828 3188 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time H:\WINDOWS\system32\w32time.dll
12:26:57.0828 3188 W32Time - ok
12:26:57.0843 3188 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp H:\WINDOWS\system32\DRIVERS\wanarp.sys
12:26:57.0843 3188 Wanarp - ok
12:26:57.0875 3188 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 H:\WINDOWS\system32\Drivers\wdf01000.sys
12:26:57.0875 3188 Wdf01000 - ok
12:26:57.0890 3188 WDICA - ok
12:26:57.0890 3188 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud H:\WINDOWS\system32\drivers\wdmaud.sys
12:26:57.0906 3188 wdmaud - ok
12:26:57.0921 3188 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient H:\WINDOWS\System32\webclnt.dll
12:26:57.0921 3188 WebClient - ok
12:26:57.0953 3188 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt H:\WINDOWS\system32\wbem\WMIsvc.dll
12:26:57.0953 3188 winmgmt - ok
12:26:57.0984 3188 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM H:\WINDOWS\system32\WsmSvc.dll
12:26:58.0000 3188 WinRM - ok
12:26:58.0031 3188 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN H:\WINDOWS\system32\MsPMSNSv.dll
12:26:58.0031 3188 WmdmPmSN - ok
12:26:58.0046 3188 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi H:\WINDOWS\system32\DRIVERS\wmiacpi.sys
12:26:58.0046 3188 WmiAcpi - ok
12:26:58.0046 3188 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv H:\WINDOWS\system32\wbem\wmiapsrv.exe
12:26:58.0046 3188 WmiApSrv - ok
12:26:58.0093 3188 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc H:\Program Files\Windows Media Player\WMPNetwk.exe
12:26:58.0093 3188 WMPNetworkSvc - ok
12:26:58.0109 3188 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb H:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:26:58.0125 3188 WpdUsb - ok
12:26:58.0140 3188 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:26:58.0156 3188 WPFFontCache_v0400 - ok
12:26:58.0203 3188 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc H:\WINDOWS\system32\wscsvc.dll
12:26:58.0203 3188 wscsvc - ok
12:26:58.0203 3188 [ C1364564800EE9784192145324A23308 ] wuauserv H:\WINDOWS\system32\wuauserv.dll
12:26:58.0218 3188 wuauserv - ok
12:26:58.0234 3188 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf H:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:26:58.0250 3188 WudfPf - ok
12:26:58.0296 3188 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd H:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:26:58.0328 3188 WudfRd - ok
12:26:58.0375 3188 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc H:\WINDOWS\System32\WUDFSvc.dll
12:26:58.0375 3188 WudfSvc - ok
12:26:58.0406 3188 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC H:\WINDOWS\System32\wzcsvc.dll
12:26:58.0406 3188 WZCSVC - ok
12:26:58.0437 3188 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov H:\WINDOWS\System32\xmlprov.dll
12:26:58.0437 3188 xmlprov - ok
12:26:58.0437 3188 ================ Scan global ===============================
12:26:58.0453 3188 [ F36278E42C8C5DF03CE17DAC8231C91C ] H:\WINDOWS\system32\basesrv.dll
12:26:58.0468 3188 [ F3FA14A297BC687D0B51289D034033C9 ] H:\WINDOWS\system32\winsrv.dll
12:26:58.0484 3188 [ F3FA14A297BC687D0B51289D034033C9 ] H:\WINDOWS\system32\winsrv.dll
12:26:58.0500 3188 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] H:\WINDOWS\system32\services.exe
12:26:58.0515 3188 [Global] - ok
12:26:58.0515 3188 ================ Scan MBR ==================================
12:26:58.0515 3188 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
12:26:58.0656 3188 \Device\Harddisk0\DR0 - ok
12:26:58.0671 3188 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:26:58.0671 3188 \Device\Harddisk1\DR1 - ok
12:26:58.0671 3188 ================ Scan VBR ==================================
12:26:58.0671 3188 [ FB6AA128D5EE438E7CABD724079EF88A ] \Device\Harddisk0\DR0\Partition1
12:26:58.0671 3188 \Device\Harddisk0\DR0\Partition1 - ok
12:26:58.0687 3188 [ D0942F472E77A273A71AE14680857B18 ] \Device\Harddisk1\DR1\Partition1
12:26:58.0687 3188 \Device\Harddisk1\DR1\Partition1 - ok
12:26:58.0687 3188 ============================================================
12:26:58.0687 3188 Scan finished
12:26:58.0687 3188 ============================================================
12:26:58.0703 1812 Detected object count: 0
12:26:58.0703 1812 Actual detected object count: 0

ComboFix 12-10-26.05 - Jirka&Sarka 28.10.2012 12:40:47.1.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2553 [GMT 1:00]
Spuštěný z: h:\documents and settings\Jirka&Sarka\Plocha\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\program files\Downloaded Installers
h:\program files\Downloaded Installers\{DD350F3A-3620-4185-A5E2-88A6437C8415}\setup.msi
h:\windows\system32\_000013_.tmp.dll
h:\windows\system32\SETFA.tmp
h:\windows\system32\SETFB.tmp
h:\windows\system32\SETFC.tmp
h:\windows\system32\SETFD.tmp
h:\windows\system32\SETFE.tmp
h:\windows\system32\TZLog.log
h:\windows\system32\URTTemp
h:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-28 do 2012-10-28 )))))))))))))))))))))))))))))))
.
.
2012-10-27 20:31 . 2012-10-27 20:32 -------- d-----w- H:\Instalace
2012-10-27 19:47 . 2012-10-27 19:47 -------- d-----w- h:\program files\Common Files\PCSuite
2012-10-27 19:47 . 2012-10-27 19:47 -------- d-----w- h:\program files\Common Files\Nokia
2012-10-27 19:46 . 2012-06-11 09:33 19072 ----a-w- h:\windows\system32\drivers\pccsmcfd.sys
2012-10-27 19:46 . 2012-10-27 19:46 -------- d-----w- h:\program files\PC Connectivity Solution
2012-10-27 10:58 . 2012-10-27 19:57 -------- d-----w- h:\program files\Common Files\PC Tools
2012-10-27 10:57 . 2012-10-27 19:58 -------- d---a-w- h:\documents and settings\All Users\Data aplikací\TEMP
2012-10-26 22:29 . 2012-10-26 22:29 -------- d-----w- h:\program files\CCleaner
2012-10-25 08:30 . 2012-10-25 08:30 -------- d-----w- h:\windows\system32\sda
2012-10-25 08:30 . 2000-01-01 00:00 9112168 ----a-w- h:\windows\system32\RtsUStoricon.dll
2012-10-25 08:30 . 2000-01-01 00:00 313960 ----a-w- h:\windows\system32\RtsUStor.dll
2012-10-25 08:30 . 2000-01-01 00:00 193640 ----a-w- h:\windows\system32\drivers\RtsUStor.sys
2012-10-25 08:15 . 2000-01-01 00:00 60008 ----a-w- h:\windows\system32\RHCoInstXP.dll
2012-10-25 08:15 . 2000-01-01 00:00 4125352 ----a-w- h:\windows\system32\drivers\RtKHDMI.sys
2012-10-25 08:15 . 2000-01-01 00:00 1493608 ----a-w- h:\windows\RtaUpd.exe
2012-10-25 08:08 . 2012-10-25 08:08 -------- d-----w- h:\program files\SlimDrivers
2012-10-25 08:04 . 2012-10-25 08:04 -------- d-----w- h:\documents and settings\All Users\Data aplikací\SuperOvladac
2012-10-23 21:20 . 2012-10-23 21:20 -------- d-----w- h:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2012-10-22 06:14 . 2012-10-23 20:46 -------- d-----w- h:\program files\MKV Player
2012-10-21 23:16 . 2012-10-21 23:16 -------- d-----w- h:\windows\system32\searchplugins
2012-10-21 23:16 . 2012-10-21 23:16 -------- d-----w- h:\windows\system32\Extensions
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 06:12 . 2012-07-12 22:20 73656 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 06:12 . 2012-07-12 22:20 696760 ----a-w- h:\windows\system32\FlashPlayerApp.exe
2012-09-29 17:54 . 2012-06-03 07:34 22856 ----a-w- h:\windows\system32\drivers\mbam.sys
2012-09-04 17:06 . 2012-09-04 17:06 93672 ----a-w- h:\windows\system32\WindowsAccessBridge.dll
2012-09-04 17:06 . 2012-09-04 17:06 821736 ----a-w- h:\windows\system32\npDeployJava1.dll
2012-09-04 17:06 . 2012-09-04 17:06 143872 ----a-w- h:\windows\system32\javacpl.cpl
2012-09-04 17:06 . 2012-09-04 17:06 746984 ----a-w- h:\windows\system32\deployJava1.dll
2012-08-28 15:18 . 2008-04-14 12:00 916992 ----a-w- h:\windows\system32\wininet.dll
2012-08-28 15:18 . 2008-04-14 12:00 43520 ------w- h:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2008-04-14 12:00 1469440 ------w- h:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-04-14 12:00 385024 ------w- h:\windows\system32\html.iec
2012-08-24 13:53 . 2008-04-14 12:00 177664 ----a-w- h:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2008-04-14 12:00 2150912 ----a-w- h:\windows\system32\ntoskrnl.exe
2012-08-23 06:27 . 2008-04-14 08:06 2029568 ----a-w- h:\windows\system32\ntkrnlpa.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . h:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . h:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . h:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . h:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . h:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . h:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . h:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . h:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . h:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 12:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . h:\windows\system32\comres.dll
[-] 2008-04-14 12:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . h:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . h:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . h:\windows\system32\dllcache\qmgr.dll
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . h:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . h:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . h:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\imm32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . h:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . h:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . h:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . h:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . h:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . h:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . h:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . h:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . h:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . h:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . h:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . h:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . h:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . h:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . h:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . h:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . h:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . h:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\regedit.exe
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . h:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . h:\windows\system32\dllcache\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . h:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . h:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ctfmon.exe
.
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . h:\windows\system32\msimg32.dll
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\msimg32.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . h:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . h:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . h:\windows\system32\MSCTFIME.IME
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\msctfime.ime
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . h:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . h:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . h:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . h:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . h:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . h:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . h:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . h:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . h:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . h:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ip6fw.sys
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . h:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . h:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . h:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . h:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . h:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . h:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . h:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . h:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . h:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . h:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . h:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . h:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . h:\windows\system32\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . h:\windows\system32\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . h:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\rasadhlp.dll
.
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . h:\windows\system32\wshtcpip.dll
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\wshtcpip.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="h:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-15 61440]
"GrooveMonitor"="h:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"egui"="h:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
"Six Engine"="h:\program files\ASUS\EPU\EPU.exe" [2009-01-20 4067840]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="h:\program files\Messenger\msmsgs.exe" /background
"SlimDrivers"="h:\program files\SlimDrivers\SlimDrivers.exe" -boot
"SpybotSD TeaTimer"=h:\program files\Spybot - Search & Destroy\TeaTimer.exe
"PC Suite Tray"="h:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="h:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"Google Update"="h:\documents and settings\Jirka&Sarka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="h:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="h:\program files\Common Files\Java\Java Update\jusched.exe"
"HDAudDeck"=h:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"UserFaultCheck"=%systemroot%\system32\dumprep 0 -u
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 ehdrv;ehdrv;h:\windows\system32\drivers\ehdrv.sys [14.3.2012 7:40 120152]
R2 ekrn;ESET Service;h:\program files\ESET\ESET Smart Security\ekrn.exe [7.3.2012 14:40 913144]
R2 MBAMService;MBAMService;h:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3.6.2012 8:34 676936]
R3 MBAMProtector;MBAMProtector;h:\windows\system32\drivers\mbam.sys [3.6.2012 8:34 22856]
R3 NmPar;PCI Parallel Port;h:\windows\system32\drivers\NmPar.sys [24.12.2008 4:40 80256]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;h:\windows\system32\drivers\RtsUStor.sys [25.10.2012 9:30 193640]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;h:\windows\system32\drivers\viahduaa.sys [2.6.2012 22:18 1086208]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);h:\windows\system32\drivers\ssudbus.sys [18.10.2011 1:43 78136]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);h:\windows\system32\drivers\ssudmdm.sys [18.10.2011 1:43 181432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3.6.2012 8:23 250808]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 69639197
*Deregistered* - 69639197
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-28 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 06:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - h:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - h:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
ShellExecuteHooks-{DAE0285D-0788-4E87-985E-01DF2EDE4ACD} - h:\windows\system32\Wshxt.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-28 12:47
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@h:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="h:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(944)
h:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-10-28 12:50:18
ComboFix-quarantined-files.txt 2012-10-28 11:50
.
Před spuštěním: Volných bajtů: 289 097 576 448
Po spuštění: Volných bajtů: 290 363 023 360
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 26FB1A0BFB5DF09A8C71789994E6A3E9

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
h:\program files\Spybot - Search & Destroy

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
"KernelFaultCheck"=-
"UserFaultCheck"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

ComboFix 12-10-30.03 - Jirka&Sarka 31.10.2012 0:48.2.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2609 [GMT 1:00]
Spuštěný z: h:\documents and settings\Jirka&Sarka\Plocha\ComboFix.exe
Použité ovládací přepínače :: h:\documents and settings\Jirka&Sarka\Plocha\CFScript.txt
AV: ESET Smart Security 5.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\program files\Spybot - Search & Destroy
h:\program files\Spybot - Search & Destroy\advcheck.dll
h:\program files\Spybot - Search & Destroy\aports.dll
h:\program files\Spybot - Search & Destroy\blindman.exe
h:\program files\Spybot - Search & Destroy\Default configuration.ini
h:\program files\Spybot - Search & Destroy\DelZip179.dll
h:\program files\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
h:\program files\Spybot - Search & Destroy\Dummies\dummy.dap.gif
h:\program files\Spybot - Search & Destroy\Dummies\dummy.data.xml
h:\program files\Spybot - Search & Destroy\Dummies\dummy.default.gif
h:\program files\Spybot - Search & Destroy\Dummies\dummy.related.htm
h:\program files\Spybot - Search & Destroy\Help\Brasil.license.txt
h:\program files\Spybot - Search & Destroy\Help\Cesky.license.txt
h:\program files\Spybot - Search & Destroy\Help\Cesky.Resident.chm
h:\program files\Spybot - Search & Destroy\Help\Deutsch.license.txt
h:\program files\Spybot - Search & Destroy\Help\English.chm
h:\program files\Spybot - Search & Destroy\Help\English.license.txt
h:\program files\Spybot - Search & Destroy\Help\Espanol.license.txt
h:\program files\Spybot - Search & Destroy\Help\Francais.license.txt
h:\program files\Spybot - Search & Destroy\Help\Hellenic.license.txt
h:\program files\Spybot - Search & Destroy\Help\Italiano.license.txt
h:\program files\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
h:\program files\Spybot - Search & Destroy\Help\Japanese.license.txt
h:\program files\Spybot - Search & Destroy\Help\Korean.license.txt
h:\program files\Spybot - Search & Destroy\Help\Nederlands.license.txt
h:\program files\Spybot - Search & Destroy\Help\Polski.license.txt
h:\program files\Spybot - Search & Destroy\Help\Russkiy.license.txt
h:\program files\Spybot - Search & Destroy\Help\Slovensky.license.txt
h:\program files\Spybot - Search & Destroy\Help\Srpski.license.txt
h:\program files\Spybot - Search & Destroy\Help\Suomi.license.txt
h:\program files\Spybot - Search & Destroy\Includes\Adware.sbi
h:\program files\Spybot - Search & Destroy\Includes\AdwareC.sbi
h:\program files\Spybot - Search & Destroy\Includes\Browserpages.sbs
h:\program files\Spybot - Search & Destroy\Includes\CLSIDs.sbs
h:\program files\Spybot - Search & Destroy\Includes\Cookies.sbi
h:\program files\Spybot - Search & Destroy\Includes\Cookies.sbs
h:\program files\Spybot - Search & Destroy\Includes\Dialer.sbi
h:\program files\Spybot - Search & Destroy\Includes\Dialer.sbs
h:\program files\Spybot - Search & Destroy\Includes\DialerC.sbi
h:\program files\Spybot - Search & Destroy\Includes\Domains.sbs
h:\program files\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
h:\program files\Spybot - Search & Destroy\Includes\Hijackers.sbi
h:\program files\Spybot - Search & Destroy\Includes\HijackersC.sbi
h:\program files\Spybot - Search & Destroy\Includes\iPhone.sbi
h:\program files\Spybot - Search & Destroy\Includes\Keyloggers.sbi
h:\program files\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
h:\program files\Spybot - Search & Destroy\Includes\Logs.uts
h:\program files\Spybot - Search & Destroy\Includes\LSP.sbi
h:\program files\Spybot - Search & Destroy\Includes\LSP.sbs
h:\program files\Spybot - Search & Destroy\Includes\Malware.sbi
h:\program files\Spybot - Search & Destroy\Includes\MalwareC.sbi
h:\program files\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
h:\program files\Spybot - Search & Destroy\Includes\ProcWatch.sbs
h:\program files\Spybot - Search & Destroy\Includes\PUPS.sbi
h:\program files\Spybot - Search & Destroy\Includes\PUPSC.sbi
h:\program files\Spybot - Search & Destroy\Includes\RegWatch.sbs
h:\program files\Spybot - Search & Destroy\Includes\RegXLinks.sbs
h:\program files\Spybot - Search & Destroy\Includes\Revision.sbi
h:\program files\Spybot - Search & Destroy\Includes\Revision.sbs
h:\program files\Spybot - Search & Destroy\Includes\Searchpages.sbs
h:\program files\Spybot - Search & Destroy\Includes\Security.sbi
h:\program files\Spybot - Search & Destroy\Includes\SecurityC.sbi
h:\program files\Spybot - Search & Destroy\Includes\Services.sbs
h:\program files\Spybot - Search & Destroy\Includes\Spybots.sbi
h:\program files\Spybot - Search & Destroy\Includes\SpybotsC.sbi
h:\program files\Spybot - Search & Destroy\Includes\Spyware.sbi
h:\program files\Spybot - Search & Destroy\Includes\SpywareC.sbi
h:\program files\Spybot - Search & Destroy\Includes\Startup.tnfo
h:\program files\Spybot - Search & Destroy\Includes\Targets.nfo
h:\program files\Spybot - Search & Destroy\Includes\Tracks.uti
h:\program files\Spybot - Search & Destroy\Includes\Trojans.sbi
h:\program files\Spybot - Search & Destroy\Includes\TrojansC-02.sbi
h:\program files\Spybot - Search & Destroy\Includes\TrojansC-03.sbi
h:\program files\Spybot - Search & Destroy\Includes\TrojansC-04.sbi
h:\program files\Spybot - Search & Destroy\Includes\TrojansC-05.sbi
h:\program files\Spybot - Search & Destroy\Includes\TrojansC.sbi
h:\program files\Spybot - Search & Destroy\Includes\TTLASSH.sbs
h:\program files\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
h:\program files\Spybot - Search & Destroy\Includes\X509White.sbs
h:\program files\Spybot - Search & Destroy\Languages\Afrikaans.sbl
h:\program files\Spybot - Search & Destroy\Languages\Arabic.sbl
h:\program files\Spybot - Search & Destroy\Languages\Azeri.sbl
h:\program files\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
h:\program files\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
h:\program files\Spybot - Search & Destroy\Languages\Bosanski.sbl
h:\program files\Spybot - Search & Destroy\Languages\Brasil.sbl
h:\program files\Spybot - Search & Destroy\Languages\Bulgarski.sbl
h:\program files\Spybot - Search & Destroy\Languages\Catalan.sbl
h:\program files\Spybot - Search & Destroy\Languages\Cesky.sbl
h:\program files\Spybot - Search & Destroy\Languages\Dansk.sbl
h:\program files\Spybot - Search & Destroy\Languages\Deutsch.sbl
h:\program files\Spybot - Search & Destroy\Languages\Eesti.sbl
h:\program files\Spybot - Search & Destroy\Languages\English.sbl
h:\program files\Spybot - Search & Destroy\Languages\Espanol.sbl
h:\program files\Spybot - Search & Destroy\Languages\Esperanto.sbl
h:\program files\Spybot - Search & Destroy\Languages\Euskera.sbl
h:\program files\Spybot - Search & Destroy\Languages\Farsi.sbl
h:\program files\Spybot - Search & Destroy\Languages\Francais.sbl
h:\program files\Spybot - Search & Destroy\Languages\Furlan.sbl
h:\program files\Spybot - Search & Destroy\Languages\Galego.sbl
h:\program files\Spybot - Search & Destroy\Languages\Hebrew.sbl
h:\program files\Spybot - Search & Destroy\Languages\Hellenic.sbl
h:\program files\Spybot - Search & Destroy\Languages\Hindi.sbl
h:\program files\Spybot - Search & Destroy\Languages\Hrvatski.sbl
h:\program files\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl
h:\program files\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl
h:\program files\Spybot - Search & Destroy\Languages\Islenska.sbl
h:\program files\Spybot - Search & Destroy\Languages\Italiano.sbl
h:\program files\Spybot - Search & Destroy\Languages\Japanese.sbl
h:\program files\Spybot - Search & Destroy\Languages\Korean.sbl
h:\program files\Spybot - Search & Destroy\Languages\Latvian.sbl
h:\program files\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl
h:\program files\Spybot - Search & Destroy\Languages\Lietuviu.sbl
h:\program files\Spybot - Search & Destroy\Languages\Magyar.sbl
h:\program files\Spybot - Search & Destroy\Languages\Makedonski.sbl
h:\program files\Spybot - Search & Destroy\Languages\Melayu.sbl
h:\program files\Spybot - Search & Destroy\Languages\Nederlands.sbl
h:\program files\Spybot - Search & Destroy\Languages\Norsk.sbl
h:\program files\Spybot - Search & Destroy\Languages\Polski.sbl
h:\program files\Spybot - Search & Destroy\Languages\Portugues.sbl
h:\program files\Spybot - Search & Destroy\Languages\Romaneste.sbl
h:\program files\Spybot - Search & Destroy\Languages\Russkiy.sbl
h:\program files\Spybot - Search & Destroy\Languages\Shqip.sbl
h:\program files\Spybot - Search & Destroy\Languages\Slovenscina.sbl
h:\program files\Spybot - Search & Destroy\Languages\Slovensky.sbl
h:\program files\Spybot - Search & Destroy\Languages\Srpski.sbl
h:\program files\Spybot - Search & Destroy\Languages\Suomi.sbl
h:\program files\Spybot - Search & Destroy\Languages\Svenska.sbl
h:\program files\Spybot - Search & Destroy\Languages\Thai.sbl
h:\program files\Spybot - Search & Destroy\Languages\Turkce.sbl
h:\program files\Spybot - Search & Destroy\Languages\Ukrainian.sbl
h:\program files\Spybot - Search & Destroy\Languages\Uzbek.sbl
h:\program files\Spybot - Search & Destroy\LMFMNVLYSTXOQHXQC.scr
h:\program files\Spybot - Search & Destroy\messages.zres
h:\program files\Spybot - Search & Destroy\OptOut.ini
h:\program files\Spybot - Search & Destroy\Plugins\Fennel.dll
h:\program files\Spybot - Search & Destroy\Plugins\Chai.dll
h:\program files\Spybot - Search & Destroy\Plugins\Mate.dll
h:\program files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
h:\program files\Spybot - Search & Destroy\SDFiles.exe
h:\program files\Spybot - Search & Destroy\SDHelper.dll
h:\program files\Spybot - Search & Destroy\SDMain.exe
h:\program files\Spybot - Search & Destroy\SDShred.exe
h:\program files\Spybot - Search & Destroy\SDUpdate.exe
h:\program files\Spybot - Search & Destroy\Skins\Colorblind.ini
h:\program files\Spybot - Search & Destroy\Skins\Italia.ini
h:\program files\Spybot - Search & Destroy\Skins\Italia.jpg
h:\program files\Spybot - Search & Destroy\Skins\Peace.ini
h:\program files\Spybot - Search & Destroy\Skins\Peace.jpg
h:\program files\Spybot - Search & Destroy\SpybotSD.exe
h:\program files\Spybot - Search & Destroy\sqlite3.dll
h:\program files\Spybot - Search & Destroy\TeaTimer.exe
h:\program files\Spybot - Search & Destroy\Tools.dll
h:\program files\Spybot - Search & Destroy\unins000.dat
h:\program files\Spybot - Search & Destroy\unins000.exe
h:\program files\Spybot - Search & Destroy\unins000.msg
h:\program files\Spybot - Search & Destroy\UninsSrv.dll
h:\program files\Spybot - Search & Destroy\Update.exe
h:\program files\Spybot - Search & Destroy\Updates\advcheck165.exe
h:\program files\Spybot - Search & Destroy\Updates\advcheck165.zip
h:\program files\Spybot - Search & Destroy\Updates\clsid.zip
h:\program files\Spybot - Search & Destroy\Updates\desc.english.zip
h:\program files\Spybot - Search & Destroy\Updates\downloaded.ini
h:\program files\Spybot - Search & Destroy\Updates\help.cesky.zip
h:\program files\Spybot - Search & Destroy\Updates\helpres.cesky.zip
h:\program files\Spybot - Search & Destroy\Updates\lang.cesky.zip
h:\program files\Spybot - Search & Destroy\Updates\online.ini
h:\program files\Spybot - Search & Destroy\Updates\online.ini.uiz
h:\program files\Spybot - Search & Destroy\Updates\startup.zip
h:\program files\Spybot - Search & Destroy\Updates\teatimer166.exe
h:\program files\Spybot - Search & Destroy\Updates\teatimer166.zip
h:\program files\Spybot - Search & Destroy\VYWCKLYWKIMTRLNHKP.scr
h:\program files\Spybot - Search & Destroy\WUVCWPXHURMEPTZ.scr
h:\program files\Spybot - Search & Destroy\YFXRDULOSJ.scr
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-28 do 2012-10-31 )))))))))))))))))))))))))))))))
.
.
2012-10-27 20:31 . 2012-10-27 20:32 -------- d-----w- H:\Instalace
2012-10-27 19:47 . 2012-10-27 19:47 -------- d-----w- h:\program files\Common Files\PCSuite
2012-10-27 19:47 . 2012-10-27 19:47 -------- d-----w- h:\program files\Common Files\Nokia
2012-10-27 19:46 . 2012-06-11 09:33 19072 ----a-w- h:\windows\system32\drivers\pccsmcfd.sys
2012-10-27 19:46 . 2012-10-27 19:46 -------- d-----w- h:\program files\PC Connectivity Solution
2012-10-27 10:58 . 2012-10-27 19:57 -------- d-----w- h:\program files\Common Files\PC Tools
2012-10-27 10:57 . 2012-10-27 19:58 -------- d---a-w- h:\documents and settings\All Users\Data aplikací\TEMP
2012-10-26 22:29 . 2012-10-26 22:29 -------- d-----w- h:\program files\CCleaner
2012-10-25 08:30 . 2012-10-25 08:30 -------- d-----w- h:\windows\system32\sda
2012-10-25 08:30 . 2000-01-01 00:00 9112168 ----a-w- h:\windows\system32\RtsUStoricon.dll
2012-10-25 08:30 . 2000-01-01 00:00 313960 ----a-w- h:\windows\system32\RtsUStor.dll
2012-10-25 08:30 . 2000-01-01 00:00 193640 ----a-w- h:\windows\system32\drivers\RtsUStor.sys
2012-10-25 08:15 . 2000-01-01 00:00 60008 ----a-w- h:\windows\system32\RHCoInstXP.dll
2012-10-25 08:15 . 2000-01-01 00:00 4125352 ----a-w- h:\windows\system32\drivers\RtKHDMI.sys
2012-10-25 08:15 . 2000-01-01 00:00 1493608 ----a-w- h:\windows\RtaUpd.exe
2012-10-25 08:08 . 2012-10-25 08:08 -------- d-----w- h:\program files\SlimDrivers
2012-10-25 08:04 . 2012-10-25 08:04 -------- d-----w- h:\documents and settings\All Users\Data aplikací\SuperOvladac
2012-10-23 21:20 . 2012-10-23 21:20 -------- d-----w- h:\documents and settings\All Users\Data aplikací\YTD Video Downloader
2012-10-22 06:14 . 2012-10-23 20:46 -------- d-----w- h:\program files\MKV Player
2012-10-21 23:16 . 2012-10-21 23:16 -------- d-----w- h:\windows\system32\searchplugins
2012-10-21 23:16 . 2012-10-21 23:16 -------- d-----w- h:\windows\system32\Extensions
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-22 06:12 . 2012-07-12 22:20 73656 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 06:12 . 2012-07-12 22:20 696760 ----a-w- h:\windows\system32\FlashPlayerApp.exe
2012-09-29 17:54 . 2012-06-03 07:34 22856 ----a-w- h:\windows\system32\drivers\mbam.sys
2012-09-04 17:06 . 2012-09-04 17:06 93672 ----a-w- h:\windows\system32\WindowsAccessBridge.dll
2012-09-04 17:06 . 2012-09-04 17:06 821736 ----a-w- h:\windows\system32\npDeployJava1.dll
2012-09-04 17:06 . 2012-09-04 17:06 143872 ----a-w- h:\windows\system32\javacpl.cpl
2012-09-04 17:06 . 2012-09-04 17:06 746984 ----a-w- h:\windows\system32\deployJava1.dll
2012-08-28 15:18 . 2008-04-14 12:00 916992 ----a-w- h:\windows\system32\wininet.dll
2012-08-28 15:18 . 2008-04-14 12:00 43520 ------w- h:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2008-04-14 12:00 1469440 ------w- h:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-04-14 12:00 385024 ------w- h:\windows\system32\html.iec
2012-08-24 13:53 . 2008-04-14 12:00 177664 ----a-w- h:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2008-04-14 12:00 2150912 ----a-w- h:\windows\system32\ntoskrnl.exe
2012-08-23 06:27 . 2008-04-14 08:06 2029568 ----a-w- h:\windows\system32\ntkrnlpa.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . h:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . h:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . h:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . h:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . h:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . h:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . h:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . h:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . h:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 12:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . h:\windows\system32\comres.dll
[-] 2008-04-14 12:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . h:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . h:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . h:\windows\system32\dllcache\qmgr.dll
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . h:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\winlogon.exe
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . h:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . h:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\imm32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . h:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . h:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . h:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . h:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . h:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . h:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . h:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . h:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . h:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . h:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . h:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . h:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . h:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . h:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . h:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . h:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . h:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . h:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\regedit.exe
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . h:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . h:\windows\system32\dllcache\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . h:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . h:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ctfmon.exe
.
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . h:\windows\system32\msimg32.dll
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\msimg32.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . h:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . h:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . h:\windows\system32\MSCTFIME.IME
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\msctfime.ime
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . h:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . h:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ipsec.sys
[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . h:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . h:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . h:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . h:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . h:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . h:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . h:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . h:\windows\system32\drivers\aec.sys
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . h:\windows\system32\drivers\ip6fw.sys
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . h:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . h:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . h:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . h:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . h:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . h:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . h:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . h:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . h:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . h:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . h:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . h:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\version.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . h:\windows\system32\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . h:\windows\system32\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . h:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\rasadhlp.dll
.
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . h:\windows\system32\wshtcpip.dll
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . h:\windows\system32\dllcache\wshtcpip.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="h:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-01-15 61440]
"GrooveMonitor"="h:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"egui"="h:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
"Six Engine"="h:\program files\ASUS\EPU\EPU.exe" [2009-01-20 4067840]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="h:\program files\Messenger\msmsgs.exe" /background
"SlimDrivers"="h:\program files\SlimDrivers\SlimDrivers.exe" -boot
"PC Suite Tray"="h:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="h:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"Google Update"="h:\documents and settings\Jirka&Sarka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HDAudDeck"=h:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 ehdrv;ehdrv;h:\windows\system32\drivers\ehdrv.sys [14.3.2012 7:40 120152]
R2 ekrn;ESET Service;h:\program files\ESET\ESET Smart Security\ekrn.exe [7.3.2012 14:40 913144]
R3 NmPar;PCI Parallel Port;h:\windows\system32\drivers\NmPar.sys [24.12.2008 4:40 80256]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;h:\windows\system32\drivers\RtsUStor.sys [25.10.2012 9:30 193640]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;h:\windows\system32\drivers\viahduaa.sys [2.6.2012 22:18 1086208]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);h:\windows\system32\drivers\ssudbus.sys [18.10.2011 1:43 78136]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);h:\windows\system32\drivers\ssudmdm.sys [18.10.2011 1:43 181432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3.6.2012 8:23 250808]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-30 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 06:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - h:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - h:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 - h:\program files\Spybot - Search & Destroy\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-31 01:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(952)
h:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(656)
h:\windows\system32\webcheck.dll
h:\windows\system32\WPDShServiceObj.dll
h:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
h:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
h:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
h:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
h:\windows\system32\PortableDeviceTypes.dll
h:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\windows\system32\Ati2evxx.exe
h:\windows\system32\Ati2evxx.exe
h:\program files\Java\jre7\bin\jqs.exe
h:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
h:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
h:\windows\system32\IoctlSvc.exe
h:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
h:\\?\h:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-10-31 01:04:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-31 00:04
ComboFix2.txt 2012-10-28 11:50
.
Před spuštěním: Volných bajtů: 289 666 629 632
Po spuštění: Volných bajtů: 290 377 613 312
.
- - End Of File - - 69A322049198C18DD8BA59668CA11DB0

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

+ HJT

Jak se chová PC?

PC-HELP.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu