Kontrola logu

[SpawN]

poprosil by som skontrolovat log procesor sa mi vytazuje nad 80% seka pc a viry v pc nemam ...Spyware Terminator a Avira Premium Security Suite mam takze no* problem len stym procesorom

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:22:37, on 21.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Avira\Avira Premium Security Suite\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.EXE
D:\Games\Moje\Uzitocne programi\Pc programi\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SpeedItUpEX] C:\Program Files\Speeditup Free\SpeedItUp.exe -MINI
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevziať cez IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Prevziať cez IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Prevziať obsah FLV cez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9690478014
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7549 bytes

[Reklama]

[jaro3]

Vítej na fóru PC-HELP!

Odinstaluj:
Ask Toolbar

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[SpawN]

kontrolu som urobil ale pc sa chova rovnako...procesor vytazeny na 94 % dnes mi to islo len nad 70% ..nevim v com bude chyba ci v ovladacoch ci v com

Malwarebytes' Anti-Malware 1.31
Verzia databázy: 1528
Windows 5.1.2600 Service Pack 3

21.12.2008 23:34:33
mbam-log-2008-12-21 (23-34-33).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 48957
Uplynutý cas: 8 minute(s), 39 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

[jaro3]

Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....
A koukni se do procesů , co Ti tak vytěžuje systém.

[SpawN]

no tak
1. Ja som instaloval system na novo lebo som cosi dovrzgal cez Partion Magic. Predtym mi pc ani neseklo a teraz seka na kazdom nechapem. Vtedy som mal ulozeny disk na D teraz je na C..Menil som grafiku.Vsetko seka procesor ide nad 80% z nicoho a predtym som mal vsetko co mam teraz a hovorim ani neseklo.
2. SDFix: Version 1.240
Run by Miroslav Majkut on po 22.12.2008 at 10:32

Microsoft Windows XP [Verzia 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-22 10:39:28
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:17,76,fa,4b,ff,5c,a3,ad,b6,d7,29,0c,e6,5c,17,9e,ad,26,a1,c5,a0,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:24,73,a4,cb,70,08,a4,2b,74,3a,5b,e9,6b,a8,3f,e3,a7,77,61,21,a3,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,c2,81,a1,19,fe,b4,60,c7,fe,9e,ae,d9,e2,fd,3f,f4,74,..
"khjeh"=hex:a5,b4,10,fa,b0,df,11,c2,68,dc,41,0e,d8,ab,41,0c,42,de,48,83,56,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,ba,a3,41,7d,dc,07,f1,61,be,c0,1c,2c,29,f4,2d,a2,12,e6,4b,d5,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:17,76,fa,4b,ff,5c,a3,ad,b6,d7,29,0c,e6,5c,17,9e,ad,26,a1,c5,a0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:24,73,a4,cb,70,08,a4,2b,74,3a,5b,e9,6b,a8,3f,e3,a7,77,61,21,a3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,c2,81,a1,19,fe,b4,60,c7,fe,9e,ae,d9,e2,fd,3f,f4,74,..
"khjeh"=hex:a5,b4,10,fa,b0,df,11,c2,68,dc,41,0e,d8,ab,41,0c,42,de,48,83,56,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:b0,40,60,8c,c6,bf,7a,16,10,48,8c,06,28,7b,c3,42,e3,a1,ea,9b,db,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:17,76,fa,4b,ff,5c,a3,ad,b6,d7,29,0c,e6,5c,17,9e,ad,26,a1,c5,a0,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000001
"khjeh"=hex:24,73,a4,cb,70,08,a4,2b,74,3a,5b,e9,6b,a8,3f,e3,a7,77,61,21,a3,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,c2,81,a1,19,fe,b4,60,c7,fe,9e,ae,d9,e2,fd,3f,f4,74,..
"khjeh"=hex:a5,b4,10,fa,b0,df,11,c2,68,dc,41,0e,d8,ab,41,0c,42,de,48,83,56,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,ba,a3,41,7d,dc,07,f1,61,be,c0,1c,2c,29,f4,2d,a2,12,e6,4b,d5,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ Library"
"D:\\Games\\CS 1.6 NS FFForce.eu\\hl.exe"="D:\\Games\\CS 1.6 NS FFForce.eu\\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :



Files with Hidden Attributes :

Fri 19 Dec 2008 0 A.SH. --- "C:\Documents and Settings\Miroslav Majkut\Desktop\SIV1B.tmp"
Thu 15 Feb 2007 308,832 A..H. --- "C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe"
Mon 19 Dec 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator EX 1.0\uinstrsc.dll"
Sat 13 Dec 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Finished!

3. vsetko mi zostalo disky atd.

4.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:43:20, on 22.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIMP2\AIMP2.exe
D:\Games\Moje\Uzitocne programi\Pc programi\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevziať cez IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Prevziať cez IDM všetky prepojenia - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Prevziať obsah FLV cez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9690478014
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7892 bytes

5.Neviem cim to bude ze mi vsetko seka a tak ovladace som vsetky nainstaloval takze neviem v com je chyba a procesor ide stale nad 80%. Procesy svchost.exe vytazuje system na 80 000 K a explorer.exe na 50 000 K.
6. Dakujem vopred za vyriesenie problemu.

[jaro3]

Zdá se vše O.K.Neškodilo by podívat se na teploty a napětí.Taky otestovat HDD utilitou od výrobce RAM Memtestem..
Takže poslední možnost.
Vypni rez.ochranu u Aviry a štít u SpywareTerminátoru.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[SpawN]

No a keby som odznova nainstaloval vsetky ovladace? Mozna ze som niekede urobil chybu a nenainstaloval sa spravne a preto to dela co dela..

ComboFix 08-12-21.04 - Miroslav Majkut 2008-12-22 11:29:55.2 - NTFSx86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1033.18.511.241 [GMT 1:00]
Running from: c:\documents and settings\Miroslav Majkut\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Miroslav Majkut\Application Data\BITS
c:\documents and settings\Miroslav Majkut\Application Data\BITS\BITS.ini
c:\documents and settings\Miroslav Majkut\Application Data\BITS\DHTTable.dat
c:\documents and settings\Miroslav Majkut\Application Data\BITS\ProxyList.ini
c:\documents and settings\Miroslav Majkut\Application Data\BITS\UPnP.ini

.
((((((((((((((((((((((((( Files Created from 2008-11-22 to 2008-12-22 )))))))))))))))))))))))))))))))
.

2008-12-22 11:26 . 2008-12-22 11:26 <DIR> d-------- c:\program files\7-Zip
2008-12-22 10:31 . 2008-12-22 10:31 <DIR> d-------- c:\windows\ERUNT
2008-12-22 10:16 . 2008-12-22 10:41 <DIR> d-------- C:\SDFix
2008-12-21 23:28 . 2008-12-21 23:28 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-21 23:28 . 2008-12-21 23:28 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-12-21 23:27 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2008-12-21 23:24 . 2008-12-21 23:24 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\Malwarebytes
2008-12-21 23:23 . 2008-12-21 23:24 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-21 23:23 . 2008-12-21 23:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-21 23:23 . 2008-12-03 19:59 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-21 23:23 . 2008-12-03 19:59 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-21 20:13 . 2008-12-21 21:12 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-12-21 20:13 . 2008-12-21 21:12 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\SUPERAntiSpyware.com
2008-12-21 20:13 . 2008-12-21 20:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-21 13:07 . 2008-12-21 13:07 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\PC Suite
2008-12-21 13:06 . 2008-12-21 13:07 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\Nokia
2008-12-21 13:06 . 2008-12-21 13:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Suite
2008-12-21 13:04 . 2008-12-21 13:04 <DIR> d-------- c:\program files\Common Files\PCSuite
2008-12-21 13:04 . 2008-12-21 13:04 <DIR> d-------- c:\program files\Common Files\Nokia
2008-12-21 13:03 . 2008-12-21 13:03 <DIR> d-------- c:\program files\DIFX
2008-12-21 13:03 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2008-12-21 13:02 . 2008-12-21 13:06 <DIR> d----c--- c:\windows\system32\DRVSTORE
2008-12-21 13:02 . 2008-12-21 13:02 <DIR> d-------- c:\program files\PC Connectivity Solution
2008-12-21 13:02 . 2008-12-21 13:04 <DIR> d-------- c:\program files\Nokia
2008-12-21 13:02 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2008-12-21 13:02 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2008-12-21 13:02 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2008-12-21 13:00 . 2008-12-21 13:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Installations
2008-12-21 11:36 . 2008-12-21 11:36 568 --a------ c:\windows\eReg.dat
2008-12-21 00:57 . 2008-12-21 01:10 <DIR> d-------- c:\program files\Crawler
2008-12-21 00:46 . 2008-12-22 08:47 <DIR> d-------- c:\program files\Spyware Terminator
2008-12-21 00:46 . 2008-12-22 11:00 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\Spyware Terminator
2008-12-21 00:46 . 2008-12-22 11:00 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spyware Terminator
2008-12-21 00:46 . 2008-12-21 00:46 141,312 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys
2008-12-21 00:07 . 2008-12-21 18:40 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\Premium Security Suite
2008-12-21 00:00 . 2008-12-21 00:00 <DIR> d-------- c:\program files\Avira
2008-12-21 00:00 . 2007-08-30 13:12 67,752 --a------ c:\windows\system32\drivers\avfwot.sys
2008-12-21 00:00 . 2007-08-30 13:12 61,096 --a------ c:\windows\system32\drivers\avfwim.sys
2008-12-20 23:33 . 2008-04-14 01:12 116,224 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-20 23:33 . 2001-08-17 22:37 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe
2008-12-20 23:33 . 2001-08-17 22:37 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe
2008-12-20 23:33 . 2001-08-17 22:36 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-20 23:33 . 2008-04-14 01:12 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll
2008-12-20 23:33 . 2001-08-17 22:37 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe
2008-12-20 23:32 . 2004-08-03 22:31 154,624 --a--c--- c:\windows\system32\dllcache\wlluc48.sys
2008-12-20 23:32 . 2001-08-17 12:12 34,890 --a--c--- c:\windows\system32\dllcache\wlandrv2.sys
2008-12-20 23:32 . 2004-08-03 22:29 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys
2008-12-20 23:32 . 2008-04-13 19:46 19,200 --a--c--- c:\windows\system32\dllcache\wstcodec.sys
2008-12-20 23:32 . 2001-08-17 12:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys
2008-12-20 23:32 . 2004-08-03 22:29 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys
2008-12-20 23:32 . 2008-04-13 19:36 8,832 --a--c--- c:\windows\system32\dllcache\wmiacpi.sys
2008-12-20 23:32 . 2008-04-14 01:12 8,192 --a--c--- c:\windows\system32\dllcache\wshirda.dll
2008-12-20 23:30 . 2001-08-17 13:28 794,654 --a--c--- c:\windows\system32\dllcache\usr1801.sys
2008-12-20 23:29 . 2001-08-17 22:36 216,064 --a--c--- c:\windows\system32\dllcache\um34scan.dll
2008-12-20 23:28 . 2001-08-17 22:36 525,568 --a--c--- c:\windows\system32\dllcache\tridxp.dll
2008-12-20 23:27 . 2001-08-17 14:56 172,768 --a--c--- c:\windows\system32\dllcache\t2r4disp.dll
2008-12-20 23:26 . 2001-08-17 12:18 285,760 --a--c--- c:\windows\system32\dllcache\stlnata.sys
2008-12-20 23:25 . 2001-08-17 14:56 147,200 --a--c--- c:\windows\system32\dllcache\smidispb.dll
2008-12-20 23:24 . 2001-08-17 14:56 252,032 --a--c--- c:\windows\system32\dllcache\sis300iv.dll
2008-12-20 23:23 . 2001-08-17 22:36 386,560 --a--c--- c:\windows\system32\dllcache\sgiul50.dll
2008-12-20 23:22 . 2001-08-17 22:36 495,616 --a--c--- c:\windows\system32\dllcache\sblfx.dll
2008-12-20 23:21 . 2001-08-17 13:28 899,146 --a--c--- c:\windows\system32\dllcache\r2mdkxga.sys
2008-12-20 23:21 . 2001-08-17 13:28 714,762 --a--c--- c:\windows\system32\dllcache\r2mdmkxx.sys
2008-12-20 23:21 . 2001-08-17 22:36 86,097 --a--c--- c:\windows\system32\dllcache\reslog32.dll
2008-12-20 23:21 . 2008-04-13 19:40 79,104 --a--c--- c:\windows\system32\dllcache\rocket.sys
2008-12-20 23:21 . 2001-08-17 22:36 41,472 --a--c--- c:\windows\system32\dllcache\qvusd.dll
2008-12-20 23:21 . 2001-08-17 12:12 37,563 --a--c--- c:\windows\system32\dllcache\rlnet5.sys
2008-12-20 23:21 . 2001-08-17 12:19 30,720 --a--c--- c:\windows\system32\dllcache\rthwcls.sys
2008-12-20 23:21 . 2004-08-03 22:31 20,992 --a--c--- c:\windows\system32\dllcache\rtl8139.sys
2008-12-20 23:21 . 2001-08-17 13:51 19,584 --a--c--- c:\windows\system32\dllcache\rasirda.sys
2008-12-20 23:21 . 2001-08-17 12:12 19,017 --a--c--- c:\windows\system32\dllcache\rtl8029.sys
2008-12-20 23:21 . 2001-08-17 22:36 9,216 --a--c--- c:\windows\system32\dllcache\rsmgrstr.dll
2008-12-20 23:21 . 2001-08-17 12:19 3,840 --a--c--- c:\windows\system32\dllcache\rpfun.sys
2008-12-20 23:21 . 2001-08-17 13:53 3,328 --a--c--- c:\windows\system32\dllcache\qv2kux.sys
2008-12-20 23:19 . 2008-04-14 01:10 259,328 --a--c--- c:\windows\system32\dllcache\perm3dd.dll
2008-12-20 23:18 . 2001-08-17 14:05 351,616 --a--c--- c:\windows\system32\dllcache\ovcodek2.sys
2008-12-20 23:17 . 2001-08-17 12:50 198,144 --a--c--- c:\windows\system32\dllcache\nv3.sys
2008-12-20 23:17 . 2001-08-17 12:20 126,080 --a--c--- c:\windows\system32\dllcache\nm5a2wdm.sys
2008-12-20 23:17 . 2001-08-17 22:36 123,776 --a--c--- c:\windows\system32\dllcache\nv3.dll
2008-12-20 23:17 . 2001-08-17 12:20 87,040 --a--c--- c:\windows\system32\dllcache\nm6wdm.sys
2008-12-20 23:17 . 2008-04-13 19:46 61,696 --a--c--- c:\windows\system32\dllcache\ohci1394.sys
2008-12-20 23:17 . 2001-08-17 12:20 54,528 --a--c--- c:\windows\system32\dllcache\opl3sax.sys
2008-12-20 23:17 . 2001-08-17 12:49 51,552 --a--c--- c:\windows\system32\dllcache\ntgrip.sys
2008-12-20 23:17 . 2008-04-13 19:54 28,672 --a--c--- c:\windows\system32\dllcache\nscirda.sys
2008-12-20 23:17 . 2001-08-17 12:12 27,209 --a--c--- c:\windows\system32\dllcache\otc06x5.sys
2008-12-20 23:17 . 2001-08-17 13:53 7,552 --a--c--- c:\windows\system32\dllcache\nsmmc.sys
2008-12-20 23:17 . 2001-08-17 13:57 3,456 --a--c--- c:\windows\system32\dllcache\oprghdlr.sys
2008-12-20 23:15 . 2001-08-17 12:50 103,296 --a--c--- c:\windows\system32\dllcache\mtxvideo.sys
2008-12-20 23:15 . 2008-04-14 01:12 56,832 --a--c--- c:\windows\system32\dllcache\msdvbnp.ax
2008-12-20 23:15 . 2008-04-13 19:46 51,200 --a--c--- c:\windows\system32\dllcache\msdv.sys
2008-12-20 23:15 . 2008-04-13 19:46 49,024 --a--c--- c:\windows\system32\dllcache\mstape.sys
2008-12-20 23:15 . 2001-08-17 14:02 35,200 --a--c--- c:\windows\system32\dllcache\msgame.sys
2008-12-20 23:15 . 2008-04-13 19:54 22,016 --a--c--- c:\windows\system32\dllcache\msircomm.sys
2008-12-20 23:15 . 2001-08-17 13:50 21,888 --a--c--- c:\windows\system32\dllcache\mxcard.sys
2008-12-20 23:15 . 2001-08-17 13:49 19,968 --a--c--- c:\windows\system32\dllcache\mxnic.sys
2008-12-20 23:15 . 2001-08-17 22:36 19,968 --a--c--- c:\windows\system32\dllcache\mxicfg.dll
2008-12-20 23:15 . 2001-08-17 13:48 12,416 --a--c--- c:\windows\system32\dllcache\msriffwv.sys
2008-12-20 23:15 . 2001-08-17 13:48 6,016 --a--c--- c:\windows\system32\dllcache\msfsio.sys
2008-12-20 23:15 . 2008-04-13 19:39 5,504 --a--c--- c:\windows\system32\dllcache\mstee.sys
2008-12-20 23:15 . 2001-08-17 14:00 2,944 --a--c--- c:\windows\system32\dllcache\msmpu401.sys
2008-12-20 23:13 . 2001-08-17 13:28 802,683 --a--c--- c:\windows\system32\dllcache\ltsm.sys
2008-12-20 23:12 . 2008-04-14 01:12 151,552 --a--c--- c:\windows\system32\dllcache\irftp.exe
2008-12-20 23:11 . 2001-08-17 22:36 372,824 --a--c--- c:\windows\system32\dllcache\iconf32.dll
2008-12-20 23:10 . 2008-04-14 01:11 702,845 --a--c--- c:\windows\system32\dllcache\i81xdnt5.dll
2008-12-20 23:10 . 2001-08-17 14:56 353,184 --a--c--- c:\windows\system32\dllcache\i740dnt5.dll
2008-12-20 23:10 . 2004-08-03 22:29 161,020 --a--c--- c:\windows\system32\dllcache\i81xnt5.sys
2008-12-20 23:10 . 2001-08-17 12:49 58,592 --a--c--- c:\windows\system32\dllcache\i740nt5.sys
2008-12-20 23:10 . 2001-08-17 12:11 28,700 --a--c--- c:\windows\system32\dllcache\ibmexmp.sys
2008-12-20 23:10 . 2008-04-13 19:41 18,560 --a--c--- c:\windows\system32\dllcache\i2omp.sys
2008-12-20 23:10 . 2008-04-13 19:41 8,576 --a--c--- c:\windows\system32\dllcache\i2omgmt.sys
2008-12-20 23:08 . 2001-08-17 14:56 1,733,120 --a--c--- c:\windows\system32\dllcache\g400d.dll
2008-12-20 23:07 . 2001-08-17 14:56 470,144 --a--c--- c:\windows\system32\dllcache\g200d.dll
2008-12-20 23:06 . 2001-08-17 12:17 629,952 --a--c--- c:\windows\system32\dllcache\eqn.sys
2008-12-20 23:05 . 2001-08-17 12:14 952,007 --a--c--- c:\windows\system32\dllcache\diwan.sys
2008-12-20 23:04 . 2001-08-17 22:36 229,462 --a--c--- c:\windows\system32\dllcache\digifwrk.dll
2008-12-20 23:04 . 2001-08-17 22:36 159,828 --a--c--- c:\windows\system32\dllcache\digihlc.dll
2008-12-20 23:04 . 2001-08-17 22:36 131,156 --a--c--- c:\windows\system32\dllcache\digidbp.dll
2008-12-20 23:04 . 2001-08-17 22:36 110,621 --a--c--- c:\windows\system32\dllcache\digirlpt.dll
2008-12-20 23:04 . 2001-08-17 12:13 103,044 --a--c--- c:\windows\system32\dllcache\digidxb.sys
2008-12-20 23:04 . 2001-08-17 22:36 102,484 --a--c--- c:\windows\system32\dllcache\digiinf.dll
2008-12-20 23:04 . 2001-08-17 12:17 90,525 --a--c--- c:\windows\system32\dllcache\digifep5.sys
2008-12-20 23:04 . 2001-08-17 12:17 42,432 --a--c--- c:\windows\system32\dllcache\digirlpt.sys
2008-12-20 23:04 . 2001-08-17 22:36 41,046 --a--c--- c:\windows\system32\dllcache\digiisdn.dll
2008-12-20 23:04 . 2001-08-17 12:14 21,606 --a--c--- c:\windows\system32\dllcache\digiisdn.sys
2008-12-20 22:33 . 2008-12-20 22:33 <DIR> d-------- c:\documents and settings\Miroslav Majkut\Application Data\Auslogics

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-20 22:24 --------- d-----w c:\documents and settings\Miroslav Majkut\Application Data\ICQ
2008-12-12 23:52 --------- d-----w c:\program files\free-downloads.net
2008-12-12 23:52 --------- d-----w c:\program files\Conduit
2008-12-12 23:49 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-12-12 23:49 --------- d-----w c:\program files\Quantum GIS
2008-12-12 23:49 --------- d-----w c:\program files\PC Translator
2008-12-12 23:47 --------- d-----w c:\program files\QIP Infium
2008-12-12 23:46 --------- d-----w c:\program files\Alcohol Soft
2008-12-12 23:25 --------- d-----w c:\program files\Common Files\Canon
2008-12-12 23:13 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-12 23:13 --------- d-----w c:\program files\Realtek
2008-12-12 23:13 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-12 22:55 --------- d-----w c:\documents and settings\Miroslav Majkut\Application Data\TuneUp Software
2008-12-12 22:54 --------- d-----w c:\documents and settings\Miroslav Majkut\Application Data\Faktury Plus
2008-12-12 22:45 --------- d-----w c:\program files\microsoft frontpage
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:07 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-16 01:00 666,112 ----a-w c:\windows\system32\wininet.dll
2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-10-02 09:07 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2007-10-26 07:05 66,408 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-10-26 07:05 54,112 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-10-26 07:05 34,688 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2007-10-26 07:05 46,456 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2007-10-26 07:05 171,880 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-09-15 1784856]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-09-15 06:47 1784856 --a------ c:\program files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-09-15 1784856]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-09-15 1784856]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-12-17 2745776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-15 185896]
"avgnt"="c:\program files\Avira\Avira Premium Security Suite\avgnt.exe" [2007-08-31 249896]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-12-21 1783808]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2008-12-17 12:51 2745776 c:\program files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2008-10-07 13:33 1630208 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Games\\CS 1.6 NS FFForce.eu\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2008-12-21 67752]
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys [2008-12-21 141312]
R2 AntiVirFirewallService;Avira Premium Security Suite Firewall;"c:\program files\Avira\Avira Premium Security Suite\avfwsvc.exe" [2008-12-21 303144]
R2 AntiVirMailService;Avira Premium Security Suite MailGuard;"c:\program files\Avira\Avira Premium Security Suite\avmailc.exe" [2008-12-21 135208]
R2 AntiVirScheduler;Avira Premium Security Suite Scheduler;"c:\program files\Avira\Avira Premium Security Suite\sched.exe" [2008-12-21 63016]
R2 antivirwebservice;Avira Premium Security Suite WebGuard;"c:\program files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE" [2008-12-21 217128]
R2 AVEService;Avira Premium Security Suite MailGuard helper service;"c:\program files\Avira\Avira Premium Security Suite\avesvc.exe" [2008-12-21 12840]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2008-12-21 61096]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\DRIVERS\psched.sys [2006-02-28 69120]
S3 NtApm;NT Apm/Legacy Interface Driver;c:\windows\system32\DRIVERS\NtApm.sys [2008-12-13 9344]
S3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\DRIVERS\ULILAN51.SYS [2008-12-13 28672]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-12-19 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-28 13:49]
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)


.
------- Supplementary Scan -------
.
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=%s
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Prevziať cez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: avsda.dll
FF - ProfilePath - c:\documents and settings\Miroslav Majkut\Application Data\Mozilla\Firefox\Profiles\zb4w2vmx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
FF - component: c:\documents and settings\Miroslav Majkut\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

ATTENTION: FIREFOX POLICES IS IN FORCE
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.interval - 750000
FF - user.js: nglayout.initialpaint.delay - 750
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-22 11:31:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(972)
c:\windows\system32\avsda.dll
.
Completion time: 2008-12-22 11:32:41
ComboFix-quarantined-files.txt 2008-12-22 10:32:24

Pre-Run: 106 984 243 200 bytes free
Post-Run: 11 adresárov, 106,972,241,920 voľných bajtov

286 --- E O F --- 2008-12-22 07:59:45

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
C:\SDFix

File::
c:\windows\eReg.dat
c:\windows\system32\dllcache\xlog.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[SpawN]

Vaše zpráva obsahuje 63262 znaků. Maximální povolený počet znaků je 60000.


Dal sem ti to na free server a su tam 2 logy aj s COMBOFIX aj s HJT. Tu sa to nezmestilo sam vidis.

http://www.upnito.sk/download.php?dwTok ... c2af2e75c9

[jaro3]

Zase tam něco přibylo, instaloval jsi navíc ovladače atd.?
Stáhni si :Dr. Web CureIt

dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit, smazat, přesunout nebo přejmenovat.
Napiš , jestli něco našel.
A ještě:
Stáhni si SREng -klikni pravým na odkaz a vyber uložit cíl...
- rozbal na plochu a spusť ho
- "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, ulož log na plochu a cely obsah logu zkopiruj sem.

[SpawN]

Dr.WeB Curelt mi nejde...

SRend:

Kód: Vybrat vše


2008-12-22,20:58:32

System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Running Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File
    Process Privileges Scan
    Scheduled Tasks
    API HOOK
    Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <AlcoholAutomount><"C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount>  [(Verified)Alcohol Soft Code Signing Services]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Windows Component Publisher]
    <IDMan><C:\Program Files\Internet Download Manager\IDMan.exe /onboot>  [(Verified)Tonec Inc.]
    <DAEMON Tools Lite><"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun>  [(Verified)DAEMON Tools Code Signing Services]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)"RealNetworks, Inc."]
    <avgnt><"C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min>  [Avira GmbH]
    <SpywareTerminator><"C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe">  [Crawler.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><%systemroot%\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}]
    <Internet Explorer><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IDMan><; C:\Program Files\Internet Download Manager\IDMan.exe /onboot>  [(Verified)Tonec Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <nwiz><; nwiz.exe /install>  []

==================================
Startup Folders
N/A

==================================
Services
[Avira Premium Security Suite Firewall / AntiVirFirewallService][Running/Auto Start]
  <"C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe"><Avira GmbH>
[Avira Premium Security Suite MailGuard / AntiVirMailService][Running/Auto Start]
  <"C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe"><Avira GmbH>
[Avira Premium Security Suite Scheduler / AntiVirScheduler][Running/Auto Start]
  <"C:\Program Files\Avira\Avira Premium Security Suite\sched.exe"><Avira GmbH>
[Avira Premium Security Suite Guard / AntiVirService][Running/Auto Start]
  <"C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe"><Avira GmbH>
[Avira Premium Security Suite WebGuard / antivirwebservice][Running/Auto Start]
  <"C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE"><Avira GmbH>
[Application Management / AppMgmt][Stopped/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Avira Premium Security Suite MailGuard helper service / AVEService][Running/Auto Start]
  <"C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe"><Avira GmbH>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[NVIDIA Display Driver Service / NVSvc][Stopped/Disabled]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>
[Spyware Terminator Realtime Shield Service / sp_rssrv][Running/Auto Start]
  <"C:\Program Files\Spyware Terminator\sp_rsser.exe"><Crawler.com>
[StarWind AE Service / StarWindServiceAE][Running/Auto Start]
  <C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe><Rocket Division Software>
[TuneUp Drive Defrag Service / TuneUp.Defrag][Stopped/Manual Start]
  <C:\WINDOWS\System32\TuneUpDefragService.exe><TuneUp Software GmbH>

==================================
Drivers
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AvFw Packet Filter Miniport / avfwim][Running/Manual Start]
  <system32\DRIVERS\avfwim.sys><Avira GmbH>
[avfwot / avfwot][Running/System Start]
  <system32\DRIVERS\avfwot.sys><Avira GmbH>
[avgio / avgio][Running/System Start]
  <\??\C:\Program Files\Avira\Avira Premium Security Suite\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
  <\??\C:\Program Files\Avira\Avira Premium Security Suite\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
  <system32\DRIVERS\avipbb.sys><AVIRA GmbH>
[EIO / EIO][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\E:\INSTALL\GMSIPCI.SYS><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
  <system32\drivers\ccdcmb.sys><Nokia>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
  <system32\DRIVERS\pccsmcfd.sys><Nokia>
[Low level access layer for CD devices / Pcouffin][Running/Manual Start]
  <System32\Drivers\Pcouffin.sys><VSO Software>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Spyware Terminator Driver 2 / sp_rsdrv2][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys><>
[ssmdrv / ssmdrv][Running/System Start]
  <system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[ULi M526X Ethernet NT Driver / ULI5261XP][Running/Manual Start]
  <system32\DRIVERS\ULILAN51.SYS><ULi Electronics Inc.>

==================================
Browser Add-ons
[IDMIEHlprObj Class]
  {0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\Program Files\Internet Download Manager\IDMIECC.dll, (Signed) Tonec Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
  {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} <, >
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[Java(tm) Plug-In SSV Helper]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435b-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[free-downloads.net Toolbar]
  {ecdee021-0d17-467f-a1ff-c7a115230949} <C:\Program Files\free-downloads.net\tbfree.dll, (Signed) Conduit Ltd.>
[&Zdroje informácií]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[free-downloads.net Toolbar]
  {ecdee021-0d17-467f-a1ff-c7a115230949} <C:\Program Files\free-downloads.net\tbfree.dll, (Signed) Conduit Ltd.>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[NVIDIA Smart Scan]
  {74DBCB52-F298-4110-951D-AD2FF67BC8AB} <C:\WINDOWS\DOWNLO~1\NVIDIA~1.OCX, NVIDIA>
[Java Plug-in 1.6.0_11]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_11]
  {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_11]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_11.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[IDMIEHlprObj Class]
  {0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\Program Files\Internet Download Manager\IDMIECC.dll, (Signed) Tonec Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[]
  {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} <, >
[System Requirements Lab Class]
  {1E54D648-B804-468D-BC78-4AFFED8E262E} <C:\Program Files\SystemRequirementsLab\sysreqlab3.dll, (Signed) Husdawg, LLC>
[]
  {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <, >
[]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >
[RealPlayer Download and Record Plugin for Internet Explorer]
  {3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[Microsoft Terminal Services Client Control (redist)]
  {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Microsoft Terminal Services Client Control (redist)]
  {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[NVIDIA Smart Scan]
  {74DBCB52-F298-4110-951D-AD2FF67BC8AB} <C:\WINDOWS\DOWNLO~1\NVIDIA~1.OCX, NVIDIA>
[Microsoft Terminal Services Client Control (redist)]
  {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Java(tm) Plug-In SSV Helper]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
  {8736C681-37A0-40C6-A0F0-4C083409151C} <, >
[Microsoft Terminal Services Client Control (redist)]
  {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[]
  {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[Java(tm) Plug-In 2 SSV Helper]
  {DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[free-downloads.net Toolbar]
  {ECDEE021-0D17-467F-A1FF-C7A115230949} <C:\Program Files\free-downloads.net\tbfree.dll, (Signed) Conduit Ltd.>
[]
  {F156768E-81EF-470C-9057-481BA8380DBA} <, >
[]
  {F90D830D-C175-4bbe-82C7-FF94669A4C42} <, >
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[E&xportovať do programu Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[Prevziať cez IDM]
  <C:\Program Files\Internet Download Manager\IEExt.htm, N/A>
[Prevziať cez IDM všetky prepojenia]
  <C:\Program Files\Internet Download Manager\IEGetAll.htm, N/A>
[Prevziať obsah FLV cez IDM]
  <C:\Program Files\Internet Download Manager\IEGetVL.htm, N/A>

==================================
Running Processes
[PID: 844 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 892 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 916 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 960 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 972 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 1140 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1204 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 1392 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1504 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 1704 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1820 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    [C:\WINDOWS\system32\CNMLM8S.DLL]  [CANON INC., 2.10.2.10]
    [C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.1897.0]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD8S.DLL]  [CANON INC., 2.10.2.10]
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.1897.0]
[PID: 1940 / SYSTEM][C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe]  [Avira GmbH, 7.00.00.81]
    [C:\Program Files\Avira\Avira Premium Security Suite\avgio.dll]  [Avira GmbH, 7.00.00.01]
    [C:\Program Files\Avira\Avira Premium Security Suite\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
    [C:\Program Files\Avira\Avira Premium Security Suite\guardmsg.dll]  [Avira GmbH, 7.00.11.00]
    [C:\Program Files\Avira\Avira Premium Security Suite\sqlite3.dll]  [, 3, 3, 17, 1]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\AVPREF.DLL]  [Avira GmbH, 7.00.02.02]
    [C:\Program Files\Avira\Avira Premium Security Suite\SMTPLIB.DLL]  [Avira GmbH, 1.02.00.17]
    [C:\Program Files\Avira\Avira Premium Security Suite\AVPACK32.DLL]  [Avira GmbH, 7.03.00.15]
    [C:\Program Files\Avira\Avira Premium Security Suite\unacev2.dll]  [N/A, ]
    [C:\Program Files\Avira\Avira Premium Security Suite\AVEWIN32.DLL]  [Avira GmbH, 7.6.0.15]
    [C:\Program Files\Avira\Avira Premium Security Suite\avipc.dll]  [Avira GmbH, 1.00.00.04]
[PID: 744 / SYSTEM][C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe]  [Avira GmbH, 7.28.17.6]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
    [C:\Program Files\Avira\Avira Premium Security Suite\fwrc.dll]  [Avira GmbH, 1.00.0.03]
    [C:\Program Files\Avira\Avira Premium Security Suite\sqlite3.dll]  [, 3, 3, 17, 1]
[PID: 796 / Miroslav Majkut][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.0.5.4]
[PID: 896 / Miroslav Majkut][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.1.45]
[PID: 1388 / SYSTEM][C:\Program Files\Avira\Avira Premium Security Suite\sched.exe]  [Avira GmbH, 7.00.00.62]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\Avira Premium Security Suite\schedr.dll]  [Avira GmbH, 7.00.24.00]
    [C:\Program Files\Avira\Avira Premium Security Suite\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
    [C:\Program Files\Avira\Avira Premium Security Suite\sqlite3.dll]  [, 3, 3, 17, 1]
    [C:\Program Files\Avira\Avira Premium Security Suite\avipc.dll]  [Avira GmbH, 1.00.00.04]
[PID: 1536 / Miroslav Majkut][C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe]  [Avira GmbH, 7.02.00.13]
    [C:\Program Files\Avira\Avira Premium Security Suite\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\cclib.dll]  [Avira GmbH, 7.02.00.03]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [c:\program files\avira\avira premium security suite\ccgen.dll]  [Avira GmbH, 7.02.00.10]
    [c:\program files\avira\avira premium security suite\ccgenrc.dll]  [Avira GmbH, 7.02.04.02]
    [c:\program files\avira\avira premium security suite\ccguard.dll]  [Avira GmbH, 7.00.01.34]
    [c:\program files\avira\avira premium security suite\ccgrdrc.dll]  [Avira GmbH, 7.00.06.00]
    [C:\Program Files\Avira\Avira Premium Security Suite\avipc.dll]  [Avira GmbH, 1.00.00.04]
    [c:\program files\avira\avira premium security suite\ccupdate.dll]  [Avira GmbH, 7.02.00.04]
    [c:\program files\avira\avira premium security suite\ccupdrc.dll]  [Avira GmbH, 7.02.01.00]
    [c:\program files\avira\avira premium security suite\cclic.dll]  [Avira GmbH, 7.02.00.04]
    [c:\program files\avira\avira premium security suite\cclicrc.dll]  [Avira GmbH, 7.02.01.00]
    [c:\program files\avira\avira premium security suite\ccmsg.dll]  [Avira GmbH, 7.00.00.00]
    [c:\program files\avira\avira premium security suite\ccfw.dll]  [Avira GmbH, 7.02.07.00]
    [c:\program files\avira\avira premium security suite\ccfwitf.dll]  [Avira GmbH, 7.02.05.00]
    [c:\program files\avira\avira premium security suite\ccfwrc.dll]  [Avira GmbH, 7.02.05.00]
[PID: 1492 / Miroslav Majkut][C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe]  [Crawler.com, 2.3.0.313]
[PID: 1572 / Miroslav Majkut][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1612 / SYSTEM][C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe]  [Avira GmbH, 7.00.01.03]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\avesvc.dll]  [Avira GmbH, 7.00.01.10]
    [C:\Program Files\Avira\Avira Premium Security Suite\avesvcr.dll]  [Avira GmbH, 07.00.14.00]
    [C:\Program Files\Avira\Avira Premium Security Suite\avipc.dll]  [Avira GmbH, 1.00.00.04]
    [C:\Program Files\Avira\Avira Premium Security Suite\avpack32.dll]  [Avira GmbH, 7.03.00.15]
    [C:\Program Files\Avira\Avira Premium Security Suite\unacev2.dll]  [N/A, ]
    [C:\Program Files\Avira\Avira Premium Security Suite\AVEWIN32.DLL]  [Avira GmbH, 7.6.0.15]
[PID: 1700 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe]  [Sun Microsystems, Inc., 6.0.110.3]
    [C:\Program Files\Java\jre6\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 252 / SYSTEM][C:\Program Files\Spyware Terminator\sp_rsser.exe]  [Crawler.com, 2.3.0.322]
[PID: 464 / SYSTEM][C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe]  [Rocket Division Software, 3.2.3 Build 20070527]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 604 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 864 / SYSTEM][C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe]  [Avira GmbH, 7.00.01.65]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\avmailcr.dll]  [Avira GmbH, 7.01.16.00]
    [C:\Program Files\Avira\Avira Premium Security Suite\AVPREF.DLL]  [Avira GmbH, 7.00.02.02]
    [C:\Program Files\Avira\Avira Premium Security Suite\antispam.dll]  [Avira GmbH, 7.0.0.43]
    [C:\Program Files\Avira\Avira Premium Security Suite\cares.dll]  [Avira GmbH, 1, 4, 0, 0]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\Avira Premium Security Suite\libxml2.dll]  [N/A, ]
    [C:\Program Files\Avira\Avira Premium Security Suite\sqlite3.dll]  [, 3, 3, 17, 1]
    [C:\Program Files\Avira\Avira Premium Security Suite\pcre.dll]  [Avira GmbH, 7, 1, 0, 0]
    [C:\Program Files\Avira\Avira Premium Security Suite\avevtlog.dll]  [Avira GmbH, 7.00.00.20]
    [C:\Program Files\Avira\Avira Premium Security Suite\mgrs.dll]  [Avira GmbH, 7.01.99.00]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
    [C:\Program Files\Avira\Avira Premium Security Suite\avipc.dll]  [Avira GmbH, 1.00.00.04]
[PID: 1500 / SYSTEM][C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE]  [Avira GmbH, 7.01.00.11]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\avipc.dll]  [Avira GmbH, 1.00.00.04]
    [C:\Program Files\Avira\Avira Premium Security Suite\AVPREF.DLL]  [Avira GmbH, 7.00.02.02]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 2788 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[PID: 7076 / Miroslav Majkut][C:\Program Files\Avira\Avira Premium Security Suite\usrreq.exe]  [Avira GmbH, 7.02.05.00]
    [C:\Program Files\Avira\Avira Premium Security Suite\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\Avira Premium Security Suite\ccfwitf.dll]  [Avira GmbH, 7.02.05.00]
[PID: 2776 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    [C:\WINDOWS\System32\avsda.dll]  [Avira GmbH, 7.00.01.07]
    [c:\windows\system32\uxtuneup.dll]  [TuneUp Software GmbH, 2.0.0.9]
[PID: 11420 / Miroslav Majkut][C:\WINDOWS\explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    [C:\Program Files\Internet Explorer\mui\041b\browselc.dll]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.7824]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7824]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll]  [Nokia, 7, 1, 105, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL]  [Nokia, 7, 1, 151, 0]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr]  [Nokia, 7, 1, 66, 0]
    [C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr]  [Nokia, 7, 1, 21, 0]
    [C:\Program Files\Internet Explorer\mui\041b\shdoclc.dll]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\WinRAR\rarlng.dll]  [N/A, ]
    [C:\Program Files\7-Zip\7-zip.dll]  [Igor Pavlov, 4.57]
    [C:\Program Files\Spyware Terminator\sptcontmenu.dll]  [Crawler.com, 1.1.0.15]
    [C:\Program Files\Avira\Avira Premium Security Suite\shlext.dll]  [Avira GmbH, 7.00.00.10]
    [C:\Program Files\Avira\Avira Premium Security Suite\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\Avira Premium Security Suite\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll]  [Malwarebytes Corporation, 1, 1, 0, 0]
    [C:\Program Files\TuneUp Utilities 2008\SDShelEx-win32.dll]  [TuneUp Software GmbH, 2.0.0.4]
    [C:\Program Files\Internet Download Manager\IDMIECC.dll]  [Tonec Inc., 5, 15, 4, 0]
    [C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 6.0.0.2003051200]
    [C:\Program Files\Internet Download Manager\idmmkb.dll]  [Tonec Inc., 5, 15, 4, 0]
[PID: 11568 / Miroslav Majkut][C:\Program Files\Internet Download Manager\IDMan.exe]  [Tonec Inc., 5.15.4.0]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 4964 / Miroslav Majkut][C:\Program Files\Internet Download Manager\IEMonitor.exe]  [Tonec Inc., 5, 12, 8, 0]
    [C:\Program Files\Internet Download Manager\idmmkb.dll]  [Tonec Inc., 5, 15, 4, 0]
[PID: 10752 / Miroslav Majkut][C:\Program Files\QIP Infium\infium.exe]  [QIP, 9.0.2.0]
    [C:\Program Files\QIP Infium\Langs\English.dll]  [N/A, ]
    [C:\Program Files\QIP Infium\Skins\QIP\graph.dll]  [N/A, ]
    [C:\Program Files\QIP Infium\Protos\InfICQ\InfICQ.dll]  [, 11.2.0.5]
    [C:\Program Files\QIP Infium\Protos\InfICQ\pics.dll]  [N/A, ]
    [C:\Program Files\QIP Infium\Protos\Jabber\Jabber.dll]  [mmc, 0.1.1.11]
    [C:\Program Files\QIP Infium\Protos\MRA\MRA.dll]  [mmc, 0.1.0.9]
    [C:\Program Files\QIP Infium\Protos\XIMSS\XIMSS.dll]  [mmc, 0.1.4.1]
    [C:\Program Files\QIP Infium\Core\OPENSSLEAY32.DLL]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]
    [C:\Program Files\QIP Infium\Core\OPENLIBEAY32.dll]  [The OpenSSL Project, http://www.openssl.org/, 0.9.8e]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
[PID: 8912 / Miroslav Majkut][C:\Program Files\AIMP2\AIMP2.exe]  [AIMP DevTeam, 2.5.1.320]
    [C:\Program Files\AIMP2\AIMP2.dll]  [AIMP DevTeam, 2.5.1.320]
    [C:\Program Files\AIMP2\bass.dll]  [Un4seen Developments, 2.4.2]
    [C:\Program Files\AIMP2\system\bass_cda.dll]  [Un4seen Developments, 2.4.1]
    [C:\Program Files\AIMP2\system\bass_cda.dll]  [Un4seen Developments, 2.4.1]
    [C:\Program Files\AIMP2\system\bass_enc.dll]  [Un4seen Developments, 2.4]
    [C:\Program Files\AIMP2\system\bass_fx.dll]  [(: JOBnik! :) [Arthur Aminov, ISRAEL], 2.4]
    [C:\Program Files\AIMP2\system\bass_wma.dll]  [Un4seen Developments, 2.4.1]
    [C:\Program Files\AIMP2\system\aimp_mmk.dll]  [AIMP DevTeam, 1.2.0.0]
    [C:\Program Files\AIMP2\Plugins\aimp_library.dll]  [AIMP DevTeam, 2.5.1.320]
    [C:\Program Files\AIMP2\sqlite3.dll]  [N/A, ]
    [C:\Program Files\AIMP2\Plugins\bass_aac.dll]  [MaresWEB, 2.4.0.1]
    [C:\Program Files\AIMP2\Plugins\bass_ac3.dll]  [MaresWEB, 2.4.0.0]
    [C:\Program Files\AIMP2\Plugins\bass_ape.dll]  [MaresWEB, 2.4.0.1]
    [C:\Program Files\AIMP2\Plugins\bass_flac.dll]  [Un4seen Developments, 2.4]
    [C:\Program Files\AIMP2\Plugins\bass_mpc.dll]  [MaresWEB, 2.4.0.0]
    [C:\Program Files\AIMP2\Plugins\bass_spx.dll]  [MaresWEB, 2.4.0.0]
    [C:\Program Files\AIMP2\Plugins\bass_tta.dll]  [MaresWEB, 2.4.0.0]
    [C:\Program Files\AIMP2\Plugins\bass_wv.dll]  [Un4seen Developments, 2.4.1]
[PID: 10880 / Miroslav Majkut][C:\Program Files\Mozilla Firefox\firefox.exe]  [Mozilla Corporation, 1.8.1.9: 2007102514]
    [C:\Program Files\Mozilla Firefox\js3250.dll]  [Netscape Communications Corporation, 4.0]
    [C:\Program Files\Mozilla Firefox\nspr4.dll]  [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Firefox\xpcom_core.dll]  [Mozilla Foundation, 1.8.1.9: 2007102514]
    [C:\Program Files\Mozilla Firefox\plc4.dll]  [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Firefox\plds4.dll]  [Netscape Communications Corporation, 4.6.7]
    [C:\Program Files\Mozilla Firefox\smime3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nss3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Firefox\softokn3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Firefox\ssl3.dll]  [Mozilla Foundation, 3.11.5 Basic ECC]
    [C:\Program Files\Mozilla Firefox\xpcom_compat.dll]  [Mozilla Foundation, 1.8.1.9: 2007102514]
    [C:\Program Files\Mozilla Firefox\components\myspell.dll]  [Mozilla Foundation, 1.8.1.9: 2007102514]
    [C:\Documents and Settings\Miroslav Majkut\Application Data\IDM\idmmzcc2\components\idmmzcc.dll]  [Tonec Inc., 5, 15, 4, 0]
    [C:\Program Files\Mozilla Firefox\xpcom.dll]  [Mozilla Foundation, 1.8.1.9: 2007102514]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]
    [C:\Program Files\Mozilla Firefox\components\jar50.dll]  [Mozilla Foundation, 1.8.1.9: 2007102514]
    [C:\Program Files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll]  [RealPlayer, 1.0.1.57]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Internet Download Manager\idmmkb.dll]  [Tonec Inc., 5, 15, 4, 0]
    [C:\Program Files\Mozilla Firefox\components\spellchk.dll]  [Mozilla Foundation, 1.8.1.9: 2007102514]
    [C:\Program Files\Mozilla Firefox\freebl3.dll]  [Mozilla Foundation, 3.11.4 Basic ECC]
    [C:\Program Files\Mozilla Firefox\nssckbi.dll]  [Mozilla Foundation, 1.64]
[PID: 9408 / Miroslav Majkut][C:\DOCUME~1\MIROSL~1\LOCALS~1\Temp\Rar$EX01.297\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.0.1210]
[PID: 10408 / Miroslav Majkut][C:\DOCUME~1\MIROSL~1\LOCALS~1\Temp\Rar$EX01.297\SREe0223aa2.EXE]  [Smallfrogs Studio, 2.7.0.1210]
    [C:\DOCUME~1\MIROSL~1\LOCALS~1\Temp\Rar$EX01.297\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 7.00.01.07]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
AVSDA over [MSAFD Tcpip [TCP/IP]]
    avsda.dll(Avira GmbH, AntiVir layered service provider)
AVSDA over [MSAFD Tcpip [UDP/IP]]
    avsda.dll(Avira GmbH, AntiVir layered service provider)
AVSDA
    avsda.dll(Avira GmbH, AntiVir layered service provider)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1940, C:\PROGRAM FILES\AVIRA\AVIRA PREMIUM SECURITY SUITE\AVGUARD.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 744, C:\PROGRAM FILES\AVIRA\AVIRA PREMIUM SECURITY SUITE\AVFWSVC.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1536, C:\PROGRAM FILES\AVIRA\AVIRA PREMIUM SECURITY SUITE\AVGNT.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1492, C:\PROGRAM FILES\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 252, C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 7076, C:\PROGRAM FILES\AVIRA\AVIRA PREMIUM SECURITY SUITE\USRREQ.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 10752, C:\PROGRAM FILES\QIP INFIUM\INFIUM.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 8912, C:\PROGRAM FILES\AIMP2\AIMP2.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 9408, C:\DOCUME~1\MIROSL~1\LOCALS~1\TEMP\RAR$EX01.297\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] 1-Click Maintenance.job
        C:\Program Files\TuneUp Utilities 2008\OneClick.exe

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================