zpomalený notebook

JStep · Příspěvekod **JStep** » 19 led 2013 15:09

Dobrý den, prosím o kontrolu logu. Mám zpomalený notebook. Děkuji. J*

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:05:14, on 19.1.2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Java\jre1.6.0\bin\jucheck.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66017
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66017
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{BFB8FCAE-DDFB-48AA-8E86-BD116E35A69D}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66017
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Burn4Free DB Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Burn4Free DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Marušinka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: CCC.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: CCC.lnk = ? (User 'Default user')
O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Soluto Remote Service (SolutoRemoteService) - Unknown owner - C:\Program Files\Soluto\SolutoRemoteService.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/MARUIN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif

--
End of file - 12077 bytes

Reklama

Příspěvekod **memphisto** » 19 led 2013 21:28

Odinstaluj Burn4Free DB Toolbar

v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66017
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66017
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{BFB8FCAE-DDFB-48AA-8E86-BD116E35A69D}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66017
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Burn4Free DB Toolbar\tbhelper.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll
O3 - Toolbar: Burn4Free DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Burn4Free DB Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

JStep · Příspěvekod **JStep** » 20 led 2013 07:58

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.20.02

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Marušinka :: YOUR-4111630197 [administrátor]

Ochrana: Povolena

20.1.2013 7:46:54
MBAM-log-2013-01-20 (07-57-15).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 244185
Uplynulý čas: 9 minut, 49 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

JStep · Příspěvekod **JStep** » 20 led 2013 08:12

# AdwCleaner v2.106 - Logfile created 01/20/2013 at 08:11:57
# Updated 17/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Marušinka - YOUR-4111630197
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Marušinka\Dokumenty\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\.autoreg
Folder Found : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Found : C:\Documents and Settings\Marušinka\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\Marušinka\Data aplikací\Toolbar4
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4e15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4e15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Found : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKU\S-1-5-21-2118193015-818424941-1800824759-1008\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Found : HKU\S-1-5-21-2118193015-818424941-1800824759-1008\Software\Microsoft\Internet Explorer\SearchScopes\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Found : HKU\S-1-5-21-2118193015-818424941-1800824759-1008\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-2118193015-818424941-1800824759-1008\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

*************************

AdwCleaner[R1].txt - [7464 octets] - [20/01/2013 08:11:57]

########## EOF - C:\AdwCleaner[R1].txt - [7524 octets] ##########

Příspěvekod **Žbeky** » 20 led 2013 09:25

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

JStep · Příspěvekod **JStep** » 20 led 2013 10:01

# AdwCleaner v2.106 - Logfile created 01/20/2013 at 09:50:33
# Updated 17/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Marušinka - YOUR-4111630197
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Marušinka\Dokumenty\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\Marušinka\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Marušinka\Data aplikací\Toolbar4
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4e15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4e15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [7593 octets] - [20/01/2013 08:11:57]
AdwCleaner[S1].txt - [7099 octets] - [20/01/2013 09:50:33]

########## EOF - C:\AdwCleaner[S1].txt - [7159 octets] ##########

JStep · Příspěvekod **JStep** » 20 led 2013 11:11

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.20.02

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Marušinka :: YOUR-4111630197 [administrátor]

Ochrana: Povolena

20.1.2013 9:58:30
mbam-log-2013-01-20 (09-58-30).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 244664
Uplynulý čas: 13 minut, 18 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

JStep · Příspěvekod **JStep** » 20 led 2013 11:30

11:22:05.0234 3132 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:22:05.0375 3132 ============================================================
11:22:05.0375 3132 Current date / time: 2013/01/20 11:22:05.0375
11:22:05.0375 3132 SystemInfo:
11:22:05.0375 3132
11:22:05.0375 3132 OS Version: 5.1.2600 ServicePack: 2.0
11:22:05.0375 3132 Product type: Workstation
11:22:05.0375 3132 ComputerName: YOUR-4111630197
11:22:05.0375 3132 UserName: Marušinka
11:22:05.0375 3132 Windows directory: C:\WINDOWS
11:22:05.0375 3132 System windows directory: C:\WINDOWS
11:22:05.0375 3132 Processor architecture: Intel x86
11:22:05.0375 3132 Number of processors: 1
11:22:05.0375 3132 Page size: 0x1000
11:22:05.0375 3132 Boot type: Normal boot
11:22:05.0375 3132 ============================================================
11:22:08.0531 3132 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:22:08.0640 3132 Drive \Device\Harddisk1\DR3 - Size: 0x7470C05800 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:22:08.0984 3132 ============================================================
11:22:08.0984 3132 \Device\Harddisk0\DR0:
11:22:08.0984 3132 MBR partitions:
11:22:08.0984 3132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC944DD2
11:22:08.0984 3132 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC944E11, BlocksNum 0x164E9B0
11:22:08.0984 3132 \Device\Harddisk1\DR3:
11:22:08.0984 3132 MBR partitions:
11:22:08.0984 3132 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x3A384800
11:22:08.0984 3132 ============================================================
11:22:09.0015 3132 C: <-> \Device\Harddisk0\DR0\Partition1
11:22:09.0078 3132 D: <-> \Device\Harddisk0\DR0\Partition2
11:22:09.0078 3132 G: <-> \Device\Harddisk1\DR3\Partition1
11:22:09.0078 3132 ============================================================
11:22:09.0078 3132 Initialize success
11:22:09.0078 3132 ============================================================
11:22:19.0296 2624 ============================================================
11:22:19.0296 2624 Scan started
11:22:19.0296 2624 Mode: Manual;
11:22:19.0296 2624 ============================================================
11:22:21.0640 2624 ================ Scan system memory ========================
11:22:21.0671 2624 System memory - ok
11:22:21.0671 2624 ================ Scan services =============================
11:22:21.0843 2624 Abiosdsk - ok
11:22:21.0859 2624 abp480n5 - ok
11:22:21.0906 2624 [ 558A0039F0EF634397E1F61055504478 ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
11:22:21.0906 2624 Accelerometer - ok
11:22:21.0968 2624 [ FA2FBCDA96D2385F773B059FE5A125A6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:22:21.0968 2624 ACPI - ok
11:22:22.0031 2624 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:22:22.0031 2624 ACPIEC - ok
11:22:22.0078 2624 [ BE4BEB3FDE3EDFAD4EF2760722717B0F ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:22:22.0093 2624 ADIHdAudAddService - ok
11:22:22.0109 2624 adpu160m - ok
11:22:22.0140 2624 [ 358063AB6C1C4173B735525CDFA65F94 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
11:22:22.0156 2624 AEAudio - ok
11:22:22.0218 2624 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
11:22:22.0218 2624 aec - ok
11:22:22.0265 2624 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
11:22:22.0265 2624 AFD - ok
11:22:22.0343 2624 [ 90456051C422E09BC36E6340DD891F0C ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
11:22:22.0375 2624 AgereSoftModem - ok
11:22:22.0406 2624 Aha154x - ok
11:22:22.0421 2624 aic78u2 - ok
11:22:22.0453 2624 aic78xx - ok
11:22:22.0500 2624 [ 026DDAA7E6F8D49DF82C7A98BAE5D0D1 ] Alerter C:\WINDOWS\system32\alrsvc.dll
11:22:22.0531 2624 Alerter - ok
11:22:22.0578 2624 [ B3F690BF43F93A012A52F28F234FAA1B ] ALG C:\WINDOWS\System32\alg.exe
11:22:22.0578 2624 ALG - ok
11:22:22.0609 2624 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
11:22:22.0609 2624 AliIde - ok
11:22:22.0656 2624 [ FCFFA85CFD4BF7A4711012847048DCA3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
11:22:22.0671 2624 AmdK8 - ok
11:22:22.0687 2624 amsint - ok
11:22:22.0718 2624 [ 421184F91EAE5C6E78E653C6B32AAE84 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:22:22.0734 2624 AppMgmt - ok
11:22:22.0781 2624 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:22:22.0796 2624 Arp1394 - ok
11:22:22.0906 2624 [ 2EEDA27C19259C2340324EF7180D086B ] ASBroker C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
11:22:22.0921 2624 ASBroker - ok
11:22:22.0937 2624 asc - ok
11:22:22.0953 2624 asc3350p - ok
11:22:22.0984 2624 asc3550 - ok
11:22:23.0031 2624 [ BB3C0521ECCA4BB17AC55EB640DF0FA5 ] ASChannel C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll
11:22:23.0031 2624 ASChannel - ok
11:22:23.0125 2624 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
11:22:23.0156 2624 aspnet_state - ok
11:22:23.0187 2624 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:22:23.0187 2624 AsyncMac - ok
11:22:23.0218 2624 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
11:22:23.0218 2624 atapi - ok
11:22:23.0234 2624 Atdisk - ok
11:22:23.0281 2624 [ 29B2874B3956B62C0DBEA32D75A8E776 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
11:22:23.0281 2624 Ati HotKey Poller - ok
11:22:23.0359 2624 [ A1789368B4A31D2111AF7AEDA0C8D3FC ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
11:22:23.0406 2624 ati2mtag - ok
11:22:23.0453 2624 [ 72BC628AF75C4C3250F2A3BAC260265A ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
11:22:23.0453 2624 atksgt - ok
11:22:23.0484 2624 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:22:23.0500 2624 Atmarpc - ok
11:22:23.0515 2624 [ 4C42E4697F3A4EA0CD73A85116D7AF7F ] ATSWPDRV C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys
11:22:23.0531 2624 ATSWPDRV - ok
11:22:23.0562 2624 [ 40D78F514C8588EF12EC718D2AF0FC4E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
11:22:23.0562 2624 AudioSrv - ok
11:22:23.0593 2624 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
11:22:23.0593 2624 audstub - ok
11:22:23.0640 2624 [ 133AD3794572BCE689763A8356C7ED06 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
11:22:23.0640 2624 b57w2k - ok
11:22:23.0671 2624 [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
11:22:23.0687 2624 BCM43XX - ok
11:22:23.0703 2624 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:22:23.0703 2624 Beep - ok
11:22:23.0734 2624 [ E774A26610EC92674273486612C11CFC ] BITS C:\WINDOWS\system32\qmgr.dll
11:22:23.0796 2624 BITS - ok
11:22:23.0828 2624 [ F219E27E88107A50544153898DD8178E ] Browser C:\WINDOWS\System32\browser.dll
11:22:23.0828 2624 Browser - ok
11:22:23.0875 2624 [ BA57F31EAB93DC597D772F6F5B9ED54F ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:22:23.0890 2624 BTKRNL - ok
11:22:23.0953 2624 [ 0ECE2B1910527AE85691151D56621891 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
11:22:23.0953 2624 btwdins - ok
11:22:23.0968 2624 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
11:22:23.0984 2624 BTWUSB - ok
11:22:24.0015 2624 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
11:22:24.0015 2624 cbidf2k - ok
11:22:24.0031 2624 cd20xrnt - ok
11:22:24.0046 2624 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
11:22:24.0046 2624 Cdaudio - ok
11:22:24.0078 2624 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
11:22:24.0093 2624 Cdfs - ok
11:22:24.0109 2624 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:22:24.0109 2624 Cdrom - ok
11:22:24.0125 2624 Changer - ok
11:22:24.0156 2624 [ 9E21229E04E1D301BB40222FE4641CB2 ] CiSvc C:\WINDOWS\system32\cisvc.exe
11:22:24.0156 2624 CiSvc - ok
11:22:24.0203 2624 [ D3DC45553C8025338E08A60E95B1B91D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
11:22:24.0203 2624 ClipSrv - ok
11:22:24.0218 2624 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:22:24.0328 2624 clr_optimization_v2.0.50727_32 - ok
11:22:24.0359 2624 [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:22:24.0359 2624 CmBatt - ok
11:22:24.0375 2624 CmdIde - ok
11:22:24.0406 2624 [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:22:24.0406 2624 Compbatt - ok
11:22:24.0421 2624 COMSysApp - ok
11:22:24.0437 2624 Cpqarray - ok
11:22:24.0468 2624 cpuz136 - ok
11:22:24.0500 2624 [ 70D2A1756F4B2067658A186C963FCABD ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
11:22:24.0500 2624 CryptSvc - ok
11:22:24.0500 2624 dac2w2k - ok
11:22:24.0515 2624 dac960nt - ok
11:22:24.0562 2624 [ BEF7BB41E666EAA34BE7E99C2B107DB8 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:22:24.0578 2624 DcomLaunch - ok
11:22:24.0609 2624 [ 06A30F453CA4CB1431037E4813F697CB ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
11:22:24.0625 2624 Dhcp - ok
11:22:24.0656 2624 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
11:22:24.0671 2624 Disk - ok
11:22:24.0671 2624 dmadmin - ok
11:22:24.0750 2624 [ E1968EDEC81C430108FEB23AB07BDB14 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
11:22:24.0765 2624 dmboot - ok
11:22:24.0843 2624 [ 1B1520A82E396E46B9AE9FA6B03FF6C6 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
11:22:24.0859 2624 dmio - ok
11:22:24.0906 2624 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
11:22:24.0906 2624 dmload - ok
11:22:24.0953 2624 [ 7B3CA72885923EB947221F17F3E3AC59 ] dmserver C:\WINDOWS\System32\dmserver.dll
11:22:24.0953 2624 dmserver - ok
11:22:25.0046 2624 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
11:22:25.0046 2624 DMusic - ok
11:22:25.0140 2624 [ 0EEF8922D46D4846B472B1F6FD0541BC ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:22:25.0140 2624 Dnscache - ok
11:22:25.0171 2624 dpti2o - ok
11:22:25.0218 2624 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:22:25.0218 2624 drmkaud - ok
11:22:25.0265 2624 [ B5CB3084046146FD2587D8C9B219FEB4 ] eabfiltr C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
11:22:25.0265 2624 eabfiltr - ok
11:22:25.0328 2624 [ D4F94D45E25D764462A5B95BC426C8D0 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
11:22:25.0328 2624 eamon - ok
11:22:25.0375 2624 [ 9456462C1425D2BBF1616EDABFABA5F4 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
11:22:25.0375 2624 ehdrv - ok
11:22:25.0421 2624 [ 98B73963E8D2B89A9D5227FB6D245A00 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
11:22:25.0421 2624 EhttpSrv - ok
11:22:25.0484 2624 [ 73B0195E0405051CC2B69E84EC3F64D1 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
11:22:25.0500 2624 ekrn - ok
11:22:25.0546 2624 [ 4B308624FADF5BB6490D8F8D7AEBF5DF ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
11:22:25.0562 2624 epfwtdir - ok
11:22:25.0609 2624 [ D6F7428B201E33BC80066B47144CB568 ] ERSvc C:\WINDOWS\System32\ersvc.dll
11:22:25.0609 2624 ERSvc - ok
11:22:25.0671 2624 [ 33081FED75032291EE0E008D5385E86F ] Eventlog C:\WINDOWS\system32\services.exe
11:22:25.0687 2624 Eventlog - ok
11:22:25.0718 2624 [ 398314DF0B21338C4996B469101750D1 ] EventSystem C:\WINDOWS\system32\es.dll
11:22:25.0734 2624 EventSystem - ok
11:22:25.0781 2624 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
11:22:25.0781 2624 Fastfat - ok
11:22:25.0859 2624 [ E26EDC7AFA8DA3C528055EABC82C8C79 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:22:25.0875 2624 FastUserSwitchingCompatibility - ok
11:22:25.0906 2624 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
11:22:25.0921 2624 Fdc - ok
11:22:25.0953 2624 [ 266DAB58619B17BDF37FABBD48D875CA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
11:22:25.0953 2624 Fips - ok
11:22:26.0000 2624 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:22:26.0000 2624 Flpydisk - ok
11:22:26.0046 2624 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:22:26.0046 2624 FltMgr - ok
11:22:26.0140 2624 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:22:26.0140 2624 FontCache3.0.0.0 - ok
11:22:26.0171 2624 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:22:26.0171 2624 Fs_Rec - ok
11:22:26.0203 2624 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:22:26.0203 2624 Ftdisk - ok
11:22:26.0250 2624 [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
11:22:26.0250 2624 GEARAspiWDM - ok
11:22:26.0312 2624 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:22:26.0312 2624 Gpc - ok
11:22:26.0390 2624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:22:26.0406 2624 gupdate - ok
11:22:26.0421 2624 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:22:26.0421 2624 gupdatem - ok
11:22:26.0453 2624 [ 4D4D97671C63C3AF869B3518E6054204 ] HBtnKey C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
11:22:26.0453 2624 HBtnKey - ok
11:22:26.0500 2624 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:22:26.0500 2624 HDAudBus - ok
11:22:26.0578 2624 [ F59152272782FED8A8197FA788287F68 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:22:26.0578 2624 helpsvc - ok
11:22:26.0625 2624 [ D2DCF769E5A70027058AD5BE1F9B55BF ] HidServ C:\WINDOWS\System32\hidserv.dll
11:22:26.0625 2624 HidServ - ok
11:22:26.0671 2624 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:22:26.0671 2624 HidUsb - ok
11:22:26.0734 2624 [ 5953C0952E4DD2B25B9ADEF05AB0285C ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
11:22:26.0734 2624 hpdskflt - ok
11:22:26.0750 2624 hpn - ok
11:22:26.0796 2624 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
11:22:26.0796 2624 hpqwmiex - ok
11:22:26.0828 2624 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
11:22:26.0843 2624 HTTP - ok
11:22:26.0890 2624 [ DA826826C5C9116F47E0CD0CA8CC7C11 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
11:22:26.0890 2624 HTTPFilter - ok
11:22:26.0921 2624 i2omgmt - ok
11:22:26.0937 2624 i2omp - ok
11:22:27.0000 2624 [ 0F42DE9909B5DBF2C48DD1A79D491AF5 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:22:27.0000 2624 i8042prt - ok
11:22:27.0093 2624 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:22:27.0125 2624 idsvc - ok
11:22:27.0171 2624 [ F67554DA27D5B55EFCB6C7CB4818FBFD ] IFXTPM C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
11:22:27.0171 2624 IFXTPM - ok
11:22:27.0234 2624 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
11:22:27.0234 2624 Imapi - ok
11:22:27.0359 2624 [ CF9D286B34CB4912F3B28B4972D5CB33 ] ImapiService C:\WINDOWS\system32\imapi.exe
11:22:27.0390 2624 ImapiService - ok
11:22:27.0437 2624 ini910u - ok
11:22:27.0484 2624 [ EF4FDA4841001A4B98C411797DB8894A ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
11:22:27.0484 2624 IntelIde - ok
11:22:27.0531 2624 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
11:22:27.0546 2624 Ip6Fw - ok
11:22:27.0593 2624 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:22:27.0593 2624 IpFilterDriver - ok
11:22:27.0656 2624 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:22:27.0656 2624 IpInIp - ok
11:22:27.0703 2624 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:22:27.0703 2624 IpNat - ok
11:22:27.0734 2624 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:22:27.0750 2624 IPSec - ok
11:22:27.0781 2624 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
11:22:27.0781 2624 IRENUM - ok
11:22:27.0843 2624 [ 1091528512E4DD7ED5FDDCC4DF1C53D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:22:27.0843 2624 isapnp - ok
11:22:27.0937 2624 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:22:27.0953 2624 IviRegMgr - ok
11:22:28.0000 2624 [ 6F877BF8DC01A550CD666F3BEDB2213C ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:22:28.0000 2624 Kbdclass - ok
11:22:28.0031 2624 [ 065B5A83AA78C0C7047BF22E0AB5C821 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:22:28.0046 2624 kbdhid - ok
11:22:28.0093 2624 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
11:22:28.0109 2624 kmixer - ok
11:22:28.0156 2624 [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
11:22:28.0171 2624 KSecDD - ok
11:22:28.0234 2624 [ 9757F6E16FD1EAB54D6EB9D5EB3CBCB5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
11:22:28.0234 2624 lanmanserver - ok
11:22:28.0281 2624 [ 6BF7BAF420DD4422D2C35DFB3E51A29C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:22:28.0312 2624 lanmanworkstation - ok
11:22:28.0328 2624 lbrtfdc - ok
11:22:28.0421 2624 [ 3F43CF6B2569D0B92B17FD72408CD9A7 ] LexBceS C:\WINDOWS\system32\LEXBCES.EXE
11:22:28.0421 2624 LexBceS - ok
11:22:28.0515 2624 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:22:28.0531 2624 LightScribeService - ok
11:22:28.0546 2624 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
11:22:28.0546 2624 lirsgt - ok
11:22:28.0703 2624 [ 7C63055BFB959199EEEF366BBBE56456 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
11:22:28.0875 2624 LiveUpdate - ok
11:22:28.0937 2624 [ F9EE6D2AAB0690B34AE35BA9921A1414 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
11:22:28.0937 2624 LmHosts - ok
11:22:29.0015 2624 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
11:22:29.0015 2624 MBAMProtector - ok
11:22:29.0109 2624 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:22:29.0109 2624 MBAMScheduler - ok
11:22:29.0156 2624 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:22:29.0171 2624 MBAMService - ok
11:22:29.0218 2624 [ 8B2FCBD881879B55BE40B41F12FFC431 ] Messenger C:\WINDOWS\System32\msgsvc.dll
11:22:29.0218 2624 Messenger - ok
11:22:29.0265 2624 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
11:22:29.0265 2624 mnmdd - ok
11:22:29.0312 2624 [ 7D137132D6A9B41EF800E59A771ED48C ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
11:22:29.0312 2624 mnmsrvc - ok
11:22:29.0359 2624 [ 60210DEB037846AFE521EBF349964F6B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
11:22:29.0359 2624 Modem - ok
11:22:29.0390 2624 [ B160EC94114715675509115986400FD9 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:22:29.0390 2624 Mouclass - ok
11:22:29.0437 2624 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:22:29.0437 2624 mouhid - ok
11:22:29.0453 2624 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
11:22:29.0453 2624 MountMgr - ok
11:22:29.0515 2624 [ EEE50BF24CAEEDB515A8F3B22756D3BB ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
11:22:29.0515 2624 MQAC - ok
11:22:29.0531 2624 mraid35x - ok
11:22:29.0593 2624 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:22:29.0609 2624 MRxDAV - ok
11:22:29.0640 2624 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:22:29.0656 2624 MRxSmb - ok
11:22:29.0671 2624 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:22:29.0687 2624 Msfs - ok
11:22:29.0687 2624 MSIServer - ok
11:22:29.0734 2624 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:22:29.0734 2624 MSKSSRV - ok
11:22:29.0750 2624 [ E9B5F354AE80325283FD5C1C05217B01 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
11:22:29.0750 2624 MSMQ - ok
11:22:29.0781 2624 [ 10E6B9022B0A5C9C41E2DA6AEAE5D404 ] MSMQTriggers C:\WINDOWS\system32\mqtgsvc.exe
11:22:29.0781 2624 MSMQTriggers - ok
11:22:29.0796 2624 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:22:29.0796 2624 MSPCLOCK - ok
11:22:29.0812 2624 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:22:29.0812 2624 MSPQM - ok
11:22:29.0843 2624 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:22:29.0843 2624 mssmbios - ok
11:22:29.0859 2624 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
11:22:29.0859 2624 Mup - ok
11:22:29.0890 2624 [ AA898F84D2B59129FB92E143A2C73434 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
11:22:29.0890 2624 NDIS - ok
11:22:29.0921 2624 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:22:29.0921 2624 NdisTapi - ok
11:22:30.0015 2624 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:22:30.0015 2624 Ndisuio - ok
11:22:30.0046 2624 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:22:30.0046 2624 NdisWan - ok
11:22:30.0062 2624 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:22:30.0062 2624 NDProxy - ok
11:22:30.0093 2624 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:22:30.0093 2624 NetBIOS - ok
11:22:30.0125 2624 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:22:30.0125 2624 NetBT - ok
11:22:30.0171 2624 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDE C:\WINDOWS\system32\netdde.exe
11:22:30.0171 2624 NetDDE - ok
11:22:30.0187 2624 [ 818053225BF4AAC5F0F718001E492F70 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
11:22:30.0187 2624 NetDDEdsdm - ok
11:22:30.0218 2624 [ 82A362FE1D4980B71B588D9C10748511 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:22:30.0218 2624 Netlogon - ok
11:22:30.0234 2624 [ 86AD5B0E02F2C968FBB096AB4C555C9C ] Netman C:\WINDOWS\System32\netman.dll
11:22:30.0234 2624 Netman - ok
11:22:30.0281 2624 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:22:30.0281 2624 NetTcpPortSharing - ok
11:22:30.0296 2624 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:22:30.0296 2624 NIC1394 - ok
11:22:30.0343 2624 [ A6E79B60AC73241E5721AB6A573D2B24 ] Nla C:\WINDOWS\System32\mswsock.dll
11:22:30.0359 2624 Nla - ok
11:22:30.0421 2624 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe
11:22:30.0421 2624 NMSAccessU - ok
11:22:30.0453 2624 [ C82F4CC10AD315B6D6BCB14D0A7CAD66 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
11:22:30.0453 2624 nmwcd - ok
11:22:30.0500 2624 [ 60EF5F5621D7832F00A3F190A0C905E2 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
11:22:30.0500 2624 nmwcdc - ok
11:22:30.0531 2624 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:22:30.0546 2624 Npfs - ok
11:22:30.0578 2624 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:22:30.0593 2624 Ntfs - ok
11:22:30.0609 2624 [ 82A362FE1D4980B71B588D9C10748511 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
11:22:30.0609 2624 NtLmSsp - ok
11:22:30.0671 2624 [ D8D2B13BA93AE830B1A637DF571D1195 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
11:22:30.0671 2624 NtmsSvc - ok
11:22:30.0718 2624 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
11:22:30.0718 2624 Null - ok
11:22:30.0750 2624 [ B3753ECC3CECC722B6C74D70AD5FCF7A ] NWCWorkstation C:\WINDOWS\System32\nwwks.dll
11:22:30.0750 2624 NWCWorkstation - ok
11:22:30.0781 2624 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:22:30.0781 2624 NwlnkFlt - ok
11:22:30.0796 2624 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:22:30.0796 2624 NwlnkFwd - ok
11:22:30.0828 2624 [ 79EA3FCDA7067977625B3363A2657C80 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:22:30.0828 2624 NwlnkIpx - ok
11:22:30.0843 2624 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:22:30.0843 2624 NwlnkNb - ok
11:22:30.0875 2624 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:22:30.0875 2624 NwlnkSpx - ok
11:22:30.0906 2624 [ 3F18D9365BE71C7B2E43B7CF4A0C1A10 ] NWRDR C:\WINDOWS\system32\DRIVERS\nwrdr.sys
11:22:30.0906 2624 NWRDR - ok
11:22:31.0015 2624 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:22:31.0031 2624 odserv - ok
11:22:31.0062 2624 [ 197DDF60B254A84D8656850397B5F923 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:22:31.0062 2624 ohci1394 - ok
11:22:31.0109 2624 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:22:31.0109 2624 ose - ok
11:22:31.0140 2624 [ 76A18CAA2FEFB28A4CED38D76837E86E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
11:22:31.0156 2624 Parport - ok
11:22:31.0171 2624 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
11:22:31.0171 2624 PartMgr - ok
11:22:31.0187 2624 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
11:22:31.0203 2624 ParVdm - ok
11:22:31.0250 2624 [ 5EEB45F500E3E97153CB75723F8CA185 ] PCA C:\WINDOWS\SMINST\PCAngel.exe
11:22:31.0250 2624 PCA - ok
11:22:31.0296 2624 [ B7979F37BB7B9DF2230046134955E6E7 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
11:22:31.0296 2624 PCI - ok
11:22:31.0312 2624 PCIDump - ok
11:22:31.0328 2624 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
11:22:31.0328 2624 PCIIde - ok
11:22:31.0343 2624 [ 90505755634407D4EF4C6DEA60FC1DF9 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:22:31.0343 2624 Pcmcia - ok
11:22:31.0375 2624 [ 5B68C60B01DAC03D895EC1CA0A0365DA ] Pcouffin C:\WINDOWS\system32\Drivers\Pcouffin.sys
11:22:31.0390 2624 Pcouffin - ok
11:22:31.0390 2624 PDCOMP - ok
11:22:31.0421 2624 pdfcDispatcher - ok
11:22:31.0437 2624 PDFRAME - ok
11:22:31.0453 2624 PDRELI - ok
11:22:31.0453 2624 PDRFRAME - ok
11:22:31.0468 2624 perc2 - ok
11:22:31.0484 2624 perc2hib - ok
11:22:31.0515 2624 [ 33081FED75032291EE0E008D5385E86F ] PlugPlay C:\WINDOWS\system32\services.exe
11:22:31.0531 2624 PlugPlay - ok
11:22:31.0531 2624 ================ Scan global ===============================
11:22:31.0562 2624 [ F642F3368D2839798DA79E7BA9218481 ] C:\WINDOWS\system32\basesrv.dll
11:22:31.0609 2624 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
11:22:31.0625 2624 [ 5869828D4A83BA8F9519630C40044C87 ] C:\WINDOWS\system32\winsrv.dll
11:22:31.0656 2624 [ 33081FED75032291EE0E008D5385E86F ] C:\WINDOWS\system32\services.exe
11:22:31.0656 2624 [Global] - ok
11:22:31.0656 2624 ================ Scan MBR ==================================
11:22:31.0671 2624 [ 4F02A8D4048A138C450ED7F867EB0144 ] \Device\Harddisk0\DR0
11:22:31.0890 2624 \Device\Harddisk0\DR0 - ok
11:22:32.0234 2624 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR3
11:22:32.0250 2624 \Device\Harddisk1\DR3 - ok
11:22:32.0265 2624 ================ Scan VBR ==================================
11:22:32.0265 2624 [ 169081ADB4BBBA0B75FECF10B1AF6F2E ] \Device\Harddisk0\DR0\Partition1
11:22:32.0265 2624 \Device\Harddisk0\DR0\Partition1 - ok
11:22:32.0281 2624 [ D7FD78AF68D8EB3D1FDE77DE936D96C1 ] \Device\Harddisk0\DR0\Partition2
11:22:32.0296 2624 \Device\Harddisk0\DR0\Partition2 - ok
11:22:32.0312 2624 [ EFD11138F531AFCD744E4078518785F2 ] \Device\Harddisk1\DR3\Partition1
11:22:32.0312 2624 \Device\Harddisk1\DR3\Partition1 - ok
11:22:32.0312 2624 ============================================================
11:22:32.0312 2624 Scan finished
11:22:32.0312 2624 ============================================================
11:22:32.0343 1848 Detected object count: 0
11:22:32.0343 1848 Actual detected object count: 0
11:23:56.0468 2924 Deinitialize success

JStep · Příspěvekod **JStep** » 20 led 2013 12:07

ComboFix 13-01-17.04 - Marušinka 20.01.2013 11:43:56.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.895.419 [GMT 1:00]
Spuštěný z: c:\documents and settings\MaruÜinka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Hewlett-Packard\IAM\bin\ocgina.dll
c:\windows\IsUn0405.exe
c:\windows\msxml6-KB954459-enu-x86.LOG
c:\windows\msxml6-KB973686-enu-x86.LOG
c:\windows\SET3596.tmp
c:\windows\SET4AD.tmp
c:\windows\SET5B1.tmp
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_003191_.tmp.dll
c:\windows\system32\_003192_.tmp.dll
c:\windows\system32\_003193_.tmp.dll
c:\windows\system32\_003194_.tmp.dll
c:\windows\system32\_003201_.tmp.dll
c:\windows\system32\_003202_.tmp.dll
c:\windows\system32\_003203_.tmp.dll
c:\windows\system32\_003204_.tmp.dll
c:\windows\system32\_003206_.tmp.dll
c:\windows\system32\_003207_.tmp.dll
c:\windows\system32\_003208_.tmp.dll
c:\windows\system32\_003210_.tmp.dll
c:\windows\system32\_003211_.tmp.dll
c:\windows\system32\_003212_.tmp.dll
c:\windows\system32\_003214_.tmp.dll
c:\windows\system32\_003215_.tmp.dll
c:\windows\system32\_003217_.tmp.dll
c:\windows\system32\_003220_.tmp.dll
c:\windows\system32\_003221_.tmp.dll
c:\windows\system32\_003226_.tmp.dll
c:\windows\system32\_003228_.tmp.dll
c:\windows\system32\_003231_.tmp.dll
c:\windows\system32\_003233_.tmp.dll
c:\windows\system32\_003234_.tmp.dll
c:\windows\system32\_003235_.tmp.dll
c:\windows\system32\_003236_.tmp.dll
c:\windows\system32\_003237_.tmp.dll
c:\windows\system32\_003240_.tmp.dll
c:\windows\system32\_003241_.tmp.dll
c:\windows\system32\_003242_.tmp.dll
c:\windows\system32\_003243_.tmp.dll
c:\windows\system32\_003244_.tmp.dll
c:\windows\system32\_003249_.tmp.dll
c:\windows\system32\_003251_.tmp.dll
c:\windows\system32\_003357_.tmp.dll
c:\windows\system32\_003358_.tmp.dll
c:\windows\system32\_003359_.tmp.dll
c:\windows\system32\_003360_.tmp.dll
c:\windows\system32\_003366_.tmp.dll
c:\windows\system32\_003367_.tmp.dll
c:\windows\system32\_003368_.tmp.dll
c:\windows\system32\_003369_.tmp.dll
c:\windows\system32\_003371_.tmp.dll
c:\windows\system32\_003372_.tmp.dll
c:\windows\system32\_003373_.tmp.dll
c:\windows\system32\_003375_.tmp.dll
c:\windows\system32\_003376_.tmp.dll
c:\windows\system32\_003378_.tmp.dll
c:\windows\system32\_003379_.tmp.dll
c:\windows\system32\_003380_.tmp.dll
c:\windows\system32\_003382_.tmp.dll
c:\windows\system32\_003385_.tmp.dll
c:\windows\system32\_003386_.tmp.dll
c:\windows\system32\_003387_.tmp.dll
c:\windows\system32\_003390_.tmp.dll
c:\windows\system32\_003391_.tmp.dll
c:\windows\system32\_003393_.tmp.dll
c:\windows\system32\_003396_.tmp.dll
c:\windows\system32\_003398_.tmp.dll
c:\windows\system32\_003399_.tmp.dll
c:\windows\system32\_003400_.tmp.dll
c:\windows\system32\_003401_.tmp.dll
c:\windows\system32\_003404_.tmp.dll
c:\windows\system32\_003405_.tmp.dll
c:\windows\system32\_003406_.tmp.dll
c:\windows\system32\_003407_.tmp.dll
c:\windows\system32\_003408_.tmp.dll
c:\windows\system32\_003413_.tmp.dll
c:\windows\system32\_003415_.tmp.dll
c:\windows\system32\_003619_.tmp.dll
c:\windows\system32\_003620_.tmp.dll
c:\windows\system32\_003621_.tmp.dll
c:\windows\system32\_003622_.tmp.dll
c:\windows\system32\_003629_.tmp.dll
c:\windows\system32\_003630_.tmp.dll
c:\windows\system32\_003631_.tmp.dll
c:\windows\system32\_003633_.tmp.dll
c:\windows\system32\_003634_.tmp.dll
c:\windows\system32\_003635_.tmp.dll
c:\windows\system32\_003637_.tmp.dll
c:\windows\system32\_003638_.tmp.dll
c:\windows\system32\_003640_.tmp.dll
c:\windows\system32\_003641_.tmp.dll
c:\windows\system32\_003642_.tmp.dll
c:\windows\system32\_003644_.tmp.dll
c:\windows\system32\_003647_.tmp.dll
c:\windows\system32\_003648_.tmp.dll
c:\windows\system32\_003649_.tmp.dll
c:\windows\system32\_003652_.tmp.dll
c:\windows\system32\_003653_.tmp.dll
c:\windows\system32\_003655_.tmp.dll
c:\windows\system32\_003658_.tmp.dll
c:\windows\system32\_003660_.tmp.dll
c:\windows\system32\_003661_.tmp.dll
c:\windows\system32\_003662_.tmp.dll
c:\windows\system32\_003663_.tmp.dll
c:\windows\system32\_003666_.tmp.dll
c:\windows\system32\_003667_.tmp.dll
c:\windows\system32\_003668_.tmp.dll
c:\windows\system32\_003669_.tmp.dll
c:\windows\system32\_003670_.tmp.dll
c:\windows\system32\_003675_.tmp.dll
c:\windows\system32\_003677_.tmp.dll
c:\windows\system32\SET114C.tmp
c:\windows\system32\SET114F.tmp
c:\windows\system32\SET1159.tmp
c:\windows\system32\SET1161.tmp
c:\windows\system32\SET1167.tmp
c:\windows\system32\SET118E.tmp
c:\windows\system32\SET11CA.tmp
c:\windows\system32\SET1448.tmp
c:\windows\system32\SET144B.tmp
c:\windows\system32\SET1450.tmp
c:\windows\system32\SET1455.tmp
c:\windows\system32\SET1464.tmp
c:\windows\system32\SET148D.tmp
c:\windows\system32\SET195.tmp
c:\windows\system32\SET196.tmp
c:\windows\system32\SET197.tmp
c:\windows\system32\SET198.tmp
c:\windows\system32\SET19A.tmp
c:\windows\system32\SET19C.tmp
c:\windows\system32\SET1A4.tmp
c:\windows\system32\SET1A5.tmp
c:\windows\system32\SET1A8.tmp
c:\windows\system32\SET1B1.tmp
c:\windows\system32\SET1B2.tmp
c:\windows\system32\SET1B3.tmp
c:\windows\system32\SET1B5.tmp
c:\windows\system32\SET1B6.tmp
c:\windows\system32\SET1B7.tmp
c:\windows\system32\SET1B8.tmp
c:\windows\system32\SET1B9.tmp
c:\windows\system32\SET1BB.tmp
c:\windows\system32\SET1BC.tmp
c:\windows\system32\SET1BD.tmp
c:\windows\system32\SET1BE.tmp
c:\windows\system32\SET1C1.tmp
c:\windows\system32\SET1C8.tmp
c:\windows\system32\SET1C9.tmp
c:\windows\system32\SET1CA.tmp
c:\windows\system32\SET1CB.tmp
c:\windows\system32\SET1CE.tmp
c:\windows\system32\SET1D0.tmp
c:\windows\system32\SET1D1.tmp
c:\windows\system32\SET1D5.tmp
c:\windows\system32\SET1D7.tmp
c:\windows\system32\SET1D8.tmp
c:\windows\system32\SET1DA.tmp
c:\windows\system32\SET1DB.tmp
c:\windows\system32\SET1DC.tmp
c:\windows\system32\SET1DE.tmp
c:\windows\system32\SET1DF.tmp
c:\windows\system32\SET1E0.tmp
c:\windows\system32\SET1E5.tmp
c:\windows\system32\SET1E6.tmp
c:\windows\system32\SET1E7.tmp
c:\windows\system32\SET1E8.tmp
c:\windows\system32\SET1E9.tmp
c:\windows\system32\SET1EA.tmp
c:\windows\system32\SET1EB.tmp
c:\windows\system32\SET1EC.tmp
c:\windows\system32\SET1ED.tmp
c:\windows\system32\SET1EF.tmp
c:\windows\system32\SET1F0.tmp
c:\windows\system32\SET1F2.tmp
c:\windows\system32\SET1F4.tmp
c:\windows\system32\SET1F5.tmp
c:\windows\system32\SET1F9.tmp
c:\windows\system32\SET1FD.tmp
c:\windows\system32\SET1FE.tmp
c:\windows\system32\SET1FF.tmp
c:\windows\system32\SET202.tmp
c:\windows\system32\SET204.tmp
c:\windows\system32\SET205.tmp
c:\windows\system32\SET208.tmp
c:\windows\system32\SET20B.tmp
c:\windows\system32\SET20C.tmp
c:\windows\system32\SET210.tmp
c:\windows\system32\SET211.tmp
c:\windows\system32\SET212.tmp
c:\windows\system32\SET214.tmp
c:\windows\system32\SET215.tmp
c:\windows\system32\SET216.tmp
c:\windows\system32\SET217.tmp
c:\windows\system32\SET218.tmp
c:\windows\system32\SET219.tmp
c:\windows\system32\SET21A.tmp
c:\windows\system32\SET21B.tmp
c:\windows\system32\SET21C.tmp
c:\windows\system32\SET21D.tmp
c:\windows\system32\SET21E.tmp
c:\windows\system32\SET21F.tmp
c:\windows\system32\SET220.tmp
c:\windows\system32\SET222.tmp
c:\windows\system32\SET223.tmp
c:\windows\system32\SET224.tmp
c:\windows\system32\SET227.tmp
c:\windows\system32\SET22F.tmp
c:\windows\system32\SET230.tmp
c:\windows\system32\SET231.tmp
c:\windows\system32\SET232.tmp
c:\windows\system32\SET234.tmp
c:\windows\system32\SET236.tmp
c:\windows\system32\SET237.tmp
c:\windows\system32\SET238.tmp
c:\windows\system32\SET239.tmp
c:\windows\system32\SET23A.tmp
c:\windows\system32\SET23B.tmp
c:\windows\system32\SET23D.tmp
c:\windows\system32\SET23E.tmp
c:\windows\system32\SET23F.tmp
c:\windows\system32\SET240.tmp
c:\windows\system32\SET242.tmp
c:\windows\system32\SET243.tmp
c:\windows\system32\SET246.tmp
c:\windows\system32\SET247.tmp
c:\windows\system32\SET248.tmp
c:\windows\system32\SET24B.tmp
c:\windows\system32\SET24E.tmp
c:\windows\system32\SET24F.tmp
c:\windows\system32\SET250.tmp
c:\windows\system32\SET251.tmp
c:\windows\system32\SET252.tmp
c:\windows\system32\SET253.tmp
c:\windows\system32\SET255.tmp
c:\windows\system32\SET258.tmp
c:\windows\system32\SET25B.tmp
c:\windows\system32\SET25C.tmp
c:\windows\system32\SET25D.tmp
c:\windows\system32\SET25E.tmp
c:\windows\system32\SET25F.tmp
c:\windows\system32\SET260.tmp
c:\windows\system32\SET261.tmp
c:\windows\system32\SET262.tmp
c:\windows\system32\SET263.tmp
c:\windows\system32\SET264.tmp
c:\windows\system32\SET268.tmp
c:\windows\system32\SET269.tmp
c:\windows\system32\SET26C.tmp
c:\windows\system32\SET26F.tmp
c:\windows\system32\SET272.tmp
c:\windows\system32\SET273.tmp
c:\windows\system32\SET275.tmp
c:\windows\system32\SET276.tmp
c:\windows\system32\SET278.tmp
c:\windows\system32\SET27A.tmp
c:\windows\system32\SET27B.tmp
c:\windows\system32\SET27D.tmp
c:\windows\system32\SET27E.tmp
c:\windows\system32\SET27F.tmp
c:\windows\system32\SET280.tmp
c:\windows\system32\SET285.tmp
c:\windows\system32\SET286.tmp
c:\windows\system32\SET288.tmp
c:\windows\system32\SET289.tmp
c:\windows\system32\SET28A.tmp
c:\windows\system32\SET28B.tmp
c:\windows\system32\SET28C.tmp
c:\windows\system32\SET28E.tmp
c:\windows\system32\SET28F.tmp
c:\windows\system32\SET291.tmp
c:\windows\system32\SET292.tmp
c:\windows\system32\SET294.tmp
c:\windows\system32\SET295.tmp
c:\windows\system32\SET29E.tmp
c:\windows\system32\SET29F.tmp
c:\windows\system32\SET2A1.tmp
c:\windows\system32\SET2A3.tmp
c:\windows\system32\SET2A4.tmp
c:\windows\system32\SET2A5.tmp
c:\windows\system32\SET2A6.tmp
c:\windows\system32\SET2A8.tmp
c:\windows\system32\SET2A9.tmp
c:\windows\system32\SET2AA.tmp
c:\windows\system32\SET2AB.tmp
c:\windows\system32\SET2AC.tmp
c:\windows\system32\SET2AD.tmp
c:\windows\system32\SET2AE.tmp
c:\windows\system32\SET2B0.tmp
c:\windows\system32\SET2B1.tmp
c:\windows\system32\SET2B2.tmp
c:\windows\system32\SET2B3.tmp
c:\windows\system32\SET2B4.tmp
c:\windows\system32\SET2B6.tmp
c:\windows\system32\SET2B7.tmp
c:\windows\system32\SET2B8.tmp
c:\windows\system32\SET2BA.tmp
c:\windows\system32\SET2BB.tmp
c:\windows\system32\SET2BC.tmp
c:\windows\system32\SET2BF.tmp
c:\windows\system32\SET2C2.tmp
c:\windows\system32\SET2C7.tmp
c:\windows\system32\SET2C8.tmp
c:\windows\system32\SET2C9.tmp
c:\windows\system32\SET2CE.tmp
c:\windows\system32\SET2CF.tmp
c:\windows\system32\SET2D0.tmp
c:\windows\system32\SET2D1.tmp
c:\windows\system32\SET2D2.tmp
c:\windows\system32\SET2D5.tmp
c:\windows\system32\SET2D7.tmp
c:\windows\system32\SET2D8.tmp
c:\windows\system32\SET2DA.tmp
c:\windows\system32\SET2DC.tmp
c:\windows\system32\SET2DD.tmp
c:\windows\system32\SET2DF.tmp
c:\windows\system32\SET2E0.tmp
c:\windows\system32\SET2E1.tmp
c:\windows\system32\SET2E2.tmp
c:\windows\system32\SET2E3.tmp
c:\windows\system32\SET2E5.tmp
c:\windows\system32\SET2E7.tmp
c:\windows\system32\SET2E8.tmp
c:\windows\system32\SET2EA.tmp
c:\windows\system32\SET2EC.tmp
c:\windows\system32\SET2EE.tmp
c:\windows\system32\SET2EF.tmp
c:\windows\system32\SET2F0.tmp
c:\windows\system32\SET2F3.tmp
c:\windows\system32\SET2F4.tmp
c:\windows\system32\SET2F5.tmp
c:\windows\system32\SET2F6.tmp
c:\windows\system32\SET2F7.tmp
c:\windows\system32\SET2F9.tmp
c:\windows\system32\SET2FA.tmp
c:\windows\system32\SET2FD.tmp
c:\windows\system32\SET300.tmp
c:\windows\system32\SET301.tmp
c:\windows\system32\SET302.tmp
c:\windows\system32\SET303.tmp
c:\windows\system32\SET304.tmp
c:\windows\system32\SET305.tmp
c:\windows\system32\SET306.tmp
c:\windows\system32\SET308.tmp
c:\windows\system32\SET30B.tmp
c:\windows\system32\SET30C.tmp
c:\windows\system32\SET30D.tmp
c:\windows\system32\SET30E.tmp
c:\windows\system32\SET30F.tmp
c:\windows\system32\SET310.tmp
c:\windows\system32\SET312.tmp
c:\windows\system32\SET314.tmp
c:\windows\system32\SET316.tmp
c:\windows\system32\SET318.tmp
c:\windows\system32\SET31C.tmp
c:\windows\system32\SET31E.tmp
c:\windows\system32\SET31F.tmp
c:\windows\system32\SET320.tmp
c:\windows\system32\SET321.tmp
c:\windows\system32\SET323.tmp
c:\windows\system32\SET324.tmp
c:\windows\system32\SET326.tmp
c:\windows\system32\SET327B.tmp
c:\windows\system32\SET327F.tmp
c:\windows\system32\SET328.tmp
c:\windows\system32\SET3280.tmp
c:\windows\system32\SET3282.tmp
c:\windows\system32\SET3283.tmp
c:\windows\system32\SET3285.tmp
c:\windows\system32\SET3287.tmp
c:\windows\system32\SET328F.tmp
c:\windows\system32\SET329.tmp
c:\windows\system32\SET3290.tmp
c:\windows\system32\SET3293.tmp
c:\windows\system32\SET329C.tmp
c:\windows\system32\SET329D.tmp
c:\windows\system32\SET329E.tmp
c:\windows\system32\SET32A.tmp
c:\windows\system32\SET32A0.tmp
c:\windows\system32\SET32A1.tmp
c:\windows\system32\SET32A2.tmp
c:\windows\system32\SET32A3.tmp
c:\windows\system32\SET32A4.tmp
c:\windows\system32\SET32A6.tmp
c:\windows\system32\SET32A7.tmp
c:\windows\system32\SET32A8.tmp
c:\windows\system32\SET32AB.tmp
c:\windows\system32\SET32B2.tmp
c:\windows\system32\SET32B3.tmp
c:\windows\system32\SET32B4.tmp
c:\windows\system32\SET32B7.tmp
c:\windows\system32\SET32B9.tmp
c:\windows\system32\SET32BA.tmp
c:\windows\system32\SET32C.tmp
c:\windows\system32\SET32C0.tmp
c:\windows\system32\SET32C3.tmp
c:\windows\system32\SET32C4.tmp
c:\windows\system32\SET32C7.tmp
c:\windows\system32\SET32CA.tmp
c:\windows\system32\SET32CC.tmp
c:\windows\system32\SET32CD.tmp
c:\windows\system32\SET32CE.tmp
c:\windows\system32\SET32CF.tmp
c:\windows\system32\SET32D0.tmp
c:\windows\system32\SET32D6.tmp
c:\windows\system32\SET32DB.tmp
c:\windows\system32\SET32DC.tmp
c:\windows\system32\SET32DF.tmp
c:\windows\system32\SET32E.tmp
c:\windows\system32\SET32E2.tmp
c:\windows\system32\SET32E3.tmp
c:\windows\system32\SET32E8.tmp
c:\windows\system32\SET32EA.tmp
c:\windows\system32\SET32EB.tmp
c:\windows\system32\SET32ED.tmp
c:\windows\system32\SET32F.tmp
c:\windows\system32\SET32F0.tmp
c:\windows\system32\SET32F1.tmp
c:\windows\system32\SET32FA.tmp
c:\windows\system32\SET32FB.tmp
c:\windows\system32\SET32FE.tmp
c:\windows\system32\SET330.tmp
c:\windows\system32\SET3300.tmp
c:\windows\system32\SET3301.tmp
c:\windows\system32\SET3302.tmp
c:\windows\system32\SET3303.tmp
c:\windows\system32\SET3304.tmp
c:\windows\system32\SET3314.tmp
c:\windows\system32\SET3318.tmp
c:\windows\system32\SET3319.tmp
c:\windows\system32\SET331A.tmp
c:\windows\system32\SET331B.tmp
c:\windows\system32\SET331C.tmp
c:\windows\system32\SET331D.tmp
c:\windows\system32\SET331E.tmp
c:\windows\system32\SET331F.tmp
c:\windows\system32\SET3320.tmp
c:\windows\system32\SET3322.tmp
c:\windows\system32\SET3323.tmp
c:\windows\system32\SET3327.tmp
c:\windows\system32\SET3328.tmp
c:\windows\system32\SET332B.tmp
c:\windows\system32\SET332C.tmp
c:\windows\system32\SET332D.tmp
c:\windows\system32\SET333.tmp
c:\windows\system32\SET3333.tmp
c:\windows\system32\SET3334.tmp
c:\windows\system32\SET3335.tmp
c:\windows\system32\SET3337.tmp
c:\windows\system32\SET333D.tmp
c:\windows\system32\SET3343.tmp
c:\windows\system32\SET3344.tmp
c:\windows\system32\SET3345.tmp
c:\windows\system32\SET3346.tmp
c:\windows\system32\SET3348.tmp
c:\windows\system32\SET334D.tmp
c:\windows\system32\SET334E.tmp
c:\windows\system32\SET335.tmp
c:\windows\system32\SET3354.tmp
c:\windows\system32\SET335A.tmp
c:\windows\system32\SET335B.tmp
c:\windows\system32\SET335C.tmp
c:\windows\system32\SET335E.tmp
c:\windows\system32\SET335F.tmp
c:\windows\system32\SET336.tmp
c:\windows\system32\SET3360.tmp
c:\windows\system32\SET3363.tmp
c:\windows\system32\SET3365.tmp
c:\windows\system32\SET336B.tmp
c:\windows\system32\SET336D.tmp
c:\windows\system32\SET336E.tmp
c:\windows\system32\SET3371.tmp
c:\windows\system32\SET3373.tmp
c:\windows\system32\SET3376.tmp
c:\windows\system32\SET3385.tmp
c:\windows\system32\SET3387.tmp
c:\windows\system32\SET3388.tmp
c:\windows\system32\SET3389.tmp
c:\windows\system32\SET339.tmp
c:\windows\system32\SET3390.tmp
c:\windows\system32\SET3391.tmp
c:\windows\system32\SET3394.tmp
c:\windows\system32\SET3395.tmp
c:\windows\system32\SET3396.tmp
c:\windows\system32\SET3397.tmp
c:\windows\system32\SET3398.tmp
c:\windows\system32\SET339A.tmp
c:\windows\system32\SET339B.tmp
c:\windows\system32\SET339C.tmp
c:\windows\system32\SET339E.tmp
c:\windows\system32\SET339F.tmp
c:\windows\system32\SET33A0.tmp
c:\windows\system32\SET33A2.tmp
c:\windows\system32\SET33A5.tmp
c:\windows\system32\SET33AA.tmp
c:\windows\system32\SET33AB.tmp
c:\windows\system32\SET33AC.tmp
c:\windows\system32\SET33B1.tmp
c:\windows\system32\SET33B2.tmp
c:\windows\system32\SET33B3.tmp
c:\windows\system32\SET33B5.tmp
c:\windows\system32\SET33C.tmp
c:\windows\system32\SET33D9.tmp
c:\windows\system32\SET33DB.tmp
c:\windows\system32\SET33DC.tmp
c:\windows\system32\SET33DF.tmp
c:\windows\system32\SET33E0.tmp
c:\windows\system32\SET33E3.tmp
c:\windows\system32\SET33E6.tmp
c:\windows\system32\SET33E7.tmp
c:\windows\system32\SET33E9.tmp
c:\windows\system32\SET33EE.tmp
c:\windows\system32\SET33F2.tmp
c:\windows\system32\SET33F6.tmp
c:\windows\system32\SET33F8.tmp
c:\windows\system32\SET33F9.tmp
c:\windows\system32\SET33FC.tmp
c:\windows\system32\SET33FD.tmp
c:\windows\system32\SET340.tmp
c:\windows\system32\SET3403.tmp
c:\windows\system32\SET3404.tmp
c:\windows\system32\SET3406.tmp
c:\windows\system32\SET3407.tmp
c:\windows\system32\SET340C.tmp
c:\windows\system32\SET340E.tmp
c:\windows\system32\SET340F.tmp
c:\windows\system32\SET341.tmp
c:\windows\system32\SET3410.tmp
c:\windows\system32\SET3411.tmp
c:\windows\system32\SET3413.tmp
c:\windows\system32\SET3415.tmp
c:\windows\system32\SET3418.tmp
c:\windows\system32\SET342.tmp
c:\windows\system32\SET3420.tmp
c:\windows\system32\SET3422.tmp
c:\windows\system32\SET3424.tmp
c:\windows\system32\SET3425.tmp
c:\windows\system32\SET3426.tmp
c:\windows\system32\SET3428.tmp
c:\windows\system32\SET342A.tmp
c:\windows\system32\SET342F.tmp
c:\windows\system32\SET3431.tmp
c:\windows\system32\SET3432.tmp
c:\windows\system32\SET3438.tmp
c:\windows\system32\SET344.tmp
c:\windows\system32\SET3443.tmp
c:\windows\system32\SET3446.tmp
c:\windows\system32\SET3447.tmp
c:\windows\system32\SET3448.tmp
c:\windows\system32\SET344B.tmp
c:\windows\system32\SET345.tmp
c:\windows\system32\SET3453.tmp
c:\windows\system32\SET345A.tmp
c:\windows\system32\SET345C.tmp
c:\windows\system32\SET345F.tmp
c:\windows\system32\SET346.tmp
c:\windows\system32\SET3460.tmp
c:\windows\system32\SET3462.tmp
c:\windows\system32\SET3464.tmp
c:\windows\system32\SET347.tmp
c:\windows\system32\SET3472.tmp
c:\windows\system32\SET3477.tmp
c:\windows\system32\SET347B.tmp
c:\windows\system32\SET347D.tmp
c:\windows\system32\SET347F.tmp
c:\windows\system32\SET3485.tmp
c:\windows\system32\SET3489.tmp
c:\windows\system32\SET3495.tmp
c:\windows\system32\SET3497.tmp
c:\windows\system32\SET349D.tmp
c:\windows\system32\SET349F.tmp
c:\windows\system32\SET34A.tmp
c:\windows\system32\SET34A0.tmp
c:\windows\system32\SET34A6.tmp
c:\windows\system32\SET34AA.tmp
c:\windows\system32\SET34B.tmp
c:\windows\system32\SET34B8.tmp
c:\windows\system32\SET34BA.tmp
c:\windows\system32\SET34BB.tmp
c:\windows\system32\SET34BC.tmp
c:\windows\system32\SET34C.tmp
c:\windows\system32\SET34C4.tmp
c:\windows\system32\SET34C8.tmp
c:\windows\system32\SET34CD.tmp
c:\windows\system32\SET34D3.tmp
c:\windows\system32\SET34E3.tmp
c:\windows\system32\SET34E4.tmp
c:\windows\system32\SET34E9.tmp
c:\windows\system32\SET34F.tmp
c:\windows\system32\SET34F3.tmp
c:\windows\system32\SET350.tmp
c:\windows\system32\SET3503.tmp
c:\windows\system32\SET350E.tmp
c:\windows\system32\SET3510.tmp
c:\windows\system32\SET3517.tmp
c:\windows\system32\SET3518.tmp
c:\windows\system32\SET3519.tmp
c:\windows\system32\SET351B.tmp
c:\windows\system32\SET351C.tmp
c:\windows\system32\SET351D.tmp
c:\windows\system32\SET351E.tmp
c:\windows\system32\SET3520.tmp
c:\windows\system32\SET3522.tmp
c:\windows\system32\SET3523.tmp
c:\windows\system32\SET3524.tmp
c:\windows\system32\SET3527.tmp
c:\windows\system32\SET3529.tmp
c:\windows\system32\SET352E.tmp
c:\windows\system32\SET352F.tmp
c:\windows\system32\SET3537.tmp
c:\windows\system32\SET353D.tmp
c:\windows\system32\SET3542.tmp
c:\windows\system32\SET3545.tmp
c:\windows\system32\SET3548.tmp
c:\windows\system32\SET354A.tmp
c:\windows\system32\SET354E.tmp
c:\windows\system32\SET3550.tmp
c:\windows\system32\SET3551.tmp
c:\windows\system32\SET3552.tmp
c:\windows\system32\SET3555.tmp
c:\windows\system32\SET3556.tmp
c:\windows\system32\SET3557.tmp
c:\windows\system32\SET355A.tmp
c:\windows\system32\SET355B.tmp
c:\windows\system32\SET355E.tmp
c:\windows\system32\SET356.tmp
c:\windows\system32\SET3564.tmp
c:\windows\system32\SET3567.tmp
c:\windows\system32\SET3569.tmp
c:\windows\system32\SET356B.tmp
c:\windows\system32\SET356D.tmp
c:\windows\system32\SET356F.tmp
c:\windows\system32\SET357.tmp
c:\windows\system32\SET359.tmp
c:\windows\system32\SET35A.tmp
c:\windows\system32\SET35D.tmp
c:\windows\system32\SET35E.tmp
c:\windows\system32\SET360.tmp
c:\windows\system32\SET361.tmp
c:\windows\system32\SET364.tmp
c:\windows\system32\SET365.tmp
c:\windows\system32\SET369.tmp
c:\windows\system32\SET36AB.tmp
c:\windows\system32\SET36AC.tmp
c:\windows\system32\SET36D.tmp
c:\windows\system32\SET376.tmp
c:\windows\system32\SET378.tmp
c:\windows\system32\SET379.tmp
c:\windows\system32\SET37A.tmp
c:\windows\system32\SET37E.tmp
c:\windows\system32\SET382.tmp
c:\windows\system32\SET383.tmp
c:\windows\system32\SET384.tmp
c:\windows\system32\SET385.tmp
c:\windows\system32\SET388.tmp
c:\windows\system32\SET389.tmp
c:\windows\system32\SET38A.tmp
c:\windows\system32\SET38B.tmp
c:\windows\system32\SET38C.tmp
c:\windows\system32\SET38D.tmp
c:\windows\system32\SET38F.tmp
c:\windows\system32\SET390.tmp
c:\windows\system32\SET391.tmp
c:\windows\system32\SET392.tmp
c:\windows\system32\SET393.tmp
c:\windows\system32\SET395.tmp
c:\windows\system32\SET396.tmp
c:\windows\system32\SET397.tmp
c:\windows\system32\SET399.tmp
c:\windows\system32\SET39C.tmp
c:\windows\system32\SET39D.tmp
c:\windows\system32\SET3A2.tmp
c:\windows\system32\SET3A3.tmp
c:\windows\system32\SET3A4.tmp
c:\windows\system32\SET3A8.tmp
c:\windows\system32\SET3AA.tmp
c:\windows\system32\SET3AB.tmp
c:\windows\system32\SET3AC.tmp
c:\windows\system32\SET3AE.tmp
c:\windows\system32\SET3AF.tmp
c:\windows\system32\SET3B1.tmp
c:\windows\system32\SET3BB.tmp
c:\windows\system32\SET3BE.tmp
c:\windows\system32\SET3C0.tmp
c:\windows\system32\SET3C1.tmp
c:\windows\system32\SET3C4.tmp
c:\windows\system32\SET3C5.tmp
c:\windows\system32\SET3C8.tmp
c:\windows\system32\SET3C9.tmp
c:\windows\system32\SET3CA.tmp
c:\windows\system32\SET3CB.tmp
c:\windows\system32\SET3CC.tmp
c:\windows\system32\SET3CD.tmp
c:\windows\system32\SET3D0.tmp
c:\windows\system32\SET3D1.tmp
c:\windows\system32\SET3D3.tmp
c:\windows\system32\SET3D7.tmp
c:\windows\system32\SET3D9.tmp
c:\windows\system32\SET3DB.tmp
c:\windows\system32\SET3DE.tmp
c:\windows\system32\SET3E0.tmp
c:\windows\system32\SET3E5.tmp
c:\windows\system32\SET3E6.tmp
c:\windows\system32\SET3E7.tmp
c:\windows\system32\SET3EA.tmp
c:\windows\system32\SET3EB.tmp
c:\windows\system32\SET3F1.tmp
c:\windows\system32\SET3F2.tmp
c:\windows\system32\SET3F4.tmp
c:\windows\system32\SET3F5.tmp
c:\windows\system32\SET3F6.tmp
c:\windows\system32\SET3F7.tmp
c:\windows\system32\SET3F8.tmp
c:\windows\system32\SET3FC.tmp
c:\windows\system32\SET3FE.tmp
c:\windows\system32\SET400.tmp
c:\windows\system32\SET401.tmp
c:\windows\system32\SET402.tmp
c:\windows\system32\SET403.tmp
c:\windows\system32\SET405.tmp
c:\windows\system32\SET407.tmp
c:\windows\system32\SET40A.tmp
c:\windows\system32\SET414.tmp
c:\windows\system32\SET416.tmp
c:\windows\system32\SET417.tmp
c:\windows\system32\SET418.tmp
c:\windows\system32\SET419.tmp
c:\windows\system32\SET41A.tmp
c:\windows\system32\SET41B.tmp
c:\windows\system32\SET41C.tmp
c:\windows\system32\SET41E.tmp
c:\windows\system32\SET41F.tmp
c:\windows\system32\SET421.tmp
c:\windows\system32\SET423.tmp
c:\windows\system32\SET423D.tmp
c:\windows\system32\SET4240.tmp
c:\windows\system32\SET424A.tmp
c:\windows\system32\SET4257.tmp
c:\windows\system32\SET426.tmp
c:\windows\system32\SET428.tmp
c:\windows\system32\SET4280.tmp
c:\windows\system32\SET429.tmp
c:\windows\system32\SET42A.tmp
c:\windows\system32\SET42B.tmp
c:\windows\system32\SET42C.tmp
c:\windows\system32\SET42E.tmp
c:\windows\system32\SET42F.tmp
c:\windows\system32\SET430.tmp
c:\windows\system32\SET432.tmp
c:\windows\system32\SET433.tmp
c:\windows\system32\SET435.tmp
c:\windows\system32\SET436.tmp
c:\windows\system32\SET438.tmp
c:\windows\system32\SET43A.tmp
c:\windows\system32\SET43B.tmp
c:\windows\system32\SET43D.tmp
c:\windows\system32\SET442.tmp
c:\windows\system32\SET443.tmp
c:\windows\system32\SET449.tmp
c:\windows\system32\SET44B.tmp
c:\windows\system32\SET44D.tmp
c:\windows\system32\SET44E.tmp
c:\windows\system32\SET44F.tmp
c:\windows\system32\SET451.tmp
c:\windows\system32\SET453.tmp
c:\windows\system32\SET456.tmp
c:\windows\system32\SET459.tmp
c:\windows\system32\SET45C.tmp
c:\windows\system32\SET45E.tmp
c:\windows\system32\SET45F.tmp
c:\windows\system32\SET462.tmp
c:\windows\system32\SET464.tmp
c:\windows\system32\SET465.tmp
c:\windows\system32\SET466.tmp
c:\windows\system32\SET469.tmp
c:\windows\system32\SET46A.tmp
c:\windows\system32\SET46C.tmp
c:\windows\system32\SET46E.tmp
c:\windows\system32\SET46F.tmp
c:\windows\system32\SET470.tmp
c:\windows\system32\SET473.tmp
c:\windows\system32\SET474.tmp
c:\windows\system32\SET476.tmp
c:\windows\system32\SET478.tmp
c:\windows\system32\SET479.tmp
c:\windows\system32\SET47C.tmp
c:\windows\system32\SET47E.tmp
c:\windows\system32\SET47F.tmp
c:\windows\system32\SET481.tmp
c:\windows\system32\SET484.tmp
c:\windows\system32\SET486.tmp
c:\windows\system32\SET48D.tmp
c:\windows\system32\SET492.tmp
c:\windows\system32\SET496.tmp
c:\windows\system32\SET498.tmp
c:\windows\system32\SET49A.tmp
c:\windows\system32\SET4A0.tmp
c:\windows\system32\SET4A4.tmp
c:\windows\system32\SET4B2.tmp
c:\windows\system32\SET4B8.tmp
c:\windows\system32\SET4BA.tmp
c:\windows\system32\SET4BB.tmp
c:\windows\system32\SET4BC.tmp
c:\windows\system32\SET4C2.tmp
c:\windows\system32\SET4C6.tmp
c:\windows\system32\SET4D4.tmp
c:\windows\system32\SET4D6.tmp
c:\windows\system32\SET4D7.tmp
c:\windows\system32\SET4D8.tmp
c:\windows\system32\SET4E0.tmp
c:\windows\system32\SET4E4.tmp
c:\windows\system32\SET4E9.tmp
c:\windows\system32\SET4EF.tmp
c:\windows\system32\SET4FF.tmp
c:\windows\system32\SET500.tmp
c:\windows\system32\SET505.tmp
c:\windows\system32\SET50F.tmp
c:\windows\system32\SET52C.tmp
c:\windows\system32\SET533.tmp
c:\windows\system32\SET534.tmp
c:\windows\system32\SET535.tmp
c:\windows\system32\SET537.tmp
c:\windows\system32\SET538.tmp
c:\windows\system32\SET539.tmp
c:\windows\system32\SET53C.tmp
c:\windows\system32\SET53E.tmp
c:\windows\system32\SET53F.tmp
c:\windows\system32\SET540.tmp
c:\windows\system32\SET543.tmp
c:\windows\system32\SET545.tmp
c:\windows\system32\SET54A.tmp
c:\windows\system32\SET54B.tmp
c:\windows\system32\SET553.tmp
c:\windows\system32\SET559.tmp
c:\windows\system32\SET55E.tmp
c:\windows\system32\SET561.tmp
c:\windows\system32\SET564.tmp
c:\windows\system32\SET566.tmp
c:\windows\system32\SET56A.tmp
c:\windows\system32\SET56C.tmp
c:\windows\system32\SET56D.tmp
c:\windows\system32\SET56E.tmp
c:\windows\system32\SET571.tmp
c:\windows\system32\SET572.tmp
c:\windows\system32\SET576.tmp
c:\windows\system32\SET577.tmp
c:\windows\system32\SET57F.tmp
c:\windows\system32\SET582.tmp
c:\windows\system32\SET584.tmp
c:\windows\system32\SET586.tmp
c:\windows\system32\SET588.tmp
c:\windows\system32\SET58A.tmp
c:\windows\system32\SET5CB.tmp
c:\windows\system32\SET5D1.tmp
c:\windows\system32\SET849.tmp
c:\windows\system32\SET84A.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
D:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-20 do 2013-01-20 )))))))))))))))))))))))))))))))
.
.
2013-01-20 06:32 . 2013-01-20 06:32 -------- d-----w- c:\documents and settings\Marušinka\Data aplikací\Malwarebytes
2013-01-20 06:32 . 2013-01-20 06:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-01-20 06:32 . 2013-01-20 06:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-20 06:32 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-19 14:01 . 2013-01-19 14:01 388096 ----a-r- c:\documents and settings\Marušinka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-19 14:01 . 2013-01-19 14:01 -------- d-----w- c:\program files\Trend Micro
2013-01-19 08:24 . 2013-01-19 08:24 -------- d-----w- c:\documents and settings\All Users\Soluto
2013-01-19 08:23 . 2013-01-19 08:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Soluto
2013-01-06 15:17 . 2012-10-12 18:09 22400 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-01-02 40960]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2006-09-05 184320]
"PrinTray"="c:\windows\System32\spool\DRIVERS\W32X86\2\printray.exe" [2000-06-07 36864]
"LXSUPMON"="c:\windows\system32\LXSUPMON.EXE" [2000-06-07 794112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-03-19 2029640]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\Default User\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Franta\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2005-11-8 3248776]
.
c:\documents and settings\Default User\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Marušinka\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Default User\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\Default User\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 01:30 74240 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\burn4free-uninstall]
http://www.bigseekpro.com/uninstall_complete/burn4free [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
2012-12-14 15:49 512360 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
2006-12-14 12:22 330264 ----a-w- c:\program files\PDF Complete\pdfsty.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Ghost Recon Advanced Warfighter 2\\graw2_dedicated.exe"=
"c:\\Program Files\\CesarFTP\\Server.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Marušinka\\Dokumenty\\Downloads\\solutoinstaller-_wPr73Wyp9G2.exe"=
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2008 17:27 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [19.3.2009 10:44 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [19.3.2009 10:45 93848]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [18.8.2004 9:00 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [18.8.2004 9:00 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [19.3.2009 10:44 731840]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [20.1.2013 7:32 682344]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [16.6.2007 13:55 538136]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [19.9.2006 17:58 36608]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20.1.2013 7:32 21104]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\drivers\Pcouffin.sys [21.8.2008 19:41 39488]
S2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [11.7.2007 15:20 554352]
S3 cpuz136;cpuz136;\??\c:\windows\TEMP\cpuz136\cpuz136_x32.sys --> c:\windows\TEMP\cpuz136\cpuz136_x32.sys [?]
S3 SolutoRemoteService;Soluto Remote Service;"c:\program files\Soluto\SolutoRemoteService.exe" -service --> c:\program files\Soluto\SolutoRemoteService.exe [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25.1.2008 10:12 25088]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 14:48]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 14:48]
.
2013-01-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2118193015-818424941-1800824759-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2013-01-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2118193015-818424941-1800824759-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Marušinka\Data aplikací\Mozilla\Firefox\Profiles\cudibv3o.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/skinit/icq/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_status_change - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-dimsntfy - (no file)
Notify-NavLogon - (no file)
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-20 12:00
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe??????????????@? ????K????????@???????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
Binary file raw_enum.dat matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2118193015-818424941-1800824759-1008\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Data aplikací\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{FE9C13F6-6BBD-47D3-B939-F7E061BC4930}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.417.0"
"UniqueId"="01140B6B4A9C05D3"
"ScannerBuild"=dword:0000121d
"ScannerVersionId"=dword:00000f6c
"ScannerVersion"="Open window for status."
"FixId"=dword:00000009
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\Ati2evxx.dll
c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
.
- - - - - - - > 'explorer.exe'(2112)
c:\windows\system32\APSHook.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Hewlett-Packard\IAM\bin\asghost.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\System32\SCardSvr.exe
c:\progra~1\HEWLET~1\Shared\HPQTOA~1.EXE
.
**************************************************************************
.
Celkový čas: 2013-01-20 12:05:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-20 11:05
.
Před spuštěním: Volných bajtů: 43 908 902 912
Po spuštění: Volných bajtů: 44 326 133 760
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - F3E59FC4A78C5F1B22AD984640D7A60A

Příspěvekod **Žbeky** » 20 led 2013 12:34

Máš norton a ESET - jeden odinstaluj

JStep · Příspěvekod **JStep** » 20 led 2013 14:25

Norton v nainstalovaných programech nevidím, stačí smazat jeho složky, které jsem našel na disku C nebo je někde skrytý?
SP3 se mi v minulosti nainstalovat nepodařilo a vím, že s ním bývají potíže. Je instalace nutná? Zatím jsem se bez něj obešel...

JStep · Příspěvekod **JStep** » 20 led 2013 14:41

Je to už nějaký pátek, nepamatuji se. Mám ale tušení, že u předinstalovaných XP společně s procesorem AMD může tato instalace dělat problémy, proto se do sp3 už nehrnu, zvlášť, když ji nepotřebuji...

zpomalený notebook Vyřešeno

zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Kdo je online