Prosím o kontrolu:velmi pomalé pc a start Vyřešeno

[Pafčák]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:21:44, on 20.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Documents and Settings\Administrator\Plocha\Správa\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{602E6C7B-9746-4CF2-BE8F-BB3FE72EEAEF}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5765 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Pafčák]

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

27.10.2012 16:17:41
mbam-log-2012-10-27 (16-17-41).txt

Typ: Rychlá kontrola
Kontrolované objekty: 160174
Uplynulý čas: 13 minut, 47 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)



# AdwCleaner v2.115 - Log vytvooen 21/03/2013 v 16:44:14
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Administrator - PAVEL-794F71AE8
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Program Files\BS_Player
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\BS_Player
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Nalezeno : HKLM\Software\BS_Player
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-823518204-1645522239-839522115-500\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-823518204-1645522239-839522115-500\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKU\S-1-5-21-823518204-1645522239-839522115-500\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jorae504.default-1356450929718\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5637 octets] - [21/03/2013 16:44:14]

########## EOF - C:\AdwCleaner[R1].txt - [5697 octets] ##########

[Žbeky]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[Pafčák]

# AdwCleaner v2.115 - Log vytvooen 21/03/2013 v 17:20:43
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Administrator - PAVEL-794F71AE8
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Administrator\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Program Files\BS_Player
Složka Vymazáno : C:\Program Files\ICQ6Toolbar
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\BS_Player
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Vymazáno : HKLM\Software\BS_Player
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jorae504.default-1356450929718\prefs.js

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jorae504.default-1356450929718\user.js ... Vymazáno !

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5766 octets] - [21/03/2013 16:44:14]
AdwCleaner[S1].txt - [5406 octets] - [21/03/2013 17:20:43]

########## EOF - C:\AdwCleaner[S1].txt - [5466 octets] ##########


17:24:58.0187 2644 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:24:58.0421 2644 ============================================================
17:24:58.0421 2644 Current date / time: 2013/03/21 17:24:58.0421
17:24:58.0421 2644 SystemInfo:
17:24:58.0421 2644
17:24:58.0421 2644 OS Version: 5.1.2600 ServicePack: 3.0
17:24:58.0421 2644 Product type: Workstation
17:24:58.0421 2644 ComputerName: PAVEL-794F71AE8
17:24:58.0421 2644 UserName: Administrator
17:24:58.0421 2644 Windows directory: C:\WINDOWS
17:24:58.0421 2644 System windows directory: C:\WINDOWS
17:24:58.0421 2644 Processor architecture: Intel x86
17:24:58.0421 2644 Number of processors: 1
17:24:58.0421 2644 Page size: 0x1000
17:24:58.0421 2644 Boot type: Normal boot
17:24:58.0421 2644 ============================================================
17:24:58.0843 2644 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:24:58.0843 2644 ============================================================
17:24:58.0843 2644 \Device\Harddisk0\DR0:
17:24:58.0843 2644 MBR partitions:
17:24:58.0843 2644 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E1EDEC
17:24:58.0843 2644 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4E1EE6A, BlocksNum 0x4E1EDEC
17:24:58.0859 2644 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9C3DC95, BlocksNum 0x4351C6B
17:24:58.0859 2644 ============================================================
17:24:58.0890 2644 D: <-> \Device\Harddisk0\DR0\Partition2
17:24:58.0921 2644 E: <-> \Device\Harddisk0\DR0\Partition3
17:24:58.0937 2644 C: <-> \Device\Harddisk0\DR0\Partition1
17:24:58.0937 2644 ============================================================
17:24:58.0937 2644 Initialize success
17:24:58.0937 2644 ============================================================
17:25:15.0390 0920 ============================================================
17:25:15.0390 0920 Scan started
17:25:15.0390 0920 Mode: Manual;
17:25:15.0390 0920 ============================================================
17:25:15.0500 0920 ================ Scan system memory ========================
17:25:15.0500 0920 System memory - ok
17:25:15.0500 0920 ================ Scan services =============================
17:25:15.0593 0920 Abiosdsk - ok
17:25:15.0593 0920 abp480n5 - ok
17:25:15.0640 0920 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:25:15.0640 0920 ACPI - ok
17:25:15.0687 0920 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:25:15.0687 0920 ACPIEC - ok
17:25:15.0734 0920 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:25:15.0734 0920 AdobeFlashPlayerUpdateSvc - ok
17:25:15.0750 0920 adpu160m - ok
17:25:15.0781 0920 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:25:15.0796 0920 aec - ok
17:25:15.0843 0920 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:25:15.0843 0920 AFD - ok
17:25:15.0859 0920 Aha154x - ok
17:25:15.0859 0920 aic78u2 - ok
17:25:15.0875 0920 aic78xx - ok
17:25:15.0968 0920 [ BA88534A3CEB6161E7432438B9EA4F54 ] ALCXSENS C:\WINDOWS\system32\drivers\ALCXSENS.SYS
17:25:15.0984 0920 ALCXSENS - ok
17:25:16.0031 0920 [ 5FF6F7E58C798F1474C0BBFFC23CB78D ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
17:25:16.0031 0920 ALCXWDM - ok
17:25:16.0062 0920 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:25:16.0078 0920 Alerter - ok
17:25:16.0109 0920 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
17:25:16.0109 0920 ALG - ok
17:25:16.0125 0920 AliIde - ok
17:25:16.0140 0920 [ F51646C07E7D1DE576284A5261C353C3 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:25:16.0156 0920 AmdK8 - ok
17:25:16.0156 0920 amsint - ok
17:25:16.0203 0920 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\WINDOWS\system32\Drivers\ssadadb.sys
17:25:16.0203 0920 androidusb - ok
17:25:16.0234 0920 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:25:16.0234 0920 AppMgmt - ok
17:25:16.0250 0920 asc - ok
17:25:16.0265 0920 asc3350p - ok
17:25:16.0281 0920 asc3550 - ok
17:25:16.0343 0920 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:25:16.0359 0920 aspnet_state - ok
17:25:16.0390 0920 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:25:16.0390 0920 aswFsBlk - ok
17:25:16.0437 0920 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
17:25:16.0437 0920 aswMonFlt - ok
17:25:16.0453 0920 [ C1A411B7CCD604554D96EFDAC2F83617 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
17:25:16.0453 0920 aswRdr - ok
17:25:16.0468 0920 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
17:25:16.0468 0920 aswRvrt - ok
17:25:16.0531 0920 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
17:25:16.0546 0920 aswSnx - ok
17:25:16.0578 0920 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
17:25:16.0593 0920 aswSP - ok
17:25:16.0609 0920 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
17:25:16.0609 0920 aswTdi - ok
17:25:16.0640 0920 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
17:25:16.0640 0920 aswVmm - ok
17:25:16.0687 0920 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:25:16.0687 0920 AsyncMac - ok
17:25:16.0718 0920 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:25:16.0718 0920 atapi - ok
17:25:16.0734 0920 Atdisk - ok
17:25:16.0765 0920 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:25:16.0765 0920 Atmarpc - ok
17:25:16.0796 0920 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:25:16.0796 0920 AudioSrv - ok
17:25:16.0843 0920 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:25:16.0843 0920 audstub - ok
17:25:16.0937 0920 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
17:25:16.0937 0920 avast! Antivirus - ok
17:25:16.0984 0920 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:25:16.0984 0920 Beep - ok
17:25:17.0015 0920 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
17:25:17.0062 0920 BITS - ok
17:25:17.0093 0920 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
17:25:17.0093 0920 Browser - ok
17:25:17.0125 0920 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:25:17.0125 0920 cbidf2k - ok
17:25:17.0203 0920 [ 8EF654045E518AC00E52E7A1E2D3AD70 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
17:25:17.0203 0920 CCALib8 - ok
17:25:17.0218 0920 cd20xrnt - ok
17:25:17.0234 0920 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:25:17.0234 0920 Cdaudio - ok
17:25:17.0250 0920 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:25:17.0250 0920 Cdfs - ok
17:25:17.0296 0920 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:25:17.0296 0920 Cdrom - ok
17:25:17.0312 0920 Changer - ok
17:25:17.0343 0920 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:25:17.0343 0920 CiSvc - ok
17:25:17.0359 0920 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:25:17.0375 0920 ClipSrv - ok
17:25:17.0406 0920 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:25:17.0437 0920 clr_optimization_v2.0.50727_32 - ok
17:25:17.0453 0920 CmdIde - ok
17:25:17.0468 0920 COMSysApp - ok
17:25:17.0484 0920 Cpqarray - ok
17:25:17.0515 0920 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:25:17.0515 0920 CryptSvc - ok
17:25:17.0531 0920 dac2w2k - ok
17:25:17.0546 0920 dac960nt - ok
17:25:17.0593 0920 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:25:17.0609 0920 DcomLaunch - ok
17:25:17.0640 0920 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
17:25:17.0640 0920 dgderdrv - ok
17:25:17.0671 0920 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:25:17.0687 0920 Dhcp - ok
17:25:17.0687 0920 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:25:17.0703 0920 Disk - ok
17:25:17.0703 0920 dmadmin - ok
17:25:17.0765 0920 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:25:17.0781 0920 dmboot - ok
17:25:17.0796 0920 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:25:17.0812 0920 dmio - ok
17:25:17.0828 0920 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:25:17.0828 0920 dmload - ok
17:25:17.0859 0920 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:25:17.0859 0920 dmserver - ok
17:25:17.0875 0920 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:25:17.0875 0920 DMusic - ok
17:25:17.0921 0920 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:25:17.0921 0920 Dnscache - ok
17:25:17.0968 0920 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:25:17.0968 0920 Dot3svc - ok
17:25:17.0984 0920 dpti2o - ok
17:25:18.0015 0920 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:25:18.0015 0920 drmkaud - ok
17:25:18.0046 0920 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:25:18.0046 0920 EapHost - ok
17:25:18.0062 0920 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:25:18.0078 0920 ERSvc - ok
17:25:18.0093 0920 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
17:25:18.0109 0920 Eventlog - ok
17:25:18.0140 0920 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
17:25:18.0156 0920 EventSystem - ok
17:25:18.0171 0920 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:25:18.0171 0920 Fastfat - ok
17:25:18.0218 0920 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:25:18.0234 0920 FastUserSwitchingCompatibility - ok
17:25:18.0250 0920 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:25:18.0250 0920 Fdc - ok
17:25:18.0265 0920 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:25:18.0281 0920 Fips - ok
17:25:18.0296 0920 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:25:18.0296 0920 Flpydisk - ok
17:25:18.0328 0920 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:25:18.0343 0920 FltMgr - ok
17:25:18.0390 0920 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:25:18.0390 0920 FontCache3.0.0.0 - ok
17:25:18.0406 0920 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:25:18.0406 0920 Fs_Rec - ok
17:25:18.0437 0920 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:25:18.0437 0920 Ftdisk - ok
17:25:18.0453 0920 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:25:18.0453 0920 gameenum - ok
17:25:18.0500 0920 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:25:18.0500 0920 Gpc - ok
17:25:18.0562 0920 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:25:18.0562 0920 gupdate - ok
17:25:18.0578 0920 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:25:18.0578 0920 gupdatem - ok
17:25:18.0640 0920 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:25:18.0640 0920 helpsvc - ok
17:25:18.0656 0920 HidServ - ok
17:25:18.0671 0920 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:25:18.0671 0920 hidusb - ok
17:25:18.0718 0920 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:25:18.0718 0920 hkmsvc - ok
17:25:18.0734 0920 hpn - ok
17:25:18.0765 0920 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:25:18.0781 0920 HPZid412 - ok
17:25:18.0781 0920 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:25:18.0796 0920 HPZipr12 - ok
17:25:18.0828 0920 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:25:18.0828 0920 HPZius12 - ok
17:25:18.0875 0920 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:25:18.0875 0920 HTTP - ok
17:25:18.0890 0920 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:25:18.0906 0920 HTTPFilter - ok
17:25:18.0921 0920 i2omgmt - ok
17:25:18.0937 0920 i2omp - ok
17:25:18.0953 0920 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:25:18.0953 0920 i8042prt - ok
17:25:19.0046 0920 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:25:19.0078 0920 idsvc - ok
17:25:19.0093 0920 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:25:19.0093 0920 Imapi - ok
17:25:19.0140 0920 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:25:19.0156 0920 ImapiService - ok
17:25:19.0171 0920 ini910u - ok
17:25:19.0187 0920 IntelIde - ok
17:25:19.0218 0920 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:25:19.0218 0920 Ip6Fw - ok
17:25:19.0250 0920 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:25:19.0250 0920 IpFilterDriver - ok
17:25:19.0281 0920 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:25:19.0281 0920 IpInIp - ok
17:25:19.0312 0920 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:25:19.0328 0920 IpNat - ok
17:25:19.0343 0920 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:25:19.0343 0920 IPSec - ok
17:25:19.0375 0920 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:25:19.0375 0920 IRENUM - ok
17:25:19.0406 0920 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:25:19.0406 0920 isapnp - ok
17:25:19.0484 0920 [ 999DB5F88C8E145CCA9D471E33227143 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
17:25:19.0484 0920 JavaQuickStarterService - ok
17:25:19.0515 0920 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:25:19.0515 0920 Kbdclass - ok
17:25:19.0546 0920 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:25:19.0562 0920 kmixer - ok
17:25:19.0593 0920 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:25:19.0593 0920 KSecDD - ok
17:25:19.0625 0920 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:25:19.0640 0920 lanmanserver - ok
17:25:19.0656 0920 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:25:19.0671 0920 lanmanworkstation - ok
17:25:19.0687 0920 lbrtfdc - ok
17:25:19.0718 0920 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:25:19.0718 0920 LmHosts - ok
17:25:19.0781 0920 [ 77DB6177FD08AAB1DD8A896197CC7660 ] ltmodem5 C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
17:25:19.0796 0920 ltmodem5 - ok
17:25:19.0828 0920 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:25:19.0828 0920 Messenger - ok
17:25:19.0890 0920 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
17:25:19.0890 0920 Microsoft Office Groove Audit Service - ok
17:25:19.0921 0920 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:25:19.0921 0920 mnmdd - ok
17:25:19.0953 0920 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:25:19.0953 0920 mnmsrvc - ok
17:25:19.0984 0920 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:25:19.0984 0920 Modem - ok
17:25:20.0015 0920 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:25:20.0015 0920 MODEMCSA - ok
17:25:20.0031 0920 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:25:20.0031 0920 Mouclass - ok
17:25:20.0062 0920 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:25:20.0062 0920 mouhid - ok
17:25:20.0078 0920 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:25:20.0078 0920 MountMgr - ok
17:25:20.0125 0920 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:25:20.0125 0920 MozillaMaintenance - ok
17:25:20.0140 0920 mraid35x - ok
17:25:20.0171 0920 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:25:20.0187 0920 MRxDAV - ok
17:25:20.0234 0920 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:25:20.0234 0920 MRxSmb - ok
17:25:20.0265 0920 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:25:20.0265 0920 MSDTC - ok
17:25:20.0312 0920 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:25:20.0312 0920 Msfs - ok
17:25:20.0328 0920 MSIServer - ok
17:25:20.0343 0920 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:25:20.0343 0920 MSKSSRV - ok
17:25:20.0375 0920 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:25:20.0375 0920 MSPCLOCK - ok
17:25:20.0390 0920 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:25:20.0390 0920 MSPQM - ok
17:25:20.0406 0920 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:25:20.0406 0920 mssmbios - ok
17:25:20.0437 0920 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
17:25:20.0437 0920 ms_mpu401 - ok
17:25:20.0468 0920 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:25:20.0468 0920 Mup - ok
17:25:20.0500 0920 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:25:20.0515 0920 napagent - ok
17:25:20.0546 0920 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:25:20.0546 0920 NDIS - ok
17:25:20.0593 0920 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:25:20.0593 0920 NdisTapi - ok
17:25:20.0609 0920 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:25:20.0609 0920 Ndisuio - ok
17:25:20.0625 0920 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:25:20.0640 0920 NdisWan - ok
17:25:20.0671 0920 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:25:20.0671 0920 NDProxy - ok
17:25:20.0812 0920 [ C7F5C284B6F46FCAF6910EA4E644700B ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
17:25:20.0843 0920 Nero BackItUp Scheduler 4.0 - ok
17:25:20.0875 0920 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
17:25:20.0875 0920 Net Driver HPZ12 - ok
17:25:20.0890 0920 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:25:20.0906 0920 NetBIOS - ok
17:25:20.0921 0920 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:25:20.0937 0920 NetBT - ok
17:25:20.0968 0920 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:25:20.0968 0920 NetDDE - ok
17:25:20.0984 0920 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:25:20.0984 0920 NetDDEdsdm - ok
17:25:21.0031 0920 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:25:21.0031 0920 Netlogon - ok
17:25:21.0062 0920 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
17:25:21.0078 0920 Netman - ok
17:25:21.0109 0920 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:25:21.0109 0920 NetTcpPortSharing - ok
17:25:21.0156 0920 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
17:25:21.0156 0920 Nla - ok
17:25:21.0171 0920 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:25:21.0171 0920 Npfs - ok
17:25:21.0203 0920 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:25:21.0234 0920 Ntfs - ok
17:25:21.0250 0920 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:25:21.0250 0920 NtLmSsp - ok
17:25:21.0296 0920 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:25:21.0312 0920 NtmsSvc - ok
17:25:21.0328 0920 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:25:21.0328 0920 Null - ok
17:25:21.0453 0920 [ AA1DD84821732D77102DDAC6D773941C ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:25:21.0531 0920 nv - ok
17:25:21.0562 0920 [ 46DEED4C6C5FA765F9A2C723BE60348D ] nvatabus C:\WINDOWS\system32\DRIVERS\nvatabus.sys
17:25:21.0578 0920 nvatabus - ok
17:25:21.0593 0920 [ F87D81C2A99A3796B5E4DB6D38B8E706 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:25:21.0593 0920 NVENETFD - ok
17:25:21.0609 0920 [ 1602ABC3FC9F8CA6A5B2C9CB466720B5 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:25:21.0609 0920 nvnetbus - ok
17:25:21.0640 0920 [ AB13E3C3A60900E2E0EACB78FF12BA61 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
17:25:21.0640 0920 NVSvc - ok
17:25:21.0656 0920 [ C0FCD544A1C4EEA6D11A0AE6A07DAC9D ] nv_agp C:\WINDOWS\system32\DRIVERS\nv_agp.sys
17:25:21.0656 0920 nv_agp - ok
17:25:21.0703 0920 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:25:21.0703 0920 NwlnkFlt - ok
17:25:21.0718 0920 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:25:21.0718 0920 NwlnkFwd - ok
17:25:21.0796 0920 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:25:21.0812 0920 odserv - ok
17:25:21.0828 0920 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:25:21.0843 0920 ose - ok
17:25:21.0875 0920 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
17:25:21.0875 0920 Parport - ok
17:25:21.0906 0920 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:25:21.0906 0920 PartMgr - ok
17:25:21.0937 0920 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:25:21.0937 0920 ParVdm - ok
17:25:21.0968 0920 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:25:21.0968 0920 pccsmcfd - ok
17:25:21.0984 0920 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:25:22.0000 0920 PCI - ok
17:25:22.0000 0920 PCIDump - ok
17:25:22.0031 0920 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:25:22.0031 0920 PCIIde - ok
17:25:22.0046 0920 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:25:22.0062 0920 Pcmcia - ok
17:25:22.0062 0920 PDCOMP - ok
17:25:22.0078 0920 PDFRAME - ok
17:25:22.0093 0920 PDRELI - ok
17:25:22.0109 0920 PDRFRAME - ok
17:25:22.0125 0920 perc2 - ok
17:25:22.0125 0920 perc2hib - ok
17:25:22.0187 0920 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
17:25:22.0187 0920 PlugPlay - ok
17:25:22.0234 0920 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
17:25:22.0234 0920 Pml Driver HPZ12 - ok
17:25:22.0250 0920 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:25:22.0250 0920 PolicyAgent - ok
17:25:22.0281 0920 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:25:22.0281 0920 PptpMiniport - ok
17:25:22.0296 0920 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
17:25:22.0296 0920 Processor - ok
17:25:22.0312 0920 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:25:22.0312 0920 ProtectedStorage - ok
17:25:22.0328 0920 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:25:22.0328 0920 PSched - ok
17:25:22.0359 0920 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:25:22.0359 0920 Ptilink - ok
17:25:22.0375 0920 ql1080 - ok
17:25:22.0375 0920 Ql10wnt - ok
17:25:22.0406 0920 ql12160 - ok
17:25:22.0406 0920 ql1240 - ok
17:25:22.0421 0920 ql1280 - ok
17:25:22.0453 0920 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:25:22.0453 0920 RasAcd - ok
17:25:22.0484 0920 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:25:22.0484 0920 RasAuto - ok
17:25:22.0515 0920 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:25:22.0515 0920 Rasl2tp - ok
17:25:22.0562 0920 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:25:22.0562 0920 RasMan - ok
17:25:22.0578 0920 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:25:22.0593 0920 RasPppoe - ok
17:25:22.0593 0920 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:25:22.0609 0920 Raspti - ok
17:25:22.0625 0920 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:25:22.0640 0920 Rdbss - ok
17:25:22.0640 0920 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:25:22.0656 0920 RDPCDD - ok
17:25:22.0671 0920 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:25:22.0687 0920 rdpdr - ok
17:25:22.0718 0920 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:25:22.0734 0920 RDPWD - ok
17:25:22.0765 0920 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:25:22.0765 0920 RDSessMgr - ok
17:25:22.0796 0920 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:25:22.0796 0920 redbook - ok
17:25:22.0828 0920 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:25:22.0828 0920 RemoteAccess - ok
17:25:22.0859 0920 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:25:22.0859 0920 RemoteRegistry - ok
17:25:22.0890 0920 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:25:22.0890 0920 RpcLocator - ok
17:25:22.0937 0920 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
17:25:22.0953 0920 RpcSs - ok
17:25:22.0984 0920 [ 99F13D7E9AAEC74A5B7D10AB780D9D6F ] RSVP C:\WINDOWS\system32\rsvp.exe
17:25:23.0000 0920 RSVP - ok
17:25:23.0031 0920 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
17:25:23.0031 0920 SamSs - ok
17:25:23.0046 0920 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:25:23.0062 0920 SCardSvr - ok
17:25:23.0078 0920 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:25:23.0093 0920 Schedule - ok
17:25:23.0109 0920 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:25:23.0109 0920 Secdrv - ok
17:25:23.0140 0920 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:25:23.0156 0920 seclogon - ok
17:25:23.0187 0920 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
17:25:23.0187 0920 SENS - ok
17:25:23.0203 0920 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:25:23.0218 0920 serenum - ok
17:25:23.0218 0920 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:25:23.0234 0920 Serial - ok
17:25:23.0343 0920 [ 289E853881E688286AD24299FCC485D8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:25:23.0375 0920 ServiceLayer - ok
17:25:23.0406 0920 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:25:23.0406 0920 Sfloppy - ok
17:25:23.0453 0920 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:25:23.0468 0920 SharedAccess - ok
17:25:23.0500 0920 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:25:23.0515 0920 ShellHWDetection - ok
17:25:23.0515 0920 Simbad - ok
17:25:23.0703 0920 [ 2A99850C2A6EDD6C6602E822C716EDAF ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:25:23.0781 0920 Skype C2C Service - ok
17:25:23.0843 0920 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:25:23.0843 0920 SkypeUpdate - ok
17:25:23.0875 0920 Sparrow - ok
17:25:23.0890 0920 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:25:23.0890 0920 splitter - ok
17:25:23.0921 0920 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:25:23.0937 0920 Spooler - ok
17:25:23.0953 0920 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:25:23.0953 0920 sr - ok
17:25:24.0000 0920 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
17:25:24.0000 0920 srservice - ok
17:25:24.0031 0920 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
17:25:24.0046 0920 ssadbus - ok
17:25:24.0062 0920 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
17:25:24.0062 0920 ssadmdfl - ok
17:25:24.0093 0920 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
17:25:24.0109 0920 ssadmdm - ok
17:25:24.0125 0920 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\WINDOWS\system32\DRIVERS\ssadserd.sys
17:25:24.0125 0920 ssadserd - ok
17:25:24.0156 0920 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:25:24.0156 0920 SSDPSRV - ok
17:25:24.0203 0920 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:25:24.0218 0920 stisvc - ok
17:25:24.0265 0920 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:25:24.0265 0920 swenum - ok
17:25:24.0281 0920 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:25:24.0281 0920 swmidi - ok
17:25:24.0296 0920 SwPrv - ok
17:25:24.0312 0920 symc810 - ok
17:25:24.0328 0920 symc8xx - ok
17:25:24.0343 0920 sym_hi - ok
17:25:24.0359 0920 sym_u3 - ok
17:25:24.0359 0920 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:25:24.0375 0920 sysaudio - ok
17:25:24.0406 0920 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:25:24.0421 0920 SysmonLog - ok
17:25:24.0453 0920 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:25:24.0468 0920 TapiSrv - ok
17:25:24.0500 0920 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:25:24.0515 0920 Tcpip - ok
17:25:24.0546 0920 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:25:24.0546 0920 TDPIPE - ok
17:25:24.0562 0920 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:25:24.0578 0920 TDTCP - ok
17:25:24.0593 0920 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:25:24.0593 0920 TermDD - ok
17:25:24.0656 0920 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
17:25:24.0671 0920 TermService - ok
17:25:24.0703 0920 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:25:24.0718 0920 Themes - ok
17:25:24.0765 0920 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:25:24.0765 0920 TlntSvr - ok
17:25:24.0781 0920 TosIde - ok
17:25:24.0812 0920 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:25:24.0812 0920 TrkWks - ok
17:25:24.0875 0920 [ 4196D7BC21786883201747DCC0DC84A0 ] TuneUp.Defrag C:\WINDOWS\System32\TuneUpDefragService.exe
17:25:24.0890 0920 TuneUp.Defrag - ok
17:25:24.0953 0920 [ 02E5F68A55CD413C5BFB9F2DF677DD01 ] TuneUp.ProgramStatisticsSvc C:\WINDOWS\System32\TUProgSt.exe
17:25:24.0968 0920 TuneUp.ProgramStatisticsSvc - ok
17:25:25.0000 0920 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:25:25.0000 0920 Udfs - ok
17:25:25.0015 0920 ultra - ok
17:25:25.0046 0920 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
17:25:25.0062 0920 upnphost - ok
17:25:25.0078 0920 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
17:25:25.0078 0920 UPS - ok
17:25:25.0109 0920 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:25:25.0109 0920 usbccgp - ok
17:25:25.0140 0920 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:25:25.0140 0920 usbehci - ok
17:25:25.0171 0920 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:25:25.0171 0920 usbhub - ok
17:25:25.0203 0920 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:25:25.0203 0920 usbohci - ok
17:25:25.0250 0920 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:25:25.0250 0920 usbprint - ok
17:25:25.0281 0920 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:25:25.0281 0920 usbscan - ok
17:25:25.0312 0920 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
17:25:25.0312 0920 usbser - ok
17:25:25.0343 0920 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:25:25.0343 0920 USBSTOR - ok
17:25:25.0359 0920 [ 4360D5653E885479FED75C378E9FAAB3 ] UxTuneUp C:\WINDOWS\System32\uxtuneup.dll
17:25:25.0375 0920 UxTuneUp - ok
17:25:25.0390 0920 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:25:25.0390 0920 VgaSave - ok
17:25:25.0406 0920 ViaIde - ok
17:25:25.0421 0920 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:25:25.0421 0920 VolSnap - ok
17:25:25.0468 0920 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
17:25:25.0484 0920 VSS - ok
17:25:25.0515 0920 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
17:25:25.0531 0920 W32Time - ok
17:25:25.0578 0920 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:25:25.0578 0920 Wanarp - ok
17:25:25.0609 0920 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
17:25:25.0609 0920 Wdf01000 - ok
17:25:25.0625 0920 WDICA - ok
17:25:25.0656 0920 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:25:25.0656 0920 wdmaud - ok
17:25:25.0687 0920 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:25:25.0703 0920 WebClient - ok
17:25:25.0781 0920 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:25:25.0781 0920 winmgmt - ok
17:25:25.0828 0920 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:25:25.0843 0920 WmdmPmSN - ok
17:25:25.0875 0920 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:25:25.0890 0920 Wmi - ok
17:25:25.0921 0920 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:25:25.0937 0920 WmiApSrv - ok
17:25:26.0015 0920 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:25:26.0046 0920 WMPNetworkSvc - ok
17:25:26.0109 0920 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
17:25:26.0125 0920 WMZuneComm - ok
17:25:26.0140 0920 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
17:25:26.0156 0920 WpdUsb - ok
17:25:26.0203 0920 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:25:26.0203 0920 wscsvc - ok
17:25:26.0234 0920 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:25:26.0234 0920 wuauserv - ok
17:25:26.0281 0920 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:25:26.0281 0920 WudfPf - ok
17:25:26.0296 0920 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:25:26.0312 0920 WudfRd - ok
17:25:26.0328 0920 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:25:26.0328 0920 WudfSvc - ok
17:25:26.0406 0920 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:25:26.0421 0920 WZCSVC - ok
17:25:26.0453 0920 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:25:26.0468 0920 xmlprov - ok
17:25:26.0500 0920 [ AE279CD76B38FC079EEC3CA6D65A5926 ] zumbus C:\WINDOWS\system32\DRIVERS\zumbus.sys
17:25:26.0515 0920 zumbus - ok
17:25:26.0531 0920 [ 37F339B64F19E2775284ED7161B96683 ] ZuneBusEnum C:\Program Files\Zune\ZuneBusEnum.exe
17:25:26.0546 0920 ZuneBusEnum - ok
17:25:26.0750 0920 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
17:25:26.0906 0920 ZuneNetworkSvc - ok
17:25:26.0953 0920 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
17:25:26.0968 0920 ZuneWlanCfgSvc - ok
17:25:26.0984 0920 ================ Scan global ===============================
17:25:27.0015 0920 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
17:25:27.0046 0920 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:25:27.0078 0920 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
17:25:27.0109 0920 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
17:25:27.0109 0920 [Global] - ok
17:25:27.0125 0920 ================ Scan MBR ==================================
17:25:27.0140 0920 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
17:25:27.0281 0920 \Device\Harddisk0\DR0 - ok
17:25:27.0281 0920 ================ Scan VBR ==================================
17:25:27.0281 0920 [ CA3DCFAAD56C89B6E461AC8304036951 ] \Device\Harddisk0\DR0\Partition1
17:25:27.0296 0920 \Device\Harddisk0\DR0\Partition1 - ok
17:25:27.0312 0920 [ 2A9FB7BDD291C72A0AF35DA4077844A4 ] \Device\Harddisk0\DR0\Partition2
17:25:27.0312 0920 \Device\Harddisk0\DR0\Partition2 - ok
17:25:27.0343 0920 [ 3FD8C0817A8D6940D9C707BF94A61A88 ] \Device\Harddisk0\DR0\Partition3
17:25:27.0343 0920 \Device\Harddisk0\DR0\Partition3 - ok
17:25:27.0343 0920 ============================================================
17:25:27.0343 0920 Scan finished
17:25:27.0343 0920 ============================================================
17:25:27.0359 1216 Detected object count: 0
17:25:27.0359 1216 Actual detected object count: 0
17:25:48.0562 3104 Deinitialize success

[Pafčák]

ComboFix 13-03-21.01 - Administrator 21.03.2013 17:31:11.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.685 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\SET11C.tmp
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-21 do 2013-03-21 )))))))))))))))))))))))))))))))
.
.
2013-03-18 15:44 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-03-18 15:44 . 2013-03-18 15:44 -------- d-----w- c:\program files\PC Connectivity Solution
2013-03-16 15:00 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-16 15:00 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-16 15:00 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-15 07:55 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-15 07:55 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2013-03-11 15:45 . 2013-03-11 15:44 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-11 15:44 . 2013-03-11 15:44 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-11 15:44 . 2013-03-11 15:44 -------- d-----w- c:\program files\Java
2013-02-28 15:44 . 2013-02-28 15:45 -------- d-----w- c:\program files\Avidemux 2.5
2013-02-27 16:38 . 2013-02-27 16:39 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\avidemux
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 14:54 . 2012-04-01 08:01 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-14 14:54 . 2011-08-15 06:11 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 15:44 . 2012-07-14 19:13 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-11 15:44 . 2012-04-15 14:30 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2011-02-24 16:37 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2010-12-30 16:11 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2010-12-30 16:11 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2010-12-30 16:11 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2010-12-30 16:11 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2010-12-30 16:11 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2010-12-30 16:11 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 00:32 . 2008-04-13 18:56 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2004-08-03 21:04 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-05 20:15 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2013-01-26 03:55 . 2004-08-17 13:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 13:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 13:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 13:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 13:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-03-08 08:45 . 2013-03-08 08:45 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-01-10 4628480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-11-01 12:16 577536 -c--a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-11-12 10:45 1104824 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-11-12 10:45 968120 -c--a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-11-12 10:45 309688 -c--a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 10:53 1483264 -c--a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gupdate"=2 (0x2)
"RasAuto"=3 (0x3)
"Dot3svc"=3 (0x3)
"WZCSVC"=3 (0x3)
"WMZuneComm"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"ZuneBusEnum"=2 (0x2)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [16.3.2013 16:00 49248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.2.2011 17:37 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.12.2010 17:11 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.12.2010 17:11 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [16.3.2013 16:00 66336]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7.6.2012 18:12 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [17.11.2012 12:56 30312]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [16.3.2013 16:00 164736]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [13.4.2012 9:58 20032]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [17.11.2012 12:56 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [17.11.2012 12:56 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [17.11.2012 12:56 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [17.11.2012 12:57 114280]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [19.6.2012 16:32 3048136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 15:06 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-21 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
2013-03-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 14:54]
.
2013-03-21 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-03 23:32]
.
2013-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-30 16:11]
.
2013-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-30 16:11]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: Interfaces\{602E6C7B-9746-4CF2-BE8F-BB3FE72EEAEF}: NameServer = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jorae504.default-1356450929718\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-21 17:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-823518204-1645522239-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,73,88,be,e3,09,86,23,4c,a1,a8,ae,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,28,e1,68,ea,76,7e,a3,40,b6,26,f4,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-03-21 17:39:02
ComboFix-quarantined-files.txt 2013-03-21 16:39
.
Před spuštěním: Volných bajtů: 18 139 578 368
Po spuštění: Volných bajtů: 19 348 185 088
.
- - End Of File - - 2E3551CBE40822A8F350D6895B90E1B0

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Skype\Updater
c:\program files\Google\Update

Driver::
SkypeUpdate

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"=-
"AllowInboundTimestampRequest"=-
"AllowInboundMaskRequest"=-
"AllowInboundRouterRequest"=-
"AllowOutboundDestinationUnreachable"=-
"AllowOutboundSourceQuench"=-
"AllowOutboundParameterProblem"=-
"AllowOutboundTimeExceeded"=-
"AllowRedirect"=-
"AllowOutboundPacketTooBig"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Pafčák]

Ahoj, mám drobet 2 problémy. Zjistil jsem, že od začátku cca. prvních 15 min., kdy takto pomalu nabíhá pc, si svchost bere přes 100 mega paměti a potom se to uklidní. Potom potřebuji vědět, jak dlouho trvá tato operace Combofixu, protože když jsem to pustil, podle návodu zhora, tak se to v půlce zastaví. Měl jsem strpení přes hodinu a potom jsem na to už neměl nerva, tak jsem to vypnul.

[Žbeky]

Zkus to v nouzovem rezimu

Odesláno z mého Galaxy Nexus pomocí Tapatalk 2

[Pafčák]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:23:37, on 24.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrator\Plocha\Správa\HiJackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{602E6C7B-9746-4CF2-BE8F-BB3FE72EEAEF}: NameServer = 194.228.41.65,194.228.41.113
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5288 bytes


ComboFix 13-03-24.01 - Administrator 24.03.2013 14:02:35.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.664 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.135\goopdate.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.135\psmachine.dll
c:\program files\Google\Update\1.3.21.135\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172\25.0.1364.172_25.0.1364.152_chrome_updater.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172\25.0.1364.172_chrome_installer.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-24 do 2013-03-24 )))))))))))))))))))))))))))))))
.
.
2013-03-18 15:44 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-03-18 15:44 . 2013-03-18 15:44 -------- d-----w- c:\program files\PC Connectivity Solution
2013-03-16 15:00 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-16 15:00 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-16 15:00 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-15 07:55 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-15 07:55 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2013-03-11 15:45 . 2013-03-11 15:44 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-11 15:44 . 2013-03-11 15:44 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-11 15:44 . 2013-03-11 15:44 -------- d-----w- c:\program files\Java
2013-02-28 15:44 . 2013-02-28 15:45 -------- d-----w- c:\program files\Avidemux 2.5
2013-02-27 16:38 . 2013-02-27 16:39 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\avidemux
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 14:54 . 2012-04-01 08:01 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-14 14:54 . 2011-08-15 06:11 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 15:44 . 2012-07-14 19:13 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-11 15:44 . 2012-04-15 14:30 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 23:33 . 2011-02-24 16:37 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2010-12-30 16:11 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2010-12-30 16:11 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2010-12-30 16:11 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2010-12-30 16:11 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2010-12-30 16:11 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2010-12-30 16:11 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-12 00:32 . 2008-04-13 18:56 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2004-08-03 21:04 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-05 20:15 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2013-01-26 03:55 . 2004-08-17 13:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 13:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 13:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 13:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 13:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-03-08 08:45 . 2013-03-08 08:45 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-01-10 4628480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
2012-11-01 12:16 577536 -c--a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-11-12 10:45 1104824 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-11-12 10:45 968120 -c--a-w- c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-11-12 10:45 309688 -c--a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 10:53 1483264 -c--a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gupdate"=2 (0x2)
"RasAuto"=3 (0x3)
"Dot3svc"=3 (0x3)
"WZCSVC"=3 (0x3)
"WMZuneComm"=3 (0x3)
"ZuneNetworkSvc"=3 (0x3)
"ZuneBusEnum"=2 (0x2)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"nwiz"=nwiz.exe /install
"NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [16.3.2013 16:00 49248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.2.2011 17:37 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.12.2010 17:11 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.12.2010 17:11 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [16.3.2013 16:00 66336]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [17.11.2012 12:56 30312]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [16.3.2013 16:00 164736]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [13.4.2012 9:58 20032]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [17.11.2012 12:56 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [17.11.2012 12:56 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [17.11.2012 12:56 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [17.11.2012 12:57 114280]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [19.6.2012 16:32 3048136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 15:06 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-24 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
2013-03-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 14:54]
.
2013-03-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-03 23:32]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: Interfaces\{602E6C7B-9746-4CF2-BE8F-BB3FE72EEAEF}: NameServer = 194.228.41.65,194.228.41.113
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jorae504.default-1356450929718\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-24 14:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\avast! sandbox
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-823518204-1645522239-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,73,88,be,e3,09,86,23,4c,a1,a8,ae,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,28,e1,68,ea,76,7e,a3,40,b6,26,f4,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2516)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2013-03-24 14:13:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-24 13:13
.
Před spuštěním: Volných bajtů: 19 080 601 600
Po spuštění: Volných bajtů: 18 951 991 296
.
- - End Of File - - 8CCB158460FE693CB712900478C889E1


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-24 14:14:37
-----------------------------
14:14:37.140 OS Version: Windows 5.1.2600 Service Pack 3
14:14:37.140 Number of processors: 1 586 0x40A
14:14:37.140 ComputerName: PAVEL-794F71AE8 UserName: Administrator
14:14:38.171 Initialize success
14:14:41.656 AVAST engine defs: 13032400
14:14:54.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000068
14:14:54.437 Disk 0 Vendor: WDC_WD1200JD-00HBB0 08.02D08 Size: 114473MB BusType: 3
14:14:54.531 Disk 0 MBR read successfully
14:14:54.531 Disk 0 MBR scan
14:14:54.531 Disk 0 Windows XP default MBR code
14:14:54.531 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39997 MB offset 63
14:14:54.546 Disk 0 Partition - 00 0F Extended LBA 74465 MB offset 81915435
14:14:54.562 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 39997 MB offset 81915498
14:14:54.562 Disk 0 Partition - 00 05 Extended 34467 MB offset 163830870
14:14:54.578 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 34467 MB offset 163830933
14:14:54.578 Disk 0 scanning sectors +234420480
14:14:54.640 Disk 0 scanning C:\WINDOWS\system32\drivers
14:15:05.750 Service scanning
14:15:16.375 Modules scanning
14:15:19.625 Disk 0 trace - called modules:
14:15:19.640 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvatabus.sys
14:15:19.640 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f73030]
14:15:19.640 3 CLASSPNP.SYS[f7615fd7] -> nt!IofCallDriver -> \Device\00000069[0x86f4dca8]
14:15:19.640 5 ACPI.sys[f74ac620] -> nt!IofCallDriver -> \Device\00000068[0x86f746e8]
14:15:19.812 AVAST engine scan C:\WINDOWS
14:15:22.359 AVAST engine scan C:\WINDOWS\system32
14:16:56.734 AVAST engine scan C:\WINDOWS\system32\drivers
14:17:08.359 AVAST engine scan C:\Documents and Settings\Administrator
14:18:10.921 AVAST engine scan C:\Documents and Settings\All Users
14:18:48.500 Scan finished successfully
14:20:50.531 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Plocha\MBR.dat"
14:20:50.531 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Plocha\aswMBR.txt"

[Pafčák]

Zjistil jsem, že ne jen já máme problém s ComboFixem. Je to jednoduché. Většinou zapomínáme vypínat na podruhé antiviráky.

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?