Kontrola hijcakthis.logu

umpalump · Příspěvekod **umpalump** » 22 led 2014 14:12

14:02:16.0937 0708 ================ Scan services =============================
14:02:17.0046 0708 Abiosdsk - ok
14:02:17.0046 0708 abp480n5 - ok
14:02:17.0078 0708 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:02:17.0093 0708 ACPI - ok
14:02:17.0109 0708 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:02:17.0109 0708 ACPIEC - ok
14:02:17.0171 0708 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:02:17.0171 0708 AdobeFlashPlayerUpdateSvc - ok
14:02:17.0171 0708 adpu160m - ok
14:02:17.0187 0708 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:02:17.0187 0708 aec - ok
14:02:17.0218 0708 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:02:17.0218 0708 AFD - ok
14:02:17.0218 0708 Aha154x - ok
14:02:17.0234 0708 aic78u2 - ok
14:02:17.0234 0708 aic78xx - ok
14:02:17.0250 0708 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:02:17.0265 0708 Alerter - ok
14:02:17.0265 0708 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
14:02:17.0265 0708 ALG - ok
14:02:17.0281 0708 AliIde - ok
14:02:17.0343 0708 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
14:02:17.0359 0708 Ambfilt - ok
14:02:17.0375 0708 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
14:02:17.0375 0708 AmdPPM - ok
14:02:17.0375 0708 amsint - ok
14:02:17.0390 0708 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:02:17.0390 0708 AppMgmt - ok
14:02:17.0406 0708 asc - ok
14:02:17.0406 0708 asc3350p - ok
14:02:17.0406 0708 asc3550 - ok
14:02:17.0500 0708 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:02:17.0500 0708 aspnet_state - ok
14:02:17.0531 0708 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:02:17.0531 0708 AsyncMac - ok
14:02:17.0546 0708 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:02:17.0546 0708 atapi - ok
14:02:17.0546 0708 Atdisk - ok
14:02:17.0578 0708 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:02:17.0593 0708 Ati HotKey Poller - ok
14:02:17.0640 0708 [ 312A17DFF710A0F4E6D4DD1D52EAD1A8 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
14:02:17.0640 0708 ATI Smart - ok
14:02:17.0671 0708 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:02:17.0671 0708 ati2mtag - ok
14:02:17.0750 0708 [ ADF7EF046725442BA32C4AEF12646FD0 ] atidgllk C:\Program Files\GIGABYTE\VGA Utility\atidgllk.sys
14:02:17.0750 0708 atidgllk - ok
14:02:17.0765 0708 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:02:17.0765 0708 Atmarpc - ok
14:02:17.0781 0708 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:02:17.0781 0708 AudioSrv - ok
14:02:17.0812 0708 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:02:17.0812 0708 audstub - ok
14:02:17.0843 0708 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:02:17.0843 0708 Beep - ok
14:02:17.0875 0708 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
14:02:17.0875 0708 BITS - ok
14:02:17.0906 0708 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
14:02:17.0906 0708 Browser - ok
14:02:17.0921 0708 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:02:17.0921 0708 cbidf2k - ok
14:02:17.0921 0708 cd20xrnt - ok
14:02:17.0937 0708 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:02:17.0937 0708 Cdaudio - ok
14:02:17.0953 0708 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:02:17.0953 0708 Cdfs - ok
14:02:17.0968 0708 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:02:17.0968 0708 Cdrom - ok
14:02:17.0968 0708 Changer - ok
14:02:17.0984 0708 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:02:17.0984 0708 CiSvc - ok
14:02:18.0078 0708 [ 900A76408883AA9E81F44EA70A11E96E ] CLHNServiceForPowerDVD12 C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
14:02:18.0078 0708 CLHNServiceForPowerDVD12 - ok
14:02:18.0093 0708 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:02:18.0093 0708 ClipSrv - ok
14:02:18.0109 0708 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:02:18.0109 0708 clr_optimization_v2.0.50727_32 - ok
14:02:18.0125 0708 CmdIde - ok
14:02:18.0125 0708 COMSysApp - ok
14:02:18.0125 0708 Cpqarray - ok
14:02:18.0156 0708 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:02:18.0156 0708 CryptSvc - ok
14:02:18.0156 0708 [ 2D28C2343C5E069BD69B5E7BC8213416 ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
14:02:18.0171 0708 CyberLink PowerDVD 12 Media Server Monitor Service - ok
14:02:18.0171 0708 [ 80B3B6BE5F3EA694C2C9B72F42814F12 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
14:02:18.0171 0708 CyberLink PowerDVD 12 Media Server Service - ok
14:02:18.0171 0708 dac2w2k - ok
14:02:18.0171 0708 dac960nt - ok
14:02:18.0218 0708 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:02:18.0218 0708 DcomLaunch - ok
14:02:18.0250 0708 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:02:18.0250 0708 Dhcp - ok
14:02:18.0265 0708 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:02:18.0265 0708 Disk - ok
14:02:18.0265 0708 dmadmin - ok
14:02:18.0296 0708 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:02:18.0296 0708 dmboot - ok
14:02:18.0296 0708 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:02:18.0296 0708 dmio - ok
14:02:18.0312 0708 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:02:18.0312 0708 dmload - ok
14:02:18.0328 0708 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:02:18.0328 0708 dmserver - ok
14:02:18.0328 0708 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:02:18.0328 0708 DMusic - ok
14:02:18.0359 0708 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:02:18.0359 0708 Dnscache - ok
14:02:18.0375 0708 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:02:18.0375 0708 Dot3svc - ok
14:02:18.0406 0708 [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
14:02:18.0406 0708 dot4 - ok
14:02:18.0421 0708 [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
14:02:18.0421 0708 Dot4Print - ok
14:02:18.0437 0708 [ CCC4092DFC85336F2E1C142483ADEB42 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
14:02:18.0437 0708 dot4usb - ok
14:02:18.0437 0708 dpti2o - ok
14:02:18.0453 0708 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:02:18.0453 0708 drmkaud - ok
14:02:18.0468 0708 [ 0C51F1D7A7501FC948D35AE0FDE764A5 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
14:02:18.0484 0708 eamon - ok
14:02:18.0500 0708 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:02:18.0500 0708 EapHost - ok
14:02:18.0515 0708 [ 9C8AEA0B7630079F37C508B70280A55A ] edevmon C:\WINDOWS\system32\DRIVERS\edevmon.sys
14:02:18.0515 0708 edevmon - ok
14:02:18.0546 0708 [ C79916F203E1A2CBBE99F22D6E5D21DA ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
14:02:18.0546 0708 ehdrv - ok
14:02:18.0671 0708 [ 4CB575D97653FA91FFB02DA3105EB084 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
14:02:18.0687 0708 ekrn - ok
14:02:18.0718 0708 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\WINDOWS\system32\drivers\ElbyCDIO.sys
14:02:18.0718 0708 ElbyCDIO - ok
14:02:18.0734 0708 [ 4B6B2C930CD076F8BDEE683512EE05E8 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
14:02:18.0734 0708 epfw - ok
14:02:18.0750 0708 [ BE76566CE5E943B7529CF49025506542 ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
14:02:18.0750 0708 Epfwndis - ok
14:02:18.0765 0708 [ B964288A27843BDAFB5EE3A5CFC26A0A ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
14:02:18.0765 0708 epfwtdi - ok
14:02:18.0781 0708 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:02:18.0781 0708 ERSvc - ok
14:02:18.0812 0708 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
14:02:18.0812 0708 Eventlog - ok
14:02:18.0843 0708 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
14:02:18.0843 0708 EventSystem - ok
14:02:18.0875 0708 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:02:18.0875 0708 Fastfat - ok
14:02:18.0906 0708 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:02:18.0906 0708 FastUserSwitchingCompatibility - ok
14:02:18.0906 0708 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:02:18.0906 0708 Fdc - ok
14:02:18.0906 0708 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:02:18.0906 0708 Fips - ok
14:02:18.0921 0708 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:02:18.0921 0708 Flpydisk - ok
14:02:18.0953 0708 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:02:18.0953 0708 FltMgr - ok
14:02:19.0000 0708 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:02:19.0000 0708 FontCache3.0.0.0 - ok
14:02:19.0000 0708 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:02:19.0000 0708 Fs_Rec - ok
14:02:19.0015 0708 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:02:19.0015 0708 Ftdisk - ok
14:02:19.0031 0708 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:02:19.0031 0708 Gpc - ok
14:02:19.0078 0708 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:02:19.0078 0708 gupdate - ok
14:02:19.0093 0708 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:02:19.0093 0708 gupdatem - ok
14:02:19.0125 0708 [ F22BF7F345DF95C09942951246AAA28D ] GVCplDrv C:\WINDOWS\system32\drivers\GVCplDrv.sys
14:02:19.0125 0708 GVCplDrv - ok
14:02:19.0140 0708 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:02:19.0140 0708 HDAudBus - ok
14:02:19.0187 0708 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:02:19.0187 0708 helpsvc - ok
14:02:19.0187 0708 HidServ - ok
14:02:19.0203 0708 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:02:19.0203 0708 hidusb - ok
14:02:19.0218 0708 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:02:19.0234 0708 hkmsvc - ok
14:02:19.0234 0708 hpn - ok
14:02:19.0296 0708 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:02:19.0296 0708 hpqcxs08 - ok
14:02:19.0328 0708 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:02:19.0328 0708 hpqddsvc - ok
14:02:19.0343 0708 [ 568E44F6DCFA173F3670172B69379891 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:02:19.0343 0708 HPSLPSVC - ok
14:02:19.0359 0708 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
14:02:19.0359 0708 HPZid412 - ok
14:02:19.0390 0708 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
14:02:19.0390 0708 HPZipr12 - ok
14:02:19.0406 0708 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
14:02:19.0406 0708 HPZius12 - ok
14:02:19.0437 0708 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:02:19.0437 0708 HTTP - ok
14:02:19.0437 0708 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:02:19.0453 0708 HTTPFilter - ok
14:02:19.0453 0708 i2omgmt - ok
14:02:19.0453 0708 i2omp - ok
14:02:19.0468 0708 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:02:19.0468 0708 i8042prt - ok
14:02:19.0515 0708 IBG_gds_db - ok
14:02:19.0515 0708 IBS_gds_db - ok
14:02:19.0562 0708 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:02:19.0578 0708 IDriverT - ok
14:02:19.0640 0708 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:02:19.0640 0708 idsvc - ok
14:02:19.0671 0708 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:02:19.0671 0708 Imapi - ok
14:02:19.0703 0708 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:02:19.0703 0708 ImapiService - ok
14:02:19.0703 0708 ini910u - ok
14:02:19.0781 0708 [ 9BCCC92E3DBDD539704B79E53D384CA2 ] Installer Service C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe
14:02:19.0781 0708 Installer Service - ok
14:02:19.0906 0708 [ 988A112C4061F309CE9C1ABFC971D001 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:02:19.0937 0708 IntcAzAudAddService - ok
14:02:19.0953 0708 IntelIde - ok
14:02:19.0968 0708 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:02:19.0968 0708 Ip6Fw - ok
14:02:19.0984 0708 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:02:20.0000 0708 IpFilterDriver - ok
14:02:20.0000 0708 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:02:20.0000 0708 IpInIp - ok
14:02:20.0031 0708 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:02:20.0031 0708 IpNat - ok
14:02:20.0031 0708 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:02:20.0031 0708 IPSec - ok
14:02:20.0046 0708 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:02:20.0046 0708 IRENUM - ok
14:02:20.0078 0708 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:02:20.0078 0708 isapnp - ok
14:02:20.0125 0708 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
14:02:20.0125 0708 JavaQuickStarterService - ok
14:02:20.0140 0708 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:02:20.0140 0708 Kbdclass - ok
14:02:20.0140 0708 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:02:20.0140 0708 kmixer - ok
14:02:20.0156 0708 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:02:20.0156 0708 KSecDD - ok
14:02:20.0187 0708 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:02:20.0187 0708 lanmanserver - ok
14:02:20.0218 0708 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:02:20.0218 0708 lanmanworkstation - ok
14:02:20.0218 0708 lbrtfdc - ok
14:02:20.0234 0708 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:02:20.0234 0708 LmHosts - ok
14:02:20.0265 0708 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
14:02:20.0265 0708 MBAMProtector - ok
14:02:20.0312 0708 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:02:20.0312 0708 MBAMScheduler - ok
14:02:20.0343 0708 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:02:20.0343 0708 MBAMService - ok
14:02:20.0406 0708 [ DF8FAD376E21D22616F6A556EE42214F ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
14:02:20.0421 0708 MDM - ok
14:02:20.0421 0708 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:02:20.0421 0708 Messenger - ok
14:02:20.0500 0708 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
14:02:20.0500 0708 Microsoft Office Groove Audit Service - ok
14:02:20.0515 0708 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:02:20.0531 0708 mnmdd - ok
14:02:20.0546 0708 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:02:20.0546 0708 mnmsrvc - ok
14:02:20.0562 0708 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:02:20.0562 0708 Modem - ok
14:02:20.0625 0708 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
14:02:20.0625 0708 Monfilt - ok
14:02:20.0640 0708 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:02:20.0640 0708 Mouclass - ok
14:02:20.0671 0708 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:02:20.0671 0708 mouhid - ok
14:02:20.0671 0708 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:02:20.0671 0708 MountMgr - ok
14:02:20.0718 0708 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:02:20.0718 0708 MozillaMaintenance - ok
14:02:20.0718 0708 mraid35x - ok
14:02:20.0734 0708 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:02:20.0734 0708 MRxDAV - ok
14:02:20.0781 0708 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:02:20.0781 0708 MRxSmb - ok
14:02:20.0796 0708 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:02:20.0796 0708 MSDTC - ok
14:02:20.0812 0708 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:02:20.0812 0708 Msfs - ok
14:02:20.0812 0708 MSICDSetup - ok
14:02:20.0812 0708 MSIServer - ok
14:02:20.0828 0708 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:02:20.0828 0708 MSKSSRV - ok
14:02:20.0828 0708 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:02:20.0828 0708 MSPCLOCK - ok
14:02:20.0843 0708 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:02:20.0843 0708 MSPQM - ok
14:02:20.0859 0708 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:02:20.0859 0708 mssmbios - ok
14:02:20.0890 0708 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:02:20.0890 0708 Mup - ok
14:02:20.0921 0708 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:02:20.0921 0708 napagent - ok
14:02:20.0937 0708 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:02:20.0937 0708 NDIS - ok
14:02:20.0968 0708 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:02:20.0968 0708 NdisTapi - ok
14:02:20.0984 0708 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:02:20.0984 0708 Ndisuio - ok
14:02:20.0984 0708 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:02:20.0984 0708 NdisWan - ok
14:02:21.0000 0708 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:02:21.0000 0708 NDProxy - ok
14:02:21.0015 0708 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
14:02:21.0015 0708 Net Driver HPZ12 - ok
14:02:21.0031 0708 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:02:21.0031 0708 NetBIOS - ok
14:02:21.0046 0708 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:02:21.0046 0708 NetBT - ok
14:02:21.0062 0708 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
14:02:21.0062 0708 NetDDE - ok
14:02:21.0062 0708 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:02:21.0062 0708 NetDDEdsdm - ok
14:02:21.0093 0708 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:02:21.0093 0708 Netlogon - ok
14:02:21.0093 0708 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
14:02:21.0093 0708 Netman - ok
14:02:21.0125 0708 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:02:21.0125 0708 NetTcpPortSharing - ok
14:02:21.0156 0708 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
14:02:21.0156 0708 Nla - ok
14:02:21.0156 0708 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:02:21.0156 0708 Npfs - ok
14:02:21.0187 0708 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:02:21.0203 0708 Ntfs - ok
14:02:21.0234 0708 [ 5C534BA2266F6063A6EC054C81745C7B ] ntk_PowerDVD12 C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys
14:02:21.0234 0708 ntk_PowerDVD12 - ok
14:02:21.0234 0708 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:02:21.0234 0708 NtLmSsp - ok
14:02:21.0265 0708 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:02:21.0265 0708 NtmsSvc - ok
14:02:21.0281 0708 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:02:21.0281 0708 Null - ok
14:02:21.0296 0708 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:02:21.0296 0708 NwlnkFlt - ok
14:02:21.0312 0708 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:02:21.0312 0708 NwlnkFwd - ok
14:02:21.0359 0708 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:02:21.0359 0708 odserv - ok
14:02:21.0390 0708 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:02:21.0390 0708 ose - ok
14:02:21.0406 0708 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:02:21.0406 0708 Parport - ok
14:02:21.0406 0708 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:02:21.0406 0708 PartMgr - ok
14:02:21.0437 0708 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:02:21.0437 0708 ParVdm - ok
14:02:21.0437 0708 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:02:21.0437 0708 PCI - ok
14:02:21.0453 0708 PCIDump - ok
14:02:21.0453 0708 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:02:21.0453 0708 PCIIde - ok
14:02:21.0468 0708 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:02:21.0468 0708 Pcmcia - ok
14:02:21.0468 0708 PDCOMP - ok
14:02:21.0468 0708 PDFRAME - ok
14:02:21.0468 0708 PDRELI - ok
14:02:21.0484 0708 PDRFRAME - ok
14:02:21.0484 0708 perc2 - ok
14:02:21.0484 0708 perc2hib - ok
14:02:21.0500 0708 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
14:02:21.0500 0708 PlugPlay - ok
14:02:21.0531 0708 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
14:02:21.0531 0708 Pml Driver HPZ12 - ok
14:02:21.0546 0708 [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
14:02:21.0546 0708 PnkBstrA - ok
14:02:21.0562 0708 [ 7C01817ADF3207FB65A4B56E6D5AD833 ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
14:02:21.0578 0708 PnkBstrB - ok
14:02:21.0578 0708 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:02:21.0578 0708 PolicyAgent - ok
14:02:21.0593 0708 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:02:21.0593 0708 PptpMiniport - ok
14:02:21.0609 0708 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
14:02:21.0609 0708 Processor - ok
14:02:21.0609 0708 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:02:21.0609 0708 ProtectedStorage - ok
14:02:21.0609 0708 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:02:21.0609 0708 PSched - ok
14:02:21.0609 0708 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:02:21.0609 0708 Ptilink - ok
14:02:21.0625 0708 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:02:21.0625 0708 PxHelp20 - ok
14:02:21.0640 0708 ql1080 - ok
14:02:21.0640 0708 Ql10wnt - ok
14:02:21.0640 0708 ql12160 - ok
14:02:21.0640 0708 ql1240 - ok
14:02:21.0640 0708 ql1280 - ok
14:02:21.0656 0708 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:02:21.0656 0708 RasAcd - ok
14:02:21.0671 0708 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:02:21.0671 0708 RasAuto - ok
14:02:21.0687 0708 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:02:21.0687 0708 Rasl2tp - ok
14:02:21.0718 0708 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:02:21.0718 0708 RasMan - ok
14:02:21.0718 0708 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:02:21.0718 0708 RasPppoe - ok
14:02:21.0734 0708 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:02:21.0734 0708 Raspti - ok
14:02:21.0734 0708 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:02:21.0734 0708 Rdbss - ok
14:02:21.0734 0708 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:02:21.0734 0708 RDPCDD - ok
14:02:21.0750 0708 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:02:21.0750 0708 rdpdr - ok
14:02:21.0781 0708 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:02:21.0781 0708 RDPWD - ok
14:02:21.0796 0708 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:02:21.0796 0708 RDSessMgr - ok
14:02:21.0796 0708 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:02:21.0812 0708 redbook - ok
14:02:21.0828 0708 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:02:21.0828 0708 RemoteAccess - ok
14:02:21.0828 0708 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:02:21.0828 0708 RemoteRegistry - ok
14:02:21.0843 0708 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:02:21.0843 0708 RpcLocator - ok
14:02:21.0875 0708 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:02:21.0875 0708 RpcSs - ok
14:02:21.0906 0708 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:02:21.0906 0708 RSVP - ok
14:02:21.0937 0708 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:02:21.0937 0708 RTLE8023xp - ok
14:02:21.0953 0708 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
14:02:21.0953 0708 SamSs - ok
14:02:21.0953 0708 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:02:21.0968 0708 SCardSvr - ok
14:02:21.0984 0708 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:02:21.0984 0708 Schedule - ok
14:02:22.0000 0708 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:02:22.0000 0708 Secdrv - ok
14:02:22.0015 0708 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:02:22.0015 0708 seclogon - ok
14:02:22.0015 0708 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
14:02:22.0015 0708 SENS - ok
14:02:22.0031 0708 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:02:22.0031 0708 serenum - ok
14:02:22.0031 0708 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:02:22.0031 0708 Serial - ok
14:02:22.0046 0708 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:02:22.0046 0708 Sfloppy - ok
14:02:22.0078 0708 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:02:22.0078 0708 SharedAccess - ok
14:02:22.0109 0708 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:02:22.0109 0708 ShellHWDetection - ok
14:02:22.0109 0708 Simbad - ok
14:02:22.0203 0708 [ 9F712B26EE3B0242DE997A42FD302E2C ] Skype C2C Service C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:02:22.0218 0708 Skype C2C Service - ok
14:02:22.0250 0708 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:02:22.0250 0708 SkypeUpdate - ok
14:02:22.0250 0708 Sparrow - ok
14:02:22.0265 0708 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:02:22.0265 0708 splitter - ok
14:02:22.0281 0708 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:02:22.0281 0708 Spooler - ok
14:02:22.0312 0708 [ F42EFEFB765235F24B24E1D2B6F99F46 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
14:02:22.0312 0708 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: F42EFEFB765235F24B24E1D2B6F99F46
14:02:22.0312 0708 sptd ( LockedFile.Multi.Generic ) - warning
14:02:22.0312 0708 sptd - detected LockedFile.Multi.Generic (1)
14:02:22.0312 0708 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:02:22.0312 0708 sr - ok
14:02:22.0328 0708 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
14:02:22.0328 0708 srservice - ok
14:02:22.0359 0708 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:02:22.0359 0708 Srv - ok
14:02:22.0390 0708 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:02:22.0390 0708 SSDPSRV - ok
14:02:22.0406 0708 [ 06CDA2A5A549BC455D004461E6BC5B33 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
14:02:22.0406 0708 StillCam - ok
14:02:22.0437 0708 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:02:22.0437 0708 stisvc - ok
14:02:22.0453 0708 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:02:22.0453 0708 swenum - ok
14:02:22.0453 0708 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:02:22.0453 0708 swmidi - ok
14:02:22.0468 0708 SwPrv - ok
14:02:22.0468 0708 symc810 - ok
14:02:22.0468 0708 symc8xx - ok
14:02:22.0468 0708 sym_hi - ok
14:02:22.0484 0708 sym_u3 - ok
14:02:22.0484 0708 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:02:22.0484 0708 sysaudio - ok
14:02:22.0515 0708 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:02:22.0515 0708 SysmonLog - ok
14:02:22.0531 0708 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:02:22.0531 0708 TapiSrv - ok
14:02:22.0562 0708 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:02:22.0578 0708 Tcpip - ok
14:02:22.0593 0708 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:02:22.0593 0708 TDPIPE - ok
14:02:22.0593 0708 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:02:22.0593 0708 TDTCP - ok
14:02:22.0609 0708 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:02:22.0609 0708 TermDD - ok
14:02:22.0625 0708 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
14:02:22.0625 0708 TermService - ok
14:02:22.0640 0708 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:02:22.0640 0708 Themes - ok
14:02:22.0671 0708 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:02:22.0671 0708 TlntSvr - ok
14:02:22.0671 0708 TosIde - ok
14:02:22.0687 0708 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:02:22.0687 0708 TrkWks - ok
14:02:22.0687 0708 TVICHW32 - ok
14:02:22.0703 0708 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:02:22.0703 0708 Udfs - ok
14:02:22.0703 0708 ultra - ok
14:02:22.0718 0708 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
14:02:22.0734 0708 UMWdf - ok
14:02:22.0750 0708 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:02:22.0750 0708 Update - ok
14:02:22.0765 0708 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
14:02:22.0781 0708 upnphost - ok
14:02:22.0796 0708 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
14:02:22.0796 0708 UPS - ok
14:02:22.0812 0708 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:02:22.0812 0708 usbccgp - ok
14:02:22.0828 0708 [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:02:22.0828 0708 usbehci - ok
14:02:22.0859 0708 [ E5B14557793164DB879EE56F5B59C3E2 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
14:02:22.0859 0708 usbfilter - ok
14:02:22.0859 0708 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:02:22.0859 0708 usbhub - ok
14:02:22.0875 0708 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:02:22.0875 0708 usbohci - ok
14:02:22.0906 0708 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:02:22.0906 0708 usbprint - ok
14:02:22.0921 0708 [ F8EDE2B6928970DCE3D5614C27D9E7F6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:02:22.0921 0708 usbscan - ok
14:02:22.0937 0708 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:02:22.0937 0708 USBSTOR - ok
14:02:22.0953 0708 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:02:22.0953 0708 VgaSave - ok
14:02:22.0953 0708 ViaIde - ok
14:02:22.0968 0708 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:02:22.0968 0708 VolSnap - ok
14:02:22.0984 0708 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
14:02:23.0000 0708 VSS - ok
14:02:23.0015 0708 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
14:02:23.0015 0708 W32Time - ok
14:02:23.0078 0708 [ F41E453A90EF19217CEE1675F5256EE7 ] wampapache c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
14:02:23.0078 0708 wampapache - ok
14:02:23.0125 0708 wampmysqld - ok
14:02:23.0156 0708 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:02:23.0156 0708 Wanarp - ok
14:02:23.0156 0708 WDICA - ok
14:02:23.0156 0708 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:02:23.0156 0708 wdmaud - ok
14:02:23.0171 0708 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:02:23.0187 0708 WebClient - ok
14:02:23.0250 0708 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:02:23.0250 0708 winmgmt - ok
14:02:23.0281 0708 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:02:23.0296 0708 WinRM - ok
14:02:23.0328 0708 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:02:23.0328 0708 WmdmPmSN - ok
14:02:23.0375 0708 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:02:23.0375 0708 Wmi - ok
14:02:23.0375 0708 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:02:23.0375 0708 WmiAcpi - ok
14:02:23.0390 0708 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:02:23.0390 0708 WmiApSrv - ok
14:02:23.0421 0708 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:02:23.0421 0708 wscsvc - ok
14:02:23.0421 0708 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:02:23.0421 0708 wuauserv - ok
14:02:23.0468 0708 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:02:23.0468 0708 WZCSVC - ok
14:02:23.0484 0708 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:02:23.0484 0708 xmlprov - ok
14:02:23.0531 0708 [ 5530FFC979CAEAF7A91F4C6DFFEFD26D ] {73526619-C24F-470B-9BED-53D455FBB5C6} C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
14:02:23.0531 0708 {73526619-C24F-470B-9BED-53D455FBB5C6} - ok
14:02:23.0531 0708 ================ Scan global ===============================
14:02:23.0546 0708 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
14:02:23.0562 0708 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
14:02:23.0578 0708 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6 ] C:\WINDOWS\system32\winsrv.dll
14:02:23.0593 0708 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
14:02:23.0593 0708 [Global] - ok
14:02:23.0593 0708 ================ Scan MBR ==================================
14:02:23.0609 0708 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
14:02:23.0734 0708 \Device\Harddisk0\DR0 - ok
14:02:23.0734 0708 ================ Scan VBR ==================================
14:02:23.0734 0708 [ 7E4B9BB15D1495D20183B1439E666843 ] \Device\Harddisk0\DR0\Partition1
14:02:23.0734 0708 \Device\Harddisk0\DR0\Partition1 - ok
14:02:23.0734 0708 ============================================================
14:02:23.0734 0708 Scan finished
14:02:23.0734 0708 ============================================================
14:02:23.0750 2400 Detected object count: 1
14:02:23.0750 2400 Actual detected object count: 1
14:03:46.0765 2400 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:03:46.0765 2400 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
14:03:49.0500 1516 Deinitialize success

Reklama

Příspěvekod **jaro3** » 23 led 2014 19:12

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

umpalump · Příspěvekod **umpalump** » 29 led 2014 01:28

ComboFix 14-01-27.02 - kubik 29.01.2014 1:12.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.630 [GMT 1:00]
Spuštěný z: c:\documents and settings\kubik\Plocha\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\kubik\WINDOWS
c:\program files\ESET\MiNODLogin
c:\program files\ESET\MiNODLogin\servidores.xml
C:\Thumbs.db
c:\windows\msmqinst.log
c:\windows\system32\Cache
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-28 do 2014-01-29 )))))))))))))))))))))))))))))))
.
.
2014-01-24 15:02 . 2014-01-24 15:04 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-01-22 11:50 . 2014-01-22 12:37 -------- d-----w- c:\documents and settings\kubik\Data aplikací\uTorrent
2014-01-22 11:44 . 2014-01-22 13:06 -------- d-----w- c:\program files\TNod User & Password Finder
2014-01-22 11:22 . 2014-01-22 11:22 -------- d-----w- c:\documents and settings\kubik\Data aplikací\ESET
2014-01-21 14:21 . 2014-01-21 14:21 -------- d-----w- c:\windows\ERUNT
2014-01-20 18:11 . 2014-01-20 18:11 -------- d-----w- c:\documents and settings\kubik\Data aplikací\HTML Executable
2014-01-20 14:23 . 2014-01-20 14:23 -------- d-----w- c:\program files\Windows Sidebar
2014-01-20 14:23 . 2014-01-22 11:25 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Norton
2014-01-20 12:53 . 2014-01-20 12:53 -------- d-----w- c:\documents and settings\kubik\Data aplikací\Malwarebytes
2014-01-20 12:52 . 2014-01-20 12:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2014-01-20 12:42 . 2014-01-21 14:07 -------- d-----w- C:\AdwCleaner
2014-01-19 23:44 . 2014-01-19 23:44 -------- d-----w- c:\program files\CCleaner
2014-01-19 18:07 . 2014-01-19 18:07 388096 ----a-r- c:\documents and settings\kubik\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-19 18:07 . 2014-01-19 18:07 -------- d-----w- c:\program files\Trend Micro
2014-01-14 09:09 . 2014-01-14 09:09 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-17 12:17 . 2012-12-07 23:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-17 12:17 . 2011-10-18 11:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-17 12:17 . 2013-12-17 12:17 9293192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-11-27 20:21 . 2001-10-25 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 03:00 . 2004-08-17 13:49 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2004-08-17 13:49 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-06 19556968]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"PowerDVD12DMREngine"="c:\program files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2012-07-05 505872]
"PowerDVD12Agent"="c:\program files\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2012-07-05 374560]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5110672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\kubik\Nabídka Start\Programy\Po spuštění\
GIGABYTE VGA Utility.lnk - c:\documents and settings\kubik\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe [2011-1-15 40960]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" silent loginmode=4
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\wamp\\bin\\apache\\Apache2.2.21\\bin\\httpd.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\PowerDVD12.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\Kernel\\DMR\\PowerDVD12DMREngine.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\Kernel\\DMS\\CLMSServerPDVD12.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\PowerDVD12Agent.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\PowerDVD12ML.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}\\setup\\hpznui01.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\kubik\\Data aplikací\\uTorrent\\utorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [17.9.2013 15:17 134248]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/08/23 21:52];c:\program files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [5.7.2012 10:49 88312]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [23.8.2012 20:51 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [23.8.2012 20:51 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [23.8.2012 20:51 295440]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.9.2013 12:06 1337752]
R2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [23.8.2012 20:51 121208]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [15.1.2011 9:31 30392]
R4 atidgllk;atidgllk;c:\program files\GIGABYTE\VGA Utility\atidgllk.sys [19.7.2006 12:25 12048]
S2 IBG_gds_db;InterBase 7.5 Guardian gds_db;c:\program files\Borland\InterBase\bin\ibguard.exe -i "c:\program files\Borland\InterBase" -p gds_db --> c:\program files\Borland\InterBase\bin\ibguard.exe -i c:\program files\Borland\InterBase [?]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users.WINDOWS\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [9.10.2013 9:58 3275136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [5.9.2013 10:34 171680]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [15.1.2011 2:41 1691480]
S3 IBS_gds_db;InterBase 7.5 Server gds_db;c:\program files\Borland\InterBase\bin\ibserver.exe -i "c:\program files\Borland\InterBase" -p gds_db --> c:\program files\Borland\InterBase\bin\ibserver.exe -i c:\program files\Borland\InterBase [?]
S3 Installer Service;Installer Service;c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe [30.8.2012 22:22 119296]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [24.1.2014 16:02 40776]
S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]
S3 TVICHW32;TVICHW32;\??\c:\windows\system32\DRIVERS\TVICHW32.SYS --> c:\windows\system32\DRIVERS\TVICHW32.SYS [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-28 23:42 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-07 12:17]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 08:21]
.
2014-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 08:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.superhry.cz/plne-hry
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 8.8.8.8 192.168.1.2
FF - ProfilePath - c:\documents and settings\kubik\Data aplikací\Mozilla\Firefox\Profiles\jgec94u9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2014-01-20 15:25; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\All Users.WINDOWS\Data aplikacĂÂ\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn
FF - ExtSQL: 2014-01-20 15:26; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\All Users.WINDOWS\Data aplikacĂÂ\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn
FF - ExtSQL: !HIDDEN! 2011-01-15 08:13; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2011-02-28 20:33; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-29 01:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1276)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2014-01-29 01:22:36
ComboFix-quarantined-files.txt 2014-01-29 00:22
.
Před spuštěním: Volných bajtů: 122 655 895 552
Po spuštění: Volných bajtů: 122 627 223 552
.
- - End Of File - - C74CCFD37F5578BCB5C774E0B45D64E3
413FC2A0C716421B3158746D63736515

Příspěvekod **jaro3** » 29 led 2014 10:06

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\documents and settings\All Users.WINDOWS\Data aplikací\Norton
c:\program files\Skype\Updater
c:\program files\Google\Update

Driver::
IBG_gds_db
SkypeUpdate
IBS_gds_db
MSICDSetup
TVICHW32

Firefox::
FF - ProfilePath - c:\documents and settings\kubik\Data aplikací\Mozilla\Firefox\Profiles\jgec94u9.default\
FF - ExtSQL: 2014-01-20 15:25; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\All Users.WINDOWS\Data aplikacĂÂ\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn
FF - ExtSQL: 2014-01-20 15:26; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\All Users.WINDOWS\Data aplikacĂÂ\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

umpalump · Příspěvekod **umpalump** » 29 led 2014 16:05

ComboFix 14-01-27.02 - kubik 29.01.2014 15:50:26.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.358 [GMT 1:00]
Spuštěný z: c:\documents and settings\kubik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\kubik\Plocha\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.22.3\goopdate.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_am.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_da.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_de.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_el.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_en.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_es.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_et.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_id.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_is.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_it.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_no.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_te.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_th.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.22.3\psmachine.dll
c:\program files\Google\Update\1.3.22.3\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe
c:\program files\Google\Update\Download\{A6909644-F7AE-4552-A581-17244E2836FA}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Google\Update\Install\{73897D52-59C3-4D97-BF25-9D349DBF8DAC}\32.0.1700.102_32.0.1700.76_chrome_updater.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_IBG_GDS_DB
-------\Legacy_IBS_GDS_DB
-------\Legacy_MSICDSETUP
-------\Legacy_SKYPEUPDATE
-------\Service_IBG_gds_db
-------\Service_IBS_gds_db
-------\Service_MSICDSetup
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-28 do 2014-01-29 )))))))))))))))))))))))))))))))
.
.
2014-01-24 15:02 . 2014-01-24 15:04 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-01-22 11:50 . 2014-01-22 12:37 -------- d-----w- c:\documents and settings\kubik\Data aplikací\uTorrent
2014-01-22 11:44 . 2014-01-22 13:06 -------- d-----w- c:\program files\TNod User & Password Finder
2014-01-22 11:22 . 2014-01-22 11:22 -------- d-----w- c:\documents and settings\kubik\Data aplikací\ESET
2014-01-21 14:21 . 2014-01-21 14:21 -------- d-----w- c:\windows\ERUNT
2014-01-20 18:11 . 2014-01-20 18:11 -------- d-----w- c:\documents and settings\kubik\Data aplikací\HTML Executable
2014-01-20 14:23 . 2014-01-20 14:23 -------- d-----w- c:\program files\Windows Sidebar
2014-01-20 14:23 . 2014-01-22 11:25 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Norton
2014-01-20 12:53 . 2014-01-20 12:53 -------- d-----w- c:\documents and settings\kubik\Data aplikací\Malwarebytes
2014-01-20 12:52 . 2014-01-20 12:52 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2014-01-20 12:42 . 2014-01-21 14:07 -------- d-----w- C:\AdwCleaner
2014-01-19 23:44 . 2014-01-19 23:44 -------- d-----w- c:\program files\CCleaner
2014-01-19 18:07 . 2014-01-19 18:07 388096 ----a-r- c:\documents and settings\kubik\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-19 18:07 . 2014-01-19 18:07 -------- d-----w- c:\program files\Trend Micro
2014-01-14 09:09 . 2014-01-14 09:09 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-17 12:17 . 2012-12-07 23:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-17 12:17 . 2011-10-18 11:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-17 12:17 . 2013-12-17 12:17 9293192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-11-27 20:21 . 2001-10-25 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 03:00 . 2004-08-17 13:49 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2004-08-17 13:49 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36 . 2008-05-05 06:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-06 19556968]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"PowerDVD12DMREngine"="c:\program files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2012-07-05 505872]
"PowerDVD12Agent"="c:\program files\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2012-07-05 374560]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5110672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\kubik\Nabídka Start\Programy\Po spuštění\
GIGABYTE VGA Utility.lnk - c:\documents and settings\kubik\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe [2011-1-15 40960]
.
c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" silent loginmode=4
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\wamp\\bin\\apache\\Apache2.2.21\\bin\\httpd.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\PowerDVD12.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\Kernel\\DMR\\PowerDVD12DMREngine.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\Kernel\\DMS\\CLMSServerPDVD12.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\PowerDVD12Agent.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD12\\PowerDVD12ML.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{722B4A13-F24D-43AE-8813-5DB82C0B23C2}\\setup\\hpznui01.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\kubik\\Data aplikací\\uTorrent\\utorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [17.9.2013 15:17 134248]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/08/23 21:52];c:\program files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [5.7.2012 10:49 88312]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [23.8.2012 20:51 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [23.8.2012 20:51 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [23.8.2012 20:51 295440]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.9.2013 12:06 1337752]
R2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [23.8.2012 20:51 121208]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users.WINDOWS\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [9.10.2013 9:58 3275136]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [15.1.2011 9:31 30392]
R4 atidgllk;atidgllk;c:\program files\GIGABYTE\VGA Utility\atidgllk.sys [19.7.2006 12:25 12048]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [15.1.2011 2:41 1691480]
S3 Installer Service;Installer Service;c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe [30.8.2012 22:22 119296]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [24.1.2014 16:02 40776]
S3 TVICHW32;TVICHW32;\??\c:\windows\system32\DRIVERS\TVICHW32.SYS --> c:\windows\system32\DRIVERS\TVICHW32.SYS [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-28 23:42 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-07 12:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.superhry.cz/plne-hry
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 8.8.8.8 192.168.1.2
FF - ProfilePath - c:\documents and settings\kubik\Data aplikací\Mozilla\Firefox\Profiles\jgec94u9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2014-01-20 15:25; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\documents and settings\All Users.WINDOWS\Data aplikacĂÂ\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn
FF - ExtSQL: 2014-01-20 15:26; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\documents and settings\All Users.WINDOWS\Data aplikacĂÂ\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn
FF - ExtSQL: !HIDDEN! 2011-01-15 08:13; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2011-02-28 20:33; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-29 16:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1272)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2616)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wdfmgr.exe
c:\windows\RTHDCPL.EXE
c:\program files\GIGABYTE\VGA Utility\Utility.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Celkový čas: 2014-01-29 16:03:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-29 15:03
ComboFix2.txt 2014-01-29 00:22
.
Před spuštěním: Volných bajtů: 122 625 052 672
Po spuštění: Volných bajtů: 122 444 701 696
.
- - End Of File - - 61A7F7F8C20330A559D6CD675659FECD
413FC2A0C716421B3158746D63736515

umpalump · Příspěvekod **umpalump** » 29 led 2014 16:06

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:06:05, on 29.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\GIGABYTE\VGA Utility\Utility.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/plne-hry
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PowerDVD12DMREngine] "C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE VGA Utility.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5038328750
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Installer Service - Unknown owner - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe

--
End of file - 11070 bytes

umpalump · Příspěvekod **umpalump** » 29 led 2014 16:09

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-29 16:07:57
-----------------------------
16:07:57.500 OS Version: Windows 5.1.2600 Service Pack 3
16:07:57.500 Number of processors: 2 586 0x602
16:07:57.500 ComputerName: KUBA UserName:
16:07:58.343 Initialize success
16:08:15.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
16:08:15.234 Disk 0 Vendor: ST3250620AS 3.AAE Size: 238475MB BusType: 3
16:08:15.359 Disk 0 MBR read successfully
16:08:15.359 Disk 0 MBR scan
16:08:15.359 Disk 0 Windows XP default MBR code
16:08:15.359 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238464 MB offset 63
16:08:15.359 Disk 0 scanning sectors +488376000
16:08:15.406 Disk 0 scanning C:\WINDOWS\system32\drivers
16:08:23.156 Service scanning
16:08:28.531 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
16:08:30.500 Modules scanning
16:08:36.281 Module: C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl **SUSPICIOUS**
16:08:36.781 Disk 0 trace - called modules:
16:08:36.796 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys PCIIDEX.SYS
16:08:37.296 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86760ab8]
16:08:37.296 3 CLASSPNP.SYS[f761cfd7] -> nt!IofCallDriver -> \Device\00000076[0x866e5f18]
16:08:37.296 5 ACPI.sys[f73a3620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86761940]
16:08:37.296 Scan finished successfully
16:08:44.515 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\kubik\Plocha\MBR.dat"
16:08:44.515 The log file has been saved successfully to "C:\Documents and Settings\kubik\Plocha\aswMBR.txt"

Příspěvekod **jaro3** » 29 led 2014 19:55

Odinstaluj si cracklý Eset a nainstaluj free antivir!

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

c:\program files\TNod User & Password Finder
c:\documents and settings\All Users.WINDOWS\Data aplikací\Norton
smaž označené složky.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Co problémy?

umpalump · Příspěvekod **umpalump** » 30 led 2014 04:14

Dobrý večer, děkuji za rady. Problémy které jsem měl doposud odezněly. Ty jsme vyřešili, jen mám jeden nový problém. Jak jsem stahoval ten nový antivir, tak jsem nějak přez torenty naklikal na něco, objevilo se mi dvacet reklam... a nainstaloval se mi program s názvem speedItUpFree. Bojím se, že to je zase nějaký vir. Potom už snad jen, že se mi při vypínání vypálí takové černé okénko na pozadí a občas to zahlásí nějakou chybu, to nwm, MÁ TO HLÁŠKU ZE NEKDE NECO NEJDE OTEVŘÍT A PŘEČÍST. Na druhou stranu se počítač velmi zrychlil a docela dobře šlape, jen občas drnčí.... Díky za pomoc popřípadě za novou radu :-)

umpalump · Příspěvekod **umpalump** » 30 led 2014 04:19

Začal se mi sekat a vyskakuje mi tam nějaké okno

Příspěvekod **jaro3** » 30 led 2014 10:25

torrenty nepoužívat!!

Ten program je Adware..

Musíš to zopakovat znovu , adwcleaner ,MbAM , JRT , RK.

Odkud si stahoval ten antivir?

umpalump · Příspěvekod **umpalump** » 05 úno 2014 15:06

Přes piratesbay. byl to zase trojsky kuń... ted uz mi jede zase vse jak má
dekuju

Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Re: Kontrola hijcakthis.logu

Kdo je online