Pomalé pc, občas zamrzává

[novas22]

Zdravím,
rozhodl jsem se pro velký krok, jelikož počítač, který chci "vyčistit", měla moje mladší sestra, která ho slušně řečeno zacpala všema možnýma srač*ama. Počítač je pomalý, občas zamrzává (nikdy předtím se to nestávalo, dnes už ale 2x bez jakéhokoli upozornění a bez modré smrti, musel jsem ho vypnout manuálně). Počítač je sice koupený někdy před 7 lety, ale v tu dobu byl výborný a dost drahý, takže některé "moderní" požadavky splňuje i dnes. Hodně toolbarů, starých her a programů jsem již smazal, takže to snad zas tak hrozné nebude =D

Zde log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:49:20, on 27.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.futuremark.com/products/3dmark05/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [TO2SAM.Activation] "D:\ServiceActivationManager\McciInitializer.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-823518204-2052111302-839522115-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-823518204-2052111302-839522115-1008\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O24 - Desktop Component 0: (no name) - http://www.facebook.com/></i></a></div><div class=

--
End of file - 12845 bytes


_____________________________________________________________________________________

A ještě mám jeden dotaz. Vždy při zapnutí pc mi antivirus minimálně 4x-5x zahlásí, že bylo "detekováno zneužití skrytého kanálu v ICMP paketu", pod tím je napsáno vzdálená ip. Nevíte co to znamená?

[memphisto]

v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.futuremark.com/products/3dmark05/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-21-823518204-2052111302-839522115-1008\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O24 - Desktop Component 0: (no name) - http://www.facebook.com/></i></a></div><div class=

z jaké IP to hlásí to zneužití?

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[novas22]

Tak podle logu to vypadá na 2 trojany =(

Malwarebytes Anti-Malware 1.65.1.1000
http://www.malwarebytes.org

Verze databáze: v2012.11.27.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Novak :: NOVAK-D3540ECDA [administrátor]

27.11.2012 18:52:52
mbam-log-2012-11-27 (19-05-21).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 273181
Uplynulý čas: 11 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Documents and Settings\zuzik\Plocha\M2 LONGJU.exe (Trojan.Swisyn) -> Žádná instrukce nebyla provedena.
C:\Documents and Settings\zuzik\Plocha\FunMt2_Ita_De_Pl_launcher.exe (Trojan.Downloader) -> Žádná instrukce nebyla provedena.

(konec)

_________________________________________________________________
Tu IP zjistím po restartu pc..počkám nejprve na radu s tímhle =)

[Žbeky]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[novas22]

Na chvilku jsem si odskočil a po smazání těch virů se mi restartoval pc a já bohužel nestihl uložit log. Ale byl úplně stejný jako ten první, jen s tím, že to první bylo dáno do karantény a to druhé bylo smazáno.

19:55:02.0203 3552 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:55:02.0546 3552 ============================================================
19:55:02.0546 3552 Current date / time: 2012/11/27 19:55:02.0546
19:55:02.0546 3552 SystemInfo:
19:55:02.0546 3552
19:55:02.0546 3552 OS Version: 5.1.2600 ServicePack: 3.0
19:55:02.0546 3552 Product type: Workstation
19:55:02.0546 3552 ComputerName: NOVAK-D3540ECDA
19:55:02.0546 3552 UserName: Novak
19:55:02.0546 3552 Windows directory: C:\WINDOWS
19:55:02.0546 3552 System windows directory: C:\WINDOWS
19:55:02.0546 3552 Processor architecture: Intel x86
19:55:02.0546 3552 Number of processors: 2
19:55:02.0546 3552 Page size: 0x1000
19:55:02.0546 3552 Boot type: Normal boot
19:55:02.0546 3552 ============================================================
19:55:03.0437 3552 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
19:55:03.0437 3552 ============================================================
19:55:03.0437 3552 \Device\Harddisk0\DR0:
19:55:03.0437 3552 MBR partitions:
19:55:03.0437 3552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2E933DC1
19:55:03.0437 3552 ============================================================
19:55:03.0453 3552 C: <-> \Device\Harddisk0\DR0\Partition1
19:55:03.0453 3552 ============================================================
19:55:03.0453 3552 Initialize success
19:55:03.0453 3552 ============================================================
19:55:09.0000 2084 ============================================================
19:55:09.0000 2084 Scan started
19:55:09.0000 2084 Mode: Manual;
19:55:09.0000 2084 ============================================================
19:55:09.0703 2084 ================ Scan system memory ========================
19:55:09.0703 2084 System memory - ok
19:55:09.0703 2084 ================ Scan services =============================
19:55:09.0781 2084 Abiosdsk - ok
19:55:09.0796 2084 abp480n5 - ok
19:55:09.0843 2084 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:55:09.0859 2084 ACPI - ok
19:55:09.0906 2084 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:55:09.0906 2084 ACPIEC - ok
19:55:09.0953 2084 [ 0158F4027C0808FF65ED3B3D683339C9 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
19:55:09.0953 2084 ADIHdAudAddService - ok
19:55:09.0968 2084 adpu160m - ok
19:55:10.0375 2084 [ 358063AB6C1C4173B735525CDFA65F94 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
19:55:10.0390 2084 AEAudio - ok
19:55:10.0421 2084 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:55:10.0437 2084 aec - ok
19:55:10.0484 2084 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:55:10.0484 2084 AFD - ok
19:55:10.0500 2084 Aha154x - ok
19:55:10.0500 2084 aic78u2 - ok
19:55:10.0500 2084 aic78xx - ok
19:55:10.0562 2084 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:55:10.0593 2084 Alerter - ok
19:55:10.0625 2084 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
19:55:10.0625 2084 ALG - ok
19:55:10.0625 2084 AliIde - ok
19:55:10.0656 2084 [ F6F5E047369784E607F3A636AC576148 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:55:10.0656 2084 AmdK8 - ok
19:55:10.0671 2084 amsint - ok
19:55:10.0671 2084 AppMgmt - ok
19:55:10.0765 2084 [ 8E2257584B2C52D44B4CB1949947D885 ] AR9271 C:\WINDOWS\system32\DRIVERS\athuw.sys
19:55:10.0796 2084 AR9271 - ok
19:55:10.0796 2084 asc - ok
19:55:10.0812 2084 asc3350p - ok
19:55:10.0812 2084 asc3550 - ok
19:55:10.0859 2084 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:55:10.0859 2084 aspnet_state - ok
19:55:10.0890 2084 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:55:10.0890 2084 AsyncMac - ok
19:55:10.0890 2084 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:55:10.0906 2084 atapi - ok
19:55:10.0906 2084 Atdisk - ok
19:55:10.0968 2084 [ 3C4B9850A2631C2263507400D029057B ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
19:55:10.0968 2084 atksgt - ok
19:55:10.0984 2084 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:55:10.0984 2084 Atmarpc - ok
19:55:11.0000 2084 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:55:11.0000 2084 AudioSrv - ok
19:55:11.0031 2084 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:55:11.0031 2084 audstub - ok
19:55:11.0078 2084 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:55:11.0078 2084 Beep - ok
19:55:11.0078 2084 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
19:55:11.0093 2084 BITS - ok
19:55:11.0140 2084 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
19:55:11.0140 2084 Browser - ok
19:55:11.0171 2084 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
19:55:11.0171 2084 BrScnUsb - ok
19:55:11.0250 2084 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
19:55:11.0250 2084 BrYNSvc - ok
19:55:11.0296 2084 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:55:11.0296 2084 cbidf2k - ok
19:55:11.0296 2084 cd20xrnt - ok
19:55:11.0296 2084 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:55:11.0312 2084 Cdaudio - ok
19:55:11.0312 2084 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:55:11.0328 2084 Cdfs - ok
19:55:11.0359 2084 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:55:11.0359 2084 Cdrom - ok
19:55:11.0359 2084 Changer - ok
19:55:11.0390 2084 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:55:11.0390 2084 CiSvc - ok
19:55:11.0406 2084 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:55:11.0406 2084 ClipSrv - ok
19:55:11.0437 2084 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:55:11.0453 2084 clr_optimization_v2.0.50727_32 - ok
19:55:11.0468 2084 CmdIde - ok
19:55:11.0468 2084 COMSysApp - ok
19:55:11.0484 2084 Cpqarray - ok
19:55:11.0500 2084 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:55:11.0500 2084 CryptSvc - ok
19:55:11.0500 2084 dac2w2k - ok
19:55:11.0500 2084 dac960nt - ok
19:55:11.0562 2084 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:55:11.0562 2084 DcomLaunch - ok
19:55:11.0578 2084 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:55:11.0578 2084 Dhcp - ok
19:55:11.0593 2084 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:55:11.0593 2084 Disk - ok
19:55:11.0593 2084 dmadmin - ok
19:55:11.0625 2084 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:55:11.0640 2084 dmboot - ok
19:55:11.0671 2084 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:55:11.0671 2084 dmio - ok
19:55:11.0687 2084 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:55:11.0687 2084 dmload - ok
19:55:11.0703 2084 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:55:11.0703 2084 dmserver - ok
19:55:11.0734 2084 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:55:11.0734 2084 DMusic - ok
19:55:11.0765 2084 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:55:11.0781 2084 Dnscache - ok
19:55:11.0812 2084 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:55:11.0812 2084 Dot3svc - ok
19:55:11.0828 2084 dpti2o - ok
19:55:11.0843 2084 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:55:11.0843 2084 drmkaud - ok
19:55:11.0859 2084 EagleNT - ok
19:55:11.0890 2084 [ 63A53BB2A85DD22A5E8D6C5CB6273043 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
19:55:11.0890 2084 eamon - ok
19:55:11.0906 2084 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:55:11.0906 2084 EapHost - ok
19:55:11.0953 2084 [ 4F72DD48A2ED63A57C1210228A472020 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
19:55:11.0953 2084 ehdrv - ok
19:55:12.0078 2084 [ 8C58315E956AF0B888C06746494AD81E ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
19:55:12.0078 2084 ekrn - ok
19:55:12.0109 2084 [ BDD170FECB0E496A914318009D85B819 ] ENTECH C:\WINDOWS\system32\DRIVERS\ENTECH.sys
19:55:12.0125 2084 ENTECH - ok
19:55:12.0156 2084 [ 0C0C50813FC59C145B604B1DCCFFB377 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
19:55:12.0156 2084 epfw - ok
19:55:12.0203 2084 [ C1A8B6E44DCF250DB6BCCA7B460B9B6B ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
19:55:12.0203 2084 Epfwndis - ok
19:55:12.0234 2084 [ 7859F3E4AA8B9708D05F0DFBB3080721 ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
19:55:12.0250 2084 epfwtdi - ok
19:55:12.0250 2084 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:55:12.0250 2084 ERSvc - ok
19:55:12.0296 2084 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
19:55:12.0296 2084 Eventlog - ok
19:55:12.0328 2084 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
19:55:12.0328 2084 EventSystem - ok
19:55:12.0359 2084 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:55:12.0359 2084 Fastfat - ok
19:55:12.0406 2084 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:55:12.0406 2084 FastUserSwitchingCompatibility - ok
19:55:12.0437 2084 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
19:55:12.0437 2084 Fdc - ok
19:55:12.0468 2084 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:55:12.0468 2084 Fips - ok
19:55:12.0468 2084 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
19:55:12.0468 2084 Flpydisk - ok
19:55:12.0484 2084 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:55:12.0500 2084 FltMgr - ok
19:55:12.0562 2084 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:55:12.0562 2084 FontCache3.0.0.0 - ok
19:55:12.0625 2084 [ AF65875403A3BC39F299390387651C4F ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
19:55:12.0625 2084 ForceWare Intelligent Application Manager (IAM) - ok
19:55:12.0640 2084 [ B81F8778F5BB485F3B75114F0C99A49F ] ForcewareWebInterface C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
19:55:12.0640 2084 ForcewareWebInterface - ok
19:55:12.0640 2084 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:55:12.0640 2084 Fs_Rec - ok
19:55:12.0640 2084 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:55:12.0656 2084 Ftdisk - ok
19:55:12.0656 2084 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:55:12.0656 2084 Gpc - ok
19:55:12.0750 2084 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:55:12.0750 2084 gupdate - ok
19:55:12.0750 2084 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:55:12.0750 2084 gupdatem - ok
19:55:12.0781 2084 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:55:12.0796 2084 gusvc - ok
19:55:12.0812 2084 [ 7929A161F9951D173CA9900FE7067391 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
19:55:12.0843 2084 hamachi - ok
19:55:12.0859 2084 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:55:12.0859 2084 HDAudBus - ok
19:55:12.0937 2084 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:55:12.0937 2084 helpsvc - ok
19:55:12.0953 2084 HidServ - ok
19:55:12.0968 2084 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:55:12.0968 2084 HidUsb - ok
19:55:13.0000 2084 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:55:13.0000 2084 hkmsvc - ok
19:55:13.0000 2084 hpn - ok
19:55:13.0046 2084 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:55:13.0046 2084 HTTP - ok
19:55:13.0078 2084 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:55:13.0078 2084 HTTPFilter - ok
19:55:13.0078 2084 i2omgmt - ok
19:55:13.0093 2084 i2omp - ok
19:55:13.0109 2084 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:55:13.0109 2084 i8042prt - ok
19:55:13.0187 2084 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:55:13.0187 2084 IDriverT - ok
19:55:13.0234 2084 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:55:13.0250 2084 idsvc - ok
19:55:13.0250 2084 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:55:13.0250 2084 Imapi - ok
19:55:13.0296 2084 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:55:13.0312 2084 ImapiService - ok
19:55:13.0312 2084 ini910u - ok
19:55:13.0328 2084 IntelIde - ok
19:55:13.0343 2084 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:55:13.0343 2084 Ip6Fw - ok
19:55:13.0375 2084 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:55:13.0375 2084 IpFilterDriver - ok
19:55:13.0390 2084 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:55:13.0390 2084 IpInIp - ok
19:55:13.0421 2084 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:55:13.0421 2084 IpNat - ok
19:55:13.0437 2084 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:55:13.0437 2084 IPSec - ok
19:55:13.0468 2084 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:55:13.0468 2084 IRENUM - ok
19:55:13.0500 2084 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:55:13.0500 2084 isapnp - ok
19:55:13.0578 2084 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:55:13.0593 2084 JavaQuickStarterService - ok
19:55:13.0593 2084 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:55:13.0593 2084 Kbdclass - ok
19:55:13.0609 2084 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:55:13.0609 2084 kmixer - ok
19:55:13.0640 2084 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:55:13.0640 2084 KSecDD - ok
19:55:13.0671 2084 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:55:13.0671 2084 lanmanserver - ok
19:55:13.0718 2084 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:55:13.0718 2084 lanmanworkstation - ok
19:55:13.0718 2084 lbrtfdc - ok
19:55:13.0812 2084 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
19:55:13.0812 2084 LightScribeService - ok
19:55:13.0859 2084 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
19:55:13.0859 2084 lirsgt - ok
19:55:13.0875 2084 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:55:13.0875 2084 LmHosts - ok
19:55:13.0937 2084 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
19:55:13.0937 2084 McciCMService - ok
19:55:13.0968 2084 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:55:13.0968 2084 Messenger - ok
19:55:14.0015 2084 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:55:14.0015 2084 Microsoft Office Groove Audit Service - ok
19:55:14.0046 2084 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:55:14.0046 2084 mnmdd - ok
19:55:14.0078 2084 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:55:14.0093 2084 mnmsrvc - ok
19:55:14.0125 2084 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:55:14.0125 2084 Modem - ok
19:55:14.0156 2084 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:55:14.0156 2084 Mouclass - ok
19:55:14.0156 2084 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:55:14.0171 2084 MountMgr - ok
19:55:14.0187 2084 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:55:14.0187 2084 MozillaMaintenance - ok
19:55:14.0203 2084 mraid35x - ok
19:55:14.0218 2084 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
19:55:14.0218 2084 MREMP50 - ok
19:55:14.0218 2084 MREMP50a64 - ok
19:55:14.0218 2084 MREMPR5 - ok
19:55:14.0234 2084 MRENDIS5 - ok
19:55:14.0234 2084 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
19:55:14.0234 2084 MRESP50 - ok
19:55:14.0234 2084 MRESP50a64 - ok
19:55:14.0265 2084 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:55:14.0265 2084 MRxDAV - ok
19:55:14.0328 2084 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:55:14.0328 2084 MRxSmb - ok
19:55:14.0359 2084 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:55:14.0359 2084 MSDTC - ok
19:55:14.0359 2084 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:55:14.0359 2084 Msfs - ok
19:55:14.0375 2084 MSIServer - ok
19:55:14.0390 2084 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:55:14.0390 2084 MSKSSRV - ok
19:55:14.0390 2084 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:55:14.0390 2084 MSPCLOCK - ok
19:55:14.0406 2084 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:55:14.0406 2084 MSPQM - ok
19:55:14.0421 2084 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:55:14.0421 2084 mssmbios - ok
19:55:14.0468 2084 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:55:14.0468 2084 MTsensor - ok
19:55:14.0500 2084 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:55:14.0500 2084 Mup - ok
19:55:14.0562 2084 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:55:14.0562 2084 napagent - ok
19:55:14.0578 2084 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:55:14.0578 2084 NDIS - ok
19:55:14.0609 2084 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:55:14.0609 2084 NdisTapi - ok
19:55:14.0625 2084 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:55:14.0625 2084 Ndisuio - ok
19:55:14.0640 2084 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:55:14.0640 2084 NdisWan - ok
19:55:14.0671 2084 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:55:14.0671 2084 NDProxy - ok
19:55:14.0671 2084 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:55:14.0671 2084 NetBIOS - ok
19:55:14.0703 2084 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:55:14.0718 2084 NetBT - ok
19:55:14.0750 2084 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
19:55:14.0765 2084 NetDDE - ok
19:55:14.0765 2084 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:55:14.0765 2084 NetDDEdsdm - ok
19:55:14.0796 2084 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:55:14.0796 2084 Netlogon - ok
19:55:14.0812 2084 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
19:55:14.0812 2084 Netman - ok
19:55:14.0843 2084 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:55:14.0843 2084 NetTcpPortSharing - ok
19:55:14.0890 2084 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
19:55:14.0890 2084 Nla - ok
19:55:15.0000 2084 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
19:55:15.0015 2084 NMIndexingService - ok
19:55:15.0046 2084 [ 4A8A2AA0706B659175169DECF198E9D7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
19:55:15.0046 2084 nmwcd - ok
19:55:15.0062 2084 [ FD3E61831095AC62E6840D986B5A2016 ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
19:55:15.0062 2084 nmwcdc - ok
19:55:15.0062 2084 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:55:15.0062 2084 Npfs - ok
19:55:15.0062 2084 npkcrypt - ok
19:55:15.0109 2084 [ 4D864C3526C573E54FBDA663A7855FE2 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
19:55:15.0109 2084 nSvcIp - ok
19:55:15.0125 2084 [ 68C060CE0BD72DD66313356BA698BFF2 ] nSvcLog C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
19:55:15.0125 2084 nSvcLog - ok
19:55:15.0171 2084 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:55:15.0187 2084 Ntfs - ok
19:55:15.0187 2084 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:55:15.0187 2084 NtLmSsp - ok
19:55:15.0234 2084 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:55:15.0250 2084 NtmsSvc - ok
19:55:15.0281 2084 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:55:15.0281 2084 Null - ok
19:55:15.0625 2084 [ 774A0D43912F75DA99D32F2D9E6A674C ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:55:15.0781 2084 nv - ok
19:55:15.0812 2084 [ 4D6C6B46B3EDF6F2E219A86B61D104AE ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
19:55:15.0828 2084 nvata - ok
19:55:15.0843 2084 [ 1B83B60541BE1B6DB81641C448007F21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
19:55:15.0843 2084 NVENETFD - ok
19:55:15.0859 2084 [ 52DCE3B30C9D61C8E20FE3C6DA4BDFB7 ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys
19:55:15.0859 2084 nvgts - ok
19:55:15.0890 2084 [ 57B669F9234604A350174B86764444B0 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
19:55:15.0890 2084 nvnetbus - ok
19:55:15.0921 2084 [ 6B665BDA473E2888A036D0BA5663B5A5 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:55:15.0937 2084 NVSvc - ok
19:55:15.0953 2084 [ C0E7437765A694328579C4674EF3AB20 ] NVTCP C:\WINDOWS\system32\DRIVERS\NVTcp.sys
19:55:15.0953 2084 NVTCP - ok
19:55:16.0015 2084 [ 8BB901D3DBD7CA15C4D9F1EC98927379 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:55:16.0031 2084 nvUpdatusService - ok
19:55:16.0062 2084 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:55:16.0062 2084 NwlnkFlt - ok
19:55:16.0078 2084 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:55:16.0078 2084 NwlnkFwd - ok
19:55:16.0156 2084 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:55:16.0156 2084 odserv - ok
19:55:16.0187 2084 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:55:16.0203 2084 ose - ok
19:55:16.0250 2084 [ 1011C779C9FCD01AFA96490C86A50421 ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
19:55:16.0265 2084 PanService - ok
19:55:16.0296 2084 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:55:16.0296 2084 Parport - ok
19:55:16.0328 2084 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:55:16.0328 2084 PartMgr - ok
19:55:16.0359 2084 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:55:16.0359 2084 ParVdm - ok
19:55:16.0390 2084 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
19:55:16.0390 2084 pccsmcfd - ok
19:55:16.0390 2084 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:55:16.0406 2084 PCI - ok
19:55:16.0406 2084 PCIDump - ok
19:55:16.0406 2084 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:55:16.0406 2084 PCIIde - ok
19:55:16.0421 2084 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:55:16.0421 2084 Pcmcia - ok
19:55:16.0468 2084 [ 02AAAFB7BA137CE5DDABCDF8090954D9 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
19:55:16.0468 2084 pcouffin - ok
19:55:16.0468 2084 PDCOMP - ok
19:55:16.0515 2084 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
19:55:16.0515 2084 PDFProFiltSrvPP - ok
19:55:16.0515 2084 PDFRAME - ok
19:55:16.0531 2084 PDRELI - ok
19:55:16.0531 2084 PDRFRAME - ok
19:55:16.0546 2084 perc2 - ok
19:55:16.0546 2084 perc2hib - ok
19:55:16.0578 2084 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
19:55:16.0578 2084 PlugPlay - ok
19:55:16.0578 2084 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:55:16.0578 2084 PolicyAgent - ok
19:55:16.0625 2084 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:55:16.0640 2084 PptpMiniport - ok
19:55:16.0656 2084 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:55:16.0656 2084 Processor - ok
19:55:16.0671 2084 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
19:55:16.0671 2084 prodrv06 - ok
19:55:16.0703 2084 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
19:55:16.0703 2084 prohlp02 - ok
19:55:16.0734 2084 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
19:55:16.0734 2084 prosync1 - ok
19:55:16.0734 2084 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:55:16.0734 2084 ProtectedStorage - ok
19:55:16.0750 2084 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:55:16.0750 2084 PSched - ok
19:55:16.0750 2084 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:55:16.0750 2084 Ptilink - ok
19:55:16.0765 2084 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:55:16.0781 2084 PxHelp20 - ok
19:55:16.0781 2084 ql1080 - ok
19:55:16.0796 2084 Ql10wnt - ok
19:55:16.0796 2084 ql12160 - ok
19:55:16.0796 2084 ql1240 - ok
19:55:16.0812 2084 ql1280 - ok
19:55:16.0859 2084 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:55:16.0859 2084 RasAcd - ok
19:55:16.0875 2084 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:55:16.0875 2084 RasAuto - ok
19:55:16.0890 2084 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:55:16.0906 2084 Rasl2tp - ok
19:55:16.0953 2084 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:55:16.0953 2084 RasMan - ok
19:55:16.0953 2084 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:55:16.0953 2084 RasPppoe - ok
19:55:16.0968 2084 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:55:16.0968 2084 Raspti - ok
19:55:17.0000 2084 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:55:17.0000 2084 Rdbss - ok
19:55:17.0000 2084 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:55:17.0000 2084 RDPCDD - ok
19:55:17.0046 2084 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:55:17.0046 2084 RDPWD - ok
19:55:17.0062 2084 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:55:17.0062 2084 RDSessMgr - ok
19:55:17.0093 2084 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:55:17.0093 2084 redbook - ok
19:55:17.0140 2084 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:55:17.0140 2084 RemoteAccess - ok
19:55:17.0156 2084 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:55:17.0156 2084 RpcLocator - ok
19:55:17.0187 2084 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:55:17.0203 2084 RpcSs - ok
19:55:17.0234 2084 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:55:17.0234 2084 RSVP - ok
19:55:17.0234 2084 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
19:55:17.0234 2084 SamSs - ok
19:55:17.0250 2084 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:55:17.0250 2084 SCardSvr - ok
19:55:17.0281 2084 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:55:17.0281 2084 Schedule - ok
19:55:17.0328 2084 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:55:17.0328 2084 Secdrv - ok
19:55:17.0343 2084 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:55:17.0343 2084 seclogon - ok
19:55:17.0375 2084 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
19:55:17.0375 2084 SenFiltService - ok
19:55:17.0390 2084 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
19:55:17.0390 2084 SENS - ok
19:55:17.0390 2084 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:55:17.0406 2084 serenum - ok
19:55:17.0406 2084 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:55:17.0406 2084 Serial - ok
19:55:17.0515 2084 [ 77FAA749C34193F003F666D2E368A1F8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:55:17.0515 2084 ServiceLayer - ok
19:55:17.0562 2084 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
19:55:17.0562 2084 sfhlp01 - ok
19:55:17.0562 2084 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:55:17.0578 2084 Sfloppy - ok
19:55:17.0609 2084 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:55:17.0625 2084 SharedAccess - ok
19:55:17.0671 2084 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:55:17.0671 2084 ShellHWDetection - ok
19:55:17.0671 2084 Simbad - ok
19:55:17.0718 2084 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:55:17.0718 2084 SkypeUpdate - ok
19:55:17.0734 2084 Sparrow - ok
19:55:17.0750 2084 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:55:17.0750 2084 splitter - ok
19:55:17.0796 2084 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:55:17.0796 2084 Spooler - ok
19:55:17.0843 2084 [ 71E276F6D189413266EA22171806597B ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
19:55:17.0843 2084 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71E276F6D189413266EA22171806597B
19:55:17.0843 2084 sptd ( LockedFile.Multi.Generic ) - warning
19:55:17.0843 2084 sptd - detected LockedFile.Multi.Generic (1)
19:55:17.0890 2084 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:55:17.0890 2084 sr - ok
19:55:17.0906 2084 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
19:55:17.0906 2084 srservice - ok
19:55:17.0953 2084 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:55:17.0968 2084 Srv - ok
19:55:18.0000 2084 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:55:18.0000 2084 SSDPSRV - ok
19:55:18.0093 2084 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
19:55:18.0093 2084 StarWindServiceAE - ok
19:55:18.0093 2084 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:55:18.0109 2084 stisvc - ok
19:55:18.0140 2084 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:55:18.0140 2084 swenum - ok
19:55:18.0156 2084 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:55:18.0156 2084 swmidi - ok
19:55:18.0156 2084 SwPrv - ok
19:55:18.0171 2084 symc810 - ok
19:55:18.0171 2084 symc8xx - ok
19:55:18.0187 2084 sym_hi - ok
19:55:18.0187 2084 sym_u3 - ok
19:55:18.0218 2084 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:55:18.0218 2084 sysaudio - ok
19:55:18.0234 2084 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:55:18.0250 2084 SysmonLog - ok
19:55:18.0265 2084 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:55:18.0265 2084 TapiSrv - ok
19:55:18.0312 2084 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:55:18.0312 2084 Tcpip - ok
19:55:18.0343 2084 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:55:18.0343 2084 TDPIPE - ok
19:55:18.0359 2084 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:55:18.0375 2084 TDTCP - ok
19:55:18.0390 2084 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:55:18.0390 2084 TermDD - ok
19:55:18.0421 2084 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
19:55:18.0421 2084 TermService - ok
19:55:18.0437 2084 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
19:55:18.0437 2084 Themes - ok
19:55:18.0453 2084 TosIde - ok
19:55:18.0453 2084 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:55:18.0453 2084 TrkWks - ok
19:55:18.0484 2084 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:55:18.0484 2084 Udfs - ok
19:55:18.0484 2084 ultra - ok
19:55:18.0500 2084 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:55:18.0500 2084 Update - ok
19:55:18.0515 2084 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
19:55:18.0531 2084 upnphost - ok
19:55:18.0546 2084 [ 587E643A4E2FFD9A00F114B057CEB773 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
19:55:18.0546 2084 upperdev - ok
19:55:18.0562 2084 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
19:55:18.0578 2084 UPS - ok
19:55:18.0593 2084 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:55:18.0593 2084 usbccgp - ok
19:55:18.0609 2084 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:55:18.0609 2084 usbehci - ok
19:55:18.0625 2084 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:55:18.0625 2084 usbhub - ok
19:55:18.0640 2084 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
19:55:18.0640 2084 usbohci - ok
19:55:18.0656 2084 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:55:18.0656 2084 usbprint - ok
19:55:18.0671 2084 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
19:55:18.0687 2084 usbser - ok
19:55:18.0687 2084 [ FCA6A196D47CB972A0E4ADC0DB9CD17C ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
19:55:18.0687 2084 UsbserFilt - ok
19:55:18.0718 2084 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:55:18.0718 2084 USBSTOR - ok
19:55:18.0750 2084 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:55:18.0750 2084 VgaSave - ok
19:55:18.0750 2084 ViaIde - ok
19:55:18.0796 2084 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:55:18.0796 2084 VolSnap - ok
19:55:18.0828 2084 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
19:55:18.0828 2084 VSS - ok
19:55:18.0859 2084 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
19:55:18.0859 2084 W32Time - ok
19:55:18.0875 2084 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:55:18.0875 2084 Wanarp - ok
19:55:18.0921 2084 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
19:55:18.0921 2084 Wdf01000 - ok
19:55:18.0921 2084 WDICA - ok
19:55:18.0953 2084 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:55:18.0953 2084 wdmaud - ok
19:55:19.0000 2084 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:55:19.0000 2084 WebClient - ok
19:55:19.0093 2084 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:55:19.0093 2084 winmgmt - ok
19:55:19.0140 2084 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:55:19.0140 2084 WmdmPmSN - ok
19:55:19.0187 2084 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:55:19.0187 2084 WmiApSrv - ok
19:55:19.0281 2084 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:55:19.0296 2084 WMPNetworkSvc - ok
19:55:19.0312 2084 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:55:19.0328 2084 WpdUsb - ok
19:55:19.0343 2084 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:55:19.0343 2084 WS2IFSL - ok
19:55:19.0375 2084 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:55:19.0375 2084 wscsvc - ok
19:55:19.0375 2084 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:55:19.0375 2084 wuauserv - ok
19:55:19.0421 2084 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:55:19.0421 2084 WudfPf - ok
19:55:19.0453 2084 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:55:19.0453 2084 WudfRd - ok
19:55:19.0484 2084 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:55:19.0484 2084 WudfSvc - ok
19:55:19.0531 2084 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:55:19.0546 2084 WZCSVC - ok
19:55:19.0578 2084 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:55:19.0578 2084 xmlprov - ok
19:55:19.0578 2084 ================ Scan global ===============================
19:55:19.0609 2084 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
19:55:19.0640 2084 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:55:19.0640 2084 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
19:55:19.0671 2084 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
19:55:19.0671 2084 [Global] - ok
19:55:19.0671 2084 ================ Scan MBR ==================================
19:55:19.0703 2084 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
19:55:19.0859 2084 \Device\Harddisk0\DR0 - ok
19:55:19.0859 2084 ================ Scan VBR ==================================
19:55:19.0875 2084 [ 7850FE97CE638F3ED2337B72417F08F8 ] \Device\Harddisk0\DR0\Partition1
19:55:19.0875 2084 \Device\Harddisk0\DR0\Partition1 - ok
19:55:19.0875 2084 ============================================================
19:55:19.0875 2084 Scan finished
19:55:19.0875 2084 ============================================================
19:55:19.0890 3144 Detected object count: 1
19:55:19.0890 3144 Actual detected object count: 1

[novas22]

ComboFix 12-11-27.01 - Novak 27.11.2012 20:05:10.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1326 [GMT 1:00]
Spuštěný z: c:\documents and settings\Novak\Plocha\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\zuzik\Core.dll
c:\documents and settings\zuzik\dbg.dll
c:\documents and settings\zuzik\DemoPlayer.dll
c:\documents and settings\zuzik\FileSystem_Stdio.dll
c:\documents and settings\zuzik\FileSystem_Steam.dll
c:\documents and settings\zuzik\proxy.dll
c:\documents and settings\zuzik\steamclient.dll
c:\documents and settings\zuzik\swds.dll
c:\documents and settings\zuzik\tier0_s.dll
c:\documents and settings\zuzik\vgui.dll
c:\documents and settings\zuzik\vgui2.dll
c:\documents and settings\zuzik\voice_miles.dll
c:\documents and settings\zuzik\voice_speex.dll
c:\windows\system32\SET107.tmp
c:\windows\system32\SET10C.tmp
c:\windows\system32\SET113.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-27 do 2012-11-27 )))))))))))))))))))))))))))))))
.
.
2012-11-27 17:41 . 2012-11-27 17:41 -------- d-----w- c:\documents and settings\Novak\Data aplikací\Malwarebytes
2012-11-27 17:41 . 2012-11-27 17:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-27 17:41 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-27 16:48 . 2012-11-27 16:48 388096 ----a-r- c:\documents and settings\Novak\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-25 16:00 . 2012-11-25 16:00 -------- d-----w- c:\program files\PANDORA.TV
2012-11-25 16:00 . 2012-11-25 16:00 -------- d-----w- c:\documents and settings\Novak\NabÝdka Start
2012-11-25 16:00 . 2012-11-26 13:27 -------- d-----w- c:\program files\The KMPlayer
2012-11-18 16:13 . 2012-11-18 16:13 -------- d-----w- c:\documents and settings\Novak\Data aplikací\LolClient
2012-11-18 01:51 . 2012-11-18 01:51 -------- d-----w- c:\documents and settings\UpdatusUser
2012-11-18 01:50 . 2012-08-30 16:49 253952 ----a-w- c:\windows\system32\nvrsth.dll
2012-11-18 01:49 . 2012-11-19 16:17 -------- d-----w- C:\temp
2012-11-18 01:49 . 2012-08-30 19:10 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-18 01:49 . 2012-11-18 01:49 1094820 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-11-18 01:49 . 2012-11-18 01:49 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-11-18 01:49 . 2012-11-18 01:49 1094820 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-11-18 01:48 . 2012-08-30 19:10 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-11-18 01:48 . 2012-08-30 19:10 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-18 01:48 . 2012-08-30 19:10 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-18 01:48 . 2012-08-30 19:10 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-18 01:48 . 2012-08-30 19:10 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-18 01:48 . 2012-08-30 19:10 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-11-18 01:48 . 2012-08-30 19:10 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-18 01:33 . 2012-11-18 01:47 -------- d-----w- C:\NVIDIA
2012-11-18 01:13 . 2012-11-18 01:13 -------- d-----w- c:\program files\Driver-Soft
2012-11-18 00:32 . 2012-11-18 00:31 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-18 00:32 . 2012-11-18 00:31 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-18 00:17 . 2012-11-18 00:17 -------- d-----w- c:\documents and settings\Novak\Local Settings\Data aplikací\ESET
2012-11-18 00:17 . 2012-11-18 00:17 -------- d-----w- c:\documents and settings\Novak\Data aplikací\ESET
2012-11-18 00:16 . 2012-11-18 00:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2012-11-18 00:14 . 2012-11-18 00:14 -------- d-----w- c:\program files\ESET
2012-11-18 00:11 . 2012-11-27 19:09 -------- d-----w- c:\documents and settings\Novak\Local Settings\Data aplikací\PMB Files
2012-11-18 00:11 . 2012-11-18 00:11 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2012-11-18 00:11 . 2012-11-18 00:11 -------- d-----w- c:\program files\Pando Networks
2012-11-18 00:11 . 2012-11-18 00:11 -------- d-----w- c:\documents and settings\Novak\.swt
2012-11-18 00:08 . 2012-11-18 00:08 -------- d-----w- c:\program files\CCleaner
2012-11-17 23:54 . 2012-11-17 23:54 81920 ----a-w- c:\documents and settings\Novak\Data aplikací\ezpinst.exe
2012-11-17 23:54 . 2012-11-17 23:54 47360 ----a-w- c:\documents and settings\Novak\Data aplikací\pcouffin.sys
2012-11-17 23:54 . 2012-11-17 23:54 -------- d-----w- c:\documents and settings\Novak\Data aplikací\Vso
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-18 00:31 . 2008-10-02 17:04 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-22 19:57 . 2006-03-02 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-08 07:21 . 2012-10-08 07:21 62512 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2012-10-08 07:21 . 2012-10-08 07:21 40376 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2012-10-08 07:21 . 2012-10-08 07:21 149568 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 159832 ----a-w- c:\windows\system32\drivers\eamon.sys
2012-10-02 18:04 . 2006-03-02 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-30 19:10 . 2007-05-10 22:03 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-08-30 19:10 . 2007-05-10 22:03 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:10 . 2007-05-10 22:03 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-08-30 19:10 . 2007-05-10 22:03 12555680 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-08-30 16:49 . 2007-05-10 22:03 335872 ----a-w- c:\windows\system32\nvrshe.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2012-08-30 16:49 . 2007-05-10 22:03 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2012-08-30 16:49 . 2007-05-10 22:03 253952 ----a-w- c:\windows\system32\nvrsno.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrspt.dll
2012-08-30 16:49 . 2007-05-10 22:03 282624 ----a-w- c:\windows\system32\nvrsit.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2012-08-30 16:49 . 2007-05-10 22:03 253952 ----a-w- c:\windows\system32\nvrssv.dll
2012-08-30 16:49 . 2007-05-10 22:03 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrssk.dll
2012-08-30 16:49 . 2007-05-10 22:03 126976 ----a-w- c:\windows\system32\nvrszht.dll
2012-08-30 16:49 . 2007-05-10 22:03 253952 ----a-w- c:\windows\system32\nvrsda.dll
2012-08-30 16:49 . 2007-05-10 22:03 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2012-08-30 16:49 . 2007-05-10 22:03 282624 ----a-w- c:\windows\system32\nvrsel.dll
2012-08-30 16:49 . 2007-05-10 22:03 270336 ----a-w- c:\windows\system32\nvrsru.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrstr.dll
2012-08-30 16:49 . 2007-05-10 22:03 335872 ----a-w- c:\windows\system32\nvrsar.dll
2012-08-30 16:49 . 2007-05-10 22:03 262144 ----a-w- c:\windows\system32\nvrshu.dll
2012-08-30 16:49 . 2007-05-10 22:03 249856 ----a-w- c:\windows\system32\nvrseng.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrsja.dll
2012-08-30 16:49 . 2007-05-10 22:03 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2012-08-30 16:49 . 2007-05-10 22:03 266240 ----a-w- c:\windows\system32\nvrsko.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrssl.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrspl.dll
2012-08-30 16:49 . 2007-05-10 22:03 282624 ----a-w- c:\windows\system32\nvrses.dll
2012-08-30 16:49 . 2007-05-10 22:03 278528 ----a-w- c:\windows\system32\nvrsde.dll
2012-08-30 16:49 . 2007-05-10 22:03 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-08-30 16:44 . 2007-05-10 22:03 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-08-30 16:43 . 2007-05-10 22:03 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-08-30 16:43 . 2007-05-10 22:03 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 16:43 . 2007-05-10 22:03 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-08-30 16:43 . 2007-05-10 22:03 108392 ----a-w- c:\windows\system32\nvmctray.dll
2008-04-05 17:16 . 2008-04-05 17:16 451072 ----a-w- c:\program files\uninstall.exe
2012-11-17 23:49 . 2012-11-17 23:49 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2012-11-18 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984]
"PPort12reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-10-23 5074384]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 163944]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-08-30 15512424]
"NvMediaCenter"="NvMCTray.dll" [2012-08-30 108392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-08-30 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\zuzik\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
.
c:\documents and settings\Novak\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jdk1.6.0_10\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Documents and Settings\\zuzik\\Plocha\\392970793 H@rd!\\yonghengkk\\longju\\LongjuytSever2login.exe"=
"c:\\Documents and Settings\\zuzik\\Plocha\\392970793 H@rd!\\yonghengkk\\longju\\newlongju1server.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\zuzik\\Plocha\\Nová složka (2)\\metin2mod.exe"=
"c:\\Documents and Settings\\zuzik\\Plocha\\392970793 H@rd!\\yonghengkk\\longju\\mc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Documents and Settings\\Rodina\\Local Settings\\Data aplikací\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9205:TCP"= 9205:TCP:BitComet 9205 TCP
"9205:UDP"= 9205:UDP:BitComet 9205 UDP
"15845:TCP"= 15845:TCP:BitComet 15845 TCP
"15845:UDP"= 15845:UDP:BitComet 15845 UDP
"14927:TCP"= 14927:TCP:BitComet 14927 TCP
"14927:UDP"= 14927:UDP:BitComet 14927 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"56835:TCP"= 56835:TCP:Pando Media Booster
"56835:UDP"= 56835:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.5.2008 9:16 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [8.10.2012 8:21 121216]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [23.10.2012 17:38 1329304]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [25.11.2012 17:00 625304]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [9.3.2010 0:40 144672]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [6.10.2010 15:30 1714176]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [28.2.2012 18:48 245760]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [30.10.2008 10:14 47360]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 96260754
*Deregistered* - 96260754
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-20 19:00]
.
2012-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-20 19:00]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Novak\Data aplikací\Mozilla\Firefox\Profiles\f1ljrct9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com/?l=dis&o=14672
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - ExtSQL: 2012-11-18 01:32; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: !HIDDEN! 2009-09-01 20:17; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-TO2SAM.Activation - d:\serviceactivationmanager\McciInitializer.exe
HKLM-Run-Driver Genius - (no file)
AddRemove-nbi-glassfish-2.0.2.4.20080515 - c:\program files\glassfish-v2ur2\uninstall.exe
AddRemove-nbi-glassfish-mod-3.0.0.28.20081022 - c:\program files\glassfish-v3-prelude\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-27 20:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1284)
c:\windows\system32\nvappfilter.dll
.
Celkový čas: 2012-11-27 20:11:41
ComboFix-quarantined-files.txt 2012-11-27 19:11
.
Před spuštěním: Volných bajtů: 330 921 594 880
Po spuštění: Volných bajtů: 331 395 543 040
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - DB51F85E2E4707AD4B8BC1EB502C6A82

[Žbeky]

Toto znáš?
c:\\Documents and Settings\\zuzik\\Plocha\\392970793 H@rd!\\yonghengkk

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Skype\Updater
c:\program files\Google\Update

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
SkypeUpdate

Firefox::
FF - ProfilePath - c:\documents and settings\Novak\Data aplikací\Mozilla\Firefox\Profiles\f1ljrct9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://eu.ask.com/?l=dis&o=14672
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[novas22]

Neznám, je to v sestřině složce, ale podle názvu to nevypadá moc hezky, tak jsem to smazal =D

Jinak ten test udělám zítra, jelikož už dnes nemůžu, mam ale ještě jeden dotaz. Nevíte k čemu je "WMS Idle"? Kdykoli chci vypnout počítač, napíše se mi, že se čeká na ukončení tohoto programu a pokud nedám "ukončit", tak se pc nevypne.

[memphisto]

Souvisí to s Nerem. V logu HJT fixni ještě:
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

A mělo by to být ok

[novas22]

ComboFix 12-11-27.01 - Novak 28.11.2012 15:34:15.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1043 [GMT 1:00]
Spuštěný z: c:\documents and settings\Novak\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Novak\Plocha\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\23.0.1271.64\23.0.1271.64_22.0.1229.94_chrome_updater.exe
c:\program files\Google\Update\Download\{5D9BC663-25A5-4569-BA8D-40DEC8301D30}\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-28 do 2012-11-28 )))))))))))))))))))))))))))))))
.
.
2012-11-28 14:25 . 2012-11-28 14:25 -------- d-----w- c:\program files\Common Files\Skype
2012-11-28 14:25 . 2012-11-28 14:42 -------- d-----r- c:\program files\Skype
2012-11-27 19:32 . 2012-11-27 19:32 -------- d-----w- C:\found.001
2012-11-27 17:41 . 2012-11-27 17:41 -------- d-----w- c:\documents and settings\Novak\Data aplikací\Malwarebytes
2012-11-27 17:41 . 2012-11-27 17:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-27 17:41 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-27 16:48 . 2012-11-27 16:48 388096 ----a-r- c:\documents and settings\Novak\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-25 16:00 . 2012-11-25 16:00 -------- d-----w- c:\program files\PANDORA.TV
2012-11-25 16:00 . 2012-11-25 16:00 -------- d-----w- c:\documents and settings\Novak\NabÝdka Start
2012-11-25 16:00 . 2012-11-26 13:27 -------- d-----w- c:\program files\The KMPlayer
2012-11-18 16:13 . 2012-11-18 16:13 -------- d-----w- c:\documents and settings\Novak\Data aplikací\LolClient
2012-11-18 01:51 . 2012-11-18 01:51 -------- d-----w- c:\documents and settings\UpdatusUser
2012-11-18 01:50 . 2012-08-30 16:49 253952 ----a-w- c:\windows\system32\nvrsth.dll
2012-11-18 01:49 . 2012-11-19 16:17 -------- d-----w- C:\temp
2012-11-18 01:49 . 2012-08-30 19:10 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-18 01:49 . 2012-11-18 01:49 1094820 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-11-18 01:49 . 2012-11-18 01:49 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-11-18 01:49 . 2012-11-18 01:49 1094820 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-11-18 01:48 . 2012-08-30 19:10 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-11-18 01:48 . 2012-08-30 19:10 7446528 ----a-w- c:\windows\system32\nvcuda.dll
2012-11-18 01:48 . 2012-08-30 19:10 5947392 ----a-w- c:\windows\system32\nvopencl.dll
2012-11-18 01:48 . 2012-08-30 19:10 2578792 ----a-w- c:\windows\system32\nvcuvid.dll
2012-11-18 01:48 . 2012-08-30 19:10 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-18 01:48 . 2012-08-30 19:10 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-11-18 01:48 . 2012-08-30 19:10 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-11-18 01:33 . 2012-11-18 01:47 -------- d-----w- C:\NVIDIA
2012-11-18 01:13 . 2012-11-18 01:13 -------- d-----w- c:\program files\Driver-Soft
2012-11-18 00:32 . 2012-11-18 00:31 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-18 00:32 . 2012-11-18 00:31 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-18 00:17 . 2012-11-18 00:17 -------- d-----w- c:\documents and settings\Novak\Local Settings\Data aplikací\ESET
2012-11-18 00:17 . 2012-11-18 00:17 -------- d-----w- c:\documents and settings\Novak\Data aplikací\ESET
2012-11-18 00:16 . 2012-11-18 00:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2012-11-18 00:14 . 2012-11-18 00:14 -------- d-----w- c:\program files\ESET
2012-11-18 00:11 . 2012-11-28 14:46 -------- d-----w- c:\documents and settings\Novak\Local Settings\Data aplikací\PMB Files
2012-11-18 00:11 . 2012-11-18 00:11 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2012-11-18 00:11 . 2012-11-18 00:11 -------- d-----w- c:\program files\Pando Networks
2012-11-18 00:11 . 2012-11-18 00:11 -------- d-----w- c:\documents and settings\Novak\.swt
2012-11-18 00:08 . 2012-11-18 00:08 -------- d-----w- c:\program files\CCleaner
2012-11-17 23:54 . 2012-11-17 23:54 81920 ----a-w- c:\documents and settings\Novak\Data aplikací\ezpinst.exe
2012-11-17 23:54 . 2012-11-17 23:54 47360 ----a-w- c:\documents and settings\Novak\Data aplikací\pcouffin.sys
2012-11-17 23:54 . 2012-11-17 23:54 -------- d-----w- c:\documents and settings\Novak\Data aplikací\Vso
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-18 00:31 . 2008-10-02 17:04 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-22 19:57 . 2006-03-02 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-08 07:21 . 2012-10-08 07:21 62512 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2012-10-08 07:21 . 2012-10-08 07:21 40376 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2012-10-08 07:21 . 2012-10-08 07:21 149568 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 159832 ----a-w- c:\windows\system32\drivers\eamon.sys
2012-10-02 18:04 . 2006-03-02 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-30 19:10 . 2007-05-10 22:03 4494208 ----a-w- c:\windows\system32\nv4_disp.dll
2012-08-30 19:10 . 2007-05-10 22:03 2376704 ----a-w- c:\windows\system32\nvapi.dll
2012-08-30 19:10 . 2007-05-10 22:03 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-08-30 19:10 . 2007-05-10 22:03 12555680 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-08-30 16:49 . 2007-05-10 22:03 335872 ----a-w- c:\windows\system32\nvrshe.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2012-08-30 16:49 . 2007-05-10 22:03 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2012-08-30 16:49 . 2007-05-10 22:03 253952 ----a-w- c:\windows\system32\nvrsno.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrspt.dll
2012-08-30 16:49 . 2007-05-10 22:03 282624 ----a-w- c:\windows\system32\nvrsit.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2012-08-30 16:49 . 2007-05-10 22:03 253952 ----a-w- c:\windows\system32\nvrssv.dll
2012-08-30 16:49 . 2007-05-10 22:03 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrssk.dll
2012-08-30 16:49 . 2007-05-10 22:03 126976 ----a-w- c:\windows\system32\nvrszht.dll
2012-08-30 16:49 . 2007-05-10 22:03 253952 ----a-w- c:\windows\system32\nvrsda.dll
2012-08-30 16:49 . 2007-05-10 22:03 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2012-08-30 16:49 . 2007-05-10 22:03 282624 ----a-w- c:\windows\system32\nvrsel.dll
2012-08-30 16:49 . 2007-05-10 22:03 270336 ----a-w- c:\windows\system32\nvrsru.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrstr.dll
2012-08-30 16:49 . 2007-05-10 22:03 335872 ----a-w- c:\windows\system32\nvrsar.dll
2012-08-30 16:49 . 2007-05-10 22:03 262144 ----a-w- c:\windows\system32\nvrshu.dll
2012-08-30 16:49 . 2007-05-10 22:03 249856 ----a-w- c:\windows\system32\nvrseng.dll
2012-08-30 16:49 . 2007-05-10 22:03 274432 ----a-w- c:\windows\system32\nvrsja.dll
2012-08-30 16:49 . 2007-05-10 22:03 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2012-08-30 16:49 . 2007-05-10 22:03 266240 ----a-w- c:\windows\system32\nvrsko.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrssl.dll
2012-08-30 16:49 . 2007-05-10 22:03 258048 ----a-w- c:\windows\system32\nvrspl.dll
2012-08-30 16:49 . 2007-05-10 22:03 282624 ----a-w- c:\windows\system32\nvrses.dll
2012-08-30 16:49 . 2007-05-10 22:03 278528 ----a-w- c:\windows\system32\nvrsde.dll
2012-08-30 16:49 . 2007-05-10 22:03 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-08-30 16:44 . 2007-05-10 22:03 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-08-30 16:43 . 2007-05-10 22:03 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-08-30 16:43 . 2007-05-10 22:03 15512424 ----a-w- c:\windows\system32\nvcpl.dll
2012-08-30 16:43 . 2007-05-10 22:03 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-08-30 16:43 . 2007-05-10 22:03 108392 ----a-w- c:\windows\system32\nvmctray.dll
2008-04-05 17:16 . 2008-04-05 17:16 451072 ----a-w- c:\program files\uninstall.exe
2012-11-17 23:49 . 2012-11-17 23:49 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2012-11-18 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984]
"PPort12reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-10-23 5074384]
"NVRaidService"="c:\program files\NVIDIA Corporation\Raid\nvraidservice.exe" [2010-04-09 163944]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-08-30 15512424]
"NvMediaCenter"="NvMCTray.dll" [2012-08-30 108392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-08-30 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\zuzik\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
.
c:\documents and settings\Novak\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-9-11 393216]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jdk1.6.0_10\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\zuzik\\Plocha\\Nová složka (2)\\metin2mod.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Documents and Settings\\Rodina\\Local Settings\\Data aplikací\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9205:TCP"= 9205:TCP:BitComet 9205 TCP
"9205:UDP"= 9205:UDP:BitComet 9205 UDP
"15845:TCP"= 15845:TCP:BitComet 15845 TCP
"15845:UDP"= 15845:UDP:BitComet 15845 UDP
"14927:TCP"= 14927:TCP:BitComet 14927 TCP
"14927:UDP"= 14927:UDP:BitComet 14927 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"56835:TCP"= 56835:TCP:Pando Media Booster
"56835:UDP"= 56835:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.5.2008 9:16 717296]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [8.10.2012 8:21 121216]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [23.10.2012 17:38 1329304]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [25.11.2012 17:00 625304]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [9.3.2010 0:40 144672]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [6.10.2010 15:30 1714176]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [28.2.2012 18:48 245760]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [30.10.2008 10:14 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Novak\Data aplikací\Mozilla\Firefox\Profiles\f1ljrct9.default\
FF - ExtSQL: 2012-11-18 01:32; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: !HIDDEN! 2009-09-01 20:17; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-28 15:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1280)
c:\windows\system32\nvappfilter.dll
.
- - - - - - - > 'explorer.exe'(3956)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\PANDORA.TV\PanService\PanProcess.exe
c:\program files\ControlCenter4\BrCtrlCntr.exe
c:\windows\system32\RunDLL32.exe
c:\program files\ControlCenter4\BrCcUxSys.exe
c:\program files\OpenOffice.org 2.3\program\soffice.exe
c:\program files\OpenOffice.org 2.3\program\soffice.BIN
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2012-11-28 15:49:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-28 14:49
ComboFix2.txt 2012-11-27 19:11
.
Před spuštěním: Volných bajtů: 331 981 156 352
Po spuštění: Volných bajtů: 331 858 087 936
.
- - End Of File - - 10809664FE57902C9CD566EF9B9247CB

[novas22]

Zde ještě nový log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:52:00, on 28.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
C:\Program Files\ControlCenter4\BrCtrlCntr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\ControlCenter4\BrCcUxSys.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ISUSPM] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-823518204-2052111302-839522115-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10511 bytes

[Orcus]

Proč Combofix?ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.