Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG found rootkits


  • Please log in to reply
9 replies to this topic

#1 dahliana

dahliana

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 15 October 2012 - 06:20 AM

Hello,
Yesterday, when doing a regular weekly test, AVG found 6 rootkits - infection is specified as atapi.sys and redirected import, location is changing (yesterday it was spjj.sys, today it's speb.sys, all in system32/drivers). I didn't delete them, because I read somewhere on the internet, that it may cause computer stop working (I always do a little research before deleting anything) - but AVG is only one thing that found something, other programs I tried didn't show anything so suspicious (to my definitely-not-specialists-eye). Computer seems to be working as usual, but I'm still not sure if it's just a false annoucement or if it's really hidden. =)
Any advice or help would be appreciated. =)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 AM

Posted 15 October 2012 - 09:12 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 dahliana

dahliana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 15 October 2012 - 07:42 PM

TDSSkiller

22:09:29.0109 1100 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
22:09:29.0281 1100 ============================================================
22:09:29.0281 1100 Current date / time: 2012/10/15 22:09:29.0281
22:09:29.0281 1100 SystemInfo:
22:09:29.0281 1100
22:09:29.0281 1100 OS Version: 5.1.2600 ServicePack: 3.0
22:09:29.0281 1100 Product type: Workstation
22:09:29.0281 1100 ComputerName: USER-3120899D64
22:09:29.0281 1100 UserName: User
22:09:29.0281 1100 Windows directory: C:\WINDOWS
22:09:29.0281 1100 System windows directory: C:\WINDOWS
22:09:29.0281 1100 Processor architecture: Intel x86
22:09:29.0281 1100 Number of processors: 2
22:09:29.0281 1100 Page size: 0x1000
22:09:29.0281 1100 Boot type: Normal boot
22:09:29.0281 1100 ============================================================
22:09:30.0531 1100 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:09:30.0531 1100 ============================================================
22:09:30.0531 1100 \Device\Harddisk0\DR0:
22:09:30.0531 1100 MBR partitions:
22:09:30.0531 1100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7EF2A9F
22:09:30.0546 1100 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7EF2B1D, BlocksNum 0x1D536CE3
22:09:30.0546 1100 ============================================================
22:09:30.0578 1100 C: <-> \Device\Harddisk0\DR0\Partition1
22:09:30.0625 1100 D: <-> \Device\Harddisk0\DR0\Partition2
22:09:30.0625 1100 ============================================================
22:09:30.0625 1100 Initialize success
22:09:30.0625 1100 ============================================================
22:10:00.0265 0228 ============================================================
22:10:00.0265 0228 Scan started
22:10:00.0265 0228 Mode: Manual; TDLFS;
22:10:00.0265 0228 ============================================================
22:10:00.0671 0228 ================ Scan system memory ========================
22:10:00.0671 0228 System memory - ok
22:10:00.0671 0228 ================ Scan services =============================
22:10:00.0812 0228 Abiosdsk - ok
22:10:00.0812 0228 abp480n5 - ok
22:10:00.0843 0228 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:10:00.0843 0228 ACPI - ok
22:10:00.0875 0228 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:10:00.0875 0228 ACPIEC - ok
22:10:00.0890 0228 adpu160m - ok
22:10:00.0921 0228 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:10:00.0921 0228 aec - ok
22:10:00.0968 0228 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:10:00.0968 0228 AFD - ok
22:10:00.0968 0228 Aha154x - ok
22:10:00.0984 0228 aic78u2 - ok
22:10:01.0000 0228 aic78xx - ok
22:10:01.0031 0228 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:10:01.0031 0228 Alerter - ok
22:10:01.0046 0228 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
22:10:01.0046 0228 ALG - ok
22:10:01.0062 0228 AliIde - ok
22:10:01.0093 0228 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:10:01.0093 0228 AmdPPM - ok
22:10:01.0109 0228 amsint - ok
22:10:01.0156 0228 [ 2AA99FD81693729DA66E38DBC108A704 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
22:10:01.0156 0228 ApfiltrService - ok
22:10:01.0156 0228 AppMgmt - ok
22:10:01.0234 0228 [ EC79BD966B02AA6050E24D640F87DC07 ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
22:10:01.0265 0228 AR5416 - ok
22:10:01.0281 0228 asc - ok
22:10:01.0296 0228 asc3350p - ok
22:10:01.0312 0228 asc3550 - ok
22:10:01.0390 0228 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:10:01.0437 0228 aspnet_state - ok
22:10:01.0468 0228 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:10:01.0468 0228 AsyncMac - ok
22:10:01.0515 0228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:10:01.0515 0228 atapi - ok
22:10:01.0531 0228 Atdisk - ok
22:10:01.0578 0228 [ BBC6A3DEC3F51336E8DFC9BF955B4C36 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:10:01.0578 0228 Ati HotKey Poller - ok
22:10:01.0609 0228 [ DF105C92C9E2A9F3D4E55ACE3DA13A9F ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
22:10:01.0625 0228 ATI Smart - ok
22:10:01.0750 0228 [ 97129408C8760F3421C1551BA3F3899D ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:10:01.0781 0228 ati2mtag - ok
22:10:01.0812 0228 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:10:01.0812 0228 Atmarpc - ok
22:10:01.0843 0228 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:10:01.0843 0228 AudioSrv - ok
22:10:01.0875 0228 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:10:01.0875 0228 audstub - ok
22:10:02.0109 0228 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
22:10:02.0156 0228 AVGIDSAgent - ok
22:10:02.0187 0228 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
22:10:02.0203 0228 AVGIDSDriver - ok
22:10:02.0234 0228 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
22:10:02.0234 0228 AVGIDSFilter - ok
22:10:02.0265 0228 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
22:10:02.0265 0228 AVGIDSHX - ok
22:10:02.0312 0228 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
22:10:02.0312 0228 AVGIDSShim - ok
22:10:02.0359 0228 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:10:02.0359 0228 Avgldx86 - ok
22:10:02.0406 0228 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:10:02.0406 0228 Avgmfx86 - ok
22:10:02.0421 0228 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:10:02.0421 0228 Avgrkx86 - ok
22:10:02.0453 0228 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
22:10:02.0453 0228 Avgtdix - ok
22:10:02.0484 0228 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
22:10:02.0484 0228 avgwd - ok
22:10:02.0515 0228 [ 559DDDA2C88459478056174247706DEB ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
22:10:02.0515 0228 b57w2k - ok
22:10:02.0562 0228 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:10:02.0562 0228 Beep - ok
22:10:02.0593 0228 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
22:10:02.0625 0228 BITS - ok
22:10:02.0640 0228 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
22:10:02.0656 0228 Browser - ok
22:10:02.0687 0228 [ 142986D4DA016D4DE0D93B51D1DDFBDE ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
22:10:02.0718 0228 btaudio - ok
22:10:02.0750 0228 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
22:10:02.0750 0228 BTDriver - ok
22:10:02.0796 0228 [ 6D23A08A656E1C230D697D1A0D63C491 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
22:10:02.0812 0228 BTKRNL - ok
22:10:02.0859 0228 [ 7A77628A0CB57A55CE1B8E6E205613B4 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:10:02.0859 0228 btwdins - ok
22:10:02.0875 0228 [ 80F61DE965C116051614AC2F04222FF7 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
22:10:02.0875 0228 BTWDNDIS - ok
22:10:02.0906 0228 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
22:10:02.0906 0228 btwhid - ok
22:10:02.0937 0228 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:10:02.0937 0228 cbidf2k - ok
22:10:02.0968 0228 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:10:02.0968 0228 CCDECODE - ok
22:10:02.0968 0228 cd20xrnt - ok
22:10:03.0000 0228 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:10:03.0000 0228 Cdaudio - ok
22:10:03.0046 0228 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:10:03.0046 0228 Cdfs - ok
22:10:03.0078 0228 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:10:03.0093 0228 Cdrom - ok
22:10:03.0093 0228 Changer - ok
22:10:03.0109 0228 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
22:10:03.0109 0228 CiSvc - ok
22:10:03.0125 0228 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:10:03.0125 0228 ClipSrv - ok
22:10:03.0156 0228 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:10:03.0203 0228 clr_optimization_v2.0.50727_32 - ok
22:10:03.0234 0228 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:10:03.0234 0228 CmBatt - ok
22:10:03.0234 0228 CmdIde - ok
22:10:03.0281 0228 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:10:03.0281 0228 Compbatt - ok
22:10:03.0281 0228 COMSysApp - ok
22:10:03.0312 0228 Cpqarray - ok
22:10:03.0390 0228 [ 75FA19142531CBF490770C2988A7DB64 ] cpuz134 C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys
22:10:03.0390 0228 cpuz134 - ok
22:10:03.0421 0228 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
22:10:03.0421 0228 Creative Service for CDROM Access - ok
22:10:03.0453 0228 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:10:03.0453 0228 CryptSvc - ok
22:10:03.0515 0228 [ A5BEA0E5C297F5F3835638A87E512FBA ] CTDevice_Srv C:\Program Files\Creative\Shared Files\CTDevSrv.exe
22:10:03.0515 0228 CTDevice_Srv - ok
22:10:03.0578 0228 [ 8E26D772F53B7883A651E0E4A9598F21 ] CTUPnPSv C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
22:10:03.0578 0228 CTUPnPSv - ok
22:10:03.0578 0228 dac2w2k - ok
22:10:03.0593 0228 dac960nt - ok
22:10:03.0625 0228 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:10:03.0640 0228 DcomLaunch - ok
22:10:03.0671 0228 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:10:03.0671 0228 Dhcp - ok
22:10:03.0687 0228 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:10:03.0687 0228 Disk - ok
22:10:03.0703 0228 [ 060DB81DFB79C8244EB65D10B6C7873F ] DKbFltr C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
22:10:03.0703 0228 DKbFltr - ok
22:10:03.0718 0228 dmadmin - ok
22:10:03.0765 0228 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:10:03.0796 0228 dmboot - ok
22:10:03.0812 0228 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:10:03.0812 0228 dmio - ok
22:10:03.0859 0228 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:10:03.0859 0228 dmload - ok
22:10:03.0875 0228 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:10:03.0875 0228 dmserver - ok
22:10:03.0906 0228 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:10:03.0906 0228 DMusic - ok
22:10:03.0953 0228 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:10:03.0953 0228 Dnscache - ok
22:10:03.0968 0228 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:10:03.0968 0228 Dot3svc - ok
22:10:03.0984 0228 dpti2o - ok
22:10:04.0015 0228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:10:04.0015 0228 drmkaud - ok
22:10:04.0031 0228 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:10:04.0046 0228 EapHost - ok
22:10:04.0062 0228 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:10:04.0062 0228 ERSvc - ok
22:10:04.0093 0228 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
22:10:04.0093 0228 Eventlog - ok
22:10:04.0125 0228 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
22:10:04.0140 0228 EventSystem - ok
22:10:04.0156 0228 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:10:04.0171 0228 Fastfat - ok
22:10:04.0203 0228 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:10:04.0218 0228 FastUserSwitchingCompatibility - ok
22:10:04.0234 0228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
22:10:04.0234 0228 Fdc - ok
22:10:04.0312 0228 [ E3A0CC636F313CB34867123539691DD5 ] FileZilla Server C:\Program Files\FileZilla Server\FileZilla Server.exe
22:10:04.0328 0228 FileZilla Server - ok
22:10:04.0359 0228 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:10:04.0359 0228 Fips - ok
22:10:04.0375 0228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
22:10:04.0375 0228 Flpydisk - ok
22:10:04.0390 0228 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:10:04.0406 0228 FltMgr - ok
22:10:04.0453 0228 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:10:04.0453 0228 FontCache3.0.0.0 - ok
22:10:04.0468 0228 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:10:04.0468 0228 Fs_Rec - ok
22:10:04.0484 0228 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:10:04.0484 0228 Ftdisk - ok
22:10:04.0515 0228 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
22:10:04.0515 0228 giveio - ok
22:10:04.0515 0228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:10:04.0515 0228 Gpc - ok
22:10:04.0578 0228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:04.0593 0228 gupdate - ok
22:10:04.0593 0228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:04.0593 0228 gupdatem - ok
22:10:04.0640 0228 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:10:04.0640 0228 gusvc - ok
22:10:04.0671 0228 [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
22:10:04.0671 0228 HdAudAddService - ok
22:10:04.0718 0228 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:10:04.0718 0228 HDAudBus - ok
22:10:04.0781 0228 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:10:04.0796 0228 helpsvc - ok
22:10:04.0828 0228 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
22:10:04.0828 0228 HidServ - ok
22:10:04.0859 0228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:10:04.0859 0228 HidUsb - ok
22:10:04.0890 0228 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:10:04.0890 0228 hkmsvc - ok
22:10:04.0890 0228 hpn - ok
22:10:04.0937 0228 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:10:04.0937 0228 HSFHWAZL - ok
22:10:04.0968 0228 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:10:05.0000 0228 HSF_DPV - ok
22:10:05.0046 0228 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:10:05.0046 0228 HTTP - ok
22:10:05.0078 0228 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:10:05.0078 0228 HTTPFilter - ok
22:10:05.0078 0228 i2omgmt - ok
22:10:05.0093 0228 i2omp - ok
22:10:05.0125 0228 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:10:05.0125 0228 i8042prt - ok
22:10:05.0187 0228 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:10:05.0203 0228 idsvc - ok
22:10:05.0218 0228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
22:10:05.0218 0228 Imapi - ok
22:10:05.0265 0228 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:10:05.0265 0228 ImapiService - ok
22:10:05.0281 0228 ini910u - ok
22:10:05.0437 0228 [ 004C80B1BDC4DD5303C89482E03153C0 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:10:05.0468 0228 IntcAzAudAddService - ok
22:10:05.0484 0228 IntelIde - ok
22:10:05.0515 0228 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:10:05.0515 0228 Ip6Fw - ok
22:10:05.0562 0228 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:10:05.0562 0228 IpFilterDriver - ok
22:10:05.0578 0228 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:10:05.0578 0228 IpInIp - ok
22:10:05.0609 0228 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:10:05.0609 0228 IpNat - ok
22:10:05.0656 0228 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:10:05.0656 0228 IPSec - ok
22:10:05.0687 0228 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:10:05.0687 0228 IRENUM - ok
22:10:05.0718 0228 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:10:05.0718 0228 isapnp - ok
22:10:05.0796 0228 [ A12175F063302CD68F8FC6D572D7E5FD ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:10:05.0812 0228 JavaQuickStarterService - ok
22:10:05.0828 0228 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:10:05.0828 0228 Kbdclass - ok
22:10:05.0859 0228 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:10:05.0859 0228 kbdhid - ok
22:10:05.0890 0228 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:10:05.0890 0228 kmixer - ok
22:10:05.0906 0228 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:10:05.0906 0228 KSecDD - ok
22:10:05.0937 0228 [ 85B6D85C044E3DF77E92B5A7B265008F ] Ktp C:\WINDOWS\system32\DRIVERS\ETD.sys
22:10:05.0953 0228 Ktp - ok
22:10:05.0984 0228 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
22:10:06.0000 0228 LanmanServer - ok
22:10:06.0031 0228 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:10:06.0046 0228 lanmanworkstation - ok
22:10:06.0046 0228 lbrtfdc - ok
22:10:06.0093 0228 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:10:06.0093 0228 LmHosts - ok
22:10:06.0125 0228 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:10:06.0140 0228 MBAMProtector - ok
22:10:06.0328 0228 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler D:\Instalace\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:10:06.0328 0228 MBAMScheduler - ok
22:10:06.0390 0228 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService D:\Instalace\Malwarebytes' Anti-Malware\mbamservice.exe
22:10:06.0390 0228 MBAMService - ok
22:10:06.0453 0228 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:10:06.0468 0228 mdmxsdk - ok
22:10:06.0484 0228 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:10:06.0484 0228 Messenger - ok
22:10:06.0515 0228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:10:06.0515 0228 mnmdd - ok
22:10:06.0546 0228 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
22:10:06.0562 0228 mnmsrvc - ok
22:10:06.0578 0228 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:10:06.0578 0228 Modem - ok
22:10:06.0593 0228 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:10:06.0593 0228 Mouclass - ok
22:10:06.0609 0228 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:10:06.0609 0228 mouhid - ok
22:10:06.0656 0228 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:10:06.0656 0228 MountMgr - ok
22:10:06.0687 0228 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:10:06.0703 0228 MozillaMaintenance - ok
22:10:06.0703 0228 mraid35x - ok
22:10:06.0718 0228 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:10:06.0734 0228 MRxDAV - ok
22:10:06.0781 0228 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:10:06.0781 0228 MRxSmb - ok
22:10:06.0812 0228 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
22:10:06.0812 0228 MSDTC - ok
22:10:06.0812 0228 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:10:06.0828 0228 Msfs - ok
22:10:06.0843 0228 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:10:06.0843 0228 MSKSSRV - ok
22:10:06.0843 0228 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:10:06.0859 0228 MSPCLOCK - ok
22:10:06.0859 0228 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:10:06.0859 0228 MSPQM - ok
22:10:06.0890 0228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:10:06.0890 0228 mssmbios - ok
22:10:06.0921 0228 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:10:06.0921 0228 MSTEE - ok
22:10:06.0953 0228 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:10:06.0953 0228 Mup - ok
22:10:06.0968 0228 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:10:06.0968 0228 NABTSFEC - ok
22:10:07.0015 0228 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:10:07.0015 0228 napagent - ok
22:10:07.0046 0228 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:10:07.0046 0228 NDIS - ok
22:10:07.0078 0228 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:10:07.0078 0228 NdisIP - ok
22:10:07.0109 0228 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:10:07.0109 0228 NdisTapi - ok
22:10:07.0140 0228 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:10:07.0156 0228 Ndisuio - ok
22:10:07.0187 0228 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:10:07.0187 0228 NdisWan - ok
22:10:07.0218 0228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:10:07.0218 0228 NDProxy - ok
22:10:07.0250 0228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:10:07.0250 0228 NetBIOS - ok
22:10:07.0281 0228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:10:07.0281 0228 NetBT - ok
22:10:07.0328 0228 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
22:10:07.0328 0228 NetDDE - ok
22:10:07.0328 0228 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:10:07.0343 0228 NetDDEdsdm - ok
22:10:07.0375 0228 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:10:07.0375 0228 Netlogon - ok
22:10:07.0421 0228 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
22:10:07.0421 0228 Netman - ok
22:10:07.0468 0228 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:10:07.0468 0228 NetTcpPortSharing - ok
22:10:07.0515 0228 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
22:10:07.0515 0228 Nla - ok
22:10:07.0531 0228 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:10:07.0531 0228 Npfs - ok
22:10:07.0562 0228 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:10:07.0593 0228 Ntfs - ok
22:10:07.0593 0228 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
22:10:07.0593 0228 NtLmSsp - ok
22:10:07.0640 0228 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:10:07.0656 0228 NtmsSvc - ok
22:10:07.0687 0228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:10:07.0687 0228 Null - ok
22:10:07.0718 0228 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:10:07.0718 0228 NwlnkFlt - ok
22:10:07.0734 0228 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:10:07.0750 0228 NwlnkFwd - ok
22:10:07.0796 0228 [ D955D5DE998DB2476BF0892BE3A96C26 ] o2flash C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
22:10:07.0796 0228 o2flash - ok
22:10:07.0828 0228 [ F1072A203FB1E246BE62D736A5B88DFD ] O2MDRDR C:\WINDOWS\system32\DRIVERS\o2media.sys
22:10:07.0828 0228 O2MDRDR - ok
22:10:07.0843 0228 [ 5472C48F44B49F07B16B421899E550F8 ] O2SDRDR C:\WINDOWS\system32\DRIVERS\o2sd.sys
22:10:07.0859 0228 O2SDRDR - ok
22:10:07.0921 0228 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:10:07.0921 0228 ose - ok
22:10:07.0953 0228 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
22:10:07.0953 0228 Parport - ok
22:10:07.0968 0228 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:10:07.0968 0228 PartMgr - ok
22:10:08.0000 0228 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:10:08.0000 0228 ParVdm - ok
22:10:08.0015 0228 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:10:08.0031 0228 PCI - ok
22:10:08.0031 0228 PCIDump - ok
22:10:08.0062 0228 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
22:10:08.0062 0228 PCIIde - ok
22:10:08.0078 0228 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:10:08.0078 0228 Pcmcia - ok
22:10:08.0078 0228 PDCOMP - ok
22:10:08.0093 0228 PDFRAME - ok
22:10:08.0109 0228 PDRELI - ok
22:10:08.0125 0228 PDRFRAME - ok
22:10:08.0140 0228 perc2 - ok
22:10:08.0156 0228 perc2hib - ok
22:10:08.0281 0228 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
22:10:08.0296 0228 PlugPlay - ok
22:10:08.0328 0228 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:10:08.0328 0228 PolicyAgent - ok
22:10:08.0343 0228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:10:08.0343 0228 PptpMiniport - ok
22:10:08.0359 0228 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:10:08.0359 0228 Processor - ok
22:10:08.0375 0228 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:10:08.0375 0228 ProtectedStorage - ok
22:10:08.0421 0228 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:10:08.0421 0228 PSched - ok
22:10:08.0468 0228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:10:08.0468 0228 Ptilink - ok
22:10:08.0515 0228 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:10:08.0515 0228 PxHelp20 - ok
22:10:08.0531 0228 ql1080 - ok
22:10:08.0546 0228 Ql10wnt - ok
22:10:08.0562 0228 ql12160 - ok
22:10:08.0578 0228 ql1240 - ok
22:10:08.0578 0228 ql1280 - ok
22:10:08.0609 0228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:10:08.0609 0228 RasAcd - ok
22:10:08.0640 0228 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:10:08.0640 0228 RasAuto - ok
22:10:08.0656 0228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:10:08.0656 0228 Rasl2tp - ok
22:10:08.0687 0228 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:10:08.0687 0228 RasMan - ok
22:10:08.0703 0228 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:10:08.0703 0228 RasPppoe - ok
22:10:08.0718 0228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:10:08.0718 0228 Raspti - ok
22:10:08.0750 0228 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:10:08.0750 0228 Rdbss - ok
22:10:08.0781 0228 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:10:08.0781 0228 RDPCDD - ok
22:10:08.0812 0228 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:10:08.0828 0228 RDPWD - ok
22:10:08.0859 0228 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:10:08.0875 0228 RDSessMgr - ok
22:10:08.0890 0228 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:10:08.0890 0228 redbook - ok
22:10:08.0921 0228 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:10:08.0921 0228 RemoteAccess - ok
22:10:08.0968 0228 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
22:10:08.0968 0228 RpcLocator - ok
22:10:09.0000 0228 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
22:10:09.0000 0228 RpcSs - ok
22:10:09.0046 0228 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
22:10:09.0046 0228 RSVP - ok
22:10:09.0156 0228 [ 3AEC576178BC1554FD95EF6D4729B105 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMI.sys
22:10:09.0250 0228 RTHDMIAzAudService - ok
22:10:09.0250 0228 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
22:10:09.0265 0228 SamSs - ok
22:10:09.0296 0228 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:10:09.0296 0228 SCardSvr - ok
22:10:09.0343 0228 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:10:09.0343 0228 Schedule - ok
22:10:09.0375 0228 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:10:09.0375 0228 sdbus - ok
22:10:09.0406 0228 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:10:09.0406 0228 Secdrv - ok
22:10:09.0453 0228 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:10:09.0453 0228 seclogon - ok
22:10:09.0468 0228 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
22:10:09.0468 0228 SENS - ok
22:10:09.0484 0228 [ 845AF1BA23C8D5E64DEF61BCC441604C ] sensorsview32 C:\WINDOWS\system32\drivers\sensorsview32.sys
22:10:09.0484 0228 sensorsview32 - ok
22:10:09.0500 0228 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
22:10:09.0500 0228 Serial - ok
22:10:09.0546 0228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:10:09.0546 0228 Sfloppy - ok
22:10:09.0562 0228 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:10:09.0578 0228 SharedAccess - ok
22:10:09.0593 0228 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:10:09.0593 0228 ShellHWDetection - ok
22:10:09.0593 0228 Simbad - ok
22:10:09.0640 0228 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:10:09.0656 0228 SkypeUpdate - ok
22:10:09.0671 0228 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:10:09.0671 0228 SLIP - ok
22:10:09.0687 0228 Sparrow - ok
22:10:09.0718 0228 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
22:10:09.0718 0228 speedfan - ok
22:10:09.0750 0228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:10:09.0750 0228 splitter - ok
22:10:09.0765 0228 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:10:09.0781 0228 Spooler - ok
22:10:09.0843 0228 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
22:10:09.0843 0228 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
22:10:09.0843 0228 sptd ( LockedFile.Multi.Generic ) - warning
22:10:09.0843 0228 sptd - detected LockedFile.Multi.Generic (1)
22:10:09.0890 0228 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:10:09.0890 0228 sr - ok
22:10:09.0921 0228 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
22:10:09.0921 0228 srservice - ok
22:10:09.0953 0228 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:10:09.0968 0228 Srv - ok
22:10:10.0000 0228 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:10:10.0000 0228 SSDPSRV - ok
22:10:10.0031 0228 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:10:10.0046 0228 stisvc - ok
22:10:10.0062 0228 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:10:10.0062 0228 streamip - ok
22:10:10.0093 0228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:10:10.0093 0228 swenum - ok
22:10:10.0109 0228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:10:10.0109 0228 swmidi - ok
22:10:10.0125 0228 SwPrv - ok
22:10:10.0140 0228 symc810 - ok
22:10:10.0156 0228 symc8xx - ok
22:10:10.0171 0228 sym_hi - ok
22:10:10.0187 0228 sym_u3 - ok
22:10:10.0234 0228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:10:10.0250 0228 sysaudio - ok
22:10:10.0265 0228 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:10:10.0281 0228 SysmonLog - ok
22:10:10.0328 0228 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:10:10.0328 0228 TapiSrv - ok
22:10:10.0359 0228 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:10:10.0375 0228 Tcpip - ok
22:10:10.0406 0228 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:10:10.0421 0228 TDPIPE - ok
22:10:10.0437 0228 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:10:10.0437 0228 TDTCP - ok
22:10:10.0468 0228 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:10:10.0468 0228 TermDD - ok
22:10:10.0500 0228 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
22:10:10.0515 0228 TermService - ok
22:10:10.0531 0228 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
22:10:10.0531 0228 Themes - ok
22:10:10.0546 0228 TosIde - ok
22:10:10.0578 0228 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:10:10.0578 0228 TrkWks - ok
22:10:10.0625 0228 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:10:10.0625 0228 Udfs - ok
22:10:10.0656 0228 [ 7020C64A20709B39CBE4A1CF371A9CD5 ] UIUSys C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
22:10:10.0656 0228 UIUSys - ok
22:10:10.0671 0228 ultra - ok
22:10:10.0703 0228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:10:10.0718 0228 Update - ok
22:10:10.0734 0228 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
22:10:10.0750 0228 upnphost - ok
22:10:10.0765 0228 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
22:10:10.0765 0228 UPS - ok
22:10:10.0781 0228 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:10:10.0781 0228 usbccgp - ok
22:10:10.0812 0228 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:10:10.0812 0228 usbehci - ok
22:10:10.0859 0228 [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
22:10:10.0859 0228 usbfilter - ok
22:10:10.0890 0228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:10:10.0890 0228 usbhub - ok
22:10:10.0906 0228 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:10:10.0906 0228 usbohci - ok
22:10:10.0937 0228 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:10:10.0937 0228 usbprint - ok
22:10:10.0968 0228 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:10:10.0984 0228 usbscan - ok
22:10:11.0000 0228 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:10:11.0000 0228 usbstor - ok
22:10:11.0031 0228 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
22:10:11.0031 0228 usbvideo - ok
22:10:11.0062 0228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:10:11.0062 0228 VgaSave - ok
22:10:11.0062 0228 ViaIde - ok
22:10:11.0125 0228 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:10:11.0125 0228 VolSnap - ok
22:10:11.0140 0228 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
22:10:11.0156 0228 VSS - ok
22:10:11.0203 0228 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
22:10:11.0203 0228 W32Time - ok
22:10:11.0250 0228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:10:11.0250 0228 Wanarp - ok
22:10:11.0328 0228 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
22:10:11.0343 0228 Wdf01000 - ok
22:10:11.0359 0228 WDICA - ok
22:10:11.0375 0228 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:10:11.0390 0228 wdmaud - ok
22:10:11.0406 0228 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:10:11.0468 0228 WebClient - ok
22:10:11.0531 0228 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:10:11.0546 0228 winachsf - ok
22:10:11.0609 0228 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:10:11.0625 0228 winmgmt - ok
22:10:11.0671 0228 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:10:11.0671 0228 WmdmPmSN - ok
22:10:11.0687 0228 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:10:11.0687 0228 WmiAcpi - ok
22:10:11.0734 0228 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:10:11.0734 0228 WmiApSrv - ok
22:10:11.0812 0228 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:10:11.0828 0228 WMPNetworkSvc - ok
22:10:11.0843 0228 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:10:11.0843 0228 WpdUsb - ok
22:10:11.0875 0228 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:10:11.0875 0228 WS2IFSL - ok
22:10:11.0906 0228 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:10:11.0921 0228 wscsvc - ok
22:10:11.0937 0228 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:10:11.0937 0228 WSTCODEC - ok
22:10:11.0968 0228 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:10:11.0968 0228 wuauserv - ok
22:10:12.0015 0228 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:10:12.0015 0228 WudfPf - ok
22:10:12.0031 0228 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:10:12.0031 0228 WudfRd - ok
22:10:12.0046 0228 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:10:12.0062 0228 WudfSvc - ok
22:10:12.0093 0228 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:10:12.0093 0228 WZCSVC - ok
22:10:12.0109 0228 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:10:12.0125 0228 xmlprov - ok
22:10:12.0156 0228 ================ Scan global ===============================
22:10:12.0171 0228 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
22:10:12.0203 0228 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
22:10:12.0234 0228 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
22:10:12.0281 0228 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
22:10:12.0281 0228 [Global] - ok
22:10:12.0281 0228 ================ Scan MBR ==================================
22:10:12.0296 0228 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
22:10:12.0703 0228 \Device\Harddisk0\DR0 - ok
22:10:12.0703 0228 ================ Scan VBR ==================================
22:10:12.0703 0228 [ B175ED377374862F1C0E62AB6623D70E ] \Device\Harddisk0\DR0\Partition1
22:10:12.0703 0228 \Device\Harddisk0\DR0\Partition1 - ok
22:10:12.0718 0228 [ BB744E593D1557E3F2DA3ACF21F36E17 ] \Device\Harddisk0\DR0\Partition2
22:10:12.0718 0228 \Device\Harddisk0\DR0\Partition2 - ok
22:10:12.0734 0228 ============================================================
22:10:12.0734 0228 Scan finished
22:10:12.0734 0228 ============================================================
22:10:12.0750 0544 Detected object count: 1
22:10:12.0750 0544 Actual detected object count: 1
22:10:59.0906 0544 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:10:59.0921 0544 sptd ( LockedFile.Multi.Generic ) - User select action: Skip



aswMBR
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-15 22:16:59
-----------------------------
22:16:59.281 OS Version: Windows 5.1.2600 Service Pack 3
22:16:59.281 Number of processors: 2 586 0x301
22:16:59.281 ComputerName: USER-3120899D64 UserName: User
22:16:59.828 Initialize success
22:22:19.156 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:22:19.171 Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 3
22:22:19.218 Disk 0 MBR read successfully
22:22:19.218 Disk 0 MBR scan
22:22:19.218 Disk 0 Windows XP default MBR code
22:22:19.218 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 64997 MB offset 63
22:22:19.218 Disk 0 Partition - 00 0F Extended LBA 240237 MB offset 133114590
22:22:19.265 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 240237 MB offset 133114653
22:22:19.265 Disk 0 scanning sectors +625121280
22:22:19.375 Disk 0 scanning C:\WINDOWS\system32\drivers
22:22:25.062 Service scanning
22:22:32.765 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
22:22:34.781 Modules scanning
22:22:54.687 Disk 0 trace - called modules:
22:22:54.687 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spus.sys >>UNKNOWN [0x8afbb938]<<
22:22:54.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aeeeab8]
22:22:54.687 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000084[0x8aee1030]
22:22:54.687 5 ACPI.sys[b9e74620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8aeab940]
22:22:54.687 Scan finished successfully
22:24:23.593 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Plocha\MBR.dat"
22:24:23.640 The log file has been saved successfully to "C:\Documents and Settings\User\Plocha\aswMBR.txt"



Eset
C:\System Volume Information\_restore{A599F615-1FBC-40B5-8251-A5B81C52D26E}\RP675\A0160381.exe a variant of Win32/SoftonicDownloader.D application

It seems to really change names...

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 AM

Posted 15 October 2012 - 09:47 PM

It seems to really change names...


Did AVG find something like SPUS.SYS as a rootkit?

If you have Daemon tools,uninstall it and let me know if AVG still finds rootkit

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

Edited by narenxp, 15 October 2012 - 09:47 PM.


#5 dahliana

dahliana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 16 October 2012 - 08:58 PM

Yes, as I was writing in first post...spjj.sys, other day speb.sys...

Daemon tools uninstalled (I thought I uninstalled it long time ago, but it seems to stayed =D), still 6 rootkits from AVG (exactly that spus.sys this time).

Malwarebytes didn't find a thing, all zeros everywhere.
But, well, then I checked in Settings that I want to show p2p software in results list too and program crashed two times (just before end of the scan).
I tried once again - without that p2p soft in log - so I can post the log...
Log without it:
Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.16.15

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
User :: USER-3120899D64 [administrator]

Protection: Enabled

17.10.2012 1:27:50
mbam-log-2012-10-17 (01-27-50).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399245
Time elapsed: 1 hour(s), 18 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Mini toolbox
got me automatically result in my language...

MiniToolBox by Farbar Version: 23-07-2012
Ran by User (administrator) on 17-10-2012 at 03:08:40
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Konfigurace protokolu IP systému Windows



Mezipaměť překládání DNS byla úspěšně vyprázdněna.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15266 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR5B91 Wireless Network Adapter = Bezdrátové připojení k síti (Connected)
Broadcom NetXtreme Gigabit Ethernet = Připojení k místní síti (Media disconnected)


# ----------------------------------
#Konfigurace rozhraní protokolu IP
# ----------------------------------
pushd interface ip


# Konfigurace protokolu IP rozhraní pro "Bezdrátové připojení k síti"

set address name="Bezdrátové připojení k síti" source=dhcp
set dns name="Bezdrátové připojení k síti" source=dhcp register=PRIMARY
set wins name="Bezdrátové připojení k síti" source=dhcp

# Konfigurace protokolu IP rozhraní pro "Připojení k místní síti"

set address name="Připojení k místní síti" source=dhcp
set dns name="Připojení k místní síti" source=dhcp register=PRIMARY
set wins name="Připojení k místní síti" source=dhcp


popd
# Konec konfigurace protokolu IP rozhraní




Konfigurace protokolu IP systému Windows



Název hostitele . . . . . . . . . : user-3120899d64

Primární přípona DNS. . . . . . . :

Typ uzlu . . . . . . . . . . . . : hybridní

Povoleno směrování IP . . . . . . : Ne

WINS Proxy povoleno . . . . . . . : Ne

Prohledávací seznam přípon DNS. . : cust.nbox.cz



Adaptér sítě Ethernet Bezdrátové připojení k síti:



Přípona DNS podle připojení . . . : cust.nbox.cz

Popis . . . . . . . . . . . . . . : Atheros AR5B91 Wireless Network Adapter

Fyzická Adresa. . . . . . . . . . : 0C-60-76-47-74-57

Protokol DHCP povolen . . . . . . : Ano

Automatická konfigurace povolena : Ano

Adresa IP . . . . . . . . . . . . : 192.168.0.101

Maska podsítě . . . . . . . . . . : 255.255.255.0

Výchozí brána . . . . . . . . . . : 192.168.0.1

Server DHCP . . . . . . . . . . . : 192.168.0.1

Servery DNS . . . . . . . . . . . : 192.168.0.1

Zapůjčeno . . . . . . . . . . . . : 16. října 2012 21:12:29

Zápůjčka vyprší . . . . . . . . . : 17. října 2012 21:12:29



Adaptér sítě Ethernet Připojení k místní síti:



Stav média . . . . . . . . . . . : odpojeno

Popis . . . . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet

Fyzická Adresa. . . . . . . . . . : 00-1F-16-CB-93-2C

Server: dir-600
Address: 192.168.0.1

N˙zev: google.com
Addresses: 173.194.39.78, 173.194.39.64, 173.194.39.65, 173.194.39.66
173.194.39.67, 173.194.39.68, 173.194.39.69, 173.194.39.70, 173.194.39.71
173.194.39.72, 173.194.39.73



Pýˇkaz PING na google.com [173.194.39.73] s d‚lkou 32 bajt…:



OdpovŘÔ od 173.194.39.73: bajty=32 źas=35ms TTL=54

OdpovŘÔ od 173.194.39.73: bajty=32 źas=34ms TTL=54



Statistika ping pro 173.194.39.73:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 34ms, Maximum = 35ms, Pr…mŘr = 34ms

Server: dir-600
Address: 192.168.0.1

N˙zev: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pýˇkaz PING na yahoo.com [98.138.253.109] s d‚lkou 32 bajt…:



OdpovŘÔ od 98.138.253.109: bajty=32 źas=183ms TTL=46

OdpovŘÔ od 98.138.253.109: bajty=32 źas=176ms TTL=46



Statistika ping pro 98.138.253.109:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 176ms, Maximum = 183ms, Pr…mŘr = 179ms

Server: dir-600
Address: 192.168.0.1

N˙zev: bleepingcomputer.com
Address: 208.43.87.2



Pýˇkaz PING na bleepingcomputer.com [208.43.87.2] s d‚lkou 32 bajt…:



OdpovŘÔ od 208.43.87.2: Cˇlově hostitel nenˇ dostupně.

OdpovŘÔ od 208.43.87.2: Cˇlově hostitel nenˇ dostupně.



Statistika ping pro 208.43.87.2:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms



Pýˇkaz PING na 127.0.0.1 s d‚lkou 32 bajt…:



OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128



Statistika ping pro 127.0.0.1:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms

===========================================================================
Seznam rozhranˇ
0x1 ........................... MS TCP Loopback interface
0x2 ...0c 60 76 47 74 57 ...... Atheros AR5B91 Wireless Network Adapter - Packet Scheduler Miniport
0x3 ...00 1f 16 cb 93 2c ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
===========================================================================
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.101 10
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.101 192.168.0.101 10
192.168.0.101 255.255.255.255 127.0.0.1 127.0.0.1 10
192.168.0.255 255.255.255.255 192.168.0.101 192.168.0.101 10
224.0.0.0 240.0.0.0 192.168.0.101 192.168.0.101 10
255.255.255.255 255.255.255.255 192.168.0.101 3 1
255.255.255.255 255.255.255.255 192.168.0.101 192.168.0.101 1
Věchozˇ br na: 192.168.0.1
===========================================================================
Trval‚ trasy:
¦ dn‚
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/17/2012 01:13:00 AM) (Source: Application Error) (User: )
Description: Chybující aplikace mbam.exe, verze 1.62.0.140, chybující modul version.dll, verze 5.1.2600.5512, adresa chyby 0x00001ddc.
Zpracování události, specifické pro médium ([mbam.exe!ws!])

Error: (10/16/2012 10:51:53 PM) (Source: Application Error) (User: )
Description: Chybující aplikace mbam.exe, verze 1.62.0.140, chybující modul version.dll, verze 5.1.2600.5512, adresa chyby 0x00001ddc.
Zpracování události, specifické pro médium ([mbam.exe!ws!])

Error: (10/16/2012 10:23:01 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace wmplayer.exe, verze 11.0.5721.5145, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (09/16/2012 00:16:50 PM) (Source: ESENT) (User: )
Description: svchost (1460) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (09/03/2012 11:10:19 PM) (Source: Application Error) (User: )
Description: Chybující aplikace divx plus player.exe, verze 10.3.2.6, chybující modul qtcore4.dll, verze 4.5.0.0, adresa chyby 0x000e1b16.
Zpracování události, specifické pro médium ([divx plus player.exe!ws!])

Error: (09/02/2012 01:18:57 PM) (Source: ESENT) (User: )
Description: svchost (1516) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/29/2012 04:36:56 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (08/19/2012 00:18:11 PM) (Source: ESENT) (User: )
Description: svchost (1984) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (08/10/2012 10:03:49 PM) (Source: Application Error) (User: )
Description: Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x603d32b7.
Zpracování události, specifické pro médium ([explorer.exe!ws!])

Error: (08/02/2012 01:54:44 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace pearl.exe, verze 0.0.0.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


System errors:
=============
Error: (10/14/2012 04:15:04 PM) (Source: PlugPlayManager) (User: )
Description: Zařízení Root\LEGACY_UNLOCKERDRIVER5\0000 se již v systému nenachází, přestože nebylo nejdříve připraveno k odebrání.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) - Czech (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Aktualizace systému Windows Internet Explorer 8 (KB975364) (Version: 1)
Aktualizace systému Windows Internet Explorer 8 (KB976662) (Version: 1)
Aktualizace systému Windows Internet Explorer 8 (KB980182) (Version: 1)
Aktualizace systému Windows XP (KB2141007) (Version: 1)
Aktualizace systému Windows XP (KB2345886) (Version: 1)
Aktualizace systému Windows XP (KB2467659) (Version: 1)
Aktualizace systému Windows XP (KB2541763) (Version: 1)
Aktualizace systému Windows XP (KB2607712) (Version: 1)
Aktualizace systému Windows XP (KB2616676) (Version: 1)
Aktualizace systému Windows XP (KB2641690) (Version: 1)
Aktualizace systému Windows XP (KB2661254-v2) (Version: 2)
Aktualizace systému Windows XP (KB2718704) (Version: 1)
Aktualizace systému Windows XP (KB2736233) (Version: 1)
Aktualizace systému Windows XP (KB2749655) (Version: 1)
Aktualizace systému Windows XP (KB898461) (Version: 1)
Aktualizace systému Windows XP (KB951978) (Version: 1)
Aktualizace systému Windows XP (KB955759) (Version: 1)
Aktualizace systému Windows XP (KB967715) (Version: 1)
Aktualizace systému Windows XP (KB968389) (Version: 1)
Aktualizace systému Windows XP (KB971029) (Version: 1)
Aktualizace systému Windows XP (KB971737) (Version: 1)
Aktualizace systému Windows XP (KB973687) (Version: 1)
Aktualizace systému Windows XP (KB973815) (Version: 1)
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)
Aktualizace zabezpečení produktu Windows XP (KB941569)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2360131) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2722913) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332) (Version: 1)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2079403) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2115168) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2121546) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2160329) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2229593) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2259922) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2279986) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2286198) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2296011) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2296199) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2347290) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2360937) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2387149) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2393802) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2412687) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2419632) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2423089) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2436673) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2440591) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2443105) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2476490) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2476687) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2478960) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2478971) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2479628) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2479943) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2481109) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2483185) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2485376) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2485663) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2503658) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2503665) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2506212) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2506223) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2507618) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2507938) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2508272) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2508429) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2509553) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2511455) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2524375) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2535512) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2536276-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB2536276) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2544893-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB2544893) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2555917) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2562937) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2566454) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2567053) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2567680) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2570222) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2570947) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2584146) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2585542) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2592799) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2598479) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2603381) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2618451) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2619339) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2620712) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2621440) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2624667) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2631813) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2633171) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2639417) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2641653) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2646524) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2647518) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2653956) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2655992) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2659262) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2660465) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2661637) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2676562) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2685939) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2686509) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2691442) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2695962) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2698365) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2705219) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2707511) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2709162) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2712808) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2718523) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2719985) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2723135) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2724197) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB2731847) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB923561) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB923789)
Aktualizace zabezpečení systému Windows XP (KB946648) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB950762) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB950974) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB951066) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB951376-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB951748) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB952004) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB952954) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB954459) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB955069) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956572) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956744) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956802) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956803) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956844) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB957097) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958644) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958687) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958869) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB959426) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB960225) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB960803) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB960859) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB961371-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB961501) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB969059) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB969947) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB970238) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB970430) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971468) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971486) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971557) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971633) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971657) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971961) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB972270) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973354) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973507) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973525) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973869) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973904) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974112) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974318) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974392) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974571) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975025) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975467) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975560) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975561) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975562) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975713) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB976325) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB977165-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB977816) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB977914) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978037) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978251) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978262) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978338) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978542) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978601) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978706) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979309) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979482) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979559) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979683) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979687) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980195) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980218) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980232) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980436) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB981322) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB981852) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB981957) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB981997) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB982132) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB982214) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB982665) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB982802) (Version: 1)
ALPS Touch Pad Driver
AMD USB Audio Driver Filter (Version: 1.0.7.0031)
Applian FLV Player (Version: 2.0.24)
Astrolog32 1.30.2 (Version: 1.30.2)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Display Driver (Version: 8.64-090714a1-085212C-ATI)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
Balíček ovladače systému Windows - Advanced Micro Devices Inc. AMD USB Filter Driver (05/27/2008 1.0.7.0) (Version: 05/27/2008 1.0.7.0)
Battle.net
BeTrapped! (Version: )
Broadcom Gigabit Integrated Controller (Version: 11.11.03)
Call To Power 2
Canon iP4200
Catalyst Control Center - Branding (Version: 1.00.0000)
CCleaner (Version: 3.23)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Creative Centrale (Version: 1.19.02)
Creative MediaSource 5 (Version: 5.00)
Creative Software Update (Version: 1.03.01)
Creative ZEN Style Series Documentation
Diablo
Diablo II
DivX Setup (Version: 2.6.1.9)
ESET Online Scanner v3
Fallen City version 1.0 (Version: 1.0)
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
FileZilla Server (remove only)
GIMP 2.8.0 (Version: 2.8.0)
Google Chrome (Version: 22.0.1229.94)
Google Talk Plugin (Version: 3.9.1.9832)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GTD Timer (Version: 2008.1.0.0)
Harry Potter
HDAUDIO Soft Data Fax Modem with SmartCP
Heroes of Might and Magic® (Version: 1.01.0000)
HP Deskjet 1050 J410 series Nápověda (Version: 140.0.56.56)
HP Update (Version: 5.002.003.003)
Chandler 1.0.3 (Version: 1.0.3)
ImageShack Uploader 2.2.0 (Version: 2.2.0)
Inspector Parker (Version: )
IrfanView (remove only)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Jing (Version: 2.6.12032.1)
Launch Manager
LEGO® Harry Potter™: Years 1-4 (Version: 1.0.0.0)
Malwarebytes Anti-Malware verze 1.65.0.1400 (Version: 1.65.0.1400)
masyu version 1.0
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel Viewer (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 12.0 (x86 cs) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
O2Micro Flash Memory Card Reader Driver (x86) (Version: 3.24.1)
ODF Add-in for Microsoft Office (Version: 4.0.5309.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
Opera 11.00 (Version: 11.00)
Oprava hotfix aplikace Windows Media Player 11 (KB939683)
Oprava Hotfix systému Windows XP (KB2158563) (Version: 1)
Oprava Hotfix systému Windows XP (KB2443685) (Version: 1)
Oprava Hotfix systému Windows XP (KB2570791) (Version: 1)
Oprava Hotfix systému Windows XP (KB2633952) (Version: 1)
Oprava Hotfix systému Windows XP (KB2756822) (Version: 1)
Oprava Hotfix systému Windows XP (KB952287) (Version: 1)
Oprava Hotfix systému Windows XP (KB961118) (Version: 1)
Oprava Hotfix systému Windows XP (KB976098-v2) (Version: 2)
Oprava Hotfix systému Windows XP (KB979306) (Version: 1)
Oprava Hotfix systému Windows XP (KB981793) (Version: 1)
PC Chrono 1.1.0.6
PC Wizard 2010.1.96
PDFCreator (Version: 1.2.3)
PDFTools Version 1.3 (08/26/2007) (Version: 1.3)
Psaní všemi deseti 1.5
Qip2005 pack verze: 8095 (Version: verze: 8095)
QMC
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
Realtek High Definition Audio Driver (Version: 5.10.0.5675)
RealUpgrade 1.1 (Version: 1.1.0)
Riot - Radical Image Optimization Tool
Sada Compatibility Pack pro systém Office 2007 (Version: 12.0.6612.1000)
SafeQ Client (Version: 1.14)
Security Task Manager 1.8d (Version: 1.8d)
SensorsView Pro 3.2
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (Version: 1.0.0)
Sid Meier's Civilization III Gold (Version: 1.00.000)
Skype™ 5.10 (Version: 5.10.116)
SpeedFan (remove only)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
The Sims 2 Noční život
The Sims 2 Pro rodinnou zábavu - Kolekce
The Sims 2 Univerzita
The Sims 2 Ve světě podnikání
The Sims™ 2 Život v bytě
The Sims™ 2 H&M® Móda Kolekce
The Sims™ 2 IKEA® Domov Kolekce
The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
The Sims™ 2 Mazlíčci
The Sims™ 2 Šťastnou cestu
The Sims™ 2 Pojďme slavit! Kolekce
The Sims™ 2 Pro luxusní život - Kolekce
The Sims™ 2 Pro Teenagery Kolekce
The Sims™ 2 Roční období
The Sims™ 2 Sídla a zahrady Kolekce
The Sims™ 2 Volný čas
Total Commander (Remove or Repair) (Version: 7.55a)
UltraStar Deluxe (Version: 1.1RC)
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veetle TV 0.9.17 (Version: 0.9.17)
WebFldrs XP (Version: 9.50.7523)
WIDCOMM Bluetooth Software (Version: 5.1.0.4500)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR
WMHelp XmlPad (Version: 3.01.0000)
Wunderlist (Version: 1.2.4)
ZENcast Organizer
Zip Recovery Toolbox 1.0
Zip Repair Pro (Version: 4.2.0.1281)
Zoner GIF Animator 5 (Version: 5.0.3000.2)
Zoo Tycoon: Complete Collection
Základní software zařízení HP Deskjet 1050 J410 series (Version: 20.0.771.0)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 2814.28 MB
Available physical RAM: 1539.05 MB
Total Pagefile: 5469.25 MB
Available Pagefile: 4290.6 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:63.47 GB) (Free:8.87 GB) NTFS
2 Drive d: () (Fixed) (Total:234.61 GB) (Free:109.12 GB) NTFS
3 Drive f: (Sims2EP9) (CDROM) (Total:0.66 GB) (Free:0 GB) UDF

========================= Users: ========================================

U§ivatelsk‚ Łźty pro \\USER-3120899D64

Administrator Guest HelpAssistant
SUPPORT_388945a0 User
Pýˇkaz byl ŁspŘçnŘ dokonźen.

========================= Restore Points ==================================

27-07-2012 16:00:49 Nainstalováno AVG 2012
27-07-2012 16:03:28 Odstraněno AVG 2012
29-07-2012 05:34:25 Kontrolní bod systému
30-07-2012 05:48:42 Kontrolní bod systému
31-07-2012 06:48:42 Kontrolní bod systému
02-08-2012 20:32:35 Kontrolní bod systému
04-08-2012 23:59:30 Kontrolní bod systému
06-08-2012 04:06:06 Kontrolní bod systému
07-08-2012 10:37:51 Kontrolní bod systému
09-08-2012 02:07:39 Kontrolní bod systému
10-08-2012 02:26:13 Kontrolní bod systému
11-08-2012 02:30:13 Kontrolní bod systému
12-08-2012 03:46:07 Kontrolní bod systému
13-08-2012 05:01:35 Kontrolní bod systému
14-08-2012 05:23:47 Kontrolní bod systému
15-08-2012 01:00:20 Software Distribution Service 3.0
15-08-2012 01:47:04 Removed Java™ 6 Update 31
15-08-2012 01:47:41 Installed Java 7 Update 6
17-08-2012 20:51:56 Kontrolní bod systému
19-08-2012 08:03:40 Kontrolní bod systému
20-08-2012 08:32:35 Kontrolní bod systému
22-08-2012 07:59:14 Kontrolní bod systému
23-08-2012 10:43:10 Kontrolní bod systému
24-08-2012 12:44:49 Kontrolní bod systému
26-08-2012 17:40:46 Kontrolní bod systému
27-08-2012 21:13:46 Kontrolní bod systému
29-08-2012 01:00:24 Kontrolní bod systému
02-09-2012 19:48:07 Kontrolní bod systému
04-09-2012 14:47:51 Kontrolní bod systému
05-09-2012 19:25:08 Kontrolní bod systému
07-09-2012 16:08:10 Kontrolní bod systému
08-09-2012 16:54:29 Kontrolní bod systému
09-09-2012 17:45:52 Kontrolní bod systému
11-09-2012 11:04:29 Removed Java 7 Update 6
11-09-2012 11:04:58 Installed Java 7 Update 7
12-09-2012 11:18:40 Kontrolní bod systému
13-09-2012 01:00:18 Software Distribution Service 3.0
13-09-2012 02:41:20 Software Distribution Service 3.0
14-09-2012 02:52:59 Kontrolní bod systému
15-09-2012 09:45:11 Kontrolní bod systému
16-09-2012 13:04:49 Kontrolní bod systému
21-09-2012 19:09:26 Kontrolní bod systému
23-09-2012 01:00:18 Software Distribution Service 3.0
24-09-2012 14:07:53 Kontrolní bod systému
25-09-2012 17:19:20 Kontrolní bod systému
27-09-2012 23:55:42 Kontrolní bod systému
29-09-2012 00:26:50 Kontrolní bod systému
29-09-2012 15:32:40 Installed Wunderlist
01-10-2012 07:51:38 Kontrolní bod systému
02-10-2012 08:45:53 Kontrolní bod systému
04-10-2012 06:14:59 Kontrolní bod systému
05-10-2012 15:25:47 Kontrolní bod systému
06-10-2012 17:01:55 Kontrolní bod systému
07-10-2012 17:27:20 Kontrolní bod systému
08-10-2012 20:47:53 Kontrolní bod systému
09-10-2012 23:18:05 Software Distribution Service 3.0
11-10-2012 11:59:47 Kontrolní bod systému
12-10-2012 12:35:27 Kontrolní bod systému
13-10-2012 19:17:20 Kontrolní bod systému
15-10-2012 08:02:25 Kontrolní bod systému
16-10-2012 08:41:51 Kontrolní bod systému

**** End of log ****


Have no problem to translate anything or run it again, but that would probably need to change settings of language of computer itself in this case, I assume? If it's needed, I'll do it.



Farbar
Farbar Service Scanner Version: 07-10-2012
Ran by User (administrator) on 17-10-2012 at 03:20:34
Running from "C:\Documents and Settings\User\Plocha"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0125952 ____A (Microsoft Corporation) 8C9A53E285AC5E6704844D0459EC85BE

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2008-04-14 14:00] - [2009-04-20 19:19] - 0045568 ____A (Microsoft Corporation) DFAA406BF19F4EE806A6F8D4342137F7

C:\WINDOWS\system32\ipnathlp.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0329728 ____A (Microsoft Corporation) F58FACA9621D2DB01BD0927D9A0A208E

C:\WINDOWS\system32\netman.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0198144 ____A (Microsoft Corporation) 72E1E9E2977BE08BDEEDB6D8FD9D4D40

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2009-12-11 00:33] - [2008-04-14 14:00] - 0144896 ____A (Microsoft Corporation) E488332126E3B1182D2B8A0C35408EC6

C:\WINDOWS\system32\srsvc.dll
[2009-12-11 00:35] - [2008-04-14 14:00] - 0171008 ____A (Microsoft Corporation) 35B91147124F64AC8081A2EDB9EA4DEE

C:\WINDOWS\system32\Drivers\sr.sys
[2009-12-11 00:35] - [2008-04-14 14:00] - 0073344 ____A (Microsoft Corporation) 94610C8653635E4459316A0050D55CE7

C:\WINDOWS\system32\wscsvc.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0080896 ____A (Microsoft Corporation) 4C86D5FAF78194995AF9CC1075F65DD3

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2009-12-11 00:33] - [2008-04-14 14:00] - 0144896 ____A (Microsoft Corporation) E488332126E3B1182D2B8A0C35408EC6

C:\WINDOWS\system32\wuauserv.dll
[2009-12-11 00:36] - [2008-04-14 14:00] - 0006656 ____A (Microsoft Corporation) C1364564800EE9784192145324A23308

C:\WINDOWS\system32\qmgr.dll
[2009-12-11 00:36] - [2008-04-14 14:00] - 0409088 ____A (Microsoft Corporation) 19395D092FD85DDC2D9C7729CF5A2AC8

C:\WINDOWS\system32\es.dll
[2008-04-14 14:00] - [2008-07-07 22:29] - 0253952 ____A (Microsoft Corporation) A371F11EF07653591C8DE26AFB13CE7F

C:\WINDOWS\system32\cryptsvc.dll
[2008-04-14 14:00] - [2008-04-14 14:00] - 0062464 ____A (Microsoft Corporation) F3AB0933CBD166D271992F411C27CCAF

C:\WINDOWS\system32\svchost.exe
[2008-04-14 14:00] - [2008-04-14 14:00] - 0014336 ____A (Microsoft Corporation) BE4A520E29B6391F49E79CCC52044D93

C:\WINDOWS\system32\rpcss.dll
[2008-04-14 14:00] - [2009-02-09 12:56] - 0401408 ____A (Microsoft Corporation) BE27674D1CBC3214AEC84B4336A38BBF

C:\WINDOWS\system32\services.exe
[2008-04-14 14:00] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9EF697AF07BB8DD82C3B02CA953A95B7


Extra List:
=======
Avgtdix(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0C0000000500000001000000020000000300000004000000080000000A0000000B0000000C000000090000000600000007000000
IpSec Tag value is correct.

**** End of log ****




Adwcleaner

# AdwCleaner v2.005 - Logfile created 10/17/2012 at 03:24:10
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : User - USER-3120899D64
# Boot Mode : Normal
# Running from : C:\Documents and Settings\User\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\User\Data aplikací\pdfforge

***** [Registry] *****

Key Deleted : HKCU\Software\CompeteInc
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Opera v11.0.1156.0

File : C:\Documents and Settings\User\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [2224 octets] - [17/10/2012 03:24:10]

########## EOF - C:\AdwCleaner[S2].txt - [2284 octets] ##########




Junkware removal
In the end it said that it saved log to my desktop, but it's nowhere to be found - right after scan an empty not saved txt file showed and it said that it can't find the source or something like this.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 AM

Posted 16 October 2012 - 09:03 PM

Run a scan again with AVG and let me know if it still detects SPXX.sys files

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 dahliana

dahliana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 16 October 2012 - 09:42 PM

Yes, still, spep.sys this time.

Rkill
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/17/2012 04:33:59 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\CTsvcCDA.exe (PID: 504) [WD-HEUR]
* C:\DOCUME~1\User\LOCALS~1\Temp\RtkBtMnt.exe (PID: 3644) [SUP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* MSIServer [Missing Service]

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15286 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/17/2012 04:34:40 AM
Execution time: 0 hours(s), 0 minute(s), and 40 seconds(s)


Autoruns

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Apoint" "Alps Pointing-device Driver" "Alps Electric Co., Ltd." "c:\program files\apoint\apoint.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgtray.exe"
+ "AzMixerSel" "Azalia Mixer Selector" "Realtek Semiconductor Corp." "c:\program files\realtek\audio\installshield\azmixersel.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files\divx\divx update\divxupdate.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "LManager" "Acer Launch Manager Keyboard Application" "Dritek System Inc." "c:\program files\launch manager\lmanager.exe"
+ "MSPY2002" "" "" "c:\windows\system32\ime\pintlgnt\imscinst.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "d:\instalace\update\realsched.exe"
"C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
"C:\Documents and Settings\User\Nabídka Start\Programy\Po spuštění" "" "" ""
+ "GTD Timer Launcher.lnk" "" "" "d:\instalace\gtdtimer\bin\gtdtimerlauncher.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Adresář 6" "Knihovna instalačního programu Outlook Express" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Knihovna instalačního programu Outlook Express" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Creative Detector U" "Creative MediaSource Detector" "Creative Technology Ltd" "c:\program files\creative\mediasource5\ctdetctu.exe"
+ "CTSyncU.exe" "Creative Sync Manager" "" "c:\program files\creative\sync manager unicode\ctsyncu.exe"
+ "SoftAuto.exe" "Creative Software" "Creative Technology Ltd" "c:\program files\creative\software update 3\softauto.exe"
+ "SpybotSD TeaTimer" "System settings protector" "Safer-Networking Ltd." "c:\program files\spybot - search & destroy\teatimer.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "BTW Setup Wizard" "BtWizard Module" "Broadcom Corporation." "c:\windows\system32\btwizard.dll"
"HKCU\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "wmh" "wmh: Asychronous Pluggable Protocol Handler" "WMHelp Software" "c:\program files\wmhelp software\wmhelp xmlpad\wmhaspp.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgpp.dll"
+ "skype4com" "Skype for COM API" "Skype Technologies" "c:\program files\common files\skype\skype4com.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgse.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "d:\instalace\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files\filezilla ftp client\fzshellext.dll"
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\windows\system32\btncopy.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "d:\instalace\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgse.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "d:\instalace\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgdtiex.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgssie.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKCU\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "QIP 2005" "Quiet Internet Pager" "The Author of QIP" "c:\program files\qip\qip.exe"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgdtiex.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "GoogleUpdateTaskMachineCore.job" "Instalační program Google" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Instalační program Google" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1202660629-926492609-1417001333-1004Core.job" "Instalační program Google" "Google Inc." "c:\documents and settings\user\local settings\data aplikací\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1202660629-926492609-1417001333-1004UA.job" "Instalační program Google" "Google Inc." "c:\documents and settings\user\local settings\data aplikací\google\update\googleupdate.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1202660629-926492609-1417001333-1004.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1202660629-926492609-1417001333-1004.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AppMgmt" "Poskytuje služby instalace softwaru, jako např. Přiřadit, Publikovat a Odebrat." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Ati HotKey Poller" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "ATI Smart" "ATI Smart" "" "c:\windows\system32\ati2sgag.exe"
+ "AVGIDSAgent" "Poskytuje ochranu identity proti kyberkriminalitě." "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgidsagent.exe"
+ "avgwd" "Služba AVG Watchdog" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgwdsvc.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bin\btwdins.exe"
+ "Creative Service for CDROM Access" "Creative Service for CDROM Access" "Creative Technology Ltd" "c:\windows\system32\ctsvccda.exe"
+ "CTDevice_Srv" "CTDevSrv Window Service Application" "Creative Technology Ltd" "c:\program files\creative\shared files\ctdevsrv.exe"
+ "CTUPnPSv" "Creative Centrale Media Server Service" "Creative Technology Ltd" "c:\program files\creative\creative centrale\ctupnpsv.exe"
+ "FileZilla Server" "FileZilla Server" "FileZilla Project" "c:\program files\filezilla server\filezilla server.exe"
+ "gupdate" "Udržuje software Google aktualizovaný. Je-li tato služba zakázána nebo zastavena, nebude software Google udržován v aktualizovaném stavu. To znamená, že nemusí být opravena zjištěná slabá místa v zabezpečení a určité funkce nemusí fungovat. Pokud tuto službu žádný software Google nepoužívá, sama se odinstaluje." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Udržuje software Google aktualizovaný. Je-li tato služba zakázána nebo zastavena, nebude software Google udržován v aktualizovaném stavu. To znamená, že nemusí být opravena zjištěná slabá místa v zabezpečení a určité funkce nemusí fungovat. Pokud tuto službu žádný software Google nepoužívá, sama se odinstaluje." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Aplikace Google Updater udržuje váš software Google neustále aktuální. Je-li aplikace Google Updater zakázána nebo zastavena, software Google nebude udržován v aktuálním stavu. V důsledku toho nebudou opravena případná slabá místa v zabezpečení a může se stát, že některé funkce nebudou dostupné." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "d:\instalace\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "d:\instalace\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "" "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "o2flash" "O2 Flash Memory Service" "O2Micro International" "c:\program files\o2micro flash memory card driver\o2flash.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe"
+ "WMPNetworkSvc" "Sdílí knihovny programu Windows Media Player s ostatními hráči v síti a médii pomocí technologie Universal Plug and Play." "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AmdPPM" "AMD Processor Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdppm.sys"
+ "ApfiltrService" "Alps Touch Pad Driver" "Alps Electric Co., Ltd." "c:\windows\system32\drivers\apfiltr.sys"
+ "AR5416" "Driver for Atheros AR5008 Wireless Network Adapter" "Atheros Communications, Inc." "c:\windows\system32\drivers\athw.sys"
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdriverx.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfilterx.sys"
+ "AVGIDSHX" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidshx.sys"
+ "AVGIDSShim" "AVG Technologies IDS Application Activity Monitor Shim Loader Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsshimx.sys"
+ "Avgldx86" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx86.sys"
+ "Avgmfx86" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx86.sys"
+ "Avgrkx86" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx86.sys"
+ "Avgtdix" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdix.sys"
+ "b57w2k" "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57xp32.sys"
+ "btaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btaudio.sys"
+ "BTDriver" "Bluetooth BTPORT Driver for Windows 2000" "Broadcom Corporation." "c:\windows\system32\drivers\btport.sys"
+ "BTKRNL" "Bluetooth Bus Enumerator" "Broadcom Corporation." "c:\windows\system32\drivers\btkrnl.sys"
+ "BTWDNDIS" "Bluetooth LAN Access Server Driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwdndis.sys"
+ "btwhid" "Bluetooth Virtual HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwhid.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "cpuz134" "CPUID Driver" "Windows ® Win 7 DDK provider" "c:\program files\cpuid\pc wizard 2010\pcwiz_x32.sys"
+ "DKbFltr" "Dritek PS2 Keyboard Filter Driver" "Dritek System Inc." "c:\windows\system32\drivers\dkbfltr.sys"
+ "giveio" "" "" "c:\windows\system32\giveio.sys"
+ "HdAudAddService" "Ati High Definition Audio Function Driver" "ATI Research Inc." "c:\windows\system32\drivers\atihdaud.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_dpv.sys"
+ "HSFHWAZL" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsfhwazl.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "Ktp" "ETD Ware TSR Enhancements" "ELANTECH Devices Corp." "c:\windows\system32\drivers\etd.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "O2MDRDR" "o2media" "O2Micro " "c:\windows\system32\drivers\o2media.sys"
+ "O2SDRDR" "O2Micro SD Reader Driver" "O2Micro " "c:\windows\system32\drivers\o2sd.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "RTHDMIAzAudService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rthdmi.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "sensorsview32" "WinRing0" "OpenLibSys.org" "c:\windows\system32\drivers\sensorsview32.sys"
+ "speedfan" "SpeedFan Device Driver" "Windows ® 2000 DDK provider" "c:\windows\system32\speedfan.sys"
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"
+ "UIUSys" "UIU HW Access x86 Driver (SYS)" "Conexant Systems, Inc" "c:\windows\system32\drivers\uiusys.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices Inc." "c:\windows\system32\drivers\usbfilter.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\system32\vp6vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "BPM Metadata" "Creative BPM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metabpmu.ax"
+ "Creative AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\ac3srcu.ax"
+ "Creative Audio Gain Filter" "Audio Gain Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\audgain.ax"
+ "Creative AVI Writer" "Creative AVI Writer Filter(Renderer)" "Creative Technology Ltd." "c:\program files\creative\shared files\aviwrtu.ax"
+ "Creative CDDA Source Filter" "CDDA Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\cdda.ax"
+ "Creative CMV Source" "Creative CMV Source Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\cmvsrcu.ax"
+ "Creative CMV Writer" "Creative CMV Writer Filter(Renderer)" "Creative Technology Ltd." "c:\program files\creative\shared files\cmvwrtu.ax"
+ "Creative Flac Source Filter" "Creative FLAC Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\flacsrcu.ax"
+ "Creative Frame Rate Converter" "Creative Frame Rate Converter" "Creative Technology Ltd" "c:\program files\creative\shared files\ctfrconv.ax"
+ "Creative Internet Source Filter" "Creative Internet Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\inetsrcu.ax"
+ "Creative LiveRecording Filter_SxS" "Live Recording Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\liverecu.ax"
+ "Creative Media Select" "" "Creative Technology Ltd." "c:\program files\creative\shared files\mediasel.ax"
+ "Creative MJPEG Encoder Filter" "Creative MJPEG Encoder Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\mjpgencu.ax"
+ "Creative MLP Source Filter" "Creative MLP Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\mlpsrcu.ax"
+ "Creative Mp3 Encoder" "Creative MP3 Encoder" "Creative Technology Ltd" "c:\program files\creative\shared files\dsmp3enc.ax"
+ "Creative Null Audio" "" "Creative Technology Ltd." "c:\program files\creative\shared files\nullaud.ax"
+ "Creative NVF Filter" "Creative Nomad Voice File Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\nvfsrcu.ax"
+ "Creative Ogg Source Filter" "Creative Ogg Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\oggsrcu.ax"
+ "Creative PCM Raw Writer" "Creative Raw Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\rawwritu.ax"
+ "Creative QT Source Filter" "Creative QT Source Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\ctqtsf.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\vidprocu.ax"
+ "Creative Wave Writer" "Wave Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wavwrite.ax"
+ "Creative WMA Source Filter" "Creative WMA Source Filter" "Creative Technology Ltd" "c:\program files\creative\shared files\wmasrc.ax"
+ "Creative WMA Writer" "WMA Writer" "Creative Technology Ltd" "c:\program files\creative\shared files\wmawrite.ax"
+ "CT CMSS3 filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\cmss3.ax"
+ "CT HPVirtualizer filter" "Creative Headphone Virtualizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\virtual.ax"
+ "CT Karaoke filter" "Creative Karaoke Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\karaoke.ax"
+ "CT PDP filter" "Creative Crystalizer Filter" "Creative Technology, Ltd." "c:\program files\creative\shared files\pdp.ax"
+ "CT SmartVolumeManagement filter" "Creative Compressor Plugin" "Creative Technology Ltd." "c:\program files\creative\shared files\dscompr.ax"
+ "CT Time-Scaling filter" "Sample" "Creative Technology Ltd." "c:\program files\creative\shared files\timescal.ax"
+ "CT Upsampler filter" "Sample" "Creative Technology Ltd" "c:\program files\creative\shared files\upsample.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\divxdech264.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Mp3Dump" "" "Creative Technology Ltd." "c:\program files\creative\shared files\mp3dump.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Noise Reduction" "Creative Noise Reduction Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\noisredu.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "d:\instalace\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "d:\instalace\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "d:\instalace\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SVM Metadata" "Creative SVM Metadata Filter" "Creative Technology Ltd." "c:\program files\creative\shared files\metasvmu.ax"
+ "TrueMotion 2.0 Decompressor" "TrueMotion 2.0 Decompressor" "The Duck Corporation" "c:\windows\system32\tm20dec.ax"
+ "Wave Transform" "" "Creative Technology Ltd." "c:\program files\creative\shared files\wavtrans.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgrsx.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "AtiExtEvent" "ATI External Event Utility DLL Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Bluetooth Printer Port" "bthcrp DLL" "Broadcom Corporation." "c:\windows\system32\bthcrp.dll"
+ "Canon BJ Language Monitor iP4200" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm78.dll"
+ "HP 8911 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8911lm.dll"
+ "PDFCreator" "" "" "c:\windows\system32\pdfcmnnt.dll"
+ "RICOH Language Monitor2" "RICOH BIDI Language Monitor" "RICOH CO.,Ltd." "c:\windows\system32\rc4mon.dll"
+ "SafeQ" "" "" "c:\windows\system32\safeq.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 AM

Posted 16 October 2012 - 10:19 PM

Launch Autoruns and uncheck this entry
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "sptd" "" "" "c:\windows\system32\drivers\sptd.sys"

Restart the PC and delete this file

c:\windows\system32\drivers\sptd.sys

Run AVG scan again

#9 dahliana

dahliana
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 17 October 2012 - 02:53 AM

Done and AVGtest is ok, no rootkit according to it. =)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:39 AM

Posted 17 October 2012 - 07:41 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users