13:44:56.0127 3592 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:44:56.0128 3592 RasSstp - ok
13:44:56.0158 3592 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:44:56.0162 3592 rdbss - ok
13:44:56.0196 3592 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:44:56.0197 3592 RDPCDD - ok
13:44:56.0237 3592 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
13:44:56.0258 3592 rdpdr - ok
13:44:56.0294 3592 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:44:56.0295 3592 RDPENCDD - ok
13:44:56.0340 3592 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:44:56.0364 3592 RDPWD - ok
13:44:56.0433 3592 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:44:56.0437 3592 RemoteAccess - ok
13:44:56.0473 3592 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:44:56.0494 3592 RemoteRegistry - ok
13:44:56.0526 3592 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
13:44:56.0529 3592 RpcLocator - ok
13:44:56.0554 3592 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
13:44:56.0560 3592 RpcSs - ok
13:44:56.0623 3592 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:44:56.0642 3592 rspndr - ok
13:44:56.0719 3592 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
13:44:56.0722 3592 RTL8169 - ok
13:44:56.0727 3592 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
13:44:56.0729 3592 SamSs - ok
13:44:56.0748 3592 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:44:56.0749 3592 sbp2port - ok
13:44:56.0793 3592 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:44:56.0798 3592 SCardSvr - ok
13:44:56.0832 3592 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
13:44:56.0838 3592 Schedule - ok
13:44:56.0852 3592 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:44:56.0853 3592 SCPolicySvc - ok
13:44:56.0877 3592 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:44:56.0901 3592 SDRSVC - ok
13:44:56.0923 3592 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:44:56.0924 3592 secdrv - ok
13:44:56.0933 3592 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
13:44:56.0937 3592 seclogon - ok
13:44:56.0984 3592 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
13:44:56.0988 3592 SENS - ok
13:44:57.0081 3592 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:44:57.0082 3592 Serenum - ok
13:44:57.0115 3592 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:44:57.0117 3592 Serial - ok
13:44:57.0125 3592 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:44:57.0126 3592 sermouse - ok
13:44:57.0283 3592 [ 289E853881E688286AD24299FCC485D8 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:44:57.0317 3592 ServiceLayer - ok
13:44:57.0347 3592 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
13:44:57.0351 3592 SessionEnv - ok
13:44:57.0367 3592 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:44:57.0368 3592 sffdisk - ok
13:44:57.0378 3592 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:44:57.0379 3592 sffp_mmc - ok
13:44:57.0397 3592 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:44:57.0398 3592 sffp_sd - ok
13:44:57.0506 3592 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:44:57.0507 3592 sfloppy - ok
13:44:57.0658 3592 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:44:57.0695 3592 SharedAccess - ok
13:44:57.0745 3592 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:44:57.0749 3592 ShellHWDetection - ok
13:44:57.0761 3592 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:44:57.0763 3592 sisagp - ok
13:44:57.0780 3592 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
13:44:57.0781 3592 SiSRaid2 - ok
13:44:57.0798 3592 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:44:57.0800 3592 SiSRaid4 - ok
13:44:58.0470 3592 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:44:58.0500 3592 Skype C2C Service - ok
13:44:58.0616 3592 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:44:58.0767 3592 SkypeUpdate - ok
13:44:59.0166 3592 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
13:44:59.0188 3592 slsvc - ok
13:44:59.0524 3592 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
13:44:59.0529 3592 SLUINotify - ok
13:44:59.0554 3592 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:44:59.0556 3592 Smb - ok
13:44:59.0592 3592 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:44:59.0660 3592 SNMPTRAP - ok
13:44:59.0763 3592 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\Windows\system32\speedfan.sys
13:44:59.0783 3592 speedfan - ok
13:44:59.0827 3592 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
13:44:59.0828 3592 spldr - ok
13:44:59.0874 3592 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
13:44:59.0879 3592 Spooler - ok
13:44:59.0968 3592 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys
13:44:59.0969 3592 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
13:44:59.0971 3592 sptd ( LockedFile.Multi.Generic ) - warning
13:44:59.0971 3592 sptd - detected LockedFile.Multi.Generic (1)
13:45:00.0044 3592 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:45:00.0089 3592 srv - ok
13:45:00.0163 3592 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:45:00.0184 3592 srv2 - ok
13:45:00.0208 3592 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:45:00.0210 3592 srvnet - ok
13:45:00.0226 3592 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:45:00.0231 3592 SSDPSRV - ok
13:45:00.0260 3592 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:45:00.0264 3592 SstpSvc - ok
13:45:00.0315 3592 [ 8BB19094DEF583E0EECE1830457444EE ] stdriver C:\Windows\system32\DRIVERS\stdriver32.sys
13:45:00.0316 3592 stdriver - ok
13:45:00.0342 3592 Steam Client Service - ok
13:45:00.0389 3592 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:45:00.0393 3592 Stereo Service - ok
13:45:00.0441 3592 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
13:45:00.0448 3592 stisvc - ok
13:45:00.0494 3592 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:45:00.0495 3592 swenum - ok
13:45:00.0577 3592 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
13:45:00.0584 3592 swprv - ok
13:45:00.0614 3592 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
13:45:00.0615 3592 Symc8xx - ok
13:45:00.0646 3592 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
13:45:00.0647 3592 Sym_hi - ok
13:45:00.0657 3592 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
13:45:00.0658 3592 Sym_u3 - ok
13:45:00.0681 3592 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
13:45:00.0688 3592 SysMain - ok
13:45:00.0710 3592 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:45:00.0714 3592 TabletInputService - ok
13:45:00.0803 3592 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:45:00.0808 3592 TapiSrv - ok
13:45:00.0844 3592 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
13:45:00.0899 3592 TBS - ok
13:45:00.0943 3592 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:45:00.0977 3592 Tcpip - ok
13:45:00.0992 3592 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
13:45:00.0998 3592 Tcpip6 - ok
13:45:01.0029 3592 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:45:01.0030 3592 tcpipreg - ok
13:45:01.0055 3592 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:45:01.0056 3592 TDPIPE - ok
13:45:01.0096 3592 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:45:01.0097 3592 TDTCP - ok
13:45:01.0152 3592 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:45:01.0166 3592 tdx - ok
13:45:01.0204 3592 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:45:01.0205 3592 TermDD - ok
13:45:01.0220 3592 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
13:45:01.0226 3592 TermService - ok
13:45:01.0236 3592 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
13:45:01.0240 3592 Themes - ok
13:45:01.0286 3592 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
13:45:01.0289 3592 THREADORDER - ok
13:45:01.0320 3592 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
13:45:01.0324 3592 TrkWks - ok
13:45:01.0527 3592 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:45:01.0528 3592 TrustedInstaller - ok
13:45:01.0605 3592 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:45:01.0606 3592 tssecsrv - ok
13:45:01.0694 3592 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
13:45:01.0695 3592 tunmp - ok
13:45:01.0821 3592 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:45:01.0822 3592 tunnel - ok
13:45:01.0929 3592 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:45:01.0993 3592 uagp35 - ok
13:45:02.0040 3592 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:45:02.0043 3592 udfs - ok
13:45:02.0061 3592 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:45:02.0065 3592 UI0Detect - ok
13:45:02.0102 3592 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:45:02.0103 3592 uliagpkx - ok
13:45:02.0117 3592 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
13:45:02.0120 3592 uliahci - ok
13:45:02.0131 3592 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
13:45:02.0134 3592 UlSata - ok
13:45:02.0157 3592 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
13:45:02.0158 3592 ulsata2 - ok
13:45:02.0184 3592 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:45:02.0185 3592 umbus - ok
13:45:02.0210 3592 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
13:45:02.0215 3592 upnphost - ok
13:45:02.0258 3592 [ B671514497DF7417F83919A6A5BD6BB9 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
13:45:02.0259 3592 upperdev - ok
13:45:02.0296 3592 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:45:02.0319 3592 usbccgp - ok
13:45:02.0339 3592 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:45:02.0341 3592 usbcir - ok
13:45:02.0380 3592 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:45:02.0381 3592 usbehci - ok
13:45:02.0395 3592 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:45:02.0397 3592 usbhub - ok
13:45:02.0421 3592 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:45:02.0422 3592 usbohci - ok
13:45:02.0480 3592 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:45:02.0481 3592 usbprint - ok
13:45:02.0518 3592 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:45:02.0521 3592 usbscan - ok
13:45:02.0564 3592 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\DRIVERS\usbser.sys
13:45:02.0565 3592 usbser - ok
13:45:02.0588 3592 [ FF358FD3176B2E5605C4ACCD5026A5AC ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
13:45:02.0589 3592 UsbserFilt - ok
13:45:02.0631 3592 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:45:02.0634 3592 USBSTOR - ok
13:45:02.0670 3592 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:45:02.0671 3592 usbuhci - ok
13:45:02.0699 3592 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
13:45:02.0712 3592 UxSms - ok
13:45:02.0765 3592 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
13:45:02.0766 3592 VClone - ok
13:45:02.0938 3592 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
13:45:02.0976 3592 vds - ok
13:45:03.0013 3592 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:45:03.0015 3592 vga - ok
13:45:03.0056 3592 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
13:45:03.0057 3592 VgaSave - ok
13:45:03.0088 3592 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:45:03.0090 3592 viaagp - ok
13:45:03.0115 3592 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
13:45:03.0116 3592 ViaC7 - ok
13:45:03.0130 3592 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
13:45:03.0131 3592 viaide - ok
13:45:03.0211 3592 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:45:03.0231 3592 volmgr - ok
13:45:03.0263 3592 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:45:03.0268 3592 volmgrx - ok
13:45:03.0344 3592 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:45:03.0376 3592 volsnap - ok
13:45:03.0400 3592 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:45:03.0418 3592 vsmraid - ok
13:45:03.0554 3592 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
13:45:03.0569 3592 VSS - ok
13:45:03.0599 3592 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
13:45:03.0604 3592 W32Time - ok
13:45:03.0655 3592 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:45:03.0656 3592 WacomPen - ok
13:45:03.0741 3592 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
13:45:03.0806 3592 Wanarp - ok
13:45:03.0809 3592 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:45:03.0811 3592 Wanarpv6 - ok
13:45:03.0919 3592 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:45:03.0940 3592 wcncsvc - ok
13:45:03.0976 3592 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:45:03.0980 3592 WcsPlugInService - ok
13:45:04.0002 3592 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
13:45:04.0003 3592 Wd - ok
13:45:04.0264 3592 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:45:04.0271 3592 Wdf01000 - ok
13:45:04.0307 3592 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:45:04.0311 3592 WdiServiceHost - ok
13:45:04.0346 3592 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:45:04.0350 3592 WdiSystemHost - ok
13:45:04.0444 3592 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
13:45:04.0449 3592 WebClient - ok
13:45:04.0570 3592 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:45:04.0576 3592 Wecsvc - ok
13:45:04.0613 3592 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:45:04.0638 3592 wercplsupport - ok
13:45:04.0677 3592 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
13:45:04.0682 3592 WerSvc - ok
13:45:05.0149 3592 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:45:05.0213 3592 WinDefend - ok
13:45:05.0221 3592 WinHttpAutoProxySvc - ok
13:45:05.0393 3592 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:45:05.0393 3592 Winmgmt - ok
13:45:05.0435 3592 WinRing0_1_2_0 - ok
13:45:05.0534 3592 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
13:45:05.0551 3592 WinRM - ok
13:45:05.0629 3592 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:45:05.0655 3592 Wlansvc - ok
13:45:06.0263 3592 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:45:06.0297 3592 wlidsvc - ok
13:45:06.0356 3592 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:45:06.0357 3592 WmiAcpi - ok
13:45:06.0509 3592 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:45:06.0579 3592 wmiApSrv - ok
13:45:06.0840 3592 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:45:06.0913 3592 WMPNetworkSvc - ok
13:45:06.0935 3592 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:45:06.0941 3592 WPCSvc - ok
13:45:06.0964 3592 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:45:06.0969 3592 WPDBusEnum - ok
13:45:07.0014 3592 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
13:45:07.0017 3592 WpdUsb - ok
13:45:07.0291 3592 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:45:07.0319 3592 WPFFontCache_v0400 - ok
13:45:07.0359 3592 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:45:07.0360 3592 ws2ifsl - ok
13:45:07.0394 3592 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
13:45:07.0399 3592 wscsvc - ok
13:45:07.0403 3592 WSearch - ok
13:45:07.0617 3592 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:45:07.0656 3592 wuauserv - ok
13:45:07.0703 3592 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:45:07.0704 3592 WudfPf - ok
13:45:07.0750 3592 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:45:07.0752 3592 WUDFRd - ok
13:45:07.0777 3592 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:45:07.0782 3592 wudfsvc - ok
13:45:07.0851 3592 [ F8D742FB60BAE5AE61FD3B1733816620 ] zebrbus C:\Windows\system32\DRIVERS\zebrbus.sys
13:45:07.0852 3592 zebrbus - ok
13:45:07.0885 3592 [ 3E6A291D9353E7F86B1506B561A943F5 ] zebrmdfl C:\Windows\system32\DRIVERS\zebrmdfl.sys
13:45:07.0886 3592 zebrmdfl - ok
13:45:07.0899 3592 [ 11B30CD51AEE64CC91FA71199DAF9C0F ] zebrmdm C:\Windows\system32\DRIVERS\zebrmdm.sys
13:45:07.0922 3592 zebrmdm - ok
13:45:07.0960 3592 [ 3D7F8257EEBAF89EE427FF4D956064DD ] zebrmdmc C:\Windows\system32\DRIVERS\zebrmdmc.sys
13:45:07.0962 3592 zebrmdmc - ok
13:45:07.0970 3592 ================ Scan global ===============================
13:45:07.0994 3592 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
13:45:08.0015 3592 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:45:08.0030 3592 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
13:45:08.0065 3592 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
13:45:08.0072 3592 [Global] - ok
13:45:08.0073 3592 ================ Scan MBR ==================================
13:45:08.0111 3592 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:45:10.0004 3592 \Device\Harddisk0\DR0 - ok
13:45:10.0005 3592 ================ Scan VBR ==================================
13:45:10.0046 3592 [ 19577041AE79B482D81A5CB2012E4DBD ] \Device\Harddisk0\DR0\Partition1
13:45:10.0047 3592 \Device\Harddisk0\DR0\Partition1 - ok
13:45:10.0047 3592 ============================================================
13:45:10.0047 3592 Scan finished
13:45:10.0047 3592 ============================================================
13:45:10.0057 4428 Detected object count: 1
13:45:10.0057 4428 Actual detected object count: 1
13:45:33.0999 4428 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:45:34.0000 4428 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
Kontrola Logu Vyřešeno
Re: Kontrola Logu
ComboFix 13-01-24.02 - HAL3000 25.01.2013 13:56:41.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3071.1980 [GMT 1:00]
Spuštěný z: c:\users\HAL3000\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\lol
c:\program files\lol\LeagueOfLegends\0x0409.ini
c:\program files\lol\LeagueOfLegends\0x0415.ini
c:\program files\lol\LeagueOfLegends\data1.cab
c:\program files\lol\LeagueOfLegends\data1.hdr
c:\program files\lol\LeagueOfLegends\data2.cab
c:\program files\lol\LeagueOfLegends\ISSetup.dll
c:\program files\lol\LeagueOfLegends\layout.bin
c:\program files\lol\LeagueOfLegends\setup.exe
c:\program files\lol\LeagueOfLegends\setup.ini
c:\program files\lol\LeagueOfLegends\setup.inx
c:\program files\lol\LeagueOfLegends\setup.isn
c:\users\HAL3000\AppData\Roaming\Microsoft\~DFK5fa327.tmp
c:\users\HAL3000\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\bass.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\peaadje.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\HAL3000\AppData\Roaming\Zulu.dmp
c:\windows\iun6002.exe
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\msxml4-KB2758694-enu.LOG
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-25 do 2013-01-25 )))))))))))))))))))))))))))))))
.
.
2074-05-07 16:38 . 2006-11-21 18:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-01-25 12:31 . 2013-01-25 12:31 -------- d-----w- c:\users\HAL3000\AppData\Local\ArcSoft
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Malwarebytes
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\programdata\Malwarebytes
2013-01-25 09:34 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 09:21 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E00DFF3B-2FF3-44A3-8648-76BE3AB41D9B}\mpengine.dll
2013-01-24 18:00 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-15 12:46 . 2013-01-03 18:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-10 15:02 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-01-10 15:01 . 2013-01-10 15:01 -------- d-----w- c:\program files\PC Connectivity Solution
2013-01-09 11:09 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 11:09 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 11:08 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 53248 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2013-01-02 20:25 . 2013-01-02 20:25 -------- d-----w- c:\users\HAL3000\AppData\Roaming\.techniclauncher
2013-01-02 18:49 . 2013-01-02 20:05 -------- d-----w- c:\users\HAL3000\AppData\Roaming\logs
2013-01-02 16:47 . 2005-04-03 22:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-01-02 16:47 . 2005-04-03 22:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-01-02 16:47 . 2005-04-03 22:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-01-02 16:47 . 2005-04-03 22:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-01-02 16:47 . 2005-04-03 21:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-01-02 16:47 . 2013-01-02 16:47 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-01-02 16:47 . 2013-01-02 16:47 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-01-01 17:08 . 2013-01-25 13:07 -------- d-----w- c:\users\HAL3000\AppData\Local\LogMeIn Hamachi
2013-01-01 17:07 . 2013-01-01 17:07 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-12-30 19:15 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Subversion
2012-12-30 19:14 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\fltk.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\fltk.org
2012-12-30 19:14 . 2012-12-30 19:27 -------- d-----w- c:\users\HAL3000\AppData\Roaming\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-30 19:14 . 2012-12-30 19:14 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\program files\OpenAL
2012-12-30 19:10 . 2012-12-30 19:10 -------- d-----w- c:\program files\FlightGear
2012-12-28 08:28 . 2012-12-28 08:28 -------- d-----w- c:\users\HAL3000\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 13:12 . 2012-12-21 20:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 20:21 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:29 . 2012-12-12 12:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-11-09 14:33 . 2010-10-12 08:36 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-11-09 14:33 . 2012-11-09 14:33 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-11-09 14:33 . 2012-11-09 14:33 18560 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-11-09 10:42 . 2012-12-12 12:30 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-09 10:37 . 2012-12-12 12:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-09 10:36 . 2012-12-12 12:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-09 10:36 . 2012-12-12 12:30 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-11-09 10:36 . 2012-12-12 12:30 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-09 09:01 . 2012-12-12 12:30 385024 ----a-w- c:\windows\system32\html.iec
2012-11-09 07:13 . 2012-12-12 12:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-02 10:18 . 2012-12-12 12:30 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-12 12:30 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-30 22:51 . 2011-09-11 17:56 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-09-11 17:56 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-09-11 17:56 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-09-11 17:56 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-09-11 17:56 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-09-11 17:56 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-09-11 17:55 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-09-11 17:55 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-21 01:18 . 2012-06-05 13:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-25 880496]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-26 6707744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-26 1833504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"ArcSoft Connection Service"="c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe" [2010-10-27 207424]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
backup=c:\windows\pss\GamePark klient 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^HAL3000^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\HAL3000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2012-02-10 14:07 327680 ----a-w- c:\program files\Gameforge4D\4Story_CZ\PrePatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2012-10-30 22:50 4297136 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-r- c:\windows\System32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
2010-05-25 18:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-10-07 12:10 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-28 18:55 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-25 11:06 880496 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 71207835
*Deregistered* - 71207835
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-24 13:53 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job
- c:\users\HAL3000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 08:28]
.
2013-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job
- c:\users\HAL3000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 08:28]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-28 19:49]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-28 19:49]
.
2013-01-25 c:\windows\Tasks\ReclaimerUpdateFiles_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-24 c:\windows\Tasks\ReclaimerUpdateXML_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-25 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-24 c:\windows\Tasks\User_Feed_Synchronization-{6C81BF75-AD21-43DE-B856-DB44AFB55932}.job
- c:\windows\system32\msfeedssync.exe [2012-12-12 07:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Free YouTube Download - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 25.120.92.69
FF - ProfilePath - c:\users\HAL3000\AppData\Roaming\Mozilla\Firefox\Profiles\pnfksmr3.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - ExtSQL: !HIDDEN! 2009-09-22 09:46; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-ICQ - c:\program files\ICQ7.2\ICQ.exe
MSConfigStartUp-MediaGet2 - c:\users\HAL3000\AppData\Local\MediaGet2\mediaget.exe
MSConfigStartUp-MX Skype Recorder - c:\programdata\MXSkypeRecorder\MXSkypeRecorder.exe
MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-SpywareTerminatorShield - c:\program files\Spyware Terminator\SpywareTerminatorShield.exe
MSConfigStartUp-SpywareTerminatorUpdater - c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-25 14:07
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:88,4c,81,4d,af,00,9a,a6,ae,d6,cf,f9,ef,60,89,c6,58,e7,c4,95,f5,6e,75,
8b,13,41,7e,e9,a4,03,91,ef,0d,93,c4,db,f9,ab,fb,36,89,c6,d2,ed,2b,43,d1,58,\
"??"=hex:20,80,e8,43,eb,7b,23,4f,d1,e8,b9,37,5e,b9,25,98
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\License information*]
"datasecu"=hex:e3,ea,53,d6,6e,3c,68,bb,fd,75,e6,aa,67,32,48,6f,9b,35,85,46,e1,
b4,d1,23,f0,b0,02,7a,79,94,5e,63,d6,ee,40,2e,03,19,cf,7d,d8,f4,1f,8f,61,6c,\
"rkeysecu"=hex:52,24,70,f6,13,e0,80,3a,2f,16,7b,af,d7,46,b1,fc
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-01-25 14:12:02
ComboFix-quarantined-files.txt 2013-01-25 13:11
.
Před spuštěním: Volných bajtů: 198 935 347 200
Po spuštění: Volných bajtů: 199 423 950 848
.
- - End Of File - - A400DBD28C4AB18342E818EC2454DB9C
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3071.1980 [GMT 1:00]
Spuštěný z: c:\users\HAL3000\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\lol
c:\program files\lol\LeagueOfLegends\0x0409.ini
c:\program files\lol\LeagueOfLegends\0x0415.ini
c:\program files\lol\LeagueOfLegends\data1.cab
c:\program files\lol\LeagueOfLegends\data1.hdr
c:\program files\lol\LeagueOfLegends\data2.cab
c:\program files\lol\LeagueOfLegends\ISSetup.dll
c:\program files\lol\LeagueOfLegends\layout.bin
c:\program files\lol\LeagueOfLegends\setup.exe
c:\program files\lol\LeagueOfLegends\setup.ini
c:\program files\lol\LeagueOfLegends\setup.inx
c:\program files\lol\LeagueOfLegends\setup.isn
c:\users\HAL3000\AppData\Roaming\Microsoft\~DFK5fa327.tmp
c:\users\HAL3000\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\bass.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\peaadje.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\HAL3000\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\HAL3000\AppData\Roaming\Zulu.dmp
c:\windows\iun6002.exe
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\msxml4-KB2758694-enu.LOG
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-25 do 2013-01-25 )))))))))))))))))))))))))))))))
.
.
2074-05-07 16:38 . 2006-11-21 18:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-01-25 12:31 . 2013-01-25 12:31 -------- d-----w- c:\users\HAL3000\AppData\Local\ArcSoft
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Malwarebytes
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\programdata\Malwarebytes
2013-01-25 09:34 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 09:21 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E00DFF3B-2FF3-44A3-8648-76BE3AB41D9B}\mpengine.dll
2013-01-24 18:00 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-15 12:46 . 2013-01-03 18:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-10 15:02 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-01-10 15:01 . 2013-01-10 15:01 -------- d-----w- c:\program files\PC Connectivity Solution
2013-01-09 11:09 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 11:09 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 11:08 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 53248 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2013-01-02 20:25 . 2013-01-02 20:25 -------- d-----w- c:\users\HAL3000\AppData\Roaming\.techniclauncher
2013-01-02 18:49 . 2013-01-02 20:05 -------- d-----w- c:\users\HAL3000\AppData\Roaming\logs
2013-01-02 16:47 . 2005-04-03 22:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-01-02 16:47 . 2005-04-03 22:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-01-02 16:47 . 2005-04-03 22:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-01-02 16:47 . 2005-04-03 22:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-01-02 16:47 . 2005-04-03 21:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-01-02 16:47 . 2013-01-02 16:47 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-01-02 16:47 . 2013-01-02 16:47 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-01-01 17:08 . 2013-01-25 13:07 -------- d-----w- c:\users\HAL3000\AppData\Local\LogMeIn Hamachi
2013-01-01 17:07 . 2013-01-01 17:07 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-12-30 19:15 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Subversion
2012-12-30 19:14 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\fltk.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\fltk.org
2012-12-30 19:14 . 2012-12-30 19:27 -------- d-----w- c:\users\HAL3000\AppData\Roaming\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-30 19:14 . 2012-12-30 19:14 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\program files\OpenAL
2012-12-30 19:10 . 2012-12-30 19:10 -------- d-----w- c:\program files\FlightGear
2012-12-28 08:28 . 2012-12-28 08:28 -------- d-----w- c:\users\HAL3000\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 13:12 . 2012-12-21 20:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 20:21 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:29 . 2012-12-12 12:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-11-09 14:33 . 2010-10-12 08:36 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-11-09 14:33 . 2012-11-09 14:33 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-11-09 14:33 . 2012-11-09 14:33 18560 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-11-09 10:42 . 2012-12-12 12:30 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-09 10:37 . 2012-12-12 12:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-09 10:36 . 2012-12-12 12:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-09 10:36 . 2012-12-12 12:30 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-11-09 10:36 . 2012-12-12 12:30 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-09 09:01 . 2012-12-12 12:30 385024 ----a-w- c:\windows\system32\html.iec
2012-11-09 07:13 . 2012-12-12 12:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-02 10:18 . 2012-12-12 12:30 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-12 12:30 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-30 22:51 . 2011-09-11 17:56 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-09-11 17:56 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-09-11 17:56 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-09-11 17:56 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-09-11 17:56 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-09-11 17:56 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-09-11 17:55 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-09-11 17:55 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-21 01:18 . 2012-06-05 13:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-25 880496]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-26 6707744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-26 1833504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"ArcSoft Connection Service"="c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe" [2010-10-27 207424]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
backup=c:\windows\pss\GamePark klient 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^HAL3000^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\HAL3000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2012-02-10 14:07 327680 ----a-w- c:\program files\Gameforge4D\4Story_CZ\PrePatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2012-10-30 22:50 4297136 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-r- c:\windows\System32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
2010-05-25 18:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-10-07 12:10 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-28 18:55 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-25 11:06 880496 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 71207835
*Deregistered* - 71207835
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-24 13:53 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job
- c:\users\HAL3000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 08:28]
.
2013-01-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job
- c:\users\HAL3000\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 08:28]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-28 19:49]
.
2013-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-28 19:49]
.
2013-01-25 c:\windows\Tasks\ReclaimerUpdateFiles_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-24 c:\windows\Tasks\ReclaimerUpdateXML_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-25 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-24 c:\windows\Tasks\User_Feed_Synchronization-{6C81BF75-AD21-43DE-B856-DB44AFB55932}.job
- c:\windows\system32\msfeedssync.exe [2012-12-12 07:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Free YouTube Download - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 25.120.92.69
FF - ProfilePath - c:\users\HAL3000\AppData\Roaming\Mozilla\Firefox\Profiles\pnfksmr3.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - ExtSQL: !HIDDEN! 2009-09-22 09:46; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-ICQ - c:\program files\ICQ7.2\ICQ.exe
MSConfigStartUp-MediaGet2 - c:\users\HAL3000\AppData\Local\MediaGet2\mediaget.exe
MSConfigStartUp-MX Skype Recorder - c:\programdata\MXSkypeRecorder\MXSkypeRecorder.exe
MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSConfigStartUp-SpywareTerminatorShield - c:\program files\Spyware Terminator\SpywareTerminatorShield.exe
MSConfigStartUp-SpywareTerminatorUpdater - c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B} - c:\program files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-25 14:07
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:88,4c,81,4d,af,00,9a,a6,ae,d6,cf,f9,ef,60,89,c6,58,e7,c4,95,f5,6e,75,
8b,13,41,7e,e9,a4,03,91,ef,0d,93,c4,db,f9,ab,fb,36,89,c6,d2,ed,2b,43,d1,58,\
"??"=hex:20,80,e8,43,eb,7b,23,4f,d1,e8,b9,37,5e,b9,25,98
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\License information*]
"datasecu"=hex:e3,ea,53,d6,6e,3c,68,bb,fd,75,e6,aa,67,32,48,6f,9b,35,85,46,e1,
b4,d1,23,f0,b0,02,7a,79,94,5e,63,d6,ee,40,2e,03,19,cf,7d,d8,f4,1f,8f,61,6c,\
"rkeysecu"=hex:52,24,70,f6,13,e0,80,3a,2f,16,7b,af,d7,46,b1,fc
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-01-25 14:12:02
ComboFix-quarantined-files.txt 2013-01-25 13:11
.
Před spuštěním: Volných bajtů: 198 935 347 200
Po spuštění: Volných bajtů: 199 423 950 848
.
- - End Of File - - A400DBD28C4AB18342E818EC2454DB9C
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola Logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Firefox::
FF - ProfilePath - c:\users\HAL3000\AppData\Roaming\Mozilla\Firefox\Profiles\pnfksmr3.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Kontrola Logu
ComboFix 13-01-24.02 - HAL3000 26.01.2013 17:26:57.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3071.1782 [GMT 1:00]
Spuštěný z: c:\users\HAL3000\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HAL3000\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-26 do 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2074-05-07 16:38 . 2006-11-21 18:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-01-26 16:36 . 2013-01-26 16:39 -------- d-----w- c:\users\HAL3000\AppData\Local\temp
2013-01-26 16:36 . 2013-01-26 16:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-26 16:36 . 2013-01-26 16:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-25 12:31 . 2013-01-25 12:31 -------- d-----w- c:\users\HAL3000\AppData\Local\ArcSoft
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Malwarebytes
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\programdata\Malwarebytes
2013-01-25 09:34 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 09:21 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E00DFF3B-2FF3-44A3-8648-76BE3AB41D9B}\mpengine.dll
2013-01-24 18:00 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-15 12:46 . 2013-01-03 18:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-10 15:02 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-01-10 15:01 . 2013-01-10 15:01 -------- d-----w- c:\program files\PC Connectivity Solution
2013-01-09 11:09 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 11:09 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 11:08 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 53248 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2013-01-02 20:25 . 2013-01-02 20:25 -------- d-----w- c:\users\HAL3000\AppData\Roaming\.techniclauncher
2013-01-02 18:49 . 2013-01-02 20:05 -------- d-----w- c:\users\HAL3000\AppData\Roaming\logs
2013-01-02 16:47 . 2005-04-03 22:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-01-02 16:47 . 2005-04-03 22:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-01-02 16:47 . 2005-04-03 22:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-01-02 16:47 . 2005-04-03 22:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-01-02 16:47 . 2005-04-03 21:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-01-02 16:47 . 2013-01-02 16:47 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-01-02 16:47 . 2013-01-02 16:47 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-01-01 17:08 . 2013-01-26 16:39 -------- d-----w- c:\users\HAL3000\AppData\Local\LogMeIn Hamachi
2013-01-01 17:07 . 2013-01-01 17:07 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-12-30 19:15 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Subversion
2012-12-30 19:14 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\fltk.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\fltk.org
2012-12-30 19:14 . 2012-12-30 19:27 -------- d-----w- c:\users\HAL3000\AppData\Roaming\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-30 19:14 . 2012-12-30 19:14 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\program files\OpenAL
2012-12-30 19:10 . 2012-12-30 19:10 -------- d-----w- c:\program files\FlightGear
2012-12-28 08:28 . 2012-12-28 08:28 -------- d-----w- c:\users\HAL3000\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 13:12 . 2012-12-21 20:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 20:21 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:29 . 2012-12-12 12:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-11-09 14:33 . 2010-10-12 08:36 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-11-09 14:33 . 2012-11-09 14:33 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-11-09 14:33 . 2012-11-09 14:33 18560 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-11-09 10:42 . 2012-12-12 12:30 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-09 10:37 . 2012-12-12 12:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-09 10:36 . 2012-12-12 12:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-09 10:36 . 2012-12-12 12:30 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-11-09 10:36 . 2012-12-12 12:30 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-09 09:01 . 2012-12-12 12:30 385024 ----a-w- c:\windows\system32\html.iec
2012-11-09 07:13 . 2012-12-12 12:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-02 10:18 . 2012-12-12 12:30 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-12 12:30 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-30 22:51 . 2011-09-11 17:56 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-09-11 17:56 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-09-11 17:56 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-09-11 17:56 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-09-11 17:56 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-09-11 17:56 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-09-11 17:55 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-09-11 17:55 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-21 01:18 . 2012-06-05 13:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-25 880496]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-26 6707744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-26 1833504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"ArcSoft Connection Service"="c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe" [2010-10-27 207424]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
backup=c:\windows\pss\GamePark klient 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^HAL3000^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\HAL3000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2012-02-10 14:07 327680 ----a-w- c:\program files\Gameforge4D\4Story_CZ\PrePatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2012-10-30 22:50 4297136 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-r- c:\windows\System32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
2010-05-25 18:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-10-07 12:10 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-28 18:55 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-25 11:06 880496 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-24 13:53 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-25 c:\windows\Tasks\ReclaimerUpdateFiles_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-25 c:\windows\Tasks\ReclaimerUpdateXML_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-26 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-26 c:\windows\Tasks\User_Feed_Synchronization-{6C81BF75-AD21-43DE-B856-DB44AFB55932}.job
- c:\windows\system32\msfeedssync.exe [2012-12-12 07:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Free YouTube Download - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
FF - ProfilePath - c:\users\HAL3000\AppData\Roaming\Mozilla\Firefox\Profiles\pnfksmr3.default\
FF - ExtSQL: !HIDDEN! 2009-09-22 09:46; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-26 17:38
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:88,4c,81,4d,af,00,9a,a6,ae,d6,cf,f9,ef,60,89,c6,58,e7,c4,95,f5,6e,75,
8b,13,41,7e,e9,a4,03,91,ef,0d,93,c4,db,f9,ab,fb,36,89,c6,d2,ed,2b,43,d1,58,\
"??"=hex:20,80,e8,43,eb,7b,23,4f,d1,e8,b9,37,5e,b9,25,98
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\License information*]
"datasecu"=hex:e3,ea,53,d6,6e,3c,68,bb,fd,75,e6,aa,67,32,48,6f,9b,35,85,46,e1,
b4,d1,23,f0,b0,02,7a,79,94,5e,63,d6,ee,40,2e,03,19,cf,7d,d8,f4,1f,8f,61,6c,\
"rkeysecu"=hex:52,24,70,f6,13,e0,80,3a,2f,16,7b,af,d7,46,b1,fc
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2116)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\System32\WUDFHost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Dokan\DokanLibrary\mounter.exe
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2013-01-26 17:45:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-26 16:45
ComboFix2.txt 2013-01-25 13:12
.
Před spuštěním: Volných bajtů: 199 131 709 440
Po spuštění: Volných bajtů: 199 063 040 000
.
- - End Of File - - 35C162A89B93E4290D560438D86C851A
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3071.1782 [GMT 1:00]
Spuštěný z: c:\users\HAL3000\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HAL3000\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-511381496-3544313381-1392337210-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-26 do 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2074-05-07 16:38 . 2006-11-21 18:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-01-26 16:36 . 2013-01-26 16:39 -------- d-----w- c:\users\HAL3000\AppData\Local\temp
2013-01-26 16:36 . 2013-01-26 16:36 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-26 16:36 . 2013-01-26 16:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-25 12:31 . 2013-01-25 12:31 -------- d-----w- c:\users\HAL3000\AppData\Local\ArcSoft
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Malwarebytes
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\programdata\Malwarebytes
2013-01-25 09:34 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-25 09:34 . 2013-01-25 09:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-25 09:21 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E00DFF3B-2FF3-44A3-8648-76BE3AB41D9B}\mpengine.dll
2013-01-24 18:00 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-15 12:46 . 2013-01-03 18:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-10 15:02 . 2012-10-17 12:53 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2013-01-10 15:01 . 2013-01-10 15:01 -------- d-----w- c:\program files\PC Connectivity Solution
2013-01-09 11:09 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 11:09 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 11:08 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 73728 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2013-01-06 07:48 . 2013-01-06 08:09 53248 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2013-01-06 07:48 . 2013-01-06 08:09 49152 ----a-r- c:\users\HAL3000\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2013-01-02 20:25 . 2013-01-02 20:25 -------- d-----w- c:\users\HAL3000\AppData\Roaming\.techniclauncher
2013-01-02 18:49 . 2013-01-02 20:05 -------- d-----w- c:\users\HAL3000\AppData\Roaming\logs
2013-01-02 16:47 . 2005-04-03 22:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-01-02 16:47 . 2005-04-03 22:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-01-02 16:47 . 2005-04-03 22:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-01-02 16:47 . 2005-04-03 22:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-01-02 16:47 . 2005-04-03 21:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-01-02 16:47 . 2013-01-02 16:47 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-01-02 16:47 . 2013-01-02 16:47 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-01-01 17:08 . 2013-01-26 16:39 -------- d-----w- c:\users\HAL3000\AppData\Local\LogMeIn Hamachi
2013-01-01 17:07 . 2013-01-01 17:07 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-12-30 19:15 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\Subversion
2012-12-30 19:14 . 2012-12-30 19:15 -------- d-----w- c:\users\HAL3000\AppData\Roaming\fltk.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\fltk.org
2012-12-30 19:14 . 2012-12-30 19:27 -------- d-----w- c:\users\HAL3000\AppData\Roaming\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\programdata\flightgear.org
2012-12-30 19:14 . 2012-12-30 19:14 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2012-12-30 19:14 . 2012-12-30 19:14 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2012-12-30 19:14 . 2012-12-30 19:14 -------- d-----w- c:\program files\OpenAL
2012-12-30 19:10 . 2012-12-30 19:10 -------- d-----w- c:\program files\FlightGear
2012-12-28 08:28 . 2012-12-28 08:28 -------- d-----w- c:\users\HAL3000\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 13:12 . 2012-12-21 20:21 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 20:21 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:29 . 2012-12-12 12:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-11-09 14:33 . 2012-11-09 14:33 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-11-09 14:33 . 2010-10-12 08:36 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2012-11-09 14:33 . 2012-11-09 14:33 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-11-09 14:33 . 2012-11-09 14:33 18560 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-11-09 10:42 . 2012-12-12 12:30 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-09 10:37 . 2012-12-12 12:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-09 10:36 . 2012-12-12 12:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-09 10:36 . 2012-12-12 12:30 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-11-09 10:36 . 2012-12-12 12:30 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-09 09:01 . 2012-12-12 12:30 385024 ----a-w- c:\windows\system32\html.iec
2012-11-09 07:13 . 2012-12-12 12:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-02 10:18 . 2012-12-12 12:30 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-12 12:30 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-30 22:51 . 2011-09-11 17:56 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-09-11 17:56 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-09-11 17:56 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-09-11 17:56 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-09-11 17:56 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-09-11 17:56 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-09-11 17:55 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-09-11 17:55 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-21 01:18 . 2012-06-05 13:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-25 880496]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-26 6707744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-12-26 1833504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"ArcSoft Connection Service"="c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe" [2010-10-27 207424]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-14 2255360]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
backup=c:\windows\pss\GamePark klient 2.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^HAL3000^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\HAL3000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2012-02-10 14:07 327680 ----a-w- c:\program files\Gameforge4D\4Story_CZ\PrePatch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
2012-10-30 22:50 4297136 ----a-w- c:\program files\AVAST Software\Avast\AvastUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-r- c:\windows\System32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
2010-05-25 18:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2011-06-16 13:21 1500160 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-10-07 12:10 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-06-28 18:55 296096 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-25 11:06 880496 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-24 13:53 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-25 c:\windows\Tasks\ReclaimerUpdateFiles_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-25 c:\windows\Tasks\ReclaimerUpdateXML_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-26 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_HAL3000.job
- c:\users\HAL3000\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-18 15:42]
.
2013-01-26 c:\windows\Tasks\User_Feed_Synchronization-{6C81BF75-AD21-43DE-B856-DB44AFB55932}.job
- c:\windows\system32\msfeedssync.exe [2012-12-12 07:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Free YouTube Download - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\HAL3000\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
FF - ProfilePath - c:\users\HAL3000\AppData\Roaming\Mozilla\Firefox\Profiles\pnfksmr3.default\
FF - ExtSQL: !HIDDEN! 2009-09-22 09:46; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-26 17:38
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*Ç*\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*‘%Q*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:88,4c,81,4d,af,00,9a,a6,ae,d6,cf,f9,ef,60,89,c6,58,e7,c4,95,f5,6e,75,
8b,13,41,7e,e9,a4,03,91,ef,0d,93,c4,db,f9,ab,fb,36,89,c6,d2,ed,2b,43,d1,58,\
"??"=hex:20,80,e8,43,eb,7b,23,4f,d1,e8,b9,37,5e,b9,25,98
.
[HKEY_USERS\S-1-5-21-511381496-3544313381-1392337210-1000\Software\SecuROM\License information*]
"datasecu"=hex:e3,ea,53,d6,6e,3c,68,bb,fd,75,e6,aa,67,32,48,6f,9b,35,85,46,e1,
b4,d1,23,f0,b0,02,7a,79,94,5e,63,d6,ee,40,2e,03,19,cf,7d,d8,f4,1f,8f,61,6c,\
"rkeysecu"=hex:52,24,70,f6,13,e0,80,3a,2f,16,7b,af,d7,46,b1,fc
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2116)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\System32\WUDFHost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Dokan\DokanLibrary\mounter.exe
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2013-01-26 17:45:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-26 16:45
ComboFix2.txt 2013-01-25 13:12
.
Před spuštěním: Volných bajtů: 199 131 709 440
Po spuštění: Volných bajtů: 199 063 040 000
.
- - End Of File - - 35C162A89B93E4290D560438D86C851A
- Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Kontrola Logu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Jak se chová PC?
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.

Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Kontrola Logu
hotovo, děkuji, PC je rychlejší než byl :-) ještě bych chtěl požádat o kontrolu stavu HDD
----------------------------------------------------------------------------
CrystalDiskInfo 5.3.1 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2013/01/27 10:52:47
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
+ Intel(R) 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA]
+ Kanál IDE (0)
- SAMSUNG HD502IJ ATA Device
+ Kanál IDE (1)
- TSSTcorp CDDVDW SH-S223B ATA Device
+ AO66RTCQ IDE Controller [SCSI]
- NWPKVI PMV81QNO16BC SCSI CdRom Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502IJ : 500,1 GB [0/2/0, pd1]
----------------------------------------------------------------------------
(1) SAMSUNG HD502IJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502IJ
Firmware : 1AA01118
Serial Number : S13TJ90S600207
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 10856 hod.
Power On Count : 1326 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _82 _82 _11 000000001856 Čas na roztočení ploten
04 _98 _98 __0 00000000070D Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 000000002A68 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000052E Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _77 _59 __0 0000170B0017 Teplota toku vzduchu
C2 _71 _58 __0 00001E0B001D Teplota
C3 100 100 __0 00000001B718 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 3354 4A39 3053 3630 3032 3037 2020 2020 2020
020: 0003 8000 0004 3141 4130 3131 3138 5341 4D53 554E
030: 4720 4844 3530 3249 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 20FF 00FF
090: 00FF 0000 FFFE 0000 FE00 0008 0005 005D 86A0 0001
100: 6030 3A38 0000 0000 0064 0000 0000 0000 5002 4E92
110: 009A 8A70 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 12A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 52 52 56 18 00 00 00 00 00 04 32 00 62 62 0D
020: 07 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 62 62 68
050: 2A 00 00 00 00 00 0A 33 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 2E 05 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 4D 3B 17 00 0B 17 00
0C0: 00 00 C2 22 00 47 3A 1D 00 0B 1E 00 00 00 C3 1A
0D0: 00 64 64 18 B7 01 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 95 1C 00 7B
170: 03 00 01 00 02 7B 0E 7B 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A3
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
----------------------------------------------------------------------------
CrystalDiskInfo 5.3.1 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2013/01/27 10:52:47
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
+ Intel(R) 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA]
+ Kanál IDE (0)
- SAMSUNG HD502IJ ATA Device
+ Kanál IDE (1)
- TSSTcorp CDDVDW SH-S223B ATA Device
+ AO66RTCQ IDE Controller [SCSI]
- NWPKVI PMV81QNO16BC SCSI CdRom Device
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502IJ : 500,1 GB [0/2/0, pd1]
----------------------------------------------------------------------------
(1) SAMSUNG HD502IJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502IJ
Firmware : 1AA01118
Serial Number : S13TJ90S600207
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 10856 hod.
Power On Count : 1326 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _82 _82 _11 000000001856 Čas na roztočení ploten
04 _98 _98 __0 00000000070D Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 000000002A68 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000052E Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _77 _59 __0 0000170B0017 Teplota toku vzduchu
C2 _71 _58 __0 00001E0B001D Teplota
C3 100 100 __0 00000001B718 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 3354 4A39 3053 3630 3032 3037 2020 2020 2020
020: 0003 8000 0004 3141 4130 3131 3138 5341 4D53 554E
030: 4720 4844 3530 3249 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 20FF 00FF
090: 00FF 0000 FFFE 0000 FE00 0008 0005 005D 86A0 0001
100: 6030 3A38 0000 0000 0064 0000 0000 0000 5002 4E92
110: 009A 8A70 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 12A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 52 52 56 18 00 00 00 00 00 04 32 00 62 62 0D
020: 07 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 62 62 68
050: 2A 00 00 00 00 00 0A 33 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 2E 05 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 4D 3B 17 00 0B 17 00
0C0: 00 00 C2 22 00 47 3A 1D 00 0B 1E 00 00 00 C3 1A
0D0: 00 64 64 18 B7 01 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 95 1C 00 7B
170: 03 00 01 00 02 7B 0E 7B 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A3
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
- Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Kontrola Logu Vyřešeno
Disk v pořádku. Teplota OK, žádná podezřelý ani přemapované soubory. Pokud je to vše, označ téma za vyřešené.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.

Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Kontrola Logu
Děkuji moc za pomoc :-)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 105 hostů