prosim o kontrolu logu

milan199m · Příspěvekod **milan199m** » 29 zář 2013 17:26

17:21:33.0734 2512 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:21:34.0078 2512 ============================================================
17:21:34.0078 2512 Current date / time: 2013/09/29 17:21:34.0078
17:21:34.0078 2512 SystemInfo:
17:21:34.0078 2512
17:21:34.0078 2512 OS Version: 5.1.2600 ServicePack: 3.0
17:21:34.0078 2512 Product type: Workstation
17:21:34.0078 2512 ComputerName: NOTEBOOK_ASUS
17:21:34.0078 2512 UserName: zato
17:21:34.0078 2512 Windows directory: C:\windows
17:21:34.0078 2512 System windows directory: C:\windows
17:21:34.0078 2512 Processor architecture: Intel x86
17:21:34.0078 2512 Number of processors: 2
17:21:34.0078 2512 Page size: 0x1000
17:21:34.0078 2512 Boot type: Normal boot
17:21:34.0078 2512 ============================================================
17:21:35.0656 2512 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:21:35.0656 2512 ============================================================
17:21:35.0656 2512 \Device\Harddisk0\DR0:
17:21:35.0656 2512 MBR partitions:
17:21:35.0656 2512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
17:21:35.0656 2512 ============================================================
17:21:35.0703 2512 C: <-> \Device\Harddisk0\DR0\Partition1
17:21:35.0703 2512 ============================================================
17:21:35.0703 2512 Initialize success
17:21:35.0703 2512 ============================================================
17:21:37.0171 3936 ============================================================
17:21:37.0171 3936 Scan started
17:21:37.0171 3936 Mode: Manual;
17:21:37.0171 3936 ============================================================
17:21:38.0265 3936 ================ Scan system memory ========================
17:21:41.0375 3936 System memory - ok
17:21:41.0375 3936 ================ Scan services =============================
17:21:41.0500 3936 Abiosdsk - ok
17:21:41.0515 3936 abp480n5 - ok
17:21:41.0562 3936 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
17:21:41.0562 3936 ACPI - ok
17:21:41.0578 3936 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\windows\system32\DRIVERS\ACPIEC.sys
17:21:41.0578 3936 ACPIEC - ok
17:21:41.0687 3936 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:21:41.0703 3936 AdobeFlashPlayerUpdateSvc - ok
17:21:41.0703 3936 adpu160m - ok
17:21:41.0828 3936 [ A9FF9831AB2BFFB1CCF849BDA19D06FD ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
17:21:41.0828 3936 AdvancedSystemCareService6 - ok
17:21:41.0843 3936 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\windows\system32\drivers\aec.sys
17:21:41.0859 3936 aec - ok
17:21:41.0890 3936 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\windows\System32\drivers\afd.sys
17:21:41.0890 3936 AFD - ok
17:21:41.0906 3936 Aha154x - ok
17:21:41.0906 3936 aic78u2 - ok
17:21:41.0906 3936 aic78xx - ok
17:21:41.0953 3936 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\windows\system32\alrsvc.dll
17:21:41.0953 3936 Alerter - ok
17:21:41.0984 3936 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\windows\System32\alg.exe
17:21:41.0984 3936 ALG - ok
17:21:41.0984 3936 AliIde - ok
17:21:41.0984 3936 amsint - ok
17:21:42.0031 3936 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\windows\System32\appmgmts.dll
17:21:42.0046 3936 AppMgmt - ok
17:21:42.0125 3936 [ 864160F5F4FBDD97B6A686854BFEBD86 ] AR5416 C:\windows\system32\DRIVERS\athw.sys
17:21:42.0140 3936 AR5416 - ok
17:21:42.0140 3936 asc - ok
17:21:42.0156 3936 asc3350p - ok
17:21:42.0156 3936 asc3550 - ok
17:21:42.0203 3936 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
17:21:42.0203 3936 ASMMAP - ok
17:21:42.0218 3936 [ 05A56C3156E1B6CC7BBD8E1D54D491F2 ] ASNDIS5 C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS
17:21:42.0234 3936 ASNDIS5 - ok
17:21:42.0328 3936 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:21:42.0375 3936 aspnet_state - ok
17:21:42.0421 3936 [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
17:21:42.0421 3936 aswFsBlk - ok
17:21:42.0453 3936 [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
17:21:42.0453 3936 aswMonFlt - ok
17:21:42.0484 3936 [ 7B43265F92257A21CBFD88E7A651044C ] aswRdr C:\windows\system32\drivers\aswRdr.sys
17:21:42.0484 3936 aswRdr - ok
17:21:42.0500 3936 [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
17:21:42.0500 3936 aswRvrt - ok
17:21:42.0562 3936 [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
17:21:42.0562 3936 aswSnx - ok
17:21:42.0609 3936 [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP C:\windows\system32\drivers\aswSP.sys
17:21:42.0609 3936 aswSP - ok
17:21:42.0671 3936 [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi C:\windows\system32\drivers\aswTdi.sys
17:21:42.0687 3936 aswTdi - ok
17:21:42.0703 3936 [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
17:21:42.0718 3936 aswVmm - ok
17:21:42.0750 3936 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:21:42.0750 3936 AsyncMac - ok
17:21:42.0765 3936 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\windows\system32\DRIVERS\atapi.sys
17:21:42.0765 3936 atapi - ok
17:21:42.0781 3936 Atdisk - ok
17:21:42.0843 3936 [ E0125043B1443E60E980618059007F8C ] Ati HotKey Poller C:\windows\system32\Ati2evxx.exe
17:21:42.0859 3936 Ati HotKey Poller - ok
17:21:42.0984 3936 [ E82A9A3C01F20F3FB3C2CFB7E8054581 ] ati2mtag C:\windows\system32\DRIVERS\ati2mtag.sys
17:21:43.0015 3936 ati2mtag - ok
17:21:43.0031 3936 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
17:21:43.0031 3936 ATKGFNEXSrv - ok
17:21:43.0062 3936 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\windows\system32\DRIVERS\atmarpc.sys
17:21:43.0062 3936 Atmarpc - ok
17:21:43.0109 3936 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\windows\System32\audiosrv.dll
17:21:43.0109 3936 AudioSrv - ok
17:21:43.0156 3936 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\windows\system32\DRIVERS\audstub.sys
17:21:43.0156 3936 audstub - ok
17:21:43.0250 3936 [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:21:43.0265 3936 Autodesk Licensing Service - ok
17:21:43.0343 3936 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
17:21:43.0343 3936 avast! Antivirus - ok
17:21:43.0421 3936 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\windows\system32\drivers\Beep.sys
17:21:43.0421 3936 Beep - ok
17:21:43.0484 3936 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
17:21:43.0500 3936 BITS - ok
17:21:43.0546 3936 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\windows\System32\browser.dll
17:21:43.0546 3936 Browser - ok
17:21:43.0609 3936 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\windows\system32\drivers\cbidf2k.sys
17:21:43.0625 3936 cbidf2k - ok
17:21:43.0640 3936 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\windows\system32\DRIVERS\CCDECODE.sys
17:21:43.0640 3936 CCDECODE - ok
17:21:43.0640 3936 cd20xrnt - ok
17:21:43.0656 3936 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\windows\system32\drivers\Cdaudio.sys
17:21:43.0656 3936 Cdaudio - ok
17:21:43.0687 3936 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\windows\system32\drivers\Cdfs.sys
17:21:43.0687 3936 Cdfs - ok
17:21:43.0703 3936 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:21:43.0703 3936 Cdrom - ok
17:21:43.0703 3936 Changer - ok
17:21:43.0765 3936 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\windows\system32\cisvc.exe
17:21:43.0765 3936 CiSvc - ok
17:21:43.0781 3936 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\windows\system32\clipsrv.exe
17:21:43.0781 3936 ClipSrv - ok
17:21:43.0812 3936 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:21:43.0890 3936 clr_optimization_v2.0.50727_32 - ok
17:21:43.0921 3936 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:21:43.0921 3936 CmBatt - ok
17:21:43.0921 3936 CmdIde - ok
17:21:43.0984 3936 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:21:43.0984 3936 Compbatt - ok
17:21:43.0984 3936 COMSysApp - ok
17:21:44.0000 3936 Cpqarray - ok
17:21:44.0046 3936 [ D18893845AE1C5833B5B2EA9B7F5C670 ] CRFILTER C:\windows\system32\DRIVERS\CRFILTER.sys
17:21:44.0046 3936 CRFILTER - ok
17:21:44.0109 3936 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\windows\System32\cryptsvc.dll
17:21:44.0109 3936 CryptSvc - ok
17:21:44.0109 3936 dac2w2k - ok
17:21:44.0109 3936 dac960nt - ok
17:21:44.0171 3936 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\windows\system32\rpcss.dll
17:21:44.0203 3936 DcomLaunch - ok
17:21:44.0234 3936 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\windows\System32\dhcpcsvc.dll
17:21:44.0234 3936 Dhcp - ok
17:21:44.0234 3936 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\windows\system32\DRIVERS\disk.sys
17:21:44.0250 3936 Disk - ok
17:21:44.0250 3936 dmadmin - ok
17:21:44.0312 3936 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\windows\system32\drivers\dmboot.sys
17:21:44.0312 3936 dmboot - ok
17:21:44.0343 3936 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\windows\system32\drivers\dmio.sys
17:21:44.0343 3936 dmio - ok
17:21:44.0359 3936 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\windows\system32\drivers\dmload.sys
17:21:44.0375 3936 dmload - ok
17:21:44.0406 3936 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\windows\System32\dmserver.dll
17:21:44.0406 3936 dmserver - ok
17:21:44.0421 3936 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\windows\system32\drivers\DMusic.sys
17:21:44.0421 3936 DMusic - ok
17:21:44.0468 3936 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:21:44.0468 3936 Dnscache - ok
17:21:44.0500 3936 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\windows\System32\dot3svc.dll
17:21:44.0515 3936 Dot3svc - ok
17:21:44.0531 3936 dpti2o - ok
17:21:44.0578 3936 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:21:44.0578 3936 drmkaud - ok
17:21:44.0609 3936 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\windows\System32\eapsvc.dll
17:21:44.0609 3936 EapHost - ok
17:21:44.0640 3936 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\windows\System32\ersvc.dll
17:21:44.0656 3936 ERSvc - ok
17:21:44.0703 3936 esgiguard - ok
17:21:44.0750 3936 [ 1DB4648B4A5F6953B0B3FC1073A72ABD ] ETD C:\windows\system32\DRIVERS\ETD.sys
17:21:44.0750 3936 ETD - ok
17:21:44.0781 3936 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\windows\system32\services.exe
17:21:44.0796 3936 Eventlog - ok
17:21:44.0843 3936 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
17:21:44.0843 3936 EventSystem - ok
17:21:44.0890 3936 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\windows\system32\drivers\Fastfat.sys
17:21:44.0906 3936 Fastfat - ok
17:21:44.0953 3936 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
17:21:44.0968 3936 FastUserSwitchingCompatibility - ok
17:21:44.0984 3936 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\windows\system32\drivers\Fdc.sys
17:21:44.0984 3936 Fdc - ok
17:21:45.0031 3936 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\windows\system32\drivers\Fips.sys
17:21:45.0031 3936 Fips - ok
17:21:45.0046 3936 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\windows\system32\drivers\Flpydisk.sys
17:21:45.0046 3936 Flpydisk - ok
17:21:45.0062 3936 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:21:45.0062 3936 FltMgr - ok
17:21:45.0109 3936 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:21:45.0109 3936 FontCache3.0.0.0 - ok
17:21:45.0125 3936 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:21:45.0125 3936 Fs_Rec - ok
17:21:45.0156 3936 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\windows\system32\DRIVERS\ftdisk.sys
17:21:45.0156 3936 Ftdisk - ok
17:21:45.0187 3936 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\windows\system32\DRIVERS\msgpc.sys
17:21:45.0187 3936 Gpc - ok
17:21:45.0218 3936 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
17:21:45.0218 3936 hamachi - ok
17:21:45.0312 3936 [ 176825151F2F93415BCB37C29AF11A3D ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
17:21:45.0312 3936 Hamachi2Svc - ok
17:21:45.0343 3936 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:21:45.0343 3936 HDAudBus - ok
17:21:45.0437 3936 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:21:45.0437 3936 helpsvc - ok
17:21:45.0437 3936 HidServ - ok
17:21:45.0500 3936 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:21:45.0500 3936 HidUsb - ok
17:21:45.0531 3936 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\windows\System32\kmsvc.dll
17:21:45.0546 3936 hkmsvc - ok
17:21:45.0546 3936 hpn - ok
17:21:45.0593 3936 [ 30CA91E657CEDE2F95359D6EF186F650 ] HPZid412 C:\windows\system32\DRIVERS\HPZid412.sys
17:21:45.0593 3936 HPZid412 - ok
17:21:45.0609 3936 [ EFD31AFA752AA7C7BBB57BCBE2B01C78 ] HPZipr12 C:\windows\system32\DRIVERS\HPZipr12.sys
17:21:45.0609 3936 HPZipr12 - ok
17:21:45.0640 3936 [ 7AC43C38CA8FD7ED0B0A4466F753E06E ] HPZius12 C:\windows\system32\DRIVERS\HPZius12.sys
17:21:45.0640 3936 HPZius12 - ok
17:21:45.0687 3936 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\windows\system32\Drivers\HTTP.sys
17:21:45.0687 3936 HTTP - ok
17:21:45.0703 3936 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\windows\System32\w3ssl.dll
17:21:45.0718 3936 HTTPFilter - ok
17:21:45.0718 3936 i2omgmt - ok
17:21:45.0734 3936 i2omp - ok
17:21:45.0765 3936 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:21:45.0765 3936 i8042prt - ok
17:21:45.0828 3936 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:21:45.0843 3936 IDriverT - ok
17:21:45.0906 3936 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:21:45.0921 3936 idsvc - ok
17:21:45.0953 3936 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\windows\system32\DRIVERS\imapi.sys
17:21:45.0953 3936 Imapi - ok
17:21:46.0000 3936 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:21:46.0015 3936 ImapiService - ok
17:21:46.0015 3936 ini910u - ok
17:21:46.0031 3936 IntelIde - ok
17:21:46.0078 3936 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\windows\system32\drivers\ip6fw.sys
17:21:46.0078 3936 Ip6Fw - ok
17:21:46.0109 3936 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:21:46.0125 3936 IpFilterDriver - ok
17:21:46.0140 3936 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\windows\system32\DRIVERS\ipinip.sys
17:21:46.0140 3936 IpInIp - ok
17:21:46.0187 3936 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\windows\system32\DRIVERS\ipnat.sys
17:21:46.0187 3936 IpNat - ok
17:21:46.0203 3936 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\windows\system32\DRIVERS\ipsec.sys
17:21:46.0203 3936 IPSec - ok
17:21:46.0234 3936 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\windows\system32\DRIVERS\irenum.sys
17:21:46.0234 3936 IRENUM - ok
17:21:46.0250 3936 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
17:21:46.0265 3936 isapnp - ok
17:21:46.0421 3936 [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
17:21:46.0421 3936 JavaQuickStarterService - ok
17:21:46.0468 3936 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:21:46.0468 3936 Kbdclass - ok
17:21:46.0500 3936 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:21:46.0500 3936 kbdhid - ok
17:21:46.0531 3936 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\windows\system32\drivers\kmixer.sys
17:21:46.0531 3936 kmixer - ok
17:21:46.0578 3936 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\windows\system32\drivers\KSecDD.sys
17:21:46.0578 3936 KSecDD - ok
17:21:46.0609 3936 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\windows\System32\srvsvc.dll
17:21:46.0609 3936 lanmanserver - ok
17:21:46.0656 3936 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\windows\System32\wkssvc.dll
17:21:46.0671 3936 lanmanworkstation - ok
17:21:46.0687 3936 lbrtfdc - ok
17:21:46.0750 3936 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\windows\System32\lmhsvc.dll
17:21:46.0765 3936 LmHosts - ok
17:21:46.0812 3936 [ CA020DB361524D1182138EFEAA8CF8F3 ] LUMDriver C:\windows\system32\drivers\LUMDriver.sys
17:21:46.0812 3936 LUMDriver - ok
17:21:46.0875 3936 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:21:46.0875 3936 MBAMProtector - ok
17:21:46.0921 3936 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:21:46.0937 3936 MBAMScheduler - ok
17:21:46.0984 3936 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:21:46.0984 3936 MBAMService - ok
17:21:47.0031 3936 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\windows\System32\msgsvc.dll
17:21:47.0046 3936 Messenger - ok
17:21:47.0078 3936 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\windows\system32\drivers\mnmdd.sys
17:21:47.0078 3936 mnmdd - ok
17:21:47.0109 3936 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:21:47.0125 3936 mnmsrvc - ok
17:21:47.0156 3936 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\windows\system32\drivers\Modem.sys
17:21:47.0156 3936 Modem - ok
17:21:47.0234 3936 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] monfilt C:\windows\system32\drivers\monfilt.sys
17:21:47.0250 3936 monfilt - ok
17:21:47.0265 3936 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:21:47.0265 3936 Mouclass - ok
17:21:47.0312 3936 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:21:47.0312 3936 mouhid - ok
17:21:47.0328 3936 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\windows\system32\drivers\MountMgr.sys
17:21:47.0328 3936 MountMgr - ok
17:21:47.0406 3936 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:21:47.0406 3936 MozillaMaintenance - ok
17:21:47.0406 3936 mraid35x - ok
17:21:47.0453 3936 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\windows\system32\DRIVERS\mrxdav.sys
17:21:47.0453 3936 MRxDAV - ok
17:21:47.0500 3936 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:21:47.0515 3936 MRxSmb - ok
17:21:47.0531 3936 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:21:47.0546 3936 MSDTC - ok
17:21:47.0578 3936 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:21:47.0578 3936 Msfs - ok
17:21:47.0578 3936 MSIServer - ok
17:21:47.0640 3936 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:21:47.0640 3936 MSKSSRV - ok
17:21:47.0656 3936 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:21:47.0656 3936 MSPCLOCK - ok
17:21:47.0671 3936 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:21:47.0671 3936 MSPQM - ok
17:21:47.0718 3936 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:21:47.0718 3936 mssmbios - ok
17:21:48.0078 3936 [ 751961E128DBCC7A32304339C4BDEFF0 ] MSSQL$AUTODESKVAULT C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
17:21:48.0140 3936 MSSQL$AUTODESKVAULT - ok
17:21:48.0281 3936 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
17:21:48.0281 3936 MSSQLServerADHelper - ok
17:21:48.0312 3936 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:21:48.0312 3936 MSTEE - ok
17:21:48.0359 3936 [ 1C0F480B7C6136DDB5FB909995AF014A ] MTsensor C:\windows\system32\DRIVERS\ATKACPI.sys
17:21:48.0359 3936 MTsensor - ok
17:21:48.0390 3936 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\windows\system32\drivers\Mup.sys
17:21:48.0406 3936 Mup - ok
17:21:48.0437 3936 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\windows\system32\DRIVERS\NABTSFEC.sys
17:21:48.0453 3936 NABTSFEC - ok
17:21:48.0484 3936 [ 0102140028FAD045756796E1C685D695 ] napagent C:\windows\System32\qagentrt.dll
17:21:48.0500 3936 napagent - ok
17:21:48.0546 3936 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\windows\system32\drivers\NDIS.sys
17:21:48.0546 3936 NDIS - ok
17:21:48.0578 3936 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\windows\system32\DRIVERS\NdisIP.sys
17:21:48.0578 3936 NdisIP - ok
17:21:48.0609 3936 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:21:48.0609 3936 NdisTapi - ok
17:21:48.0640 3936 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:21:48.0640 3936 Ndisuio - ok
17:21:48.0656 3936 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:21:48.0656 3936 NdisWan - ok
17:21:48.0703 3936 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:21:48.0703 3936 NDProxy - ok
17:21:48.0734 3936 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:21:48.0734 3936 NetBIOS - ok
17:21:48.0781 3936 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:21:48.0781 3936 NetBT - ok
17:21:48.0828 3936 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\windows\system32\netdde.exe
17:21:48.0828 3936 NetDDE - ok
17:21:48.0843 3936 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\windows\system32\netdde.exe
17:21:48.0843 3936 NetDDEdsdm - ok
17:21:48.0875 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\windows\system32\lsass.exe
17:21:48.0875 3936 Netlogon - ok
17:21:48.0890 3936 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\windows\System32\netman.dll
17:21:48.0906 3936 Netman - ok
17:21:48.0953 3936 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:21:48.0953 3936 NetTcpPortSharing - ok
17:21:48.0984 3936 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\windows\System32\mswsock.dll
17:21:49.0000 3936 Nla - ok
17:21:49.0046 3936 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\windows\system32\drivers\ccdcmb.sys
17:21:49.0046 3936 nmwcd - ok
17:21:49.0062 3936 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\windows\system32\drivers\ccdcmbo.sys
17:21:49.0062 3936 nmwcdc - ok
17:21:49.0109 3936 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\windows\system32\drivers\Npfs.sys
17:21:49.0125 3936 Npfs - ok
17:21:49.0140 3936 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:21:49.0140 3936 Ntfs - ok
17:21:49.0156 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\windows\system32\lsass.exe
17:21:49.0156 3936 NtLmSsp - ok
17:21:49.0203 3936 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\windows\system32\ntmssvc.dll
17:21:49.0218 3936 NtmsSvc - ok
17:21:49.0250 3936 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\windows\system32\drivers\Null.sys
17:21:49.0250 3936 Null - ok
17:21:49.0296 3936 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\windows\system32\DRIVERS\nwlnkflt.sys
17:21:49.0296 3936 NwlnkFlt - ok
17:21:49.0312 3936 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\windows\system32\DRIVERS\nwlnkfwd.sys
17:21:49.0312 3936 NwlnkFwd - ok
17:21:49.0390 3936 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:21:49.0390 3936 ose - ok
17:21:49.0453 3936 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\windows\system32\drivers\Parport.sys
17:21:49.0453 3936 Parport - ok
17:21:49.0468 3936 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\windows\system32\drivers\PartMgr.sys
17:21:49.0468 3936 PartMgr - ok
17:21:49.0531 3936 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\windows\system32\drivers\ParVdm.sys
17:21:49.0531 3936 ParVdm - ok
17:21:49.0578 3936 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\windows\system32\DRIVERS\pccsmcfd.sys
17:21:49.0578 3936 pccsmcfd - ok
17:21:49.0578 3936 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\windows\system32\DRIVERS\pci.sys
17:21:49.0593 3936 PCI - ok
17:21:49.0593 3936 PCIDump - ok
17:21:49.0609 3936 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\windows\system32\DRIVERS\pciide.sys
17:21:49.0609 3936 PCIIde - ok
17:21:49.0640 3936 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\windows\system32\drivers\Pcmcia.sys
17:21:49.0656 3936 Pcmcia - ok
17:21:49.0656 3936 PDCOMP - ok
17:21:49.0656 3936 PDFRAME - ok
17:21:49.0671 3936 PDRELI - ok
17:21:49.0671 3936 PDRFRAME - ok
17:21:49.0687 3936 perc2 - ok
17:21:49.0687 3936 perc2hib - ok
17:21:49.0718 3936 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\windows\system32\services.exe
17:21:49.0734 3936 PlugPlay - ok
17:21:49.0765 3936 [ A38B3CE68E7F126190CDE4AA3FDF050F ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:21:49.0781 3936 Pml Driver HPZ12 - ok
17:21:49.0796 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\windows\system32\lsass.exe
17:21:49.0796 3936 PolicyAgent - ok
17:21:49.0843 3936 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:21:49.0843 3936 PptpMiniport - ok
17:21:49.0859 3936 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\windows\system32\DRIVERS\processr.sys
17:21:49.0859 3936 Processor - ok
17:21:49.0906 3936 [ 0DFD0DF9AB7A227CEDF97FADEE60F793 ] prodrv06 C:\windows\System32\drivers\prodrv06.sys
17:21:49.0906 3936 prodrv06 - ok
17:21:49.0937 3936 [ F2E44D17EA6334B39F35CC42251B2ACA ] prohlp02 C:\windows\system32\drivers\prohlp02.sys
17:21:49.0937 3936 prohlp02 - ok
17:21:49.0984 3936 [ F3471E7971EE62420451D958DA635064 ] prosync1 C:\windows\system32\drivers\prosync1.sys
17:21:49.0984 3936 prosync1 - ok
17:21:49.0984 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\windows\system32\lsass.exe
17:21:50.0000 3936 ProtectedStorage - ok
17:21:50.0000 3936 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\windows\system32\DRIVERS\psched.sys
17:21:50.0015 3936 PSched - ok
17:21:50.0015 3936 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\windows\system32\DRIVERS\ptilink.sys
17:21:50.0031 3936 Ptilink - ok
17:21:50.0031 3936 [ 81088114178112618B1C414A65E50F7C ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
17:21:50.0046 3936 PxHelp20 - ok
17:21:50.0046 3936 ql1080 - ok
17:21:50.0046 3936 Ql10wnt - ok
17:21:50.0062 3936 ql12160 - ok
17:21:50.0062 3936 ql1240 - ok
17:21:50.0062 3936 ql1280 - ok
17:21:50.0093 3936 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:21:50.0093 3936 RasAcd - ok
17:21:50.0140 3936 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\windows\System32\rasauto.dll
17:21:50.0140 3936 RasAuto - ok
17:21:50.0171 3936 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:21:50.0171 3936 Rasl2tp - ok
17:21:50.0218 3936 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\windows\System32\rasmans.dll
17:21:50.0218 3936 RasMan - ok
17:21:50.0234 3936 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:21:50.0234 3936 RasPppoe - ok
17:21:50.0234 3936 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\windows\system32\DRIVERS\raspti.sys
17:21:50.0234 3936 Raspti - ok
17:21:50.0265 3936 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:21:50.0265 3936 Rdbss - ok
17:21:50.0265 3936 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:21:50.0281 3936 RDPCDD - ok
17:21:50.0296 3936 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\windows\system32\DRIVERS\rdpdr.sys
17:21:50.0312 3936 rdpdr - ok
17:21:50.0359 3936 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:21:50.0359 3936 RDPWD - ok
17:21:50.0390 3936 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:21:50.0406 3936 RDSessMgr - ok
17:21:50.0437 3936 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\windows\system32\DRIVERS\redbook.sys
17:21:50.0437 3936 redbook - ok
17:21:50.0468 3936 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\windows\System32\mprdim.dll
17:21:50.0484 3936 RemoteAccess - ok
17:21:50.0500 3936 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\windows\system32\regsvc.dll
17:21:50.0515 3936 RemoteRegistry - ok
17:21:50.0578 3936 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
17:21:50.0578 3936 RichVideo - ok
17:21:50.0609 3936 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\windows\system32\locator.exe
17:21:50.0609 3936 RpcLocator - ok
17:21:50.0656 3936 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\windows\system32\rpcss.dll
17:21:50.0671 3936 RpcSs - ok
17:21:50.0734 3936 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\windows\system32\rsvp.exe
17:21:50.0734 3936 RSVP - ok
17:21:50.0781 3936 [ 839141088AD7EE90F5B441B2D1AFD22C ] RTLE8023xp C:\windows\system32\DRIVERS\Rtenicxp.sys
17:21:50.0796 3936 RTLE8023xp - ok
17:21:50.0812 3936 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\windows\system32\lsass.exe
17:21:50.0812 3936 SamSs - ok
17:21:50.0843 3936 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\windows\System32\SCardSvr.exe
17:21:50.0843 3936 SCardSvr - ok
17:21:50.0906 3936 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\windows\system32\schedsvc.dll
17:21:50.0921 3936 Schedule - ok
17:21:50.0953 3936 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\windows\system32\DRIVERS\secdrv.sys
17:21:50.0968 3936 Secdrv - ok
17:21:50.0984 3936 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\windows\System32\seclogon.dll
17:21:50.0984 3936 seclogon - ok
17:21:51.0000 3936 sembbus - ok
17:21:51.0000 3936 sembcard - ok
17:21:51.0015 3936 sembmdfl2 - ok
17:21:51.0015 3936 sembmdm2 - ok
17:21:51.0015 3936 sembmgmt - ok
17:21:51.0031 3936 sembnd5 - ok
17:21:51.0031 3936 sembunic - ok
17:21:51.0046 3936 sembwwan - ok
17:21:51.0046 3936 SEMCReserved - ok
17:21:51.0062 3936 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\windows\system32\sens.dll
17:21:51.0062 3936 SENS - ok
17:21:51.0093 3936 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\windows\system32\drivers\Serial.sys
17:21:51.0093 3936 Serial - ok
17:21:51.0203 3936 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:21:51.0218 3936 ServiceLayer - ok
17:21:51.0265 3936 [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01 C:\windows\system32\drivers\sfdrv01.sys
17:21:51.0265 3936 sfdrv01 - ok
17:21:51.0281 3936 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\windows\system32\drivers\sfhlp01.sys
17:21:51.0281 3936 sfhlp01 - ok
17:21:51.0281 3936 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\windows\system32\drivers\sfhlp02.sys
17:21:51.0296 3936 sfhlp02 - ok
17:21:51.0312 3936 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\windows\system32\drivers\Sfloppy.sys
17:21:51.0312 3936 Sfloppy - ok
17:21:51.0343 3936 [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02 C:\windows\system32\drivers\sfvfs02.sys
17:21:51.0343 3936 sfvfs02 - ok
17:21:51.0390 3936 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\windows\System32\ipnathlp.dll
17:21:51.0406 3936 SharedAccess - ok
17:21:51.0437 3936 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:21:51.0437 3936 ShellHWDetection - ok
17:21:51.0453 3936 Simbad - ok
17:21:51.0531 3936 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:21:51.0531 3936 SkypeUpdate - ok
17:21:51.0546 3936 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\windows\system32\DRIVERS\SLIP.sys
17:21:51.0546 3936 SLIP - ok
17:21:51.0656 3936 [ 060F51141B20B8156804446A04AB8B2A ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
17:21:51.0671 3936 SNP2UVC - ok
17:21:51.0671 3936 Sony_EricssonWWSC - ok
17:21:51.0671 3936 Sparrow - ok
17:21:51.0718 3936 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\windows\system32\drivers\splitter.sys
17:21:51.0718 3936 splitter - ok
17:21:51.0765 3936 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\windows\system32\spoolsv.exe
17:21:51.0781 3936 Spooler - ok
17:21:51.0843 3936 [ 4E3C4FFCB2C95C2EC1FA04A6F4531533 ] sptd C:\windows\system32\Drivers\sptd.sys
17:21:51.0843 3936 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 4E3C4FFCB2C95C2EC1FA04A6F4531533
17:21:51.0843 3936 sptd ( LockedFile.Multi.Generic ) - warning
17:21:51.0843 3936 sptd - detected LockedFile.Multi.Generic (1)
17:21:51.0906 3936 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$AUTODESKVAULT C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE
17:21:51.0921 3936 SQLAgent$AUTODESKVAULT - ok
17:21:51.0921 3936 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\windows\system32\DRIVERS\sr.sys
17:21:51.0921 3936 sr - ok
17:21:51.0968 3936 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
17:21:51.0984 3936 srservice - ok
17:21:52.0031 3936 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\windows\system32\DRIVERS\srv.sys
17:21:52.0046 3936 Srv - ok
17:21:52.0062 3936 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:21:52.0078 3936 SSDPSRV - ok
17:21:52.0109 3936 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\windows\system32\wiaservc.dll
17:21:52.0125 3936 stisvc - ok
17:21:52.0171 3936 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\windows\system32\DRIVERS\StreamIP.sys
17:21:52.0171 3936 streamip - ok
17:21:52.0203 3936 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:21:52.0203 3936 swenum - ok
17:21:52.0218 3936 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\windows\system32\drivers\swmidi.sys
17:21:52.0234 3936 swmidi - ok
17:21:52.0234 3936 SwPrv - ok
17:21:52.0250 3936 symc810 - ok
17:21:52.0250 3936 symc8xx - ok
17:21:52.0250 3936 sym_hi - ok
17:21:52.0265 3936 sym_u3 - ok
17:21:52.0281 3936 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\windows\system32\drivers\sysaudio.sys
17:21:52.0281 3936 sysaudio - ok
17:21:52.0312 3936 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\windows\system32\smlogsvc.exe
17:21:52.0328 3936 SysmonLog - ok
17:21:52.0390 3936 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\windows\System32\tapisrv.dll
17:21:52.0437 3936 TapiSrv - ok
17:21:52.0546 3936 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\windows\system32\DRIVERS\tcpip.sys
17:21:52.0562 3936 Tcpip - ok
17:21:52.0609 3936 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\windows\system32\drivers\TDPIPE.sys
17:21:52.0609 3936 TDPIPE - ok
17:21:52.0656 3936 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\windows\system32\drivers\TDTCP.sys
17:21:52.0656 3936 TDTCP - ok
17:21:52.0687 3936 [ 88155247177638048422893737429D9E ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:21:52.0687 3936 TermDD - ok
17:21:52.0750 3936 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\windows\System32\termsrv.dll
17:21:52.0765 3936 TermService - ok
17:21:52.0828 3936 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\windows\System32\shsvcs.dll
17:21:52.0828 3936 Themes - ok
17:21:52.0890 3936 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:21:52.0906 3936 TlntSvr - ok
17:21:52.0921 3936 TosIde - ok
17:21:52.0937 3936 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\windows\system32\trkwks.dll
17:21:52.0968 3936 TrkWks - ok
17:21:53.0000 3936 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\windows\system32\drivers\Udfs.sys
17:21:53.0000 3936 Udfs - ok
17:21:53.0000 3936 ultra - ok
17:21:53.0046 3936 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\windows\system32\DRIVERS\update.sys
17:21:53.0046 3936 Update - ok
17:21:53.0125 3936 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\windows\System32\upnphost.dll
17:21:53.0140 3936 upnphost - ok
17:21:53.0187 3936 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\windows\system32\DRIVERS\usbser_lowerflt.sys
17:21:53.0187 3936 upperdev - ok
17:21:53.0203 3936 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\windows\System32\ups.exe
17:21:53.0218 3936 UPS - ok
17:21:53.0218 3936 USBAAPL - ok
17:21:53.0265 3936 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:21:53.0265 3936 usbccgp - ok
17:21:53.0281 3936 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:21:53.0281 3936 usbehci - ok
17:21:53.0296 3936 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:21:53.0296 3936 usbhub - ok
17:21:53.0312 3936 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
17:21:53.0312 3936 usbohci - ok
17:21:53.0359 3936 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:21:53.0359 3936 usbprint - ok
17:21:53.0375 3936 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
17:21:53.0375 3936 usbscan - ok
17:21:53.0421 3936 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\windows\system32\drivers\usbser.sys
17:21:53.0437 3936 usbser - ok
17:21:53.0437 3936 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
17:21:53.0453 3936 UsbserFilt - ok
17:21:53.0468 3936 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:21:53.0468 3936 USBSTOR - ok
17:21:53.0515 3936 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:21:53.0531 3936 usbvideo - ok
17:21:53.0578 3936 [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E ] usb_rndisx C:\windows\system32\DRIVERS\usb8023x.sys
17:21:53.0578 3936 usb_rndisx - ok
17:21:53.0609 3936 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\windows\System32\drivers\vga.sys
17:21:53.0609 3936 VgaSave - ok
17:21:53.0671 3936 [ 47DD37ED761E0349F723ABDFA53323F5 ] VIAHdAudAddService C:\windows\system32\drivers\viahduaa.sys
17:21:53.0687 3936 VIAHdAudAddService - ok
17:21:53.0703 3936 ViaIde - ok
17:21:53.0734 3936 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\windows\system32\drivers\VolSnap.sys
17:21:53.0750 3936 VolSnap - ok
17:21:53.0796 3936 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\windows\System32\vssvc.exe
17:21:53.0812 3936 VSS - ok
17:21:53.0843 3936 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
17:21:53.0859 3936 W32Time - ok
17:21:53.0890 3936 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
17:21:53.0890 3936 Wanarp - ok
17:21:53.0937 3936 [ 46A247F6617526AFE38B6F12F5512120 ] wceusbsh C:\windows\system32\DRIVERS\wceusbsh.sys
17:21:53.0937 3936 wceusbsh - ok
17:21:54.0000 3936 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\windows\system32\Drivers\wdf01000.sys
17:21:54.0000 3936 Wdf01000 - ok
17:21:54.0015 3936 WDICA - ok
17:21:54.0046 3936 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\windows\system32\drivers\wdmaud.sys
17:21:54.0046 3936 wdmaud - ok
17:21:54.0093 3936 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\windows\System32\webclnt.dll
17:21:54.0109 3936 WebClient - ok
17:21:54.0171 3936 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:21:54.0187 3936 winmgmt - ok
17:21:54.0250 3936 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\windows\system32\WsmSvc.dll
17:21:54.0281 3936 WinRM - ok
17:21:54.0312 3936 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\windows\system32\MsPMSNSv.dll
17:21:54.0328 3936 WmdmPmSN - ok
17:21:54.0406 3936 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\windows\System32\advapi32.dll
17:21:54.0421 3936 Wmi - ok
17:21:54.0468 3936 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:21:54.0468 3936 WmiApSrv - ok
17:21:54.0515 3936 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\windows\system32\DRIVERS\wpdusb.sys
17:21:54.0531 3936 WpdUsb - ok
17:21:54.0578 3936 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\windows\system32\wscsvc.dll
17:21:54.0593 3936 wscsvc - ok
17:21:54.0640 3936 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\windows\system32\DRIVERS\WSTCODEC.SYS
17:21:54.0640 3936 WSTCODEC - ok
17:21:54.0671 3936 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\windows\system32\wuauserv.dll
17:21:54.0671 3936 wuauserv - ok
17:21:54.0734 3936 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\windows\system32\DRIVERS\WudfPf.sys
17:21:54.0734 3936 WudfPf - ok
17:21:54.0781 3936 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\windows\system32\DRIVERS\wudfrd.sys
17:21:54.0781 3936 WudfRd - ok
17:21:54.0812 3936 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\windows\System32\WUDFSvc.dll
17:21:54.0828 3936 WudfSvc - ok
17:21:54.0875 3936 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\windows\System32\wzcsvc.dll
17:21:54.0906 3936 WZCSVC - ok
17:21:54.0937 3936 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\windows\System32\xmlprov.dll
17:21:54.0953 3936 xmlprov - ok
17:21:54.0968 3936 ================ Scan global ===============================
17:21:55.0015 3936 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\windows\system32\basesrv.dll
17:21:55.0062 3936 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\windows\system32\winsrv.dll
17:21:55.0093 3936 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\windows\system32\winsrv.dll
17:21:55.0125 3936 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\windows\system32\services.exe
17:21:55.0125 3936 [Global] - ok
17:21:55.0125 3936 ================ Scan MBR ==================================
17:21:55.0140 3936 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:21:55.0359 3936 \Device\Harddisk0\DR0 - ok
17:21:55.0359 3936 ================ Scan VBR ==================================
17:21:55.0359 3936 [ 0295E52D69900073EAF0D8C54C1CE2B4 ] \Device\Harddisk0\DR0\Partition1
17:21:55.0359 3936 \Device\Harddisk0\DR0\Partition1 - ok
17:21:55.0359 3936 ============================================================
17:21:55.0359 3936 Scan finished
17:21:55.0359 3936 ============================================================
17:21:55.0375 1840 Detected object count: 1
17:21:55.0375 1840 Actual detected object count: 1
17:22:17.0765 1840 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:22:17.0765 1840 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:22:31.0984 2900 Deinitialize success

Reklama

milan199m · Příspěvekod **milan199m** » 29 zář 2013 17:30

zmestil sa inak uz mi nenahadzuje tu stranku ale ten start pc je stale troska pomalsi no co bol hlavny problem je vyrieseny to len tak pre info :) cize zatial dakujem :)

Příspěvekod **memphisto** » 29 zář 2013 17:34

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

milan199m · Příspěvekod **milan199m** » 29 zář 2013 17:57

ComboFix 13-09-28.02 - zato 29.09.2013 17:43:09.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1358 [GMT 2:00]
Running from: c:\documents and settings\zato\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\9B09EE1B7C.sys
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\NetworkService\Local Settings\Application Data\assembly\tmp
C:\install.exe
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\CddbCdda.dll
c:\windows\system32\frapsvid.dll
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\SET108.tmp
c:\windows\system32\SET109.tmp
c:\windows\system32\SET11C.tmp
c:\windows\system32\SET11D.tmp
c:\windows\system32\SET11E.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET123.tmp
c:\windows\system32\SET125.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-08-28 to 2013-09-29 )))))))))))))))))))))))))))))))
.
.
2013-09-29 06:51 . 2013-09-29 06:51 -------- d-----w- c:\windows\ERUNT
2013-09-29 06:46 . 2013-09-29 08:41 -------- d-----w- C:\AdwCleaner
2013-09-27 13:55 . 2013-09-27 14:41 -------- d-----w- C:\sh4ldr
2013-09-27 13:55 . 2013-09-27 13:55 -------- d-----w- c:\program files\Enigma Software Group
2013-09-27 13:54 . 2013-09-27 14:40 -------- d-----w- c:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-09-27 08:55 . 2013-06-04 07:23 562688 -c----w- c:\windows\system32\dllcache\qedit.dll
2013-09-22 16:03 . 2013-09-29 15:36 -------- d-----w- c:\documents and settings\zato\Local Settings\Application Data\LogMeIn Hamachi
2013-09-22 16:03 . 2013-09-29 15:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2013-09-22 16:02 . 2013-09-22 16:02 -------- d-----w- c:\program files\LogMeIn Hamachi
2013-09-22 16:00 . 2013-09-22 16:02 -------- d-----w- c:\documents and settings\zato\Application Data\Hamachi
2013-09-10 17:46 . 2013-09-10 17:46 9430408 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-10 17:46 . 2013-02-07 14:16 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-10 17:46 . 2012-02-10 16:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-27 16:31 . 2011-02-19 22:03 420944 ----a-w- c:\windows\system32\msvcp100.dll
2013-08-27 16:31 . 2011-02-18 23:40 773712 ----a-w- c:\windows\system32\msvcr100.dll
2013-08-16 11:32 . 2013-08-16 11:33 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-16 11:32 . 2009-12-23 23:53 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-08-16 11:32 . 2013-08-16 11:33 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-16 11:32 . 2013-08-16 11:33 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-03 12:18 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-25 08:12 . 2004-08-04 01:07 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-07-25 08:12 . 2004-08-04 01:07 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-07-24 15:48 . 2004-08-04 01:07 369664 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2004-08-04 01:07 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03 . 2004-08-04 01:07 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08 . 2004-08-03 22:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 534528]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-15 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-04-30 33619968]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-01 98304]
"ATKHOTKEY"="c:\program files\ASUS\ATK Hotkey\HControl.exe" [2009-04-23 178744]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^zato^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\zato\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 10:29 49152 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-06-28 12:02 2255184 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-04-16 11:53 1079808 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-12-07 21:57 30208 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-04-09 20:24 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [14.4.2013 11:36 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [14.4.2013 11:36 175176]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.12.2009 1:51 639224]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29.2.2012 15:34 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.11.2010 21:38 369584]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24.4.2007 17:52 16688]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [12.3.2013 9:55 528192]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.11.2010 21:38 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [14.4.2013 11:36 66336]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.6.2013 14:02 1440080]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [24.12.2009 0:01 89856]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [24.12.2009 0:00 1131264]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.4.2013 11:05 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [7.4.2008 15:00 6656]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.4.2013 11:05 22856]
S3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\DRIVERS\sembbus.sys --> c:\windows\system32\DRIVERS\sembbus.sys [?]
S3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\DRIVERS\sembcard.sys --> c:\windows\system32\DRIVERS\sembcard.sys [?]
S3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\DRIVERS\sembmdfl2.sys --> c:\windows\system32\DRIVERS\sembmdfl2.sys [?]
S3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\DRIVERS\sembmdm2.sys --> c:\windows\system32\DRIVERS\sembmdm2.sys [?]
S3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sembmgmt.sys --> c:\windows\system32\DRIVERS\sembmgmt.sys [?]
S3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\DRIVERS\sembnd5.sys --> c:\windows\system32\DRIVERS\sembnd5.sys [?]
S3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\DRIVERS\sembunic.sys --> c:\windows\system32\DRIVERS\sembunic.sys [?]
S3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\DRIVERS\sembwwan.sys --> c:\windows\system32\DRIVERS\sembwwan.sys [?]
S3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\DRIVERS\semcreserved.sys --> c:\windows\system32\DRIVERS\semcreserved.sys [?]
S3 Sony_EricssonWWSC;Sony Ericsson PC SC Port;c:\windows\system32\DRIVERS\seu4scard.sys --> c:\windows\system32\DRIVERS\seu4scard.sys [?]
S3 SQLAgent$AUTODESKVAULT;SQLAgent$AUTODESKVAULT;c:\program files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE [3.5.2005 22:42 323584]
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-07 17:46]
.
2013-09-29 c:\windows\Tasks\ASC6_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 6\Monitor.exe [2013-03-12 17:47]
.
2013-09-29 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-01-30 08:58]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 217.119.113.244 87.244.248.13 217.119.113.245
FF - ProfilePath - c:\documents and settings\zato\Application Data\Mozilla\Firefox\Profiles\uxvg3kww.default\
FF - ExtSQL: 2013-08-27 18:30; donottrackplus@abine.com; c:\documents and settings\zato\Application Data\Mozilla\Firefox\Profiles\uxvg3kww.default\extensions\donottrackplus@abine.com
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Handy Updater - c:\program files\handyupdater\handyupdater.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-QuickTime Task - c:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe
MSConfigStartUp-Steam - c:\games\Steam\Steam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-29 17:53
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-436374069-879983540-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f6,c1,79,8a,ed,cd,6b,dd,2b,bb,8e,b6,fb,5c,51,24,a0,19,fe,d4,15,53,8d,
d5,b7,2f,9b,8c,a4,10,f7,83,b1,ff,b2,0d,81,e7,eb,9a,7c,42,23,9c,df,c5,77,6d,\
"??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2013-09-29 17:55:20
ComboFix-quarantined-files.txt 2013-09-29 15:55
.
Pre-Run: 41 743 859 712 bytes free
Post-Run: 41 698 430 976 bytes free
.
- - End Of File - - 7F3121EE78F0CBF341D4BF78D9D6CDA9
8F558EB6672622401DA993E1E865C861

Příspěvekod **jaro3** » 30 zář 2013 10:50

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
C:\ Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
c:\windows\pss\McAfee Security Scan Plus.lnk

Folder::
c:\program files\Skype\Updater

Driver::
SkypeUpdate
esgiguard
sembbus
sembcard
sembmdfl2
sembmdm2
sembmgmt
sembnd5
sembunic
sembwwan
SEMCReserved
Sony_EricssonWWSC

Registry::
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=-
 backup=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
http://files.avast.com/files/rootkit-scanner/aswmbr.exe
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

milan199m · Příspěvekod **milan199m** » 30 zář 2013 20:22

v combofixe urobim co si mi poradil ale nejak mi to sekne proste nahodena modra obrazovka s textom ,,scanning for infected files... this typically doesnt take more than 10 minutes however, scan times for badly infected machines may easily double,, a dalej sa to nepohne co mam urobit? 2x som to skusal a to iste. 1x som ho restartoval a urobil obnovu lebo som si spravil bod obnovy pred tou operaciou s combofixom.. a 2x som tiez restartol pc ale obnovu som vynechal..

Příspěvekod **jaro3** » 01 říj 2013 09:24

zkus udělat ten script v nouz. režimu.

milan199m · Příspěvekod **milan199m** » 01 říj 2013 10:17

podarilo sa

ComboFix 13-09-30.02 - zato 01.10.2013 9:57.2.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1746 [GMT 2:00]
Running from: c:\documents and settings\zato\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\zato\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
"c:\ documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk"
"c:\windows\pss\McAfee Security Scan Plus.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
C:\Thumbs.db
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\ijl11.dll
c:\windows\system32\vbpng1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Legacy_SKYPEUPDATE
-------\Service_esgiguard
-------\Service_sembbus
-------\Service_sembcard
-------\Service_sembmdfl2
-------\Service_sembmdm2
-------\Service_sembmgmt
-------\Service_sembnd5
-------\Service_sembunic
-------\Service_sembwwan
-------\Service_SEMCReserved
-------\Service_SkypeUpdate
-------\Service_Sony_EricssonWWSC
.
.
((((((((((((((((((((((((( Files Created from 2013-09-01 to 2013-10-01 )))))))))))))))))))))))))))))))
.
.
2013-09-30 17:40 . 2013-09-30 17:40 -------- d-----w- c:\windows\system32\wbem\Repository
2013-09-29 06:51 . 2013-09-29 06:51 -------- d-----w- c:\windows\ERUNT
2013-09-29 06:46 . 2013-09-29 08:41 -------- d-----w- C:\AdwCleaner
2013-09-27 13:55 . 2013-09-27 14:41 -------- d-----w- C:\sh4ldr
2013-09-27 13:55 . 2013-09-27 13:55 -------- d-----w- c:\program files\Enigma Software Group
2013-09-27 13:54 . 2013-09-27 14:40 -------- d-----w- c:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2013-09-27 08:55 . 2013-06-04 07:23 562688 -c----w- c:\windows\system32\dllcache\qedit.dll
2013-09-22 16:03 . 2013-09-30 18:48 -------- d-----w- c:\documents and settings\zato\Local Settings\Application Data\LogMeIn Hamachi
2013-09-22 16:03 . 2013-10-01 08:09 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2013-09-22 16:02 . 2013-09-22 16:02 -------- d-----w- c:\program files\LogMeIn Hamachi
2013-09-22 16:00 . 2013-09-22 16:02 -------- d-----w- c:\documents and settings\zato\Application Data\Hamachi
2013-09-10 17:46 . 2013-09-10 17:46 9430408 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-10 17:46 . 2013-02-07 14:16 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-10 17:46 . 2012-02-10 16:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-27 16:31 . 2011-02-19 22:03 420944 ----a-w- c:\windows\system32\msvcp100.dll
2013-08-27 16:31 . 2011-02-18 23:40 773712 ----a-w- c:\windows\system32\msvcr100.dll
2013-08-16 11:32 . 2013-08-16 11:33 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-16 11:32 . 2009-12-23 23:53 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-08-16 11:32 . 2013-08-16 11:33 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-16 11:32 . 2013-08-16 11:33 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-03 12:18 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-25 08:12 . 2004-08-04 01:07 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-07-25 08:12 . 2004-08-04 01:07 81920 ----a-w- c:\windows\system32\ieencode.dll
2013-07-24 15:48 . 2004-08-04 01:07 369664 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2004-08-04 01:07 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03 . 2004-08-04 01:07 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08 . 2004-08-03 22:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 534528]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-15 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-04-30 33619968]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-01 98304]
"ATKHOTKEY"="c:\program files\ASUS\ATK Hotkey\HControl.exe" [2009-04-23 178744]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^zato^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\zato\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 10:29 49152 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2013-06-28 12:02 2255184 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-04-16 11:53 1079808 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-12-07 21:57 30208 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-02-28 16:50 18642024 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-04-09 20:24 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 05:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [14.4.2013 11:36 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [14.4.2013 11:36 175176]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.12.2009 1:51 639224]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29.2.2012 15:34 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.11.2010 21:38 369584]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [24.4.2007 17:52 16688]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [12.3.2013 9:55 528192]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.11.2010 21:38 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [14.4.2013 11:36 66336]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.6.2013 14:02 1440080]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.4.2013 11:05 701512]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [24.12.2009 0:01 89856]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.4.2013 11:05 22856]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [24.12.2009 0:00 1131264]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [7.4.2008 15:00 6656]
S3 SQLAgent$AUTODESKVAULT;SQLAgent$AUTODESKVAULT;c:\program files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE [3.5.2005 22:42 323584]
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-07 17:46]
.
2013-10-01 c:\windows\Tasks\ASC6_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 6\Monitor.exe [2013-03-12 17:47]
.
2013-10-01 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-01-30 08:58]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 217.119.113.244 87.244.248.13 217.119.113.245
FF - ProfilePath - c:\documents and settings\zato\Application Data\Mozilla\Firefox\Profiles\uxvg3kww.default\
FF - ExtSQL: 2013-08-27 18:30; donottrackplus@abine.com; c:\documents and settings\zato\Application Data\Mozilla\Firefox\Profiles\uxvg3kww.default\extensions\donottrackplus@abine.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-01 10:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-436374069-879983540-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f6,c1,79,8a,ed,cd,6b,dd,2b,bb,8e,b6,fb,5c,51,24,a0,19,fe,d4,15,53,8d,
d5,b7,2f,9b,8c,a4,10,f7,83,b1,ff,b2,0d,81,e7,eb,9a,7c,42,23,9c,df,c5,77,6d,\
"??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2844)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\wscntfy.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Completion time: 2013-10-01 10:15:07 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-01 08:15
ComboFix2.txt 2013-09-29 15:55
.
Pre-Run: 41 351 462 912 bytes free
Post-Run: 17 adresárov, 41 218 920 448 voľných bajtov
.
- - End Of File - - 92DC02D2A2BB50842A692AE8DF7E61DA
8F558EB6672622401DA993E1E865C861

milan199m · Příspěvekod **milan199m** » 01 říj 2013 10:18

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:18:14, on 1.10.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\windows\system32\svchost.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\windows\system32\svchost.exe
C:\windows\explorer.exe
C:\Documents and Settings\zato\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~3\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6949 bytes

milan199m · Příspěvekod **milan199m** » 01 říj 2013 11:51

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-10-01 10:20:23
-----------------------------
10:20:23.921 OS Version: Windows 5.1.2600 Service Pack 3
10:20:23.921 Number of processors: 2 586 0x301
10:20:23.921 ComputerName: NOTEBOOK_ASUS UserName: zato
10:20:25.812 Initialize success
10:20:29.468 AVAST engine defs: 13093001
10:20:35.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:20:35.984 Disk 0 Vendor: Hitachi_HTS543225L9A300 FBEOC40C Size: 238475MB BusType: 3
10:20:36.156 Disk 0 MBR read successfully
10:20:36.156 Disk 0 MBR scan
10:20:36.156 Disk 0 Windows XP default MBR code
10:20:36.171 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238464 MB offset 63
10:20:36.171 Disk 0 scanning sectors +488376000
10:20:36.203 Disk 0 scanning C:\windows\system32\drivers
10:20:50.234 Service scanning
10:21:06.281 Service sptd C:\windows\System32\Drivers\sptd.sys **LOCKED** 32
10:21:11.109 Modules scanning
10:21:20.312 Disk 0 trace - called modules:
10:21:20.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys sptd.sys >>UNKNOWN [0x8a6b07ac]<<
10:21:20.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a63aab8]
10:21:20.359 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000008f[0x8a57c9e8]
10:21:20.359 5 ACPI.sys[b9e90620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a63e940]
10:21:20.359 \Driver\atapi[0x8a63f030] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> prosync1.sys[0xba5b0661]
10:21:21.656 AVAST engine scan C:\windows
10:21:28.703 AVAST engine scan C:\windows\system32
10:24:17.125 AVAST engine scan C:\windows\system32\drivers
10:24:45.390 AVAST engine scan C:\Documents and Settings\zato
11:02:19.843 AVAST engine scan C:\Documents and Settings\All Users
11:03:40.828 Scan finished successfully
11:48:48.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\zato\Desktop\MBR.dat"
11:48:48.640 The log file has been saved successfully to "C:\Documents and Settings\zato\Desktop\aswMBR.txt"

Příspěvekod **memphisto** » 01 říj 2013 16:54

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Jak se chová PC?

milan199m · Příspěvekod **milan199m** » 01 říj 2013 18:10

no takze pc sa chova nasledovne. start PC je omnoho sviznejsi, co je vtipne uvolnilo sa mi asi 20G miesta co som aj rad :) ale hlavne co som spokojny je ze konecne mi neblbne to s tou domovskou strankou pekne mi vyhodi mnou zadefinovanu dom. stranku takze velka spokojnost

a plus otvaranie priecinkov je neskutocne rychle

no ako sa sprava zistim po nejakom case toto su take moje prve poznatky. velka vdaka za pomoc moj PC je ako novy

vyhol som sa preinstalovaniu Win... VDAKA chlapi

prosim o kontrolu logu Vyřešeno

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Kdo je online