Zasekává se mi PC prosím o pomoc

ivan zdrahal · Příspěvekod **ivan zdrahal** » 02 pro 2011 20:54

Ano mám ale bez toho sys na konci je to v pořádku nebo problém?

Reklama

Příspěvekod **jaro3** » 02 pro 2011 21:38

Musíš mít v C:\ samotný soubor , ne složku.

ivan zdrahal · Příspěvekod **ivan zdrahal** » 03 pro 2011 17:10

Tak snad ted je už to správně
ComboFix 11-11-29.04 - stanice 03.12.2011 16:51:30.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.2956 [GMT 1:00]
Spuštěný z: c:\documents and settings\stanice\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\stanice\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-03 do 2011-12-03 )))))))))))))))))))))))))))))))
.
.
2011-12-02 17:34 . 2011-12-02 20:04 -------- d-----w- C:\atapi
2011-11-30 12:21 . 2011-12-03 11:15 4786 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-27 09:54 . 2011-11-27 09:54 -------- d-----w- c:\program files\LSoft Technologies
2011-11-20 20:23 . 2011-11-27 14:45 -------- d-----w- c:\program files\CrystalDiskInfo
2011-11-20 20:23 . 2011-11-22 05:23 -------- d-----w- c:\documents and settings\stanice\Data aplikací\OpenCandy
2011-11-20 20:13 . 2011-11-20 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-20 20:13 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-20 09:05 . 2011-11-20 09:05 388096 ----a-r- c:\documents and settings\stanice\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-12 07:29 . 2011-11-12 07:29 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\NVIDIA
2011-11-10 22:58 . 2011-11-10 22:58 -------- d-----w- C:\Temp
2011-11-08 19:27 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-11-08 19:27 . 2011-11-08 19:27 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-08 19:27 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-11-08 19:27 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-11-08 19:27 . 2011-08-17 11:56 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-11-08 19:27 . 2011-08-17 11:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 07:33 . 2011-05-19 04:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-28 18:01 . 2011-09-21 19:57 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-09-21 19:57 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-09-21 19:57 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-09-21 19:57 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-09-21 19:57 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-09-21 19:57 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-09-21 19:57 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-09-21 19:57 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-09-21 19:57 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-09-21 19:57 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-10 14:22 . 2010-07-09 18:09 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2009-10-08 12:57 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 22:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-11-29_18.42.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2011-11-29 08:57 68684 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2011-12-03 11:15 68684 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2011-12-03 11:15 435788 c:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2011-11-29 08:57 435788 c:\windows\system32\perfh009.dat
+ 2011-12-02 07:33 . 2011-12-02 07:33 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2010-07-10 10:53 . 2011-12-02 07:33 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\stanice\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-04-05 21:05 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ekrn"=2 (0x2)
"EhttpSrv"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\NFS11.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [9.7.2010 21:07 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [9.7.2010 21:07 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [21.9.2011 20:57 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [21.9.2011 20:57 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21.9.2011 20:57 20568]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [16.2.2011 11:54 218688]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys [30.8.2010 14:24 5230088]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2011 5:21 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2011 5:21 136176]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys [30.8.2010 14:24 5230088]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [29.7.2010 17:09 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-18 04:21]
.
2011-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-18 04:21]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stahnou vse FlashGet3 - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 192.168.30.1 10.68.36.1
FF - ProfilePath - c:\documents and settings\stanice\Data aplikací\Mozilla\Firefox\Profiles\o5sx0bxl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Firefox Synchronisation Extension: fe_3.6@nokia.com - c:\program files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1644491937-616249376-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\stanice\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-1644491937-616249376-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\stanice\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="F69EBDDD8F595D64A85E5497646AB6FE0E307EC97E2F3C4E69EB50DFAD0202A7176F667A352D63599BEED619460A1ADCFAECF1DCBFB3A827E9A85556C34A95F2CBAE47639DC6EEB278736C9BF3DAA6FE5FFAC552D1643721EF1600A4F27020A6592B1615714D2E0C9290413CB32E8D6EBBF93909355B3ED748EEC60A98F43E8EF9D59C510BCB2081B093945FFCB6D63B842F23A3A29368EB338EB18AC93FDF7C5CC5BA1C7D2E9A358E6AB729FE0BD977A100698A83FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CA6171C11EC38DE3DC038D530D6EB3452E176D33B5379ECAA9A31BECCCDAB8592674764108B4A449DA7BDC3EA542C181F79F1A1F39DB2A164DB31C1D97189717C5D213186EE375B46E37893A34FFCC9DD7B89915F818AB7473A184F10D6FA2979B302EB9A3CA43AB378B8203685BE3E9B2C0ADE6FC64C6F36A5388F0D3CDEAA2E22E15139CC28C164873B56FB8A5AD5D4B715450C57D4484D71B731E7862A3AF0458B22431BEB960C950E2944934F36B9AB9D081043998B58D410E7263CE35E4B1E9D208D492C21138D9689CFF92EC830796DEBCA3D2140596C8F6A458AAA62FB118B14E01C390C14BB0CF356BB203A50F9A1B9FE1B06B506B5567234C0ACD4F4659A487B7C7A495ED1FAE180FA5CFB65662BC064D9797E4794DC3ED8D2308ADEC8668E0D78E78BF5E44255EBFD33C2715C4E52A316BCF03C526A9208D80C99124A5E383BBE0FCB136E95D22B2F8608A7DE23C35E1528A6B4979DB3918E2B5C1EDFC49E9F2691C5204CFDE3451A4C8872D4976EA7BA27FD36F5E7EEB2D311F2C560309D4626A4F93E3F5593B2720E46EB08EB3084153918FBDF9090A0ADCF407E890B93B05D912D3FECCCF3630F6C85E6A7B5EA71506FDCF1ABAF6B03C1116C737B94E3D30BB4E5AADEE618B6E617CF66C4DC045D4174F43A173457755E10E104396078191481F1BC837D1A841AD573A3D59D652A5E01CFA9405FAE89F01DCD402D533A5C037ADF65A9BA16976A027F8AB70BFCB042651F4BAAC6CFC1101C2772A22A9B7083BA85470A9EAC2BBD0B4A3C2507BB3AAB84585B3DD49D967207A2114AF20D98E66EF83ABA7D83F39CF1EC0D444C1808FD55B6CC4446FDF47268BACDB88F098EA158984ABB7E4196B6CE440618678ACABFE4B7C36EADDCBA12E1B18965B70A7F4D4C0436EB9E932E5D4A71620DB7912A9B509D99CFF027BEF4A607DA2E760F8CA5341E7193AB2BC706A2D914F0F3AE41614CED5C5F49D146627F848DD22A1E4A8C8D90A4DA4B3D654B2A273E76A36720031F744E7945D18F4648349E7785BBC1076946A9CEF3827DE949453B342445C818253DE35BC52249B0726642240F76F03EECEF92DFF0B5"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3616)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\windows\System32\ping.exe
.
**************************************************************************
.
Celkový čas: 2011-12-03 17:08:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-03 16:08
ComboFix2.txt 2011-12-02 20:35
ComboFix3.txt 2011-12-02 18:30
ComboFix4.txt 2011-11-30 11:24
ComboFix5.txt 2011-12-03 15:49
.
Před spuštěním: Volných bajtů: 263 924 502 528
Po spuštění: Volných bajtů: 263 968 800 768
.
- - End Of File - - C2C7E9A288FA1D804BDE339934F0378C

Příspěvekod **jaro3** » 05 pro 2011 09:17

Hm , ale pořád blbý...

udělej tento script:

Kód: Vybrat vše

KillAll::
FCOPY::
c:\windows\ServicePackFiles\i386\atapi.sys | c:\windows\system32\drivers\atapi.sys

Stejný postup.

ivan zdrahal · Příspěvekod **ivan zdrahal** » 08 pro 2011 06:02

ComboFix 11-12-06.01 - stanice 08.12.2011 3:38.11.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.2970 [GMT 1:00]
Spuštěný z: c:\documents and settings\stanice\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\stanice\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\ServicePackFiles\i386\atapi.sys --> c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AMSERVICE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-08 do 2011-12-08 )))))))))))))))))))))))))))))))
.
.
2011-12-05 22:20 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-05 22:20 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-05 22:20 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-05 22:20 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-05 22:20 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-05 22:20 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-12-05 22:20 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-12-05 22:20 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-12-05 22:20 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-05 22:20 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-02 17:34 . 2011-12-02 20:04 -------- d-----w- C:\atapi
2011-11-30 12:21 . 2011-12-08 02:55 4786 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-11-27 09:54 . 2011-11-27 09:54 -------- d-----w- c:\program files\LSoft Technologies
2011-11-20 20:23 . 2011-11-27 14:45 -------- d-----w- c:\program files\CrystalDiskInfo
2011-11-20 20:23 . 2011-11-22 05:23 -------- d-----w- c:\documents and settings\stanice\Data aplikací\OpenCandy
2011-11-20 20:13 . 2011-11-20 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-20 20:13 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-20 09:05 . 2011-11-20 09:05 388096 ----a-r- c:\documents and settings\stanice\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-12 07:29 . 2011-11-12 07:29 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\NVIDIA
2011-11-10 22:58 . 2011-11-10 22:58 -------- d-----w- C:\Temp
2011-11-08 19:27 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-11-08 19:27 . 2011-11-08 19:27 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-08 19:27 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-11-08 19:27 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-11-08 19:27 . 2011-08-17 11:56 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-11-08 19:27 . 2011-08-17 11:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 07:33 . 2011-05-19 04:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2010-07-09 18:09 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2009-10-08 12:57 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 22:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-11-29_18.42.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2001-10-25 14:00 . 2011-12-08 02:55 68684 c:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2011-11-29 08:57 68684 c:\windows\system32\perfc009.dat
+ 2009-07-11 23:02 . 2009-07-11 23:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
- 2001-10-25 14:00 . 2011-11-29 08:57 435788 c:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2011-12-08 02:55 435788 c:\windows\system32\perfh009.dat
+ 2011-12-02 07:33 . 2011-12-02 07:33 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2011-12-04 17:01 . 2011-04-20 20:10 183338 c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
- 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2010-08-09 18:06 . 2011-12-04 17:02 1103516 c:\windows\system32\Restore\rstrlog.dat
+ 2010-07-10 10:53 . 2011-12-02 07:33 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-04-05 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\stanice\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-04-05 21:05 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ekrn"=2 (0x2)
"EhttpSrv"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Need for Speed(TM) Hot Pursuit\\NFS11.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [9.7.2010 21:07 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [9.7.2010 21:07 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5.12.2011 23:20 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5.12.2011 23:20 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.12.2011 23:20 20568]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [16.2.2011 11:54 218688]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys [30.8.2010 14:24 5230088]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2011 5:21 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2011 5:21 136176]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys [30.8.2010 14:24 5230088]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [29.7.2010 17:09 47360]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-18 04:21]
.
2011-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-18 04:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stahnou vse FlashGet3 - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\stanice\Data aplikací\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 192.168.30.1 10.68.36.1
FF - ProfilePath - c:\documents and settings\stanice\Data aplikací\Mozilla\Firefox\Profiles\o5sx0bxl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: fe_3.6@nokia.com - c:\program files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1644491937-616249376-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\stanice\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-1644491937-616249376-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\stanice\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="F69EBDDD8F595D64A85E5497646AB6FE0E307EC97E2F3C4E69EB50DFAD0202A7176F667A352D63599BEED619460A1ADCFAECF1DCBFB3A827E9A85556C34A95F2CBAE47639DC6EEB278736C9BF3DAA6FE5FFAC552D1643721EF1600A4F27020A6592B1615714D2E0C9290413CB32E8D6EBBF93909355B3ED748EEC60A98F43E8EF9D59C510BCB2081B093945FFCB6D63B842F23A3A29368EB338EB18AC93FDF7C5CC5BA1C7D2E9A358E6AB729FE0BD977A100698A83FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CA6171C11EC38DE3DC038D530D6EB3452E176D33B5379ECAA9A31BECCCDAB8592674764108B4A449DA7BDC3EA542C181F79F1A1F39DB2A164DB31C1D97189717C5D213186EE375B46E37893A34FFCC9DD7B89915F818AB7473A184F10D6FA2979B302EB9A3CA43AB378B8203685BE3E9B2C0ADE6FC64C6F36A5388F0D3CDEAA2E22E15139CC28C164873B56FB8A5AD5D4B715450C57D4484D71B731E7862A3AF0458B22431BEB960C950E2944934F36B9AB9D081043998B58D410E7263CE35E4B1E9D208D492C21138D9689CFF92EC830796DEBCA3D2140596C8F6A458AAA62FB118B14E01C390C14BB0CF356BB203A50F9A1B9FE1B06B506B5567234C0ACD4F4659A487B7C7A495ED1FAE180FA5CFB65662BC064D9797E4794DC3ED8D2308ADEC8668E0D78E78BF5E44255EBFD33C2715C4E52A316BCF03C526A9208D80C99124A5E383BBE0FCB136E95D22B2F8608A7DE23C35E1528A6B4979DB3918E2B5C1EDFC49E9F2691C5204CFDE3451A4C8872D4976EA7BA27FD36F5E7EEB2D311F2C560309D4626A4F93E3F5593B2720E46EB08EB3084153918FBDF9090A0ADCF407E890B93B05D912D3FECCCF3630F6C85E6A7B5EA71506FDCF1ABAF6B03C1116C737B94E3D30BB4E5AADEE618B6E617CF66C4DC045D4174F43A173457755E10E104396078191481F1BC837D1A841AD573A3D59D652A5E01CFA9405FAE89F01DCD402D533A5C037ADF65A9BA16976A027F8AB70BFCB042651F4BAAC6CFC1101C2772A22A9B7083BA85470A9EAC2BBD0B4A3C2507BB3AAB84585B3DD49D967207A2114AF20D98E66EF83ABA7D83F39CF1EC0D444C1808FD55B6CC4446FDF47268BACDB88F098EA158984ABB7E4196B6CE440618678ACABFE4B7C36EADDCBA12E1B18965B70A7F4D4C0436EB9E932E5D4A71620DB7912A9B509D99CFF027BEF4A607DA2E760F8CA5341E7193AB2BC706A2D914F0F3AE41614CED5C5F49D146627F848DD22A1E4A8C8D90A4DA4B3D654B2A273E76A36720031F744E7945D18F4648349E7785BBC1076946A9CEF3827DE949453B342445C818253DE35BC52249B0726642240F76F03EECEF92DFF0B5"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3136)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\windows\System32\ping.exe
.
**************************************************************************
.
Celkový čas: 2011-12-08 03:59:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-08 02:59
ComboFix2.txt 2011-12-03 16:08
ComboFix3.txt 2011-12-02 20:35
ComboFix4.txt 2011-12-02 18:30
ComboFix5.txt 2011-12-06 15:20
.
Před spuštěním: Volných bajtů: 256 962 207 744
Po spuštění: Volných bajtů: 257 076 469 760
.
- - End Of File - - DCAD144DBEA08670AC077BFC0C28B82C

Příspěvekod **jaro3** » 08 pro 2011 08:42

c:\windows\system32\drivers\atapi.sys---- dej na Virustotal.

Jsou nějaké problémy?

ivan zdrahal · Příspěvekod **ivan zdrahal** » 09 pro 2011 18:47

Soubor se chová pořád stejne když ho dam na Virustotal tak mi prostě nejde tak jak před tím.Počítač se chová stále zpomaleně už né tolik co předtím ale není to pořád ono. Hlavně to dělá ted internet v jakem koliv prohlížeči.Když se třeba načítá stránka zjednodušeně napsané a počí se to kolečko načítání tak se prostě zastaví a po 5 až deseti sekundách se zase rozjede.

Příspěvekod **jaro3** » 09 pro 2011 19:23

1)
Stáhni si MBR Rootkit Detektor
- ulož si ho přímo na disk C a spusť ho
- za chvíli se ti vytvoří jeho log (mbr.log) vlož sem celý jeho obsah.

2)
Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře:
C:\mbr.exe -f
a dej Ok.mezi mbr.exe a -f je mezera
- pokud by tě bezpečnostní software upozornil na přepsání MBR tak to povol
- počkej až program proběhne a pak restartuj Pc

3)
Stáhněte GMER, rozbalte ho na Plochu a dvojklikem ho spusťte.
Několik sekund bude skenovat.
Až sken dokončí, klikněte na 'Save' - to vygeneruje první log, který mi vložíte ve formě textu sem.
Poté vytvořte druhý log, přičemž se budete řídit tímto návodem - tento log mi sem taktéž vložíte.

4)
Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

5)
Stáhni Bootkit Remover

-ulož na plochu
-spusť
- pak klikni do černého okna a zkopíruj sem výsledek, případně dej screen

ivan zdrahal · Příspěvekod **ivan zdrahal** » 09 pro 2011 22:25

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HD502IJ rev.1AA01113 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5

device: opened successfully
user: MBR read successfully
error: Read Zařízení připojené k systému nefunguje.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A53D31B
user & kernel MBR OK

ivan zdrahal · Příspěvekod **ivan zdrahal** » 10 pro 2011 01:23

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-12-10 01:23:20
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5 SAMSUNG_HD502IJ rev.1AA01113
Running: gmer.exe; Driver: C:\DOCUME~1\stanice\LOCALS~1\Temp\pfkyifob.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA4F21BDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA4F21A45]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAA80E7A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8A51031B
Device \Driver\atapi \Device\Ide\IdePort0 8A23E848
Device \Driver\atapi \Device\Ide\IdePort0
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP2T0L0-5 8A51031B
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 8A23E848
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8A51031B
Device \Driver\atapi \Device\Ide\IdePort1 8A23E848
Device \Driver\atapi \Device\Ide\IdePort1
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort2 8A51031B
Device \Driver\atapi \Device\Ide\IdePort2 8A23E848
Device \Driver\atapi \Device\Ide\IdePort2
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort3 8A51031B
Device \Driver\atapi \Device\Ide\IdePort3 8A23E848
Device \Driver\atapi \Device\Ide\IdePort3
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP3T1L0-10 8A51031B
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10 8A23E848
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target3Lun0 89FB8C70
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target0Lun0 89FB8C70
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target2Lun0 89FB8C70
Device \Driver\a347scsi \Device\Scsi\a347scsi1 89FB8C70
Device \Driver\a347scsi \Device\Scsi\a347scsi1Port4Path0Target1Lun0 89FB8C70
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8A791FB0

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- Modules - GMER 1.0.15 ----

Module _________ B7EE3000-B7EFB000 (98304 bytes)

---- EOF - GMER 1.0.15 ----

ivan zdrahal · Příspěvekod **ivan zdrahal** » 10 pro 2011 08:32

08:16:45.0875 2608 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
08:16:46.0078 2608 ============================================================
08:16:46.0078 2608 Current date / time: 2011/12/10 08:16:46.0078
08:16:46.0078 2608 SystemInfo:
08:16:46.0078 2608
08:16:46.0078 2608 OS Version: 5.1.2600 ServicePack: 3.0
08:16:46.0078 2608 Product type: Workstation
08:16:46.0078 2608 ComputerName: HOME-7A9E5764EC
08:16:46.0078 2608 UserName: stanice
08:16:46.0078 2608 Windows directory: C:\WINDOWS
08:16:46.0078 2608 System windows directory: C:\WINDOWS
08:16:46.0078 2608 Processor architecture: Intel x86
08:16:46.0078 2608 Number of processors: 2
08:16:46.0078 2608 Page size: 0x1000
08:16:46.0078 2608 Boot type: Normal boot
08:16:46.0078 2608 ============================================================
08:16:47.0953 2608 Initialize success
08:16:56.0593 2536 ============================================================
08:16:56.0593 2536 Scan started
08:16:56.0593 2536 Mode: Manual;
08:16:56.0593 2536 ============================================================
08:16:57.0281 2536 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
08:16:57.0281 2536 a347bus - ok
08:16:57.0296 2536 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
08:16:57.0296 2536 a347scsi - ok
08:16:57.0343 2536 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:16:57.0343 2536 Aavmker4 - ok
08:16:57.0343 2536 Abiosdsk - ok
08:16:57.0359 2536 abp480n5 - ok
08:16:57.0375 2536 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:16:57.0375 2536 ACPI - ok
08:16:57.0406 2536 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:16:57.0406 2536 ACPIEC - ok
08:16:57.0406 2536 adpu160m - ok
08:16:57.0421 2536 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:16:57.0421 2536 aec - ok
08:16:57.0468 2536 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:16:57.0468 2536 AFD - ok
08:16:57.0484 2536 Aha154x - ok
08:16:57.0484 2536 aic78u2 - ok
08:16:57.0484 2536 aic78xx - ok
08:16:57.0500 2536 AliIde - ok
08:16:57.0531 2536 AmdK8 (f6f5e047369784e607f3a636ac576148) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
08:16:57.0531 2536 AmdK8 - ok
08:16:57.0546 2536 amsint - ok
08:16:57.0562 2536 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:16:57.0562 2536 Arp1394 - ok
08:16:57.0578 2536 asc - ok
08:16:57.0578 2536 asc3350p - ok
08:16:57.0593 2536 asc3550 - ok
08:16:57.0625 2536 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:16:57.0625 2536 aswFsBlk - ok
08:16:57.0640 2536 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
08:16:57.0640 2536 aswMon2 - ok
08:16:57.0671 2536 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
08:16:57.0671 2536 aswRdr - ok
08:16:57.0687 2536 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
08:16:57.0703 2536 aswSnx - ok
08:16:57.0734 2536 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
08:16:57.0734 2536 aswSP - ok
08:16:57.0750 2536 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
08:16:57.0750 2536 aswTdi - ok
08:16:57.0781 2536 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:16:57.0781 2536 AsyncMac - ok
08:16:57.0843 2536 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:16:57.0843 2536 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674
08:16:57.0843 2536 atapi ( LockedFile.Multi.Generic ) - warning
08:16:57.0843 2536 atapi - detected LockedFile.Multi.Generic (1)
08:16:57.0859 2536 Atdisk - ok
08:16:57.0875 2536 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:16:57.0875 2536 Atmarpc - ok
08:16:57.0906 2536 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:16:57.0906 2536 audstub - ok
08:16:57.0921 2536 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:16:57.0921 2536 Beep - ok
08:16:57.0937 2536 catchme - ok
08:16:57.0953 2536 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:16:57.0953 2536 cbidf2k - ok
08:16:57.0968 2536 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:16:57.0968 2536 CCDECODE - ok
08:16:57.0968 2536 cd20xrnt - ok
08:16:57.0984 2536 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:16:57.0984 2536 Cdaudio - ok
08:16:58.0000 2536 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:16:58.0000 2536 Cdfs - ok
08:16:58.0015 2536 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:16:58.0015 2536 Cdrom - ok
08:16:58.0031 2536 Changer - ok
08:16:58.0046 2536 CmdIde - ok
08:16:58.0046 2536 Cpqarray - ok
08:16:58.0062 2536 dac2w2k - ok
08:16:58.0062 2536 dac960nt - ok
08:16:58.0078 2536 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:16:58.0078 2536 Disk - ok
08:16:58.0109 2536 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
08:16:58.0125 2536 dmboot - ok
08:16:58.0125 2536 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
08:16:58.0125 2536 dmio - ok
08:16:58.0140 2536 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:16:58.0140 2536 dmload - ok
08:16:58.0156 2536 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:16:58.0156 2536 DMusic - ok
08:16:58.0187 2536 dpti2o - ok
08:16:58.0203 2536 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:16:58.0203 2536 drmkaud - ok
08:16:58.0234 2536 dtsoftbus01 (87b0f28c43b50bbb917f4400fa63cd31) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
08:16:58.0234 2536 dtsoftbus01 - ok
08:16:58.0250 2536 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:16:58.0250 2536 Fastfat - ok
08:16:58.0265 2536 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:16:58.0265 2536 Fdc - ok
08:16:58.0281 2536 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
08:16:58.0281 2536 Fips - ok
08:16:58.0281 2536 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:16:58.0296 2536 Flpydisk - ok
08:16:58.0296 2536 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:16:58.0312 2536 FltMgr - ok
08:16:58.0312 2536 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:16:58.0312 2536 Fs_Rec - ok
08:16:58.0328 2536 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:16:58.0328 2536 Ftdisk - ok
08:16:58.0343 2536 gdrv (54789f9ba0d59072cdd4e7c200e122c4) C:\WINDOWS\gdrv.sys
08:16:58.0343 2536 gdrv - ok
08:16:58.0359 2536 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:16:58.0359 2536 Gpc - ok
08:16:58.0375 2536 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:16:58.0375 2536 HDAudBus - ok
08:16:58.0406 2536 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:16:58.0406 2536 HidUsb - ok
08:16:58.0406 2536 hpn - ok
08:16:58.0453 2536 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:16:58.0453 2536 HTTP - ok
08:16:58.0453 2536 i2omgmt - ok
08:16:58.0468 2536 i2omp - ok
08:16:58.0484 2536 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:16:58.0484 2536 i8042prt - ok
08:16:58.0500 2536 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:16:58.0500 2536 Imapi - ok
08:16:58.0500 2536 ini910u - ok
08:16:58.0578 2536 IntcAzAudAddService (8c65fcf7ab3389e7c224ea2ec4456f2d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:16:58.0609 2536 IntcAzAudAddService - ok
08:16:58.0609 2536 IntelIde - ok
08:16:58.0625 2536 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:16:58.0640 2536 Ip6Fw - ok
08:16:58.0656 2536 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:16:58.0656 2536 IpFilterDriver - ok
08:16:58.0656 2536 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:16:58.0656 2536 IpInIp - ok
08:16:58.0671 2536 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:16:58.0671 2536 IpNat - ok
08:16:58.0687 2536 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:16:58.0687 2536 IPSec - ok
08:16:58.0703 2536 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:16:58.0703 2536 IRENUM - ok
08:16:58.0718 2536 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:16:58.0718 2536 isapnp - ok
08:16:58.0734 2536 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:16:58.0734 2536 Kbdclass - ok
08:16:58.0734 2536 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:16:58.0750 2536 kbdhid - ok
08:16:58.0765 2536 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:16:58.0765 2536 kmixer - ok
08:16:58.0781 2536 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:16:58.0781 2536 KSecDD - ok
08:16:58.0812 2536 lbrtfdc - ok
08:16:58.0828 2536 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:16:58.0828 2536 mnmdd - ok
08:16:58.0843 2536 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
08:16:58.0843 2536 Modem - ok
08:16:58.0859 2536 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:16:58.0859 2536 Mouclass - ok
08:16:58.0859 2536 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:16:58.0875 2536 mouhid - ok
08:16:58.0875 2536 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:16:58.0875 2536 MountMgr - ok
08:16:58.0890 2536 mraid35x - ok
08:16:58.0890 2536 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:16:58.0890 2536 MRxDAV - ok
08:16:58.0937 2536 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:16:58.0937 2536 MRxSmb - ok
08:16:58.0968 2536 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:16:58.0968 2536 Msfs - ok
08:16:58.0968 2536 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:16:58.0968 2536 MSKSSRV - ok
08:16:58.0984 2536 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:16:58.0984 2536 MSPCLOCK - ok
08:16:59.0000 2536 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:16:59.0000 2536 MSPQM - ok
08:16:59.0000 2536 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:16:59.0000 2536 mssmbios - ok
08:16:59.0015 2536 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
08:16:59.0015 2536 MSTEE - ok
08:16:59.0062 2536 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:16:59.0062 2536 Mup - ok
08:16:59.0093 2536 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:16:59.0093 2536 NABTSFEC - ok
08:16:59.0125 2536 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:16:59.0125 2536 NDIS - ok
08:16:59.0156 2536 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:16:59.0156 2536 NdisIP - ok
08:16:59.0187 2536 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:16:59.0187 2536 NdisTapi - ok
08:16:59.0218 2536 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:16:59.0218 2536 Ndisuio - ok
08:16:59.0250 2536 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:16:59.0250 2536 NdisWan - ok
08:16:59.0265 2536 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:16:59.0265 2536 NDProxy - ok
08:16:59.0265 2536 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:16:59.0265 2536 NetBIOS - ok
08:16:59.0296 2536 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:16:59.0296 2536 NetBT - ok
08:16:59.0328 2536 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:16:59.0328 2536 NIC1394 - ok
08:16:59.0421 2536 NLNdisMP (2401f61753632bfd955993f095ab3c46) C:\WINDOWS\system32\DRIVERS\nlndis.sys
08:16:59.0453 2536 NLNdisMP - ok
08:16:59.0500 2536 NLNdisPT (2401f61753632bfd955993f095ab3c46) C:\WINDOWS\system32\DRIVERS\nlndis.sys
08:16:59.0531 2536 NLNdisPT - ok
08:16:59.0562 2536 nmwcd (b0a67de1a128389aea4d42c5a56215fd) C:\WINDOWS\system32\drivers\ccdcmb.sys
08:16:59.0562 2536 nmwcd - ok
08:16:59.0593 2536 nmwcdc (025c54f9f8c8bc1894ea38529c742c54) C:\WINDOWS\system32\drivers\ccdcmbo.sys
08:16:59.0593 2536 nmwcdc - ok
08:16:59.0609 2536 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:16:59.0609 2536 Npfs - ok
08:16:59.0640 2536 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:16:59.0640 2536 Ntfs - ok
08:16:59.0656 2536 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:16:59.0656 2536 Null - ok
08:16:59.0843 2536 nv (18281a647f8d2a0afd00f4a9f52c59f4) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:16:59.0890 2536 nv - ok
08:17:00.0046 2536 NVENETFD (982702a22349c2b31f7dcef62241058f) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
08:17:00.0046 2536 NVENETFD - ok
08:17:00.0062 2536 nvnetbus (bc0f2c4ed9d6da9a2519c55af7d4fc60) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
08:17:00.0062 2536 nvnetbus - ok
08:17:00.0093 2536 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:17:00.0093 2536 NwlnkFlt - ok
08:17:00.0109 2536 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:17:00.0109 2536 NwlnkFwd - ok
08:17:00.0125 2536 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:17:00.0140 2536 ohci1394 - ok
08:17:00.0187 2536 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
08:17:00.0187 2536 Parport - ok
08:17:00.0250 2536 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:17:00.0265 2536 PartMgr - ok
08:17:00.0343 2536 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
08:17:00.0343 2536 ParVdm - ok
08:17:00.0390 2536 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
08:17:00.0390 2536 pccsmcfd - ok
08:17:00.0453 2536 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
08:17:00.0453 2536 PCI - ok
08:17:00.0468 2536 PCIDump - ok
08:17:00.0468 2536 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:17:00.0484 2536 PCIIde - ok
08:17:00.0500 2536 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:17:00.0500 2536 Pcmcia - ok
08:17:00.0515 2536 Pcouffin (02aaafb7ba137ce5ddabcdf8090954d9) C:\WINDOWS\system32\Drivers\Pcouffin.sys
08:17:00.0531 2536 Pcouffin - ok
08:17:00.0531 2536 PDCOMP - ok
08:17:00.0546 2536 PDFRAME - ok
08:17:00.0562 2536 PDRELI - ok
08:17:00.0562 2536 PDRFRAME - ok
08:17:00.0578 2536 perc2 - ok
08:17:00.0578 2536 perc2hib - ok
08:17:00.0640 2536 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:17:00.0656 2536 PptpMiniport - ok
08:17:00.0671 2536 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
08:17:00.0671 2536 Processor - ok
08:17:00.0687 2536 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:17:00.0687 2536 PSched - ok
08:17:00.0703 2536 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:17:00.0703 2536 Ptilink - ok
08:17:00.0734 2536 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:17:00.0734 2536 PxHelp20 - ok
08:17:00.0734 2536 ql1080 - ok
08:17:00.0750 2536 Ql10wnt - ok
08:17:00.0750 2536 ql12160 - ok
08:17:00.0765 2536 ql1240 - ok
08:17:00.0765 2536 ql1280 - ok
08:17:00.0781 2536 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:17:00.0781 2536 RasAcd - ok
08:17:00.0796 2536 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:17:00.0812 2536 Rasl2tp - ok
08:17:00.0812 2536 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:17:00.0812 2536 RasPppoe - ok
08:17:00.0828 2536 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:17:00.0828 2536 Raspti - ok
08:17:00.0875 2536 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:17:00.0875 2536 Rdbss - ok
08:17:00.0875 2536 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:17:00.0890 2536 RDPCDD - ok
08:17:00.0906 2536 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:17:00.0906 2536 rdpdr - ok
08:17:00.0937 2536 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
08:17:00.0937 2536 RDPWD - ok
08:17:00.0953 2536 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:17:00.0953 2536 redbook - ok
08:17:01.0000 2536 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:17:01.0000 2536 Secdrv - ok
08:17:01.0015 2536 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:17:01.0015 2536 serenum - ok
08:17:01.0015 2536 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
08:17:01.0015 2536 Serial - ok
08:17:01.0046 2536 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:17:01.0046 2536 Sfloppy - ok
08:17:01.0062 2536 Simbad - ok
08:17:01.0078 2536 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:17:01.0093 2536 SLIP - ok
08:17:01.0109 2536 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
08:17:01.0125 2536 SONYPVU1 - ok
08:17:01.0125 2536 Sparrow - ok
08:17:01.0140 2536 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:17:01.0140 2536 splitter - ok
08:17:01.0171 2536 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
08:17:01.0171 2536 sr - ok
08:17:01.0203 2536 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:17:01.0218 2536 Srv - ok
08:17:01.0218 2536 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:17:01.0234 2536 streamip - ok
08:17:01.0234 2536 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:17:01.0234 2536 swenum - ok
08:17:01.0250 2536 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:17:01.0250 2536 swmidi - ok
08:17:01.0265 2536 symc810 - ok
08:17:01.0265 2536 symc8xx - ok
08:17:01.0281 2536 sym_hi - ok
08:17:01.0281 2536 sym_u3 - ok
08:17:01.0296 2536 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:17:01.0296 2536 sysaudio - ok
08:17:01.0328 2536 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:17:01.0343 2536 Tcpip - ok
08:17:01.0359 2536 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:17:01.0359 2536 TDPIPE - ok
08:17:01.0359 2536 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:17:01.0359 2536 TDTCP - ok
08:17:01.0375 2536 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:17:01.0375 2536 TermDD - ok
08:17:01.0390 2536 TosIde - ok
08:17:01.0421 2536 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:17:01.0421 2536 Udfs - ok
08:17:01.0421 2536 ultra - ok
08:17:01.0453 2536 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:17:01.0453 2536 Update - ok
08:17:01.0484 2536 upperdev (78b74af8727a28c128e164e9b53a5413) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
08:17:01.0484 2536 upperdev - ok
08:17:01.0500 2536 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:17:01.0500 2536 usbccgp - ok
08:17:01.0515 2536 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:17:01.0515 2536 usbehci - ok
08:17:01.0531 2536 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:17:01.0531 2536 usbhub - ok
08:17:01.0546 2536 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:17:01.0546 2536 usbohci - ok
08:17:01.0578 2536 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:17:10.0093 2536 usbscan - ok
08:17:10.0312 2536 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
08:17:10.0312 2536 usbser - ok
08:17:10.0343 2536 UsbserFilt (4f8fbc51a1c0a17310846b417a447f91) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
08:17:10.0343 2536 UsbserFilt - ok
08:17:10.0375 2536 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:17:10.0375 2536 USBSTOR - ok
08:17:10.0390 2536 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:17:10.0390 2536 VgaSave - ok
08:17:10.0406 2536 ViaIde - ok
08:17:10.0421 2536 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
08:17:10.0421 2536 VolSnap - ok
08:17:10.0437 2536 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:17:10.0453 2536 Wanarp - ok
08:17:10.0468 2536 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
08:17:10.0484 2536 Wdf01000 - ok
08:17:10.0484 2536 WDICA - ok
08:17:10.0515 2536 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:17:10.0515 2536 wdmaud - ok
08:17:10.0578 2536 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:17:10.0578 2536 WpdUsb - ok
08:17:10.0593 2536 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:17:10.0593 2536 WSTCODEC - ok
08:17:10.0609 2536 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:17:10.0625 2536 WudfPf - ok
08:17:10.0625 2536 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:17:10.0625 2536 WudfRd - ok
08:17:10.0640 2536 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\WINDOWS\system32\Drivers\usbVM31b.sys
08:17:10.0640 2536 ZSMC301b - ok
08:17:10.0656 2536 MBR (0x1B8) (fa3e224d531459ed6945202f74c7b075) \Device\Harddisk0\DR0
08:17:10.0656 2536 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
08:17:10.0656 2536 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
08:17:10.0656 2536 Boot (0x1200) (9ab1c5c94751592d41860990fdd965a6) \Device\Harddisk0\DR0\Partition0
08:17:10.0656 2536 \Device\Harddisk0\DR0\Partition0 - ok
08:17:10.0656 2536 ============================================================
08:17:10.0656 2536 Scan finished
08:17:10.0656 2536 ============================================================
08:17:10.0671 1252 Detected object count: 2
08:17:10.0671 1252 Actual detected object count: 2
08:17:20.0984 1252 atapi ( LockedFile.Multi.Generic ) - skipped by user
08:17:20.0984 1252 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
08:17:21.0015 1252 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
08:17:21.0015 1252 \Device\Harddisk0\DR0 - ok
08:17:21.0015 1252 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
08:17:23.0265 3384 Deinitialize success

ivan zdrahal · Příspěvekod **ivan zdrahal** » 10 pro 2011 08:48

5. nejde načíst Stáhni Bootkit Remover
a nenašel jsem nikde kde to stáhnout. Mužete mi prosím poslat znovu odkaz

Zasekává se mi PC prosím o pomoc Vyřešeno

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Re: Zasekává se mi PC prosím o pomoc

Kdo je online