Prosím o kontrolu logu - policejní vir ?

zvoltejmeno · Příspěvekod **zvoltejmeno** » 17 čer 2014 18:11

1A3DD943B0EEA19A676175825CB135825ECF41404B59349AC9B1E6D137FA9B46 ] npf C:\Windows\system32\drivers\npf.sys
17:57:50.0843 0x12c4 npf - ok
17:57:50.0894 0x12c4 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:57:50.0899 0x12c4 Npfs - ok
17:57:50.0953 0x12c4 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
17:57:50.0967 0x12c4 nsi - ok
17:57:51.0022 0x12c4 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:57:51.0025 0x12c4 nsiproxy - ok
17:57:51.0180 0x12c4 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:57:51.0309 0x12c4 Ntfs - ok
17:57:51.0389 0x12c4 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:57:51.0392 0x12c4 ntrigdigi - ok
17:57:51.0438 0x12c4 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
17:57:51.0441 0x12c4 Null - ok
17:57:51.0509 0x12c4 [ 77F9F9A199B87FE3F852E12F5419240B, BE9C05F2AC12BB41EC71A596039F2116E5A0F454D32E5A618112296721001473 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
17:57:51.0527 0x12c4 NVHDA - ok
17:57:52.0331 0x12c4 [ 2FA5434344AF84D73F66BA402FF78690, D244C9BA5C9A582C17AA5DE3BE78A2C177AC2CEE5EE6C0E62A52AED7C51B0FB1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:57:52.0732 0x12c4 nvlddmkm - ok
17:57:52.0812 0x12c4 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:57:52.0817 0x12c4 nvraid - ok
17:57:52.0831 0x12c4 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:57:52.0834 0x12c4 nvstor - ok
17:57:52.0904 0x12c4 [ B785320CBCF5021DE9945C803696C511, 01D374F6F0EEA385A25DA375EDDD83F5F6F3FEC6D5C3F844AE2DDE75C451A623 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:57:52.0924 0x12c4 nvsvc - ok
17:57:53.0069 0x12c4 [ D2B064796C369F82E96397F721C4A29D, 49A9E7DBCFFE5C8D0B22088193277366BAEA7D6CF51894BD4030F7C96275237B ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:57:53.0104 0x12c4 nvUpdatusService - ok
17:57:53.0133 0x12c4 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:57:53.0138 0x12c4 nv_agp - ok
17:57:53.0143 0x12c4 NwlnkFlt - ok
17:57:53.0150 0x12c4 NwlnkFwd - ok
17:57:53.0198 0x12c4 [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:57:53.0201 0x12c4 ohci1394 - ok
17:57:53.0268 0x12c4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:57:53.0274 0x12c4 ose - ok
17:57:53.0581 0x12c4 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:57:53.0710 0x12c4 osppsvc - ok
17:57:53.0805 0x12c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:57:53.0883 0x12c4 p2pimsvc - ok
17:57:53.0927 0x12c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
17:57:53.0948 0x12c4 p2psvc - ok
17:57:53.0984 0x12c4 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
17:57:53.0988 0x12c4 Parport - ok
17:57:54.0016 0x12c4 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:57:54.0018 0x12c4 partmgr - ok
17:57:54.0033 0x12c4 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:57:54.0034 0x12c4 Parvdm - ok
17:57:54.0074 0x12c4 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
17:57:54.0079 0x12c4 PcaSvc - ok
17:57:54.0106 0x12c4 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
17:57:54.0113 0x12c4 pci - ok
17:57:54.0143 0x12c4 [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\drivers\pciide.sys
17:57:54.0145 0x12c4 pciide - ok
17:57:54.0172 0x12c4 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:57:54.0178 0x12c4 pcmcia - ok
17:57:54.0266 0x12c4 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:57:54.0310 0x12c4 PEAUTH - ok
17:57:54.0433 0x12c4 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
17:57:54.0511 0x12c4 pla - ok
17:57:54.0561 0x12c4 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:57:54.0573 0x12c4 PlugPlay - ok
17:57:54.0616 0x12c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:57:54.0637 0x12c4 PNRPAutoReg - ok
17:57:54.0692 0x12c4 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:57:54.0734 0x12c4 PNRPsvc - ok
17:57:54.0802 0x12c4 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:57:54.0869 0x12c4 PolicyAgent - ok
17:57:54.0928 0x12c4 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:57:54.0934 0x12c4 PptpMiniport - ok
17:57:54.0978 0x12c4 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
17:57:54.0982 0x12c4 Processor - ok
17:57:55.0021 0x12c4 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
17:57:55.0037 0x12c4 ProfSvc - ok
17:57:55.0055 0x12c4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:57:55.0060 0x12c4 ProtectedStorage - ok
17:57:55.0105 0x12c4 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:57:55.0110 0x12c4 PSched - ok
17:57:55.0216 0x12c4 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:57:55.0278 0x12c4 ql2300 - ok
17:57:55.0319 0x12c4 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:57:55.0324 0x12c4 ql40xx - ok
17:57:55.0362 0x12c4 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
17:57:55.0374 0x12c4 QWAVE - ok
17:57:55.0413 0x12c4 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:57:55.0415 0x12c4 QWAVEdrv - ok
17:57:55.0448 0x12c4 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:57:55.0449 0x12c4 RasAcd - ok
17:57:55.0489 0x12c4 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
17:57:55.0496 0x12c4 RasAuto - ok
17:57:55.0541 0x12c4 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:57:55.0545 0x12c4 Rasl2tp - ok
17:57:55.0588 0x12c4 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
17:57:55.0601 0x12c4 RasMan - ok
17:57:55.0639 0x12c4 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:57:55.0641 0x12c4 RasPppoe - ok
17:57:55.0675 0x12c4 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:57:55.0679 0x12c4 RasSstp - ok
17:57:55.0725 0x12c4 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:57:55.0734 0x12c4 rdbss - ok
17:57:55.0762 0x12c4 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:57:55.0764 0x12c4 RDPCDD - ok
17:57:55.0812 0x12c4 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:57:55.0822 0x12c4 rdpdr - ok
17:57:55.0828 0x12c4 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:57:55.0830 0x12c4 RDPENCDD - ok
17:57:55.0876 0x12c4 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:57:55.0889 0x12c4 RDPWD - ok
17:57:55.0946 0x12c4 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
17:57:55.0956 0x12c4 RemoteAccess - ok
17:57:56.0007 0x12c4 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:57:56.0021 0x12c4 RemoteRegistry - ok
17:57:56.0050 0x12c4 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
17:57:56.0055 0x12c4 RpcLocator - ok
17:57:56.0134 0x12c4 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
17:57:56.0171 0x12c4 RpcSs - ok
17:57:56.0261 0x12c4 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:57:56.0266 0x12c4 rspndr - ok
17:57:56.0304 0x12c4 [ 283392AF1860ECDB5E0F8EBD7F3D72DF, B947025A41D7A16C48330ECE469860023D2109537A3DDC631C8EF9672687FF93 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
17:57:56.0309 0x12c4 RTL8169 - ok
17:57:56.0414 0x12c4 [ FEFA32073D77BB9C741A63B6286479F6, 7E62CF6244ACC964C21248AF6A7010EA9BBE220345E2DF361E661A746C18CBD1 ] RzKLService C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
17:57:56.0422 0x12c4 RzKLService - ok
17:57:56.0477 0x12c4 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
17:57:56.0483 0x12c4 SamSs - ok
17:57:56.0550 0x12c4 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:57:56.0557 0x12c4 sbp2port - ok
17:57:56.0631 0x12c4 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:57:56.0644 0x12c4 SCardSvr - ok
17:57:56.0728 0x12c4 [ 491248A1B0908A74C2B6A3BC2F0EEBAF, 1970E8691CA74E821A4D4B21A9F4AA42FF119A169307DC9E7E1F3D411E786684 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:57:56.0737 0x12c4 SCDEmu - ok
17:57:56.0824 0x12c4 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
17:57:56.0891 0x12c4 Schedule - ok
17:57:56.0940 0x12c4 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
17:57:56.0944 0x12c4 SCPolicySvc - ok
17:57:56.0985 0x12c4 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF, 1B764838EC90A4F5A8130630BA32C014C033BF39C0DE1C114298F254580F0983 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:57:56.0993 0x12c4 sdbus - ok
17:57:57.0029 0x12c4 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:57:57.0043 0x12c4 SDRSVC - ok
17:57:57.0062 0x12c4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:57:57.0065 0x12c4 secdrv - ok
17:57:57.0110 0x12c4 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
17:57:57.0119 0x12c4 seclogon - ok
17:57:57.0146 0x12c4 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
17:57:57.0156 0x12c4 SENS - ok
17:57:57.0214 0x12c4 [ 845AF1BA23C8D5E64DEF61BCC441604C, 206EE7A7C3F4D9496F742CCB84718F556ECB4BA2A95FE7E0CDF3A003FFBE4597 ] sensorsview C:\Program Files\SensorsViewPro43\drv\sensorsview32.sys
17:57:57.0223 0x12c4 sensorsview - ok
17:57:57.0325 0x12c4 [ D045F6B46636FB5EF70ABEA9A22F820D, AE5E497AFB1A80B3E22F1E4963B4B185B68B8A97F55016BA31779153ABDE406C ] SensorsVService C:\Program Files\SensorsViewPro43\svservice.exe
17:57:57.0377 0x12c4 SensorsVService - ok
17:57:57.0439 0x12c4 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:57:57.0442 0x12c4 Serenum - ok
17:57:57.0513 0x12c4 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
17:57:57.0520 0x12c4 Serial - ok
17:57:57.0573 0x12c4 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:57:57.0577 0x12c4 sermouse - ok
17:57:57.0639 0x12c4 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
17:57:57.0652 0x12c4 SessionEnv - ok
17:57:57.0685 0x12c4 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:57:57.0686 0x12c4 sffdisk - ok
17:57:57.0703 0x12c4 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:57:57.0705 0x12c4 sffp_mmc - ok
17:57:57.0718 0x12c4 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:57:57.0720 0x12c4 sffp_sd - ok
17:57:57.0732 0x12c4 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:57:57.0734 0x12c4 sfloppy - ok
17:57:57.0782 0x12c4 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:57:57.0805 0x12c4 SharedAccess - ok
17:57:57.0870 0x12c4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:57:57.0882 0x12c4 ShellHWDetection - ok
17:57:57.0917 0x12c4 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:57:57.0920 0x12c4 sisagp - ok
17:57:57.0946 0x12c4 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:57:57.0949 0x12c4 SiSRaid2 - ok
17:57:57.0975 0x12c4 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:57:57.0978 0x12c4 SiSRaid4 - ok
17:57:58.0441 0x12c4 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
17:57:58.0555 0x12c4 slsvc - ok
17:57:58.0603 0x12c4 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:57:58.0619 0x12c4 SLUINotify - ok
17:57:58.0660 0x12c4 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:57:58.0663 0x12c4 Smb - ok
17:57:58.0735 0x12c4 [ C8A58FC905C9184FA70E37F71060C64D, 3D913E0F7B02EEAC15971DB15608912A96E4FD9BDFBF09E8F8FA4B6390A9B4DE ] smserial C:\Windows\system32\DRIVERS\smserial.sys
17:57:58.0807 0x12c4 smserial - ok
17:57:58.0906 0x12c4 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:57:58.0969 0x12c4 SNMPTRAP - ok
17:57:59.0014 0x12c4 [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan C:\Windows\system32\speedfan.sys
17:57:59.0035 0x12c4 speedfan - ok
17:57:59.0076 0x12c4 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
17:57:59.0094 0x12c4 spldr - ok
17:57:59.0145 0x12c4 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
17:57:59.0158 0x12c4 Spooler - ok
17:57:59.0245 0x12c4 [ CBEAEA2729985BFB260641AB424E0166, 2FCED2951D5A1ACF93150BB0CA2293CCBE4227EBAAEA8438A78B5AFC6591F375 ] sptd C:\Windows\System32\Drivers\sptd.sys
17:57:59.0301 0x12c4 sptd - ok
17:57:59.0396 0x12c4 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
17:57:59.0438 0x12c4 srv - ok
17:57:59.0485 0x12c4 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:57:59.0502 0x12c4 srv2 - ok
17:57:59.0527 0x12c4 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:57:59.0532 0x12c4 srvnet - ok
17:57:59.0597 0x12c4 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:57:59.0617 0x12c4 SSDPSRV - ok
17:57:59.0695 0x12c4 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:57:59.0715 0x12c4 SstpSvc - ok
17:57:59.0742 0x12c4 Steam Client Service - ok
17:57:59.0885 0x12c4 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
17:57:59.0956 0x12c4 stisvc - ok
17:57:59.0974 0x12c4 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:57:59.0977 0x12c4 swenum - ok
17:58:00.0087 0x12c4 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
17:58:00.0116 0x12c4 swprv - ok
17:58:00.0193 0x12c4 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:58:00.0204 0x12c4 Symc8xx - ok
17:58:00.0236 0x12c4 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:58:00.0240 0x12c4 Sym_hi - ok
17:58:00.0288 0x12c4 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:58:00.0303 0x12c4 Sym_u3 - ok
17:58:00.0446 0x12c4 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
17:58:00.0525 0x12c4 SysMain - ok
17:58:00.0565 0x12c4 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:58:00.0579 0x12c4 TabletInputService - ok
17:58:00.0636 0x12c4 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:58:00.0661 0x12c4 TapiSrv - ok
17:58:00.0713 0x12c4 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
17:58:00.0723 0x12c4 TBS - ok
17:58:00.0966 0x12c4 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:58:01.0056 0x12c4 Tcpip - ok
17:58:01.0189 0x12c4 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:58:01.0241 0x12c4 Tcpip6 - ok

Reklama

zvoltejmeno · Příspěvekod **zvoltejmeno** » 17 čer 2014 18:15

17:58:01.0318 0x12c4 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:58:01.0340 0x12c4 tcpipreg - ok
17:58:01.0363 0x12c4 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:58:01.0365 0x12c4 TDPIPE - ok
17:58:01.0392 0x12c4 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:58:01.0396 0x12c4 TDTCP - ok
17:58:01.0458 0x12c4 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:58:01.0477 0x12c4 tdx - ok
17:58:01.0530 0x12c4 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:58:01.0550 0x12c4 TermDD - ok
17:58:01.0668 0x12c4 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
17:58:01.0747 0x12c4 TermService - ok
17:58:01.0808 0x12c4 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
17:58:01.0828 0x12c4 Themes - ok
17:58:01.0900 0x12c4 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
17:58:01.0907 0x12c4 THREADORDER - ok
17:58:01.0991 0x12c4 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
17:58:02.0004 0x12c4 TrkWks - ok
17:58:02.0102 0x12c4 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:58:02.0105 0x12c4 TrustedInstaller - ok
17:58:02.0148 0x12c4 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:58:02.0151 0x12c4 tssecsrv - ok
17:58:02.0180 0x12c4 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:58:02.0183 0x12c4 tunmp - ok
17:58:02.0208 0x12c4 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:58:02.0212 0x12c4 tunnel - ok
17:58:02.0260 0x12c4 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:58:02.0280 0x12c4 uagp35 - ok
17:58:02.0352 0x12c4 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:58:02.0379 0x12c4 udfs - ok
17:58:02.0456 0x12c4 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:58:02.0476 0x12c4 UI0Detect - ok
17:58:02.0521 0x12c4 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:58:02.0537 0x12c4 uliagpkx - ok
17:58:02.0583 0x12c4 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:58:02.0606 0x12c4 uliahci - ok
17:58:02.0643 0x12c4 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:58:02.0665 0x12c4 UlSata - ok
17:58:02.0702 0x12c4 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:58:02.0722 0x12c4 ulsata2 - ok
17:58:02.0802 0x12c4 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:58:02.0827 0x12c4 umbus - ok
17:58:02.0888 0x12c4 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
17:58:02.0913 0x12c4 upnphost - ok
17:58:02.0950 0x12c4 [ 78B74AF8727A28C128E164E9B53A5413, B731A85DF22FABB8F253C68FC2C7F5DAF8282C516B8BA875AB6A01502323FDDC ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
17:58:02.0962 0x12c4 upperdev - ok
17:58:03.0039 0x12c4 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:58:03.0046 0x12c4 usbccgp - ok
17:58:03.0100 0x12c4 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:58:03.0104 0x12c4 usbcir - ok
17:58:03.0134 0x12c4 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:58:03.0153 0x12c4 usbehci - ok
17:58:03.0199 0x12c4 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:58:03.0213 0x12c4 usbhub - ok
17:58:03.0382 0x12c4 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:58:03.0395 0x12c4 usbohci - ok
17:58:03.0457 0x12c4 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:58:03.0461 0x12c4 usbprint - ok
17:58:03.0513 0x12c4 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:58:03.0515 0x12c4 usbscan - ok
17:58:03.0563 0x12c4 [ 8E6C378A885D6FFDA8F05E8D27B95C0E, 351F20B1CB510F7B6B9321EB6C7A97446EF963A89F19F7E7A9CF41381B4B19FF ] usbser C:\Windows\system32\drivers\usbser.sys
17:58:03.0566 0x12c4 usbser - ok
17:58:03.0589 0x12c4 [ 4F8FBC51A1C0A17310846B417A447F91, A283240C88D8A38839F8E21AD9A099AF55118140569362A6F3ED623D2C009D42 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
17:58:03.0591 0x12c4 UsbserFilt - ok
17:58:03.0631 0x12c4 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:58:03.0635 0x12c4 USBSTOR - ok
17:58:03.0676 0x12c4 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:58:03.0690 0x12c4 usbuhci - ok
17:58:03.0760 0x12c4 [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:58:03.0770 0x12c4 usbvideo - ok
17:58:03.0817 0x12c4 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
17:58:03.0827 0x12c4 UxSms - ok
17:58:03.0907 0x12c4 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
17:58:03.0974 0x12c4 vds - ok
17:58:04.0010 0x12c4 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:58:04.0014 0x12c4 vga - ok
17:58:04.0064 0x12c4 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:58:04.0081 0x12c4 VgaSave - ok
17:58:04.0109 0x12c4 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:58:04.0115 0x12c4 viaagp - ok
17:58:04.0140 0x12c4 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:58:04.0146 0x12c4 ViaC7 - ok
17:58:04.0169 0x12c4 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
17:58:04.0173 0x12c4 viaide - ok
17:58:04.0182 0x12c4 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:58:04.0185 0x12c4 volmgr - ok
17:58:04.0232 0x12c4 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:58:04.0244 0x12c4 volmgrx - ok
17:58:04.0304 0x12c4 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:58:04.0313 0x12c4 volsnap - ok
17:58:04.0352 0x12c4 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:58:04.0357 0x12c4 vsmraid - ok
17:58:04.0439 0x12c4 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
17:58:04.0495 0x12c4 VSS - ok
17:58:04.0535 0x12c4 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
17:58:04.0558 0x12c4 W32Time - ok
17:58:04.0588 0x12c4 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:58:04.0606 0x12c4 WacomPen - ok
17:58:04.0652 0x12c4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:58:04.0664 0x12c4 Wanarp - ok
17:58:04.0673 0x12c4 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:58:04.0676 0x12c4 Wanarpv6 - ok
17:58:04.0751 0x12c4 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:58:04.0772 0x12c4 wcncsvc - ok
17:58:04.0805 0x12c4 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:58:04.0818 0x12c4 WcsPlugInService - ok
17:58:04.0859 0x12c4 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
17:58:04.0868 0x12c4 Wd - ok
17:58:04.0963 0x12c4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:58:05.0013 0x12c4 Wdf01000 - ok
17:58:05.0060 0x12c4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:58:05.0073 0x12c4 WdiServiceHost - ok
17:58:05.0089 0x12c4 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:58:05.0101 0x12c4 WdiSystemHost - ok
17:58:05.0175 0x12c4 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
17:58:05.0199 0x12c4 WebClient - ok
17:58:05.0254 0x12c4 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:58:05.0272 0x12c4 Wecsvc - ok
17:58:05.0319 0x12c4 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:58:05.0325 0x12c4 wercplsupport - ok
17:58:05.0366 0x12c4 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
17:58:05.0378 0x12c4 WerSvc - ok
17:58:05.0451 0x12c4 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:58:05.0475 0x12c4 WinDefend - ok
17:58:05.0488 0x12c4 WinHttpAutoProxySvc - ok
17:58:05.0664 0x12c4 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:58:05.0673 0x12c4 Winmgmt - ok
17:58:05.0825 0x12c4 [ 845AF1BA23C8D5E64DEF61BCC441604C, 206EE7A7C3F4D9496F742CCB84718F556ECB4BA2A95FE7E0CDF3A003FFBE4597 ] WinRing0_1_2_0 D:\Počítač 2\Hry\Game Booster 3\Driver\WinRing0.sys
17:58:05.0850 0x12c4 WinRing0_1_2_0 - ok
17:58:06.0074 0x12c4 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
17:58:06.0153 0x12c4 WinRM - ok
17:58:06.0235 0x12c4 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:58:06.0273 0x12c4 Wlansvc - ok
17:58:06.0428 0x12c4 [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:58:06.0451 0x12c4 wlcrasvc - ok
17:58:06.0655 0x12c4 [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:58:06.0712 0x12c4 wlidsvc - ok
17:58:06.0791 0x12c4 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:58:06.0800 0x12c4 WmiAcpi - ok
17:58:06.0851 0x12c4 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:58:06.0875 0x12c4 wmiApSrv - ok
17:58:07.0040 0x12c4 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:58:07.0106 0x12c4 WMPNetworkSvc - ok
17:58:07.0158 0x12c4 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:58:07.0175 0x12c4 WPCSvc - ok
17:58:07.0205 0x12c4 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:58:07.0216 0x12c4 WPDBusEnum - ok
17:58:07.0262 0x12c4 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:58:07.0264 0x12c4 WpdUsb - ok
17:58:07.0570 0x12c4 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:58:07.0659 0x12c4 WPFFontCache_v0400 - ok
17:58:07.0701 0x12c4 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:58:07.0720 0x12c4 ws2ifsl - ok
17:58:07.0848 0x12c4 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
17:58:07.0864 0x12c4 wscsvc - ok
17:58:07.0876 0x12c4 WSearch - ok
17:58:08.0202 0x12c4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
17:58:08.0382 0x12c4 wuauserv - ok
17:58:08.0440 0x12c4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:58:08.0444 0x12c4 WudfPf - ok
17:58:08.0487 0x12c4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:58:08.0499 0x12c4 WUDFRd - ok
17:58:08.0551 0x12c4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:58:08.0565 0x12c4 wudfsvc - ok
17:58:08.0664 0x12c4 ================ Scan global ===============================
17:58:08.0709 0x12c4 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:58:08.0769 0x12c4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:58:08.0847 0x12c4 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:58:08.0920 0x12c4 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
17:58:08.0931 0x12c4 [ Global ] - ok
17:58:08.0931 0x12c4 ================ Scan MBR ==================================
17:58:08.0943 0x12c4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:58:09.0439 0x12c4 \Device\Harddisk0\DR0 - ok
17:58:09.0439 0x12c4 ================ Scan VBR ==================================
17:58:09.0465 0x12c4 [ C74BDFE50B072C466B423736F8C073B1 ] \Device\Harddisk0\DR0\Partition1
17:58:09.0497 0x12c4 \Device\Harddisk0\DR0\Partition1 - ok
17:58:09.0509 0x12c4 [ 28E33797E03A7A75D1E580A8F8E9A936 ] \Device\Harddisk0\DR0\Partition2
17:58:09.0539 0x12c4 \Device\Harddisk0\DR0\Partition2 - ok
17:58:09.0540 0x12c4 ================ Scan generic autorun ======================
17:58:09.0621 0x12c4 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
17:58:09.0648 0x12c4 Windows Defender - ok
17:58:09.0752 0x12c4 [ C8C542541A66D79C4F17D73B7F3E5875, BBB3A963C6073B007A3BA7D7F80064D4AD4B32B076EDD042BE437BFA16E8C6F9 ] C:\Program Files\System Control Manager\MGSysCtrl.exe
17:58:09.0795 0x12c4 MGSysCtrl - ok
17:58:09.0898 0x12c4 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:58:09.0924 0x12c4 Adobe ARM - ok
17:58:09.0999 0x12c4 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
17:58:10.0013 0x12c4 SunJavaUpdateSched - ok
17:58:10.0130 0x12c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:58:10.0216 0x12c4 Sidebar - ok
17:58:10.0230 0x12c4 WindowsWelcomeCenter - ok
17:58:10.0331 0x12c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:58:10.0365 0x12c4 Sidebar - ok
17:58:10.0375 0x12c4 WindowsWelcomeCenter - ok
17:58:10.0477 0x12c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:58:10.0509 0x12c4 Sidebar - ok
17:58:10.0705 0x12c4 AVG-Secure-Search-Update_1213b - ok
17:58:10.0762 0x12c4 [ 688FCBCC9F062F47A9B2F2923B13EFF9, 628906E75B2ADE34BB69E211DA486EE452B2BE21DF3B186FE85178089B8A0541 ] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
17:58:10.0769 0x12c4 ISUSPM - ok
17:58:11.0088 0x12c4 [ F430252F11C6FD0136CEEA0C87CB42DD, A964569F6F694E49308DBEF393508AA1BCE6BD8E6D27C263739EB89F5F929DFC ] C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
17:58:11.0143 0x12c4 T-Mobile CManager - ok
17:58:11.0190 0x12c4 Skype - ok
17:58:11.0276 0x12c4 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:58:11.0307 0x12c4 Sidebar - ok
17:58:11.0314 0x12c4 WindowsWelcomeCenter - ok
17:58:11.0504 0x12c4 [ F430252F11C6FD0136CEEA0C87CB42DD, A964569F6F694E49308DBEF393508AA1BCE6BD8E6D27C263739EB89F5F929DFC ] C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
17:58:11.0561 0x12c4 T-Mobile CManager - ok
17:58:11.0566 0x12c4 Waiting for KSN requests completion. In queue: 68
17:58:12.0566 0x12c4 Waiting for KSN requests completion. In queue: 68
17:58:13.0566 0x12c4 Waiting for KSN requests completion. In queue: 68
17:58:14.0667 0x12c4 AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 7.0.53315.4132 ), 0x61000 ( enabled : updated )
17:58:14.0679 0x12c4 Win FW state via NFP2: enabled
17:58:17.0104 0x12c4 ============================================================
17:58:17.0104 0x12c4 Scan finished
17:58:17.0104 0x12c4 ============================================================
17:58:17.0128 0x12c8 Detected object count: 0
17:58:17.0128 0x12c8 Actual detected object count: 0

zvoltejmeno · Příspěvekod **zvoltejmeno** » 17 čer 2014 19:01

Log z RogueKillera po přemazání:
RogueKiller V9.0.2.0 [Jun 3 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : MSI [Práva správce]
Mód : Odebrat -- Datum : 06/17/2014 18:55:58

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FairplayKD -> VYMAZÁNO
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FairplayKD -> VYMAZÁNO
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\FairplayKD -> VYMAZÁNO
[PUM.Policies] HKEY_USERS\S-1-5-21-3456991112-1896531325-1040802734-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] HKEY_USERS\S-1-5-21-3456991112-1896531325-1040802734-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> VYMAZÁNO
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> VYMAZÁNO

¤¤¤ Antirootkit : 118 ¤¤¤
[EAT:Addr] (explorer.exe) msiltcfg.dll - AddGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x73fe152c
[EAT:Addr] (explorer.exe) msiltcfg.dll - AttachWndProcA : C:\Windows\system32\DUser.dll @ 0x73fec80a
[EAT:Addr] (explorer.exe) msiltcfg.dll - AttachWndProcW : C:\Windows\system32\DUser.dll @ 0x73fddd2c
[EAT:Addr] (explorer.exe) msiltcfg.dll - AutoTrace : C:\Windows\system32\DUser.dll @ 0x73fe7041
[EAT:Addr] (explorer.exe) msiltcfg.dll - BeginTransition : C:\Windows\system32\DUser.dll @ 0x73fec9a7
[EAT:Addr] (explorer.exe) msiltcfg.dll - BuildAnimation : C:\Windows\system32\DUser.dll @ 0x73fe1135
[EAT:Addr] (explorer.exe) msiltcfg.dll - BuildDropTarget : C:\Windows\system32\DUser.dll @ 0x73fe7131
[EAT:Addr] (explorer.exe) msiltcfg.dll - BuildInterpolation : C:\Windows\system32\DUser.dll @ 0x73fe118c
[EAT:Addr] (explorer.exe) msiltcfg.dll - CreateAction : C:\Windows\system32\DUser.dll @ 0x73fd7339
[EAT:Addr] (explorer.exe) msiltcfg.dll - CreateGadget : C:\Windows\system32\DUser.dll @ 0x73fd5197
[EAT:Addr] (explorer.exe) msiltcfg.dll - CreateTransition : C:\Windows\system32\DUser.dll @ 0x73fec83a
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserBuildGadget : C:\Windows\system32\DUser.dll @ 0x73feb7e8
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserCastClass : C:\Windows\system32\DUser.dll @ 0x73fec776
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserCastDirect : C:\Windows\system32\DUser.dll @ 0x73fec7b9
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserCastHandle : C:\Windows\system32\DUser.dll @ 0x73feb81e
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserDeleteGadget : C:\Windows\system32\DUser.dll @ 0x73feb9c1
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserFindClass : C:\Windows\system32\DUser.dll @ 0x73fec6e7
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserFlushDeferredMessages : C:\Windows\system32\DUser.dll @ 0x73fe0020
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserFlushMessages : C:\Windows\system32\DUser.dll @ 0x73fe0096
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserGetAlphaPRID : C:\Windows\system32\DUser.dll @ 0x73fe78fd
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserGetGutsData : C:\Windows\system32\DUser.dll @ 0x73fec7c9
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserGetRectPRID : C:\Windows\system32\DUser.dll @ 0x73fe7908
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserGetRotatePRID : C:\Windows\system32\DUser.dll @ 0x73fe7913
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserGetScalePRID : C:\Windows\system32\DUser.dll @ 0x73fe791e
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserInstanceOf : C:\Windows\system32\DUser.dll @ 0x73fec735
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserPostEvent : C:\Windows\system32\DUser.dll @ 0x73fd630f
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserPostMethod : C:\Windows\system32\DUser.dll @ 0x73feb639
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserRegisterGuts : C:\Windows\system32\DUser.dll @ 0x73fda5b1
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserRegisterStub : C:\Windows\system32\DUser.dll @ 0x73fd9f93
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserRegisterSuper : C:\Windows\system32\DUser.dll @ 0x73fdb046
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserSendEvent : C:\Windows\system32\DUser.dll @ 0x73fd3258
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserSendMethod : C:\Windows\system32\DUser.dll @ 0x73feb5b0
[EAT:Addr] (explorer.exe) msiltcfg.dll - DUserStopAnimation : C:\Windows\system32\DUser.dll @ 0x73fe84e4
[EAT:Addr] (explorer.exe) msiltcfg.dll - DeleteHandle : C:\Windows\system32\DUser.dll @ 0x73fd3ef8
[EAT:Addr] (explorer.exe) msiltcfg.dll - DetachWndProc : C:\Windows\system32\DUser.dll @ 0x73fd657d
[EAT:Addr] (explorer.exe) msiltcfg.dll - DllMain : C:\Windows\system32\DUser.dll @ 0x73fd76f9
[EAT:Addr] (explorer.exe) msiltcfg.dll - DrawGadgetTree : C:\Windows\system32\DUser.dll @ 0x73fec646
[EAT:Addr] (explorer.exe) msiltcfg.dll - EndTransition : C:\Windows\system32\DUser.dll @ 0x73feca90
[EAT:Addr] (explorer.exe) msiltcfg.dll - EnumGadgets : C:\Windows\system32\DUser.dll @ 0x73fec30f
[EAT:Addr] (explorer.exe) msiltcfg.dll - FindGadgetFromPoint : C:\Windows\system32\DUser.dll @ 0x73fd6da8
[EAT:Addr] (explorer.exe) msiltcfg.dll - FindGadgetMessages : C:\Windows\system32\DUser.dll @ 0x73fec19d
[EAT:Addr] (explorer.exe) msiltcfg.dll - FindStdColor : C:\Windows\system32\DUser.dll @ 0x73fddc66
[EAT:Addr] (explorer.exe) msiltcfg.dll - FireGadgetMessages : C:\Windows\system32\DUser.dll @ 0x73fec06b
[EAT:Addr] (explorer.exe) msiltcfg.dll - ForwardGadgetMessage : C:\Windows\system32\DUser.dll @ 0x73fe1cb5
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x73fecb05
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetDebug : C:\Windows\system32\DUser.dll @ 0x73fe705d
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadget : C:\Windows\system32\DUser.dll @ 0x73fec527
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetAnimation : C:\Windows\system32\DUser.dll @ 0x73fd7083
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x73fe2d45
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x73febe6f
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x73fdce28
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x73fec5ba
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x73fd7135
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetRect : C:\Windows\system32\DUser.dll @ 0x73fd2d8e
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetRgn : C:\Windows\system32\DUser.dll @ 0x73fd540a
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x73febfbb
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x73febd35
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetScale : C:\Windows\system32\DUser.dll @ 0x73febbe9
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetSize : C:\Windows\system32\DUser.dll @ 0x73fec3ca
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x73fe232c
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetGadgetTicket : C:\Windows\system32\DUser.dll @ 0x73fdc94f
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetMessageExA : C:\Windows\system32\DUser.dll @ 0x73fdf459
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetMessageExW : C:\Windows\system32\DUser.dll @ 0x73feb6c3
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorBrushF : C:\Windows\system32\DUser.dll @ 0x73fecbea
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorBrushI : C:\Windows\system32\DUser.dll @ 0x73fd2c3b
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorF : C:\Windows\system32\DUser.dll @ 0x73fece45
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorI : C:\Windows\system32\DUser.dll @ 0x73fdfaf7
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorName : C:\Windows\system32\DUser.dll @ 0x73fecd46
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorPenF : C:\Windows\system32\DUser.dll @ 0x73feccd2
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdColorPenI : C:\Windows\system32\DUser.dll @ 0x73fecc5e
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetStdPalette : C:\Windows\system32\DUser.dll @ 0x73feb82e
[EAT:Addr] (explorer.exe) msiltcfg.dll - GetTransitionInterface : C:\Windows\system32\DUser.dll @ 0x73fec933
[EAT:Addr] (explorer.exe) msiltcfg.dll - InitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x73feb8be
[EAT:Addr] (explorer.exe) msiltcfg.dll - InitGadgets : C:\Windows\system32\DUser.dll @ 0x73fde373
[EAT:Addr] (explorer.exe) msiltcfg.dll - InvalidateGadget : C:\Windows\system32\DUser.dll @ 0x73fd3de5
[EAT:Addr] (explorer.exe) msiltcfg.dll - IsGadgetParentChainStyle : C:\Windows\system32\DUser.dll @ 0x73feba7f
[EAT:Addr] (explorer.exe) msiltcfg.dll - IsInsideContext : C:\Windows\system32\DUser.dll @ 0x73feb56c
[EAT:Addr] (explorer.exe) msiltcfg.dll - IsStartDelete : C:\Windows\system32\DUser.dll @ 0x73fe121d
[EAT:Addr] (explorer.exe) msiltcfg.dll - LookupGadgetTicket : C:\Windows\system32\DUser.dll @ 0x73fecdbc
[EAT:Addr] (explorer.exe) msiltcfg.dll - MapGadgetPoints : C:\Windows\system32\DUser.dll @ 0x73fe3861
[EAT:Addr] (explorer.exe) msiltcfg.dll - PeekMessageExA : C:\Windows\system32\DUser.dll @ 0x73feb710
[EAT:Addr] (explorer.exe) msiltcfg.dll - PeekMessageExW : C:\Windows\system32\DUser.dll @ 0x73feb75e
[EAT:Addr] (explorer.exe) msiltcfg.dll - PlayTransition : C:\Windows\system32\DUser.dll @ 0x73fec8b0
[EAT:Addr] (explorer.exe) msiltcfg.dll - PrintTransition : C:\Windows\system32\DUser.dll @ 0x73feca1c
[EAT:Addr] (explorer.exe) msiltcfg.dll - RegisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x73fd7ba3
[EAT:Addr] (explorer.exe) msiltcfg.dll - RegisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x73fec149
[EAT:Addr] (explorer.exe) msiltcfg.dll - RegisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x73fd7d5d
[EAT:Addr] (explorer.exe) msiltcfg.dll - RemoveGadgetMessageHandler : C:\Windows\system32\DUser.dll @ 0x73fec21a
[EAT:Addr] (explorer.exe) msiltcfg.dll - RemoveGadgetProperty : C:\Windows\system32\DUser.dll @ 0x73fe0dee
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetActionTimeslice : C:\Windows\system32\DUser.dll @ 0x73fecb82
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetBufferInfo : C:\Windows\system32\DUser.dll @ 0x73fe2c09
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetCenterPoint : C:\Windows\system32\DUser.dll @ 0x73febf0a
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetFillF : C:\Windows\system32\DUser.dll @ 0x73febb47
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetFillI : C:\Windows\system32\DUser.dll @ 0x73fe2149
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetFocus : C:\Windows\system32\DUser.dll @ 0x73fdcebb
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetFocusEx : C:\Windows\system32\DUser.dll @ 0x73fe3188
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetMessageFilter : C:\Windows\system32\DUser.dll @ 0x73fd5a70
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetOrder : C:\Windows\system32\DUser.dll @ 0x73fec45d
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetParent : C:\Windows\system32\DUser.dll @ 0x73fd55f8
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetProperty : C:\Windows\system32\DUser.dll @ 0x73fe1284
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetRect : C:\Windows\system32\DUser.dll @ 0x73fd5305
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetRootInfo : C:\Windows\system32\DUser.dll @ 0x73fde857
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetRotation : C:\Windows\system32\DUser.dll @ 0x73febdc9
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetScale : C:\Windows\system32\DUser.dll @ 0x73febc84
[EAT:Addr] (explorer.exe) msiltcfg.dll - SetGadgetStyle : C:\Windows\system32\DUser.dll @ 0x73fd4c48
[EAT:Addr] (explorer.exe) msiltcfg.dll - UninitGadgetComponent : C:\Windows\system32\DUser.dll @ 0x73feb93f
[EAT:Addr] (explorer.exe) msiltcfg.dll - UnregisterGadgetMessage : C:\Windows\system32\DUser.dll @ 0x73fec171
[EAT:Addr] (explorer.exe) msiltcfg.dll - UnregisterGadgetMessageString : C:\Windows\system32\DUser.dll @ 0x73fec149
[EAT:Addr] (explorer.exe) msiltcfg.dll - UnregisterGadgetProperty : C:\Windows\system32\DUser.dll @ 0x73fec2e3
[EAT:Addr] (explorer.exe) msiltcfg.dll - UtilBuildFont : C:\Windows\system32\DUser.dll @ 0x73feb83a
[EAT:Addr] (explorer.exe) msiltcfg.dll - UtilDrawBlendRect : C:\Windows\system32\DUser.dll @ 0x73feb84a
[EAT:Addr] (explorer.exe) msiltcfg.dll - UtilDrawOutlineRect : C:\Windows\system32\DUser.dll @ 0x73feb85a
[EAT:Addr] (explorer.exe) msiltcfg.dll - UtilGetColor : C:\Windows\system32\DUser.dll @ 0x73feb86a
[EAT:Addr] (explorer.exe) msiltcfg.dll - UtilSetBackground : C:\Windows\system32\DUser.dll @ 0x73fecd78
[EAT:Addr] (explorer.exe) msiltcfg.dll - WaitMessageEx : C:\Windows\system32\DUser.dll @ 0x73feb7ac
[EAT:Addr] (explorer.exe) AVRT.dll - DllCanUnloadNow : C:\Windows\System32\SndVolSSO.dll @ 0x73a1155f
[EAT:Addr] (explorer.exe) AVRT.dll - DllGetClassObject : C:\Windows\System32\SndVolSSO.dll @ 0x73a14852
[EAT:Addr] (explorer.exe) AVRT.dll - DllMain : C:\Windows\System32\SndVolSSO.dll @ 0x73a112fb

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: FUJITSU MHZ2320BH G2 ATA Device +++++
--- User ---
[MBR] f90c62dcc2c48a3920dc3cf73778707a
[BSP] b0c0300068a71f90a344666429b28507 : Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 100006 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 204812685 | Size: 205236 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_06162014_195924.log - RKreport_SCN_06172014_184823.log - RKreport_DEL_06172014_184829.log - RKreport_SCN_06172014_185448.log

zvoltejmeno · Příspěvekod **zvoltejmeno** » 17 čer 2014 19:51

Log z Malwarebytes po výmazu :
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17.6.2014
Scan Time: 19:30:16
Logfile: antimalwarelog.txt
Administrator: No

Version: 2.00.2.1012
Malware Database: v2014.06.17.08
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: MSI

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 284117
Time Elapsed: 9 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Příspěvekod **jaro3** » 17 čer 2014 20:17

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

zvoltejmeno · Příspěvekod **zvoltejmeno** » 21 čer 2014 11:30

Vkládám sem log z ComboFix a ještě bych chtěl dodat, že se mně na ploše a v různých složkách zobrazují konfigurační soubory a jsou ,,poloprůhledné", jako kdybych je vyjmul a nikam nevložil.
Log z ComboFix:
ComboFix 14-06-16.01 - MSI 20.06.2014 20:39:07.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3070.1872 [GMT 2:00]
Spuštěný z: c:\users\MSI\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Outdated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\PFRO.log
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\Icons
c:\windows\system32\Icons\gta3.ico
c:\windows\system32\Icons\gtaPcWaste.ico
c:\windows\system32\Icons\rockstar.ico
c:\windows\system32\website
c:\windows\system32\website\website.url
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-20 do 2014-06-20 )))))))))))))))))))))))))))))))
.
.
2014-06-20 19:02 . 2014-06-20 19:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-20 19:02 . 2014-06-20 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-17 18:50 . 2014-06-20 18:14 -------- d-----w- c:\users\MSI\AppData\Local\CrashDumps
2014-06-16 17:35 . 2014-06-17 16:40 26624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-06-16 17:35 . 2014-06-16 17:35 -------- d-----w- c:\programdata\RogueKiller
2014-06-16 05:35 . 2014-06-16 05:35 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-06-15 17:53 . 2014-06-15 17:53 -------- d-----w- c:\windows\ERUNT
2014-06-15 17:51 . 2014-06-15 17:51 -------- d-----w- C:\VTRoot
2014-06-15 17:51 . 2014-06-15 17:55 46496 ----a-w- c:\windows\system32\drivers\fvstore.dat
2014-06-15 16:22 . 2014-04-26 16:01 502784 ----a-w- c:\windows\system32\usp10.dll
2014-06-15 16:22 . 2014-04-05 02:42 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-15 12:22 . 2014-06-17 17:29 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-15 12:20 . 2014-06-15 12:20 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-15 12:20 . 2014-06-15 12:20 -------- d-----w- c:\programdata\Malwarebytes
2014-06-15 12:20 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-15 12:20 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-15 12:20 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-15 12:10 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-15 12:09 . 2014-06-17 16:19 -------- d-----w- C:\AdwCleaner
2014-06-14 23:27 . 2014-06-14 23:27 -------- d-----w- c:\users\MSI\AppData\Roaming\rightbackup
2014-06-14 17:55 . 2014-06-14 17:55 -------- d-----w- c:\users\MSI\AppData\Local\AdTrustMedia
2014-06-14 17:43 . 2014-06-14 17:43 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2014-06-14 17:43 . 2014-06-14 17:43 1060864 ----a-w- c:\windows\system32\mfc71.dll
2014-06-14 13:33 . 2014-06-14 13:33 -------- d-----w- c:\program files\Common Files\COMODO
2014-06-14 12:05 . 2014-06-20 18:15 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2014-06-14 11:54 . 2014-06-14 11:55 -------- d-s---w- c:\programdata\Shared Space
2014-06-14 11:48 . 2014-06-14 11:48 -------- d-----w- c:\users\MSI\AppData\Local\Comodo
2014-06-14 11:48 . 2014-06-14 17:43 48392 ----a-w- c:\windows\system32\certsentry.dll
2014-06-14 11:48 . 2014-06-14 17:43 -------- d-----w- c:\program files\Comodo
2014-06-14 11:48 . 2014-06-14 11:48 -------- d-----w- c:\programdata\Comodo Downloader
2014-06-14 11:47 . 2014-06-14 12:09 -------- d-----w- c:\programdata\Comodo
2014-06-12 15:24 . 2014-06-14 22:54 -------- d-----w- c:\programdata\AVAST Software
2014-06-02 14:28 . 2014-06-02 14:28 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-06-02 14:26 . 2014-06-02 14:26 -------- d-----w- c:\windows\SHELLNEW
2014-06-02 14:24 . 2014-06-02 14:24 -------- d-----w- c:\users\MSI\AppData\Local\Microsoft Help
2014-06-02 14:24 . 2014-06-17 15:01 -------- d-----w- c:\programdata\Microsoft Help
2014-06-02 14:23 . 2014-06-02 14:23 -------- d-----r- C:\MSOCache
2014-06-01 15:56 . 2014-06-01 15:57 -------- d-----w- c:\program files\Mafia 2 Multiplayer
2014-06-01 13:33 . 2014-06-01 13:33 -------- d-----w- c:\program files\ScummVM
2014-06-01 12:27 . 2014-06-01 12:27 -------- d-----w- c:\users\MSI\AppData\Local\Macromedia
2014-06-01 12:26 . 2014-06-01 12:26 -------- d-----w- c:\users\MSI\AppData\Local\Mozilla
2014-06-01 12:26 . 2014-06-17 15:48 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-06-01 12:08 . 2014-06-01 12:08 -------- d-----w- c:\program files\HeroesAndGenerals
2014-05-31 20:19 . 2014-05-31 20:19 -------- d-----w- c:\users\MSI\AppData\Local\Skype
2014-05-31 20:19 . 2014-05-31 20:19 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 15:40 . 2014-06-12 15:40 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1402588146733
2014-06-12 15:40 . 2014-06-12 15:40 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1402588146733
2014-05-17 14:19 . 2014-05-17 14:19 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2014-05-13 23:13 . 2012-08-09 09:31 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-13 23:13 . 2011-05-14 13:53 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-04 18:21 . 2014-05-04 18:21 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2014-04-16 15:51 . 2014-04-16 15:51 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2014-04-15 00:34 . 2014-04-15 00:34 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-04-14 18:13 . 2014-04-21 11:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-03-25 18:22 . 2014-03-25 18:22 92656 ----a-w- c:\windows\system32\drivers\inspect.sys
2014-03-25 18:22 . 2014-03-25 18:22 43216 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2014-03-25 18:22 . 2014-03-25 18:22 607680 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2014-03-25 18:22 . 2014-03-25 18:22 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2014-03-25 18:22 . 2014-03-25 18:22 363504 ----a-w- c:\windows\system32\guard32.dll
2014-03-25 18:22 . 2014-03-25 18:22 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2014-03-25 18:22 . 2014-03-25 18:22 284888 ----a-w- c:\windows\system32\cmdvrt32.dll
2014-03-25 18:22 . 2014-03-25 18:22 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2011-03-23 11:03 . 2011-07-07 15:42 108424 ----a-w- c:\program files\Common Files\APNStub.exe
2011-03-23 10:26 . 2011-07-07 15:42 3325832 ----a-w- c:\program files\Common Files\APNToolbarInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"T-Mobile CManager"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2013-10-31 2166552]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-05-21 794624]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-25 1225944]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2014-06-06 2327248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe -s [2010-9-6 1556480]
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2014-6-10 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^MSI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-08-21 09:19 450560 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-08-29 00:23 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2007-07-12 11:43 226904 ----a-w- c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2014-05-13 12:29 3814736 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-05-28 08:06 6144000 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-03-15 16:29 1632680 ----a-w- c:\program files\Steam\steam.exe

zvoltejmeno · Příspěvekod **zvoltejmeno** » 21 čer 2014 11:30

.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
2013-10-31 16:11 2166552 ----a-w- c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unify3DWebPlayerUpdate]
2014-03-06 10:02 6041088 ----a-w- c:\users\MSI\AppData\Local\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-14 10:53 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 23:13]
.
2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-10 14:27]
.
2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-10 14:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
FF - ProfilePath - c:\users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\wpf3fmif.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
MSConfigStartUp-Google Update - c:\users\MSI\AppData\Local\Google\Update\GoogleUpdate.exe
MSConfigStartUp-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
MSConfigStartUp-NextLive - c:\users\MSI\AppData\Roaming\newnext.me\nengine.dll
MSConfigStartUp-PCSpeedUp - c:\program files\Zrychleni Pocitace\PCSUNotifier.exe
AddRemove-3D Rad_is1 - d:\počítač 2\3D Rad\unins000.exe
AddRemove-CityBars Mod v1.0 - d:\počítač 2\Hry\Mafia trees project\Uninstal.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Facecons - c:\program files\Facecons\uninstall.exe
AddRemove-Flashpoint - c:\program files\Codemasters\UnInstall.exe
AddRemove-FlightGear_is1 - d:\počítač 2\Hry\FlightGear\unins000.exe
AddRemove-Freemake Video Converter_is1 - d:\freemake\Freemake Video Converter\Uninstall\unins000.exe
AddRemove-Grand Theft Auto IV_is1 - d:\počítač 2\Hry\Gta IV\Grand Theft Auto IV\unins000.exe
AddRemove-H&D2_is1 - d:\počítač 2\Hry\Hidden & BLEBLEBLE\unins000.exe
AddRemove-Hledik - Poradce - c:\gen\uninst.exe
AddRemove-Mafia 1.0 patch - d:\počítač 2\Hry\Mafia GUTES Koza nostra\Odinstalovat patch 1.0.exe
AddRemove-Plane Arcade - d:\počítač 2\Hry\Plane Arcade\uninstall.exe
AddRemove-Polda_is1 - d:\počítač 2\Hry\Polda_1\Polda\unins000.exe
AddRemove-PrivDog - c:\program files\AdTrustMedia\PrivDog\UninstallTrustedAds.exe
AddRemove-ShipSim2008Demo - c:\program files\Vstep\ShipSim2008Demo\uninstall.exe
AddRemove-TheBflixUpdater - c:\programdata\TheBflixUpdater\ix_updater.exe
AddRemove-ZModeler - d:\počítač 2\Zmodeler\zmuninst.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files\YTD CENZURA & Converter\uninstall.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - d:\počítač 2\Hry\World of tanks\World of tanks2\unins000.exe
AddRemove-{975F2150-DC2B-43F9-B41A-1C1046C68CD1}_is1 - d:\počítač 2\Army Rage\unins000.exe
AddRemove-Cosa Nostra - d:\počítač 2\Hry\Mafia GUTES Koza nostra\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-20 21:03
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\System\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\System\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(828)
c:\windows\system32\guard32.dll
.
Celkový čas: 2014-06-20 21:07:44
ComboFix-quarantined-files.txt 2014-06-20 19:07
.
Před spuštěním: Volných bajtů: 15 155 724 288
Po spuštění: Volných bajtů: 17 555 980 288
.
- - End Of File - - EC54EA65451970EDA16B88E5A333857C
5C616939100B85E558DA92B899A0FC36

Příspěvekod **jaro3** » 22 čer 2014 10:03

Odinstaluj:
McAfee Security Scan

AVAST odinstaluj tímto:
http://www.avast.com/eng/avast-uninstall-utility.html

Pak nový Combofix.

zvoltejmeno · Příspěvekod **zvoltejmeno** » 27 čer 2014 14:30

Sorry, že mi to trvalo tak dlouho, než jsem odpověděl. Jinak se mi stala docela divná věc. Na ploše a v různých složkách se mi zobrazují konfigurační soubory, které jsou ,,průchodné" jako kdybych je vyjmul a nikam nevložil. Např. na ploše mám 2x soubor desktop.ini a jednou .~lock.Soud.odt#. Nevíš co to znamená ?

Nový ComboFix:

ComboFix 14-06-27.01 - MSI 27.06.2014 9:55.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3070.1699 [GMT 2:00]
Spuštěný z: c:\users\MSI\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-27 do 2014-06-27 )))))))))))))))))))))))))))))))
.
.
2014-06-27 08:20 . 2014-06-27 08:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-27 08:20 . 2014-06-27 08:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-26 12:55 . 2014-06-26 12:55 -------- d-----w- c:\program files\Common Files\COMODO
2014-06-17 18:50 . 2014-06-27 07:47 -------- d-----w- c:\users\MSI\AppData\Local\CrashDumps
2014-06-16 17:35 . 2014-06-17 16:40 26624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-06-16 17:35 . 2014-06-16 17:35 -------- d-----w- c:\programdata\RogueKiller
2014-06-16 05:35 . 2014-06-16 05:35 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-06-15 17:53 . 2014-06-15 17:53 -------- d-----w- c:\windows\ERUNT
2014-06-15 17:51 . 2014-06-15 17:51 -------- d-----w- C:\VTRoot
2014-06-15 17:51 . 2014-06-15 17:55 46496 ----a-w- c:\windows\system32\drivers\fvstore.dat
2014-06-15 16:22 . 2014-04-26 16:01 502784 ----a-w- c:\windows\system32\usp10.dll
2014-06-15 16:22 . 2014-04-05 02:42 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-15 12:22 . 2014-06-17 17:29 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-15 12:20 . 2014-06-15 12:20 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-15 12:20 . 2014-06-15 12:20 -------- d-----w- c:\programdata\Malwarebytes
2014-06-15 12:20 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-15 12:20 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-15 12:20 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-15 12:10 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-15 12:09 . 2014-06-17 16:19 -------- d-----w- C:\AdwCleaner
2014-06-14 23:27 . 2014-06-14 23:27 -------- d-----w- c:\users\MSI\AppData\Roaming\rightbackup
2014-06-14 17:55 . 2014-06-14 17:55 -------- d-----w- c:\users\MSI\AppData\Local\AdTrustMedia
2014-06-14 17:43 . 2014-06-14 17:43 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2014-06-14 17:43 . 2014-06-14 17:43 1060864 ----a-w- c:\windows\system32\mfc71.dll
2014-06-14 12:05 . 2014-06-27 07:40 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2014-06-14 11:54 . 2014-06-14 11:55 -------- d-s---w- c:\programdata\Shared Space
2014-06-14 11:48 . 2014-06-14 11:48 -------- d-----w- c:\users\MSI\AppData\Local\Comodo
2014-06-14 11:48 . 2014-06-14 17:43 48392 ----a-w- c:\windows\system32\certsentry.dll
2014-06-14 11:48 . 2014-06-14 17:43 -------- d-----w- c:\program files\Comodo
2014-06-14 11:48 . 2014-06-14 11:48 -------- d-----w- c:\programdata\Comodo Downloader
2014-06-14 11:47 . 2014-06-14 12:09 -------- d-----w- c:\programdata\Comodo
2014-06-12 15:24 . 2014-06-14 22:54 -------- d-----w- c:\programdata\AVAST Software
2014-06-02 14:28 . 2014-06-02 14:28 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-06-02 14:26 . 2014-06-02 14:26 -------- d-----w- c:\windows\SHELLNEW
2014-06-02 14:24 . 2014-06-02 14:24 -------- d-----w- c:\users\MSI\AppData\Local\Microsoft Help
2014-06-02 14:24 . 2014-06-17 15:01 -------- d-----w- c:\programdata\Microsoft Help
2014-06-02 14:23 . 2014-06-02 14:23 -------- d-----r- C:\MSOCache
2014-06-01 15:56 . 2014-06-01 15:57 -------- d-----w- c:\program files\Mafia 2 Multiplayer
2014-06-01 13:33 . 2014-06-01 13:33 -------- d-----w- c:\program files\ScummVM
2014-06-01 12:27 . 2014-06-01 12:27 -------- d-----w- c:\users\MSI\AppData\Local\Macromedia
2014-06-01 12:26 . 2014-06-01 12:26 -------- d-----w- c:\users\MSI\AppData\Local\Mozilla
2014-06-01 12:26 . 2014-06-17 15:48 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-06-01 12:08 . 2014-06-01 12:08 -------- d-----w- c:\program files\HeroesAndGenerals
2014-05-31 20:19 . 2014-05-31 20:19 -------- d-----w- c:\users\MSI\AppData\Local\Skype
2014-05-31 20:19 . 2014-05-31 20:19 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 15:40 . 2014-06-12 15:40 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1402588146733
2014-06-12 15:40 . 2014-06-12 15:40 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1402588146733
2014-05-17 14:19 . 2014-05-17 14:19 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2014-05-13 23:13 . 2012-08-09 09:31 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-13 23:13 . 2011-05-14 13:53 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-04 18:21 . 2014-05-04 18:21 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2014-04-16 21:12 . 2014-03-25 18:22 92656 ----a-w- c:\windows\system32\drivers\inspect.sys
2014-04-16 21:12 . 2014-03-25 18:22 43216 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2014-04-16 21:12 . 2014-03-25 18:22 607680 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2014-04-16 21:12 . 2014-03-25 18:22 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2014-04-16 15:51 . 2014-04-16 15:51 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2014-04-15 00:34 . 2014-04-15 00:34 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-04-14 18:13 . 2014-04-21 11:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2011-03-23 11:03 . 2011-07-07 15:42 108424 ----a-w- c:\program files\Common Files\APNStub.exe
2011-03-23 10:26 . 2011-07-07 15:42 3325832 ----a-w- c:\program files\Common Files\APNToolbarInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"T-Mobile CManager"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2013-10-31 2166552]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-05-21 794624]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-25 1225944]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2014-06-23 2327248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe -s [2010-9-6 1556480]
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2014-6-24 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^MSI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-08-21 09:19 450560 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-08-29 00:23 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2007-07-12 11:43 226904 ----a-w- c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2014-05-13 12:29 3814736 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-05-28 08:06 6144000 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-03-15 16:29 1632680 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
2013-10-31 16:11 2166552 ----a-w- c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unify3DWebPlayerUpdate]
2014-03-06 10:02 6041088 ----a-w- c:\users\MSI\AppData\Local\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-14 10:53 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 23:13]
.
2014-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-10 14:27]
.
2014-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-06-10 14:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\wpf3fmif.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-27 10:20
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\users\MSI\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3456991112-1896531325-1040802734-1000\Software\SecuROM\License information*]
"datasecu"=hex:bc,83,f3,93,b4,7d,15,3c,b5,30,7f,14,b1,b0,7e,96,8e,16,bd,cc,65,
23,da,b6,41,d3,a8,d9,df,c1,56,44,6c,cd,22,77,7e,ca,28,31,b8,03,85,91,b0,91,\
"rkeysecu"=hex:c8,36,07,35,f9,34,a3,e3,ae,1c,16,4b,6f,28,41,1c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(792)
c:\windows\system32\guard32.dll
.
Celkový čas: 2014-06-27 10:25:09
ComboFix-quarantined-files.txt 2014-06-27 08:24
ComboFix2.txt 2014-06-20 19:07
.
Před spuštěním: Volných bajtů: 18 219 634 688
Po spuštění: Volných bajtů: 17 253 081 088
.
- - End Of File - - 6D8E9D040631739B4DD96D06523E393E
5C616939100B85E558DA92B899A0FC36

Příspěvekod **jaro3** » 27 čer 2014 19:14

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\system32\drivers\aswsnx.sys.1402588146733
c:\windows\system32\drivers\aswrdr.sys.1402588146733
c:\windows\_MSRSTRT.EXE
c:\program files\Common Files\APNToolbarInstaller.exe
c:\windows\pss\McAfee Security Scan Plus.lnk
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\users\MSI\AppData\Local\Temp\catchme.dll

Folder::
c:\programdata\AVAST Software
c:\program files\Google\Update

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"=-
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Sorry, že mi to trvalo tak dlouho, než jsem odpověděl. Jinak se mi stala docela divná věc. Na ploše a v různých složkách se mi zobrazují konfigurační soubory, které jsou ,,průchodné" jako kdybych je vyjmul a nikam nevložil. Např. na ploše mám 2x soubor desktop.ini a jednou .~lock.Soud.odt#. Nevíš co to znamená ?

To jsou skryté soubory a složky systému windows..
skryješ je takto:
V možnostech složky si zakaž zobrazování skrytých souborů a složek+ dej zatržítko skrýt chráněné soubory operačního systému

zvoltejmeno · Příspěvekod **zvoltejmeno** » 30 čer 2014 22:08

Nový log z ComboFix po přetažení toho dokumentu.
ComboFix 14-06-30.01 - MSI 30.06.2014 21:07:34.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3070.1920 [GMT 2:00]
Spuštěný z: c:\users\MSI\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MSI\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Common Files\APNToolbarInstaller.exe"
"c:\users\MSI\AppData\Local\Temp\catchme.dll"
"c:\windows\_MSRSTRT.EXE"
"c:\windows\pss\McAfee Security Scan Plus.lnk"
"c:\windows\system32\drivers\aswrdr.sys.1402588146733"
"c:\windows\system32\drivers\aswsnx.sys.1402588146733"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdate.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.24.15\goopdate.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_am.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ar.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_bg.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_bn.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ca.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_cs.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_da.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_de.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_el.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_en.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_es.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_et.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fa.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fil.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_gu.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hu.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_id.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_is.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_it.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_iw.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ja.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_kn.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ko.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_lt.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_lv.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ml.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_mr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ms.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_nl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_no.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ro.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ru.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sk.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sv.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sw.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ta.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_te.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_th.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_tr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_uk.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ur.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_vi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.24.15\psmachine.dll
c:\program files\Google\Update\1.3.24.15\psmachine_64.dll
c:\program files\Google\Update\1.3.24.15\psuser.dll
c:\program files\Google\Update\1.3.24.15\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater.exe
c:\program files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.5111.1712\GoogleToolbarInstaller_updater_signed.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Java\jre7\bin\jp2ssv.dll
c:\programdata\AVAST Software
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\Setup.log
c:\programdata\AVAST Software\Persistent Data\Avast\Logs\Update.log
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-28 do 2014-06-30 )))))))))))))))))))))))))))))))
.
.
2014-06-30 19:21 . 2014-06-30 19:43 -------- d-----w- c:\users\MSI\AppData\Local\temp
2014-06-30 19:21 . 2014-06-30 19:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-30 19:21 . 2014-06-30 19:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-28 20:38 . 2014-06-28 20:38 -------- d-----w- c:\program files\LogMeIn Hamachi
2014-06-28 20:34 . 2014-06-28 20:34 -------- d-----w- c:\users\MSI\AppData\Local\SKIDROW
2014-06-26 12:55 . 2014-06-26 12:55 -------- d-----w- c:\program files\Common Files\COMODO
2014-06-17 18:50 . 2014-06-30 18:20 -------- d-----w- c:\users\MSI\AppData\Local\CrashDumps
2014-06-16 17:35 . 2014-06-17 16:40 26624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-06-16 17:35 . 2014-06-16 17:35 -------- d-----w- c:\programdata\RogueKiller
2014-06-16 05:35 . 2014-06-16 05:35 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-06-15 17:53 . 2014-06-15 17:53 -------- d-----w- c:\windows\ERUNT
2014-06-15 17:51 . 2014-06-15 17:51 -------- d-----w- C:\VTRoot
2014-06-15 17:51 . 2014-06-15 17:55 46496 ----a-w- c:\windows\system32\drivers\fvstore.dat
2014-06-15 16:22 . 2014-04-26 16:01 502784 ----a-w- c:\windows\system32\usp10.dll
2014-06-15 16:22 . 2014-04-05 02:42 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-15 12:22 . 2014-06-17 17:29 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-15 12:20 . 2014-06-15 12:20 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-15 12:20 . 2014-06-15 12:20 -------- d-----w- c:\programdata\Malwarebytes
2014-06-15 12:20 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-15 12:20 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-15 12:20 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-15 12:10 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-15 12:09 . 2014-06-17 16:19 -------- d-----w- C:\AdwCleaner
2014-06-14 23:27 . 2014-06-14 23:27 -------- d-----w- c:\users\MSI\AppData\Roaming\rightbackup
2014-06-14 17:55 . 2014-06-14 17:55 -------- d-----w- c:\users\MSI\AppData\Local\AdTrustMedia
2014-06-14 17:43 . 2014-06-14 17:43 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2014-06-14 17:43 . 2014-06-14 17:43 1060864 ----a-w- c:\windows\system32\mfc71.dll
2014-06-14 12:05 . 2014-06-30 18:56 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2014-06-14 11:54 . 2014-06-14 11:55 -------- d-s---w- c:\programdata\Shared Space
2014-06-14 11:48 . 2014-06-14 11:48 -------- d-----w- c:\users\MSI\AppData\Local\Comodo
2014-06-14 11:48 . 2014-06-14 17:43 48392 ----a-w- c:\windows\system32\certsentry.dll
2014-06-14 11:48 . 2014-06-14 17:43 -------- d-----w- c:\program files\Comodo
2014-06-14 11:48 . 2014-06-14 11:48 -------- d-----w- c:\programdata\Comodo Downloader
2014-06-14 11:47 . 2014-06-14 12:09 -------- d-----w- c:\programdata\Comodo
2014-06-02 14:28 . 2014-06-02 14:28 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-06-02 14:26 . 2014-06-02 14:26 -------- d-----w- c:\windows\SHELLNEW
2014-06-02 14:24 . 2014-06-02 14:24 -------- d-----w- c:\users\MSI\AppData\Local\Microsoft Help
2014-06-02 14:24 . 2014-06-17 15:01 -------- d-----w- c:\programdata\Microsoft Help
2014-06-02 14:23 . 2014-06-02 14:23 -------- d-----r- C:\MSOCache
2014-06-01 15:56 . 2014-06-01 15:57 -------- d-----w- c:\program files\Mafia 2 Multiplayer
2014-06-01 13:33 . 2014-06-01 13:33 -------- d-----w- c:\program files\ScummVM
2014-06-01 12:27 . 2014-06-01 12:27 -------- d-----w- c:\users\MSI\AppData\Local\Macromedia
2014-06-01 12:26 . 2014-06-01 12:26 -------- d-----w- c:\users\MSI\AppData\Local\Mozilla
2014-06-01 12:26 . 2014-06-17 15:48 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-06-01 12:08 . 2014-06-01 12:08 -------- d-----w- c:\program files\HeroesAndGenerals
2014-05-31 20:19 . 2014-05-31 20:19 -------- d-----w- c:\users\MSI\AppData\Local\Skype
2014-05-31 20:19 . 2014-05-31 20:19 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-30 16:39 . 2012-08-09 09:31 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-06-30 16:39 . 2011-05-14 13:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-12 15:40 . 2014-06-12 15:40 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1402588146733
2014-06-12 15:40 . 2014-06-12 15:40 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1402588146733
2014-05-17 14:19 . 2014-05-17 14:19 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2014-05-04 18:21 . 2014-05-04 18:21 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2014-04-16 21:12 . 2014-03-25 18:22 92656 ----a-w- c:\windows\system32\drivers\inspect.sys
2014-04-16 21:12 . 2014-03-25 18:22 43216 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2014-04-16 21:12 . 2014-03-25 18:22 607680 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2014-04-16 21:12 . 2014-03-25 18:22 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2014-04-16 15:51 . 2014-04-16 15:51 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2014-04-15 00:34 . 2014-04-15 00:34 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-04-14 18:13 . 2014-04-21 11:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2011-03-23 11:03 . 2011-07-07 15:42 108424 ----a-w- c:\program files\Common Files\APNStub.exe
2011-03-23 10:26 . 2011-07-07 15:42 3325832 ----a-w- c:\program files\Common Files\APNToolbarInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"T-Mobile CManager"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2013-10-31 2166552]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-05-21 794624]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-25 1225944]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2014-06-23 2327248]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-06-23 3816272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe -s [2010-9-6 1556480]
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2014-6-24 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"NoHotStart"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^MSI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-08-21 09:19 450560 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-08-29 00:23 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2007-07-12 11:43 226904 ----a-w- c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2014-06-23 09:43 3816272 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-05-28 08:06 6144000 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-03-15 16:29 1632680 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
2013-10-31 16:11 2166552 ----a-w- c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Unify3DWebPlayerUpdate]
2014-03-06 10:02 6041088 ----a-w- c:\users\MSI\AppData\Local\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-14 10:53 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 16:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
FF - ProfilePath - c:\users\MSI\AppData\Roaming\Mozilla\Firefox\Profiles\wpf3fmif.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-30 21:45
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\users\MSI\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3456991112-1896531325-1040802734-1000\Software\SecuROM\License information*]
"datasecu"=hex:bc,83,f3,93,b4,7d,15,3c,b5,30,7f,14,b1,b0,7e,96,8e,16,bd,cc,65,
23,da,b6,41,d3,a8,d9,df,c1,56,44,6c,cd,22,77,7e,ca,28,31,b8,03,85,91,b0,91,\
"rkeysecu"=hex:c8,36,07,35,f9,34,a3,e3,ae,1c,16,4b,6f,28,41,1c
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(784)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(4408)
c:\windows\system32\guard32.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\COMODO\launcher_service.exe
c:\windows\system32\nvvsvc.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
c:\program files\Comodo\Dragon\dragon_updater.exe
c:\programdata\Readers Digest\Eng20s.exe
c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe
c:\program files\System Control Manager\MSIService.exe
c:\program files\Razer\Razer Game Booster\RzKLService.exe
c:\program files\SensorsViewPro43\svservice.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
c:\windows\system32\conime.exe
c:\program files\RALINK\Common\RaUI.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Comodo\GeekBuddy\unit_manager.exe
c:\program files\Comodo\GeekBuddy\unit.exe
.
**************************************************************************
.
Celkový čas: 2014-06-30 21:49:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-30 19:49
ComboFix2.txt 2014-06-27 08:25
ComboFix3.txt 2014-06-20 19:07
.
Před spuštěním: Volných bajtů: 15 918 125 056
Po spuštění: Volných bajtů: 15 618 588 672
.
- - End Of File - - 5845DABDF0B602CBBE44CC434E5DAC35
5C616939100B85E558DA92B899A0FC36

Příspěvekod **jaro3** » 30 čer 2014 22:15

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
"c:\program files\Common Files\APNToolbarInstaller.exe"
"c:\users\MSI\AppData\Local\Temp\catchme.dll"
"c:\windows\_MSRSTRT.EXE"
"c:\windows\pss\McAfee Security Scan Plus.lnk"
"c:\windows\system32\drivers\aswrdr.sys.1402588146733"
"c:\windows\system32\drivers\aswsnx.sys.1402588146733"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím o kontrolu logu - policejní vir ? Vyřešeno

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Re: Prosím o kontrolu logu - policejní vir ?

Kdo je online