ComboFix 13-03-11.01 - Kamil 11.03.2013 19:12:47.7.2 - FAT32x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.2047.1622 [GMT 1:00]
Spuštěný z: c:\documents and settings\Kamil\My Documents\Downloads\ComboFix.exe
AV: ESET Smart Security 6.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-11 do 2013-03-11 )))))))))))))))))))))))))))))))
.
.
2013-03-11 18:03 . 2013-03-11 18:03 -------- d-----w- C:\aws
2013-03-08 18:38 . 2013-03-08 18:40 178824 ----a-w- C:\cc_20130308_193843.reg
2013-03-08 18:32 . 2013-03-08 18:32 -------- d-----w- c:\program files\CCleaner
2013-03-08 17:40 . 2013-03-08 17:40 -------- d-----w- c:\program files\ASUS Security Center
2013-03-08 17:40 . 2013-03-08 17:40 -------- d-----w- c:\program files\Fingerprint Sensor
2013-03-08 17:09 . 2013-03-08 17:09 -------- d-----w- C:\FOUND.019
2013-03-08 06:37 . 2013-03-08 06:37 -------- d-----w- C:\FOUND.018
2013-03-06 20:34 . 2013-03-06 20:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-03-06 18:10 . 2013-03-06 18:10 -------- d-----w- c:\program files\trend micro
2013-03-06 18:10 . 2013-03-06 18:10 -------- d-----w- C:\rsit
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\documents and settings\Kamil\Application Data\Malwarebytes
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-06 12:46 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-05 15:20 . 2013-03-05 15:20 -------- d-----w- C:\FOUND.017
2013-03-05 09:01 . 2013-03-05 09:00 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-05 09:01 . 2013-03-05 09:00 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-04 20:58 . 2013-03-04 20:58 -------- d-----w- c:\program files\Recuva
2013-02-20 19:31 . 2013-02-20 19:31 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 16:45 . 2013-02-15 16:45 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-05 09:00 . 2012-09-01 09:18 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-05 09:00 . 2010-07-25 14:08 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-27 18:41 . 2012-04-11 23:13 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 18:41 . 2011-05-23 14:23 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2009-10-25 13:13 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19 . 2009-10-25 13:13 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2009-10-25 13:13 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2009-10-25 13:13 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2006-09-18 09:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2006-09-18 09:36 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2006-09-18 09:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2006-09-18 09:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:41 . 2006-09-18 09:36 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:24 . 2006-09-18 09:36 290560 ----a-w- c:\windows\system32\atmfd.dll
2013-03-07 14:30 . 2013-03-08 18:13 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Secure Disks]
@="{666C7836-A9B6-4AB4-94ED-DC238C81E925}"
[HKEY_CLASSES_ROOT\CLSID\{666C7836-A9B6-4AB4-94ED-DC238C81E925}]
2006-10-26 23:35 391168 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\documents and settings\Kamil\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-08-20 138096]
"Akamai NetSession Interface"="c:\documents and settings\Kamil\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Infium"="c:\program files\QIP 2012\qip.exe" [2012-03-23 7351760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone\PowerForPhone.exe" [2006-09-07 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2006-05-18 450560]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-08-30 286720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe" [2012-03-15 740704]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2012-06-11 259072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 5074384]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-02-03 430080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 00:30 74240 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\Program Files\\ASUS\\Printer Utilities\\UsbService.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Air Live IP Wizard II\\IPWizardII.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
"c:\\Program Files\\AirLive\\NVR Search\\NVR Search.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Kamil\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\AirLive\\CamPro Express 64\\CamProExpress64.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R3 vuhub;Virtual Usb Hub;c:\windows\system32\drivers\vuhub.sys [16.1.2011 13:20 66432]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 21:07 121216]
S1 ItSDisk;ItSDisk;c:\windows\system32\drivers\itsdisk.sys [17.5.2006 1:14 23496]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [18.9.2006 10:36 14336]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [18.9.2006 10:36 14336]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [18.9.2006 10:36 14336]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.11.2012 10:07 1329304]
S2 EZSERVICE;EZSERVICE;c:\program files\Asus\EZVCR\EZSERVICE.exe [27.3.2007 18:32 61440]
S2 gupdate1ca7380bfb797ae;Služba Google Update (gupdate1ca7380bfb797ae);c:\program files\Google\Update\GoogleUpdate.exe [2.12.2009 19:53 133104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.3.2013 13:46 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S2 UsbService;ASUS Virtual MFP Service;c:\program files\Asus\Printer Utilities\UsbService.exe [16.1.2011 13:20 217088]
S3 CamProExpress64;CamProExpress64;c:\program files\AirLive\CamPro Express 64\CamProExpress64.exe [29.7.2010 5:28 3404800]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.3.2013 13:46 21104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16.1.2012 21:58 137600]
S3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [8.8.2006 23:15 1116544]
S3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [8.8.2006 23:15 7808]
S3 u3kmini;ASUS My Cinema-U3000 Mini;c:\windows\system32\drivers\u3kmini.sys [8.8.2006 16:41 352000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-02 18:53]
.
2013-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-02 18:53]
.
2013-03-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core.job
- c:\documents and settings\Kamil\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-20 21:56]
.
2013-03-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:41]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core1ce0ddf833e5df6.job
- c:\documents and settings\Kamil\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-03 13:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bohusice.cz/
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download All by ASUS Download - c:\program files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mfcr.cz
TCP: DhcpNameServer = 192.168.100.1
DPF: {7E88D4EE-0969-48ED-9F1C-B647586C0419} - hxxp://192.168.100.105/Media.CAB
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} - hxxps://adisdpr.mfcr.cz/adistc/adis/idp ... tsignx.cab
FF - ProfilePath - c:\documents and settings\Kamil\Application Data\Mozilla\Firefox\Profiles\9a4k7py8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bohusice.cz
FF - ExtSQL: 2013-01-15 23:03; seo@profesional; c:\documents and settings\Kamil\Application Data\Mozilla\Firefox\Profiles\9a4k7py8.default\extensions\seo@profesional.xpi
.
.
------- Asociace souborů -------
.
.scr=DWGTrueViewScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Free 3D Photo Maker_is1 - c:\program files\Common Files\DVDVideoSoft\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-11 19:28
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_ce5ba24.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,14,ca,c4,05,1e,66,ed,46,82,b1,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,14,ca,c4,05,1e,66,ed,46,82,b1,d4,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(252)
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\TrayIcon.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\brand.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll
.
- - - - - - - > 'explorer.exe'(1112)
c:\windows\system32\WININET.dll
c:\windows\system32\APSHook.dll
c:\program files\ASUS\ASUS WebStorage\3.0.138.290\ASUSWSShellExt.dll
c:\windows\system32\AcSignIcon.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\ieframe.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
.
**************************************************************************
.
Celkový čas: 2013-03-11 19:33:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-11 18:33
ComboFix2.txt 2013-03-07 09:48
.
Před spuštěním: 13 210 058 752 bytes free
Po spuštění: Volných bajtů: 13 261 209 600
.
- - End Of File - - 34D97E9C4BC8871D78752B90DD6DDB38
Zamrznutí pc při připojení exter. disku
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zamrznutí pc při připojení exter. disku
Zkoušel si víc flash disků?
Pokud nepoužíváš Akamai, odinstaluj.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Pokud nepoužíváš Akamai, odinstaluj.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
SecCenter::
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
File::
C:\cc_20130308_193843.reg
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core1ce0ddf833e5df6.job
Folder::
C:\FOUND.019
C:\FOUND.018
C:\FOUND.017
c:\documents and settings\Kamil\Local Settings\Application Data\Facebook\Update
c:\program files\Skype\Updater
c:\program files\Google\Update
c:\documents and settings\Kamil\Local Settings\Application Data\Facebook\Update
Driver::
SkypeUpdate
LgBttPort
Lgbusenum
LGVMODEM
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zamrznutí pc při připojení exter. disku
Další flash taky ok.
Několik složek jsem musel vymazat ručně, ComboFix se na nich zasekl.
ComboFix 13-03-11.01 - Kamil 12.03.2013 6:35.15.2 - FAT32x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.2047.1547 [GMT 1:00]
Spuštěný z: c:\documents and settings\Kamil\My Documents\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Kamil\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"C:\cc_20130308_193843.reg"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core1ce0ddf833e5df6.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_LgBttPort
-------\Service_lgbusenum
-------\Service_LGVMODEM
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-12 do 2013-03-12 )))))))))))))))))))))))))))))))
.
.
2013-03-11 19:22 . 2013-03-11 19:22 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-03-11 18:03 . 2013-03-11 18:03 -------- d-----w- C:\aws
2013-03-08 18:38 . 2013-03-08 18:40 178824 ----a-w- C:\cc_20130308_193843.reg
2013-03-08 18:32 . 2013-03-08 18:32 -------- d-----w- c:\program files\CCleaner
2013-03-08 17:40 . 2013-03-08 17:40 -------- d-----w- c:\program files\ASUS Security Center
2013-03-08 17:40 . 2013-03-08 17:40 -------- d-----w- c:\program files\Fingerprint Sensor
2013-03-06 20:34 . 2013-03-06 20:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-03-06 18:10 . 2013-03-06 18:10 -------- d-----w- c:\program files\trend micro
2013-03-06 18:10 . 2013-03-06 18:10 -------- d-----w- C:\rsit
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\documents and settings\Kamil\Application Data\Malwarebytes
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-06 12:46 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-05 09:01 . 2013-03-05 09:00 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-05 09:01 . 2013-03-05 09:00 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-04 20:58 . 2013-03-04 20:58 -------- d-----w- c:\program files\Recuva
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 16:45 . 2013-02-15 16:45 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-05 09:00 . 2012-09-01 09:18 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-05 09:00 . 2010-07-25 14:08 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-27 18:41 . 2012-04-11 23:13 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 18:41 . 2011-05-23 14:23 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2009-10-25 13:13 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19 . 2009-10-25 13:13 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2009-10-25 13:13 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2009-10-25 13:13 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2006-09-18 09:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2006-09-18 09:36 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2006-09-18 09:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2006-09-18 09:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:41 . 2006-09-18 09:36 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:24 . 2006-09-18 09:36 290560 ----a-w- c:\windows\system32\atmfd.dll
2013-03-07 14:30 . 2013-03-08 18:13 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Secure Disks]
@="{666C7836-A9B6-4AB4-94ED-DC238C81E925}"
[HKEY_CLASSES_ROOT\CLSID\{666C7836-A9B6-4AB4-94ED-DC238C81E925}]
2006-10-26 23:35 391168 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Infium"="c:\program files\QIP 2012\qip.exe" [2012-03-23 7351760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone\PowerForPhone.exe" [2006-09-07 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2006-05-18 450560]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-08-30 286720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe" [2012-03-15 740704]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2012-06-11 259072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 5074384]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-02-03 430080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 00:30 74240 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\Program Files\\ASUS\\Printer Utilities\\UsbService.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Air Live IP Wizard II\\IPWizardII.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
"c:\\Program Files\\AirLive\\NVR Search\\NVR Search.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AirLive\\CamPro Express 64\\CamProExpress64.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R3 vuhub;Virtual Usb Hub;c:\windows\system32\drivers\vuhub.sys [16.1.2011 13:20 66432]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 21:07 121216]
S1 ItSDisk;ItSDisk;c:\windows\system32\drivers\itsdisk.sys [17.5.2006 1:14 23496]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [18.9.2006 10:36 14336]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [18.9.2006 10:36 14336]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.11.2012 10:07 1329304]
S2 EZSERVICE;EZSERVICE;c:\program files\Asus\EZVCR\EZSERVICE.exe [27.3.2007 18:32 61440]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.3.2013 13:46 682344]
S2 UsbService;ASUS Virtual MFP Service;c:\program files\Asus\Printer Utilities\UsbService.exe [16.1.2011 13:20 217088]
S3 CamProExpress64;CamProExpress64;c:\program files\AirLive\CamPro Express 64\CamProExpress64.exe [29.7.2010 5:28 3404800]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.3.2013 13:46 21104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16.1.2012 21:58 137600]
S3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [8.8.2006 23:15 1116544]
S3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [8.8.2006 23:15 7808]
S3 u3kmini;ASUS My Cinema-U3000 Mini;c:\windows\system32\drivers\u3kmini.sys [8.8.2006 16:41 352000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:41]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core1ce0ddf833e5df6.job
- c:\documents and settings\Kamil\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-03 13:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bohusice.cz/
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download All by ASUS Download - c:\program files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mfcr.cz
TCP: DhcpNameServer = 192.168.100.1
DPF: {7E88D4EE-0969-48ED-9F1C-B647586C0419} - hxxp://192.168.100.105/Media.CAB
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} - hxxps://adisdpr.mfcr.cz/adistc/adis/idp ... tsignx.cab
FF - ProfilePath - c:\documents and settings\Kamil\Application Data\Mozilla\Firefox\Profiles\9a4k7py8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bohusice.cz
FF - ExtSQL: 2013-01-15 23:03; seo@profesional; c:\documents and settings\Kamil\Application Data\Mozilla\Firefox\Profiles\9a4k7py8.default\extensions\seo@profesional.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\documents and settings\Kamil\Local Settings\Application Data\Akamai\netsession_win.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-12 06:45
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,14,ca,c4,05,1e,66,ed,46,82,b1,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,14,ca,c4,05,1e,66,ed,46,82,b1,d4,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(252)
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll
.
- - - - - - - > 'explorer.exe'(940)
c:\windows\system32\WININET.dll
c:\windows\system32\APSHook.dll
c:\program files\ASUS\ASUS WebStorage\3.0.138.290\ASUSWSShellExt.dll
c:\windows\system32\AcSignIcon.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\ieframe.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
.
**************************************************************************
.
Celkový čas: 2013-03-12 06:49:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-12 05:49
ComboFix2.txt 2013-03-11 18:33
ComboFix3.txt 2013-03-07 09:48
.
Před spuštěním: 13 346 406 400 bytes free
Po spuštění: Volných bajtů: 13 332 054 016
.
- - End Of File - - 85ECA0155D1182023E9059C3D2FCFA37
Několik složek jsem musel vymazat ručně, ComboFix se na nich zasekl.
ComboFix 13-03-11.01 - Kamil 12.03.2013 6:35.15.2 - FAT32x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.2047.1547 [GMT 1:00]
Spuštěný z: c:\documents and settings\Kamil\My Documents\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Kamil\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"C:\cc_20130308_193843.reg"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core1ce0ddf833e5df6.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_LgBttPort
-------\Service_lgbusenum
-------\Service_LGVMODEM
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-12 do 2013-03-12 )))))))))))))))))))))))))))))))
.
.
2013-03-11 19:22 . 2013-03-11 19:22 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-03-11 18:03 . 2013-03-11 18:03 -------- d-----w- C:\aws
2013-03-08 18:38 . 2013-03-08 18:40 178824 ----a-w- C:\cc_20130308_193843.reg
2013-03-08 18:32 . 2013-03-08 18:32 -------- d-----w- c:\program files\CCleaner
2013-03-08 17:40 . 2013-03-08 17:40 -------- d-----w- c:\program files\ASUS Security Center
2013-03-08 17:40 . 2013-03-08 17:40 -------- d-----w- c:\program files\Fingerprint Sensor
2013-03-06 20:34 . 2013-03-06 20:34 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-03-06 18:10 . 2013-03-06 18:10 -------- d-----w- c:\program files\trend micro
2013-03-06 18:10 . 2013-03-06 18:10 -------- d-----w- C:\rsit
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\documents and settings\Kamil\Application Data\Malwarebytes
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-03-06 12:46 . 2013-03-06 12:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-06 12:46 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-05 09:01 . 2013-03-05 09:00 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-05 09:01 . 2013-03-05 09:00 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-04 20:58 . 2013-03-04 20:58 -------- d-----w- c:\program files\Recuva
2013-02-15 22:31 . 2013-02-15 22:31 186432 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 16:45 . 2013-02-15 16:45 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-05 09:00 . 2012-09-01 09:18 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-05 09:00 . 2010-07-25 14:08 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-27 18:41 . 2012-04-11 23:13 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-27 18:41 . 2011-05-23 14:23 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2009-10-25 13:13 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19 . 2009-10-25 13:13 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37 . 2009-10-25 13:13 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20 . 2009-10-25 13:13 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2006-09-18 09:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16 . 2006-09-18 09:36 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16 . 2006-09-18 09:36 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16 . 2006-09-18 09:36 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:41 . 2006-09-18 09:36 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:24 . 2006-09-18 09:36 290560 ----a-w- c:\windows\system32\atmfd.dll
2013-03-07 14:30 . 2013-03-08 18:13 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-15 02:07 1476448 ----a-w- c:\program files\Asus\ASUS WebStorage\3.0.138.290\AsusWSShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Secure Disks]
@="{666C7836-A9B6-4AB4-94ED-DC238C81E925}"
[HKEY_CLASSES_ROOT\CLSID\{666C7836-A9B6-4AB4-94ED-DC238C81E925}]
2006-10-26 23:35 391168 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Infium"="c:\program files\QIP 2012\qip.exe" [2012-03-23 7351760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"nwiz"="nwiz.exe" [2006-07-20 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone\PowerForPhone.exe" [2006-09-07 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2006-05-30 811008]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-14 90112]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2006-05-18 450560]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-10 417792]
"SNPSTD2"="c:\windows\vsnpstd2.exe" [2004-08-30 286720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe" [2012-03-15 740704]
"SafeQ Client"="c:\program files\Y Soft\SafeQ Client\Client\SafeQ Client.exe" [2012-06-11 259072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-14 5074384]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-02-03 430080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-07 00:30 74240 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\Program Files\\ASUS\\Printer Utilities\\UsbService.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Air Live IP Wizard II\\IPWizardII.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
"c:\\Program Files\\AirLive\\NVR Search\\NVR Search.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AirLive\\CamPro Express 64\\CamProExpress64.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R3 vuhub;Virtual Usb Hub;c:\windows\system32\drivers\vuhub.sys [16.1.2011 13:20 66432]
S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 21:07 121216]
S1 ItSDisk;ItSDisk;c:\windows\system32\drivers\itsdisk.sys [17.5.2006 1:14 23496]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [18.9.2006 10:36 14336]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [18.9.2006 10:36 14336]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.11.2012 10:07 1329304]
S2 EZSERVICE;EZSERVICE;c:\program files\Asus\EZVCR\EZSERVICE.exe [27.3.2007 18:32 61440]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.3.2013 13:46 682344]
S2 UsbService;ASUS Virtual MFP Service;c:\program files\Asus\Printer Utilities\UsbService.exe [16.1.2011 13:20 217088]
S3 CamProExpress64;CamProExpress64;c:\program files\AirLive\CamPro Express 64\CamProExpress64.exe [29.7.2010 5:28 3404800]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.3.2013 13:46 21104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16.1.2012 21:58 137600]
S3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [8.8.2006 23:15 1116544]
S3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [8.8.2006 23:15 7808]
S3 u3kmini;ASUS My Cinema-U3000 Mini;c:\windows\system32\drivers\u3kmini.sys [8.8.2006 16:41 352000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:41]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916314380-1386057458-2243310981-1005Core1ce0ddf833e5df6.job
- c:\documents and settings\Kamil\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-03 13:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bohusice.cz/
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download All by ASUS Download - c:\program files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
IE: Download using ASUS Download - c:\program files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
Trusted Zone: mfcr.cz
TCP: DhcpNameServer = 192.168.100.1
DPF: {7E88D4EE-0969-48ED-9F1C-B647586C0419} - hxxp://192.168.100.105/Media.CAB
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} - hxxps://adisdpr.mfcr.cz/adistc/adis/idp ... tsignx.cab
FF - ProfilePath - c:\documents and settings\Kamil\Application Data\Mozilla\Firefox\Profiles\9a4k7py8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bohusice.cz
FF - ExtSQL: 2013-01-15 23:03; seo@profesional; c:\documents and settings\Kamil\Application Data\Mozilla\Firefox\Profiles\9a4k7py8.default\extensions\seo@profesional.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Akamai NetSession Interface - c:\documents and settings\Kamil\Local Settings\Application Data\Akamai\netsession_win.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-12 06:45
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,14,ca,c4,05,1e,66,ed,46,82,b1,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,14,ca,c4,05,1e,66,ed,46,82,b1,d4,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(252)
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll
.
- - - - - - - > 'explorer.exe'(940)
c:\windows\system32\WININET.dll
c:\windows\system32\APSHook.dll
c:\program files\ASUS\ASUS WebStorage\3.0.138.290\ASUSWSShellExt.dll
c:\windows\system32\AcSignIcon.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\ieframe.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
.
**************************************************************************
.
Celkový čas: 2013-03-12 06:49:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-12 05:49
ComboFix2.txt 2013-03-11 18:33
ComboFix3.txt 2013-03-07 09:48
.
Před spuštěním: 13 346 406 400 bytes free
Po spuštění: Volných bajtů: 13 332 054 016
.
- - End Of File - - 85ECA0155D1182023E9059C3D2FCFA37
Re: Zamrznutí pc při připojení exter. disku
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-12 10:41:27
-----------------------------
10:41:27.062 OS Version: Windows 5.1.2600 Service Pack 3
10:41:27.062 Number of processors: 2 586 0xF06
10:41:27.062 ComputerName: NOTEBOOK_K UserName: Kamil
10:41:27.656 Initialize success
10:41:47.531 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:41:47.531 Disk 0 Vendor: ST9100828AS 3.ALC Size: 95396MB BusType: 3
10:41:47.546 Disk 0 MBR read successfully
10:41:47.562 Disk 0 MBR scan
10:41:47.562 Disk 0 Windows XP default MBR code
10:41:47.562 Disk 0 Partition 1 00 1B Hidd FAT32 MSDOS5.0 4000 MB offset 63
10:41:47.578 Disk 0 Partition 2 80 (A) 0C FAT32 LBA MSDOS5.0 54839 MB offset 8193150
10:41:47.578 Disk 0 Partition - 00 0F Extended LBA 36554 MB offset 120503565
10:41:47.609 Disk 0 Partition 3 00 0B FAT32 MSWIN4.1 36554 MB offset 120503628
10:41:47.609 Disk 0 scanning sectors +195366465
10:41:47.656 Disk 0 scanning C:\WINDOWS\system32\drivers
10:41:53.546 Service scanning
10:42:05.984 Modules scanning
10:42:12.687 Disk 0 trace - called modules:
10:42:12.734 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:42:12.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a7a1ab8]
10:42:12.750 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000084[0x8a7eb9e8]
10:42:12.750 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a7a7d98]
10:42:12.765 Scan finished successfully
10:42:19.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kamil\Desktop\MBR.dat"
10:42:19.812 The log file has been saved successfully to "C:\Documents and Settings\Kamil\Desktop\aswMBR.txt"
Run date: 2013-03-12 10:41:27
-----------------------------
10:41:27.062 OS Version: Windows 5.1.2600 Service Pack 3
10:41:27.062 Number of processors: 2 586 0xF06
10:41:27.062 ComputerName: NOTEBOOK_K UserName: Kamil
10:41:27.656 Initialize success
10:41:47.531 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
10:41:47.531 Disk 0 Vendor: ST9100828AS 3.ALC Size: 95396MB BusType: 3
10:41:47.546 Disk 0 MBR read successfully
10:41:47.562 Disk 0 MBR scan
10:41:47.562 Disk 0 Windows XP default MBR code
10:41:47.562 Disk 0 Partition 1 00 1B Hidd FAT32 MSDOS5.0 4000 MB offset 63
10:41:47.578 Disk 0 Partition 2 80 (A) 0C FAT32 LBA MSDOS5.0 54839 MB offset 8193150
10:41:47.578 Disk 0 Partition - 00 0F Extended LBA 36554 MB offset 120503565
10:41:47.609 Disk 0 Partition 3 00 0B FAT32 MSWIN4.1 36554 MB offset 120503628
10:41:47.609 Disk 0 scanning sectors +195366465
10:41:47.656 Disk 0 scanning C:\WINDOWS\system32\drivers
10:41:53.546 Service scanning
10:42:05.984 Modules scanning
10:42:12.687 Disk 0 trace - called modules:
10:42:12.734 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:42:12.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a7a1ab8]
10:42:12.750 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000084[0x8a7eb9e8]
10:42:12.750 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a7a7d98]
10:42:12.765 Scan finished successfully
10:42:19.750 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kamil\Desktop\MBR.dat"
10:42:19.812 The log file has been saved successfully to "C:\Documents and Settings\Kamil\Desktop\aswMBR.txt"
Re: Zamrznutí pc při připojení exter. disku
RogueKiller V8.5.2 [Mar 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Kamil [Práva správce]
Mód : Kontrola -- Datum : 03/12/2013 10:45:43
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[Faked.Drv][FILE] s24trans.sys : C:\WINDOWS\system32\drivers\s24trans.sys [-] --> NALEZENO
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> NALEZENO
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys [-] --> NALEZENO
[Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdaudio.sys : C:\WINDOWS\system32\drivers\cdaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys [-] --> NALEZENO
[Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys [-] --> NALEZENO
[Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nmwcdnsu.sys : C:\WINDOWS\system32\drivers\nmwcdnsu.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys [-] --> NALEZENO
[Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys [-] --> NALEZENO
[Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys [-] --> NALEZENO
[Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipfltdrv.sys : C:\WINDOWS\system32\drivers\ipfltdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnknb.sys : C:\WINDOWS\system32\drivers\nwlnknb.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys [-] --> NALEZENO
[Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys [-] --> NALEZENO
[Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys [-] --> NALEZENO
[Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys [-] --> NALEZENO
[Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys [-] --> NALEZENO
[Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys [-] --> NALEZENO
[Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosdvd.sys : C:\WINDOWS\system32\drivers\tosdvd.sys [-] --> NALEZENO
[Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys [-] --> NALEZENO
[Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys [-] --> NALEZENO
[Faked.Drv][FILE] vdmindvd.sys : C:\WINDOWS\system32\drivers\vdmindvd.sys [-] --> NALEZENO
[Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys [-] --> NALEZENO
[Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys [-] --> NALEZENO
[Faked.Drv][FILE] tostrans.sys : C:\WINDOWS\system32\drivers\tostrans.sys [-] --> NALEZENO
[Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys [-] --> NALEZENO
[Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfusb.sys : C:\WINDOWS\system32\drivers\tosrfusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfsnd.sys : C:\WINDOWS\system32\drivers\tosrfsnd.sys [-] --> NALEZENO
[Faked.Drv][FILE] pccsmcfd.sys : C:\WINDOWS\system32\drivers\pccsmcfd.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfpcc.sys : C:\WINDOWS\system32\drivers\tosrfpcc.sys [-] --> NALEZENO
[Faked.Drv][FILE] Hdaudbus.sys : C:\WINDOWS\system32\drivers\Hdaudbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] fltMgr.sys : C:\WINDOWS\system32\drivers\fltMgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys [-] --> NALEZENO
[Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys [-] --> NALEZENO
[Faked.Drv][FILE] battc.sys : C:\WINDOWS\system32\drivers\battc.sys [-] --> NALEZENO
[Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdecode.sys : C:\WINDOWS\system32\drivers\ccdecode.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] NETw3x32.sys : C:\WINDOWS\system32\drivers\NETw3x32.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys [-] --> NALEZENO
[Faked.Drv][FILE] CmBatt.sys : C:\WINDOWS\system32\drivers\CmBatt.sys [-] --> NALEZENO
[Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] compbatt.sys : C:\WINDOWS\system32\drivers\compbatt.sys [-] --> NALEZENO
[Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys [-] --> NALEZENO
[Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys [-] --> NALEZENO
[Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys [-] --> NALEZENO
[Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys [-] --> NALEZENO
[Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys [-] --> NALEZENO
[Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys [-] --> NALEZENO
[Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys [-] --> NALEZENO
[Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfnds.sys : C:\WINDOWS\system32\drivers\tosrfnds.sys [-] --> NALEZENO
[Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys [-] --> NALEZENO
[Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys [-] --> NALEZENO
[Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys [-] --> NALEZENO
[Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] AegisP.sys : C:\WINDOWS\system32\drivers\AegisP.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys [-] --> NALEZENO
[Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys [-] --> NALEZENO
[Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys [-] --> NALEZENO
[Faked.Drv][FILE] epfwndis.sys : C:\WINDOWS\system32\drivers\epfwndis.sys [-] --> NALEZENO
[Faked.Drv][FILE] mf.sys : C:\WINDOWS\system32\drivers\mf.sys [-] --> NALEZENO
[Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys [-] --> NALEZENO
[Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys [-] --> NALEZENO
[Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys [-] --> NALEZENO
[Faked.Drv][FILE] wstcodec.sys : C:\WINDOWS\system32\drivers\wstcodec.sys [-] --> NALEZENO
[Faked.Drv][FILE] mqac.sys : C:\WINDOWS\system32\drivers\mqac.sys [-] --> NALEZENO
[Faked.Drv][FILE] irbus.sys : C:\WINDOWS\system32\drivers\irbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys [-] --> NALEZENO
[Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys [-] --> NALEZENO
[Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mstee.sys : C:\WINDOWS\system32\drivers\mstee.sys [-] --> NALEZENO
[Faked.Drv][FILE] nabtsfec.sys : C:\WINDOWS\system32\drivers\nabtsfec.sys [-] --> NALEZENO
[Faked.Drv][FILE] NdisIP.sys : C:\WINDOWS\system32\drivers\NdisIP.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys [-] --> NALEZENO
[Faked.Drv][FILE] vuhub.sys : C:\WINDOWS\system32\drivers\vuhub.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrflan.sys : C:\WINDOWS\system32\drivers\tosrflan.sys [-] --> NALEZENO
[Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys [-] --> NALEZENO
[Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys [-] --> NALEZENO
[Faked.Drv][FILE] nic1394.sys : C:\WINDOWS\system32\drivers\nic1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] nmnt.sys : C:\WINDOWS\system32\drivers\nmnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys [-] --> NALEZENO
[Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfhid.sys : C:\WINDOWS\system32\drivers\tosrfhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfec.sys : C:\WINDOWS\system32\drivers\tosrfec.sys [-] --> NALEZENO
[Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys [-] --> NALEZENO
[Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys [-] --> NALEZENO
[Faked.Drv][FILE] toshidpt.sys : C:\WINDOWS\system32\drivers\toshidpt.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfcom.sys : C:\WINDOWS\system32\drivers\tosrfcom.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfbnp.sys : C:\WINDOWS\system32\drivers\tosrfbnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys [-] --> NALEZENO
[Faked.Drv][FILE] MMIOPORT.SYS : C:\WINDOWS\system32\drivers\MMIOPORT.SYS [-] --> NALEZENO
[Faked.Drv][FILE] tosrfbd.sys : C:\WINDOWS\system32\drivers\tosrfbd.sys [-] --> NALEZENO
[Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosporte.sys : C:\WINDOWS\system32\drivers\tosporte.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosdbt.sys : C:\WINDOWS\system32\drivers\tosdbt.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosbtsd2.sys : C:\WINDOWS\system32\drivers\tosbtsd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] mouhid.sys : C:\WINDOWS\system32\drivers\mouhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys [-] --> NALEZENO
[Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys [-] --> NALEZENO
[Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys [-] --> NALEZENO
[Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys [-] --> NALEZENO
[Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys [-] --> NALEZENO
[Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys [-] --> NALEZENO
[Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys [-] --> NALEZENO
[Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys [-] --> NALEZENO
[Faked.Drv][FILE] mhndrv.sys : C:\WINDOWS\system32\drivers\mhndrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] sdbus.sys : C:\WINDOWS\system32\drivers\sdbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys [-] --> NALEZENO
[Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys [-] --> NALEZENO
[Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys [-] --> NALEZENO
[Faked.Drv][FILE] pxhelp20.sys : C:\WINDOWS\system32\drivers\pxhelp20.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdcmb.sys : C:\WINDOWS\system32\drivers\ccdcmb.sys [-] --> NALEZENO
[Faked.Drv][FILE] slip.sys : C:\WINDOWS\system32\drivers\slip.sys [-] --> NALEZENO
[Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys [-] --> NALEZENO
[Faked.Drv][FILE] Hdaudio.sys : C:\WINDOWS\system32\drivers\Hdaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys [-] --> NALEZENO
[Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys [-] --> NALEZENO
[Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys [-] --> NALEZENO
[Faked.Drv][FILE] StreamIP.sys : C:\WINDOWS\system32\drivers\StreamIP.sys [-] --> NALEZENO
[Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys [-] --> NALEZENO
[Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys [-] --> NALEZENO
[Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys [-] --> NALEZENO
[Faked.Drv][FILE] pciide.sys : C:\WINDOWS\system32\drivers\pciide.sys [-] --> NALEZENO
[Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys [-] --> NALEZENO
[Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys [-] --> NALEZENO
[Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys [-] --> NALEZENO
[Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] uagp35.sys : C:\WINDOWS\system32\drivers\uagp35.sys [-] --> NALEZENO
[Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys [-] --> NALEZENO
[Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] RtkHDAud.Sys : C:\WINDOWS\system32\drivers\RtkHDAud.Sys [-] --> NALEZENO
[Faked.Drv][FILE] wdfldr.sys : C:\WINDOWS\system32\drivers\wdfldr.sys [-] --> NALEZENO
[Faked.Drv][FILE] MODEMCSA.sys : C:\WINDOWS\system32\drivers\MODEMCSA.sys [-] --> NALEZENO
[Faked.Drv][FILE] Rtenicxp.sys : C:\WINDOWS\system32\drivers\Rtenicxp.sys [-] --> NALEZENO
[Faked.Drv][FILE] rimsptsk.sys : C:\WINDOWS\system32\drivers\rimsptsk.sys [-] --> NALEZENO
[Faked.Drv][FILE] rimmptsk.sys : C:\WINDOWS\system32\drivers\rimmptsk.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys [-] --> NALEZENO
[Faked.Drv][FILE] epfw.sys : C:\WINDOWS\system32\drivers\epfw.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynTP.sys : C:\WINDOWS\system32\drivers\SynTP.sys [-] --> NALEZENO
[Faked.Drv][FILE] epfwtdi.sys : C:\WINDOWS\system32\drivers\epfwtdi.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys [-] --> NALEZENO
[Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys [-] --> NALEZENO
[Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys [-] --> NALEZENO
[Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys [-] --> NALEZENO
[Faked.Drv][FILE] eamon.sys : C:\WINDOWS\system32\drivers\eamon.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdralw2k.sys : C:\WINDOWS\system32\drivers\cdralw2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdr4_xp.sys : C:\WINDOWS\system32\drivers\cdr4_xp.sys [-] --> NALEZENO
[Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys [-] --> NALEZENO
[Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys [-] --> NALEZENO
[Faked.Drv][FILE] snpstd2.sys : C:\WINDOWS\system32\drivers\snpstd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynMini.sys : C:\WINDOWS\system32\drivers\SynMini.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynCamd.sys : C:\WINDOWS\system32\drivers\SynCamd.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynPin.sys : C:\WINDOWS\system32\drivers\SynPin.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynSam.sys : C:\WINDOWS\system32\drivers\SynSam.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynScan.sys : C:\WINDOWS\system32\drivers\SynScan.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys [-] --> NALEZENO
[Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbccgp.sys : C:\WINDOWS\system32\drivers\usbccgp.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidusb.sys : C:\WINDOWS\system32\drivers\hidusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] kbdhid.sys : C:\WINDOWS\system32\drivers\kbdhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdf01000.sys : C:\WINDOWS\system32\drivers\wdf01000.sys [-] --> NALEZENO
[Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys [-] --> NALEZENO
[Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys [-] --> NALEZENO
[Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys [-] --> NALEZENO
[Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys [-] --> NALEZENO
[Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys [-] --> NALEZENO
[Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys [-] --> NALEZENO
[Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys [-] --> NALEZENO
[Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys [-] --> NALEZENO
[Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys [-] --> NALEZENO
[Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys [-] --> NALEZENO
[Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys [-] --> NALEZENO
[Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys [-] --> NALEZENO
[Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys [-] --> NALEZENO
[Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys [-] --> NALEZENO
[Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthprint.sys : C:\WINDOWS\system32\drivers\bthprint.sys [-] --> NALEZENO
[Faked.Drv][FILE] 61883.sys : C:\WINDOWS\system32\drivers\61883.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthenum.sys : C:\WINDOWS\system32\drivers\bthenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinbtxx.sys : C:\WINDOWS\system32\drivers\atinbtxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys [-] --> NALEZENO
[Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys [-] --> NALEZENO
[Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys [-] --> NALEZENO
[Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwrdr.sys : C:\WINDOWS\system32\drivers\nwrdr.sys [-] --> NALEZENO
[Faked.Drv][FILE] avc.sys : C:\WINDOWS\system32\drivers\avc.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbprint.sys : C:\WINDOWS\system32\drivers\usbprint.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbscan.sys : C:\WINDOWS\system32\drivers\usbscan.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdcmbo.sys : C:\WINDOWS\system32\drivers\ccdcmbo.sys [-] --> NALEZENO
[Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys [-] --> NALEZENO
[Faked.Drv][FILE] msdv.sys : C:\WINDOWS\system32\drivers\msdv.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbser.sys : C:\WINDOWS\system32\drivers\usbser.sys [-] --> NALEZENO
[Faked.Drv][FILE] USBAUDIO.sys : C:\WINDOWS\system32\drivers\USBAUDIO.sys [-] --> NALEZENO
[Faked.Drv][FILE] ATKACPI.sys : C:\WINDOWS\system32\drivers\ATKACPI.sys [-] --> NALEZENO
[Faked.Drv][FILE] tap0901.sys : C:\WINDOWS\system32\drivers\tap0901.sys [-] --> NALEZENO
[Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys [-] --> NALEZENO
[Faked.Drv][FILE] WudfPf.sys : C:\WINDOWS\system32\drivers\WudfPf.sys [-] --> NALEZENO
[Faked.Drv][FILE] BdaSup.sys : C:\WINDOWS\system32\drivers\BdaSup.sys [-] --> NALEZENO
[Faked.Drv][FILE] MPE.sys : C:\WINDOWS\system32\drivers\MPE.sys [-] --> NALEZENO
[Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys [-] --> NALEZENO
[Faked.Drv][FILE] u3kmini.sys : C:\WINDOWS\system32\drivers\u3kmini.sys [-] --> NALEZENO
[Faked.Drv][FILE] WudfRd.sys : C:\WINDOWS\system32\drivers\WudfRd.sys [-] --> NALEZENO
[Faked.Drv][FILE] wpdusb.sys : C:\WINDOWS\system32\drivers\wpdusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] LVUSBSta.sys : C:\WINDOWS\system32\drivers\LVUSBSta.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbser_lowerfltj.sys : C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys [-] --> NALEZENO
[Faked.Drv][FILE] itsdisk.sys : C:\WINDOWS\system32\drivers\itsdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] PCASp50a64.sys : C:\WINDOWS\system32\drivers\PCASp50a64.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbser_lowerflt.sys : C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [-] --> NALEZENO
[Faked.Drv][FILE] mbam.sys : C:\WINDOWS\system32\drivers\mbam.sys [-] --> NALEZENO
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9100828AS +++++
--- User ---
[MBR] 363269ed2f3112c8dc953d56edeb5431
[BSP] 4c2227f9b84ef0f8b746c7366406bf80 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 63 | Size: 4000 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8193150 | Size: 54839 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 120503565 | Size: 36554 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_03122013_02d1045.txt >>
RKreport[1]_S_03122013_02d1045.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Kamil [Práva správce]
Mód : Kontrola -- Datum : 03/12/2013 10:45:43
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[Faked.Drv][FILE] s24trans.sys : C:\WINDOWS\system32\drivers\s24trans.sys [-] --> NALEZENO
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> NALEZENO
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspti.sys : C:\WINDOWS\system32\drivers\raspti.sys [-] --> NALEZENO
[Faked.Drv][FILE] intelppm.sys : C:\WINDOWS\system32\drivers\intelppm.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdaudio.sys : C:\WINDOWS\system32\drivers\cdaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] fs_rec.sys : C:\WINDOWS\system32\drivers\fs_rec.sys [-] --> NALEZENO
[Faked.Drv][FILE] null.sys : C:\WINDOWS\system32\drivers\null.sys [-] --> NALEZENO
[Faked.Drv][FILE] beep.sys : C:\WINDOWS\system32\drivers\beep.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpcdd.sys : C:\WINDOWS\system32\drivers\rdpcdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasacd.sys : C:\WINDOWS\system32\drivers\rasacd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nmwcdnsu.sys : C:\WINDOWS\system32\drivers\nmwcdnsu.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxgthk.sys : C:\WINDOWS\system32\drivers\dxgthk.sys [-] --> NALEZENO
[Faked.Drv][FILE] parvdm.sys : C:\WINDOWS\system32\drivers\parvdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmepvc.sys : C:\WINDOWS\system32\drivers\atmepvc.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmuni.sys : C:\WINDOWS\system32\drivers\atmuni.sys [-] --> NALEZENO
[Faked.Drv][FILE] cbidf2k.sys : C:\WINDOWS\system32\drivers\cbidf2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] cinemst2.sys : C:\WINDOWS\system32\drivers\cinemst2.sys [-] --> NALEZENO
[Faked.Drv][FILE] cpqdap01.sys : C:\WINDOWS\system32\drivers\cpqdap01.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxapi.sys : C:\WINDOWS\system32\drivers\dxapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipfltdrv.sys : C:\WINDOWS\system32\drivers\ipfltdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] mcd.sys : C:\WINDOWS\system32\drivers\mcd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nikedrv.sys : C:\WINDOWS\system32\drivers\nikedrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkflt.sys : C:\WINDOWS\system32\drivers\nwlnkflt.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkfwd.sys : C:\WINDOWS\system32\drivers\nwlnkfwd.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnknb.sys : C:\WINDOWS\system32\drivers\nwlnknb.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkspx.sys : C:\WINDOWS\system32\drivers\nwlnkspx.sys [-] --> NALEZENO
[Faked.Drv][FILE] rawwan.sys : C:\WINDOWS\system32\drivers\rawwan.sys [-] --> NALEZENO
[Faked.Drv][FILE] rio8drv.sys : C:\WINDOWS\system32\drivers\rio8drv.sys [-] --> NALEZENO
[Faked.Drv][FILE] riodrv.sys : C:\WINDOWS\system32\drivers\riodrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfdpsp2.sys : C:\WINDOWS\system32\drivers\hsfdpsp2.sys [-] --> NALEZENO
[Faked.Drv][FILE] 1394bus.sys : C:\WINDOWS\system32\drivers\1394bus.sys [-] --> NALEZENO
[Faked.Drv][FILE] acpi.sys : C:\WINDOWS\system32\drivers\acpi.sys [-] --> NALEZENO
[Faked.Drv][FILE] rootmdm.sys : C:\WINDOWS\system32\drivers\rootmdm.sys [-] --> NALEZENO
[Faked.Drv][FILE] smclib.sys : C:\WINDOWS\system32\drivers\smclib.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosdvd.sys : C:\WINDOWS\system32\drivers\tosdvd.sys [-] --> NALEZENO
[Faked.Drv][FILE] tsbvcap.sys : C:\WINDOWS\system32\drivers\tsbvcap.sys [-] --> NALEZENO
[Faked.Drv][FILE] aec.sys : C:\WINDOWS\system32\drivers\aec.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidbth.sys : C:\WINDOWS\system32\drivers\hidbth.sys [-] --> NALEZENO
[Faked.Drv][FILE] vdmindvd.sys : C:\WINDOWS\system32\drivers\vdmindvd.sys [-] --> NALEZENO
[Faked.Drv][FILE] ws2ifsl.sys : C:\WINDOWS\system32\drivers\ws2ifsl.sys [-] --> NALEZENO
[Faked.Drv][FILE] mnmdd.sys : C:\WINDOWS\system32\drivers\mnmdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] fsvga.sys : C:\WINDOWS\system32\drivers\fsvga.sys [-] --> NALEZENO
[Faked.Drv][FILE] tostrans.sys : C:\WINDOWS\system32\drivers\tostrans.sys [-] --> NALEZENO
[Faked.Drv][FILE] acpiec.sys : C:\WINDOWS\system32\drivers\acpiec.sys [-] --> NALEZENO
[Faked.Drv][FILE] oprghdlr.sys : C:\WINDOWS\system32\drivers\oprghdlr.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfusb.sys : C:\WINDOWS\system32\drivers\tosrfusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbd.sys : C:\WINDOWS\system32\drivers\usbd.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfsnd.sys : C:\WINDOWS\system32\drivers\tosrfsnd.sys [-] --> NALEZENO
[Faked.Drv][FILE] pccsmcfd.sys : C:\WINDOWS\system32\drivers\pccsmcfd.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdagp.sys : C:\WINDOWS\system32\drivers\amdagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdk6.sys : C:\WINDOWS\system32\drivers\amdk6.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfpcc.sys : C:\WINDOWS\system32\drivers\tosrfpcc.sys [-] --> NALEZENO
[Faked.Drv][FILE] Hdaudbus.sys : C:\WINDOWS\system32\drivers\Hdaudbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] fltMgr.sys : C:\WINDOWS\system32\drivers\fltMgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] arp1394.sys : C:\WINDOWS\system32\drivers\arp1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] asyncmac.sys : C:\WINDOWS\system32\drivers\asyncmac.sys [-] --> NALEZENO
[Faked.Drv][FILE] atapi.sys : C:\WINDOWS\system32\drivers\atapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmarpc.sys : C:\WINDOWS\system32\drivers\atmarpc.sys [-] --> NALEZENO
[Faked.Drv][FILE] atmlane.sys : C:\WINDOWS\system32\drivers\atmlane.sys [-] --> NALEZENO
[Faked.Drv][FILE] battc.sys : C:\WINDOWS\system32\drivers\battc.sys [-] --> NALEZENO
[Faked.Drv][FILE] bridge.sys : C:\WINDOWS\system32\drivers\bridge.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdecode.sys : C:\WINDOWS\system32\drivers\ccdecode.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdfs.sys : C:\WINDOWS\system32\drivers\cdfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] NETw3x32.sys : C:\WINDOWS\system32\drivers\NETw3x32.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdrom.sys : C:\WINDOWS\system32\drivers\cdrom.sys [-] --> NALEZENO
[Faked.Drv][FILE] CmBatt.sys : C:\WINDOWS\system32\drivers\CmBatt.sys [-] --> NALEZENO
[Faked.Drv][FILE] classpnp.sys : C:\WINDOWS\system32\drivers\classpnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] compbatt.sys : C:\WINDOWS\system32\drivers\compbatt.sys [-] --> NALEZENO
[Faked.Drv][FILE] crusoe.sys : C:\WINDOWS\system32\drivers\crusoe.sys [-] --> NALEZENO
[Faked.Drv][FILE] disk.sys : C:\WINDOWS\system32\drivers\disk.sys [-] --> NALEZENO
[Faked.Drv][FILE] diskdump.sys : C:\WINDOWS\system32\drivers\diskdump.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmboot.sys : C:\WINDOWS\system32\drivers\dmboot.sys [-] --> NALEZENO
[Faked.Drv][FILE] DMusic.sys : C:\WINDOWS\system32\drivers\DMusic.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmio.sys : C:\WINDOWS\system32\drivers\dmio.sys [-] --> NALEZENO
[Faked.Drv][FILE] drmk.sys : C:\WINDOWS\system32\drivers\drmk.sys [-] --> NALEZENO
[Faked.Drv][FILE] drmkaud.sys : C:\WINDOWS\system32\drivers\drmkaud.sys [-] --> NALEZENO
[Faked.Drv][FILE] dxg.sys : C:\WINDOWS\system32\drivers\dxg.sys [-] --> NALEZENO
[Faked.Drv][FILE] fastfat.sys : C:\WINDOWS\system32\drivers\fastfat.sys [-] --> NALEZENO
[Faked.Drv][FILE] fdc.sys : C:\WINDOWS\system32\drivers\fdc.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfnds.sys : C:\WINDOWS\system32\drivers\tosrfnds.sys [-] --> NALEZENO
[Faked.Drv][FILE] fips.sys : C:\WINDOWS\system32\drivers\fips.sys [-] --> NALEZENO
[Faked.Drv][FILE] flpydisk.sys : C:\WINDOWS\system32\drivers\flpydisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidclass.sys : C:\WINDOWS\system32\drivers\hidclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidparse.sys : C:\WINDOWS\system32\drivers\hidparse.sys [-] --> NALEZENO
[Faked.Drv][FILE] i8042prt.sys : C:\WINDOWS\system32\drivers\i8042prt.sys [-] --> NALEZENO
[Faked.Drv][FILE] imapi.sys : C:\WINDOWS\system32\drivers\imapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] AegisP.sys : C:\WINDOWS\system32\drivers\AegisP.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipinip.sys : C:\WINDOWS\system32\drivers\ipinip.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipnat.sys : C:\WINDOWS\system32\drivers\ipnat.sys [-] --> NALEZENO
[Faked.Drv][FILE] ipsec.sys : C:\WINDOWS\system32\drivers\ipsec.sys [-] --> NALEZENO
[Faked.Drv][FILE] irenum.sys : C:\WINDOWS\system32\drivers\irenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] isapnp.sys : C:\WINDOWS\system32\drivers\isapnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] kbdclass.sys : C:\WINDOWS\system32\drivers\kbdclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] kmixer.sys : C:\WINDOWS\system32\drivers\kmixer.sys [-] --> NALEZENO
[Faked.Drv][FILE] mup.sys : C:\WINDOWS\system32\drivers\mup.sys [-] --> NALEZENO
[Faked.Drv][FILE] epfwndis.sys : C:\WINDOWS\system32\drivers\epfwndis.sys [-] --> NALEZENO
[Faked.Drv][FILE] mf.sys : C:\WINDOWS\system32\drivers\mf.sys [-] --> NALEZENO
[Faked.Drv][FILE] modem.sys : C:\WINDOWS\system32\drivers\modem.sys [-] --> NALEZENO
[Faked.Drv][FILE] mouclass.sys : C:\WINDOWS\system32\drivers\mouclass.sys [-] --> NALEZENO
[Faked.Drv][FILE] mountmgr.sys : C:\WINDOWS\system32\drivers\mountmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] mrxdav.sys : C:\WINDOWS\system32\drivers\mrxdav.sys [-] --> NALEZENO
[Faked.Drv][FILE] afd.sys : C:\WINDOWS\system32\drivers\afd.sys [-] --> NALEZENO
[Faked.Drv][FILE] wstcodec.sys : C:\WINDOWS\system32\drivers\wstcodec.sys [-] --> NALEZENO
[Faked.Drv][FILE] mqac.sys : C:\WINDOWS\system32\drivers\mqac.sys [-] --> NALEZENO
[Faked.Drv][FILE] irbus.sys : C:\WINDOWS\system32\drivers\irbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] msfs.sys : C:\WINDOWS\system32\drivers\msfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] msgpc.sys : C:\WINDOWS\system32\drivers\msgpc.sys [-] --> NALEZENO
[Faked.Drv][FILE] mskssrv.sys : C:\WINDOWS\system32\drivers\mskssrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] mspclock.sys : C:\WINDOWS\system32\drivers\mspclock.sys [-] --> NALEZENO
[Faked.Drv][FILE] mspqm.sys : C:\WINDOWS\system32\drivers\mspqm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mstee.sys : C:\WINDOWS\system32\drivers\mstee.sys [-] --> NALEZENO
[Faked.Drv][FILE] nabtsfec.sys : C:\WINDOWS\system32\drivers\nabtsfec.sys [-] --> NALEZENO
[Faked.Drv][FILE] NdisIP.sys : C:\WINDOWS\system32\drivers\NdisIP.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndis.sys : C:\WINDOWS\system32\drivers\ndis.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndisuio.sys : C:\WINDOWS\system32\drivers\ndisuio.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndiswan.sys : C:\WINDOWS\system32\drivers\ndiswan.sys [-] --> NALEZENO
[Faked.Drv][FILE] vuhub.sys : C:\WINDOWS\system32\drivers\vuhub.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrflan.sys : C:\WINDOWS\system32\drivers\tosrflan.sys [-] --> NALEZENO
[Faked.Drv][FILE] netbios.sys : C:\WINDOWS\system32\drivers\netbios.sys [-] --> NALEZENO
[Faked.Drv][FILE] netbt.sys : C:\WINDOWS\system32\drivers\netbt.sys [-] --> NALEZENO
[Faked.Drv][FILE] nic1394.sys : C:\WINDOWS\system32\drivers\nic1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] nmnt.sys : C:\WINDOWS\system32\drivers\nmnt.sys [-] --> NALEZENO
[Faked.Drv][FILE] npfs.sys : C:\WINDOWS\system32\drivers\npfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwlnkipx.sys : C:\WINDOWS\system32\drivers\nwlnkipx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ohci1394.sys : C:\WINDOWS\system32\drivers\ohci1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] p3.sys : C:\WINDOWS\system32\drivers\p3.sys [-] --> NALEZENO
[Faked.Drv][FILE] partmgr.sys : C:\WINDOWS\system32\drivers\partmgr.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfhid.sys : C:\WINDOWS\system32\drivers\tosrfhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfec.sys : C:\WINDOWS\system32\drivers\tosrfec.sys [-] --> NALEZENO
[Faked.Drv][FILE] pci.sys : C:\WINDOWS\system32\drivers\pci.sys [-] --> NALEZENO
[Faked.Drv][FILE] pciidex.sys : C:\WINDOWS\system32\drivers\pciidex.sys [-] --> NALEZENO
[Faked.Drv][FILE] toshidpt.sys : C:\WINDOWS\system32\drivers\toshidpt.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfcom.sys : C:\WINDOWS\system32\drivers\tosrfcom.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosrfbnp.sys : C:\WINDOWS\system32\drivers\tosrfbnp.sys [-] --> NALEZENO
[Faked.Drv][FILE] portcls.sys : C:\WINDOWS\system32\drivers\portcls.sys [-] --> NALEZENO
[Faked.Drv][FILE] MMIOPORT.SYS : C:\WINDOWS\system32\drivers\MMIOPORT.SYS [-] --> NALEZENO
[Faked.Drv][FILE] tosrfbd.sys : C:\WINDOWS\system32\drivers\tosrfbd.sys [-] --> NALEZENO
[Faked.Drv][FILE] processr.sys : C:\WINDOWS\system32\drivers\processr.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosporte.sys : C:\WINDOWS\system32\drivers\tosporte.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndistapi.sys : C:\WINDOWS\system32\drivers\ndistapi.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosdbt.sys : C:\WINDOWS\system32\drivers\tosdbt.sys [-] --> NALEZENO
[Faked.Drv][FILE] tosbtsd2.sys : C:\WINDOWS\system32\drivers\tosbtsd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] mouhid.sys : C:\WINDOWS\system32\drivers\mouhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] psched.sys : C:\WINDOWS\system32\drivers\psched.sys [-] --> NALEZENO
[Faked.Drv][FILE] rasl2tp.sys : C:\WINDOWS\system32\drivers\rasl2tp.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspppoe.sys : C:\WINDOWS\system32\drivers\raspppoe.sys [-] --> NALEZENO
[Faked.Drv][FILE] raspptp.sys : C:\WINDOWS\system32\drivers\raspptp.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdbss.sys : C:\WINDOWS\system32\drivers\rdbss.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpdr.sys : C:\WINDOWS\system32\drivers\rdpdr.sys [-] --> NALEZENO
[Faked.Drv][FILE] mrxsmb.sys : C:\WINDOWS\system32\drivers\mrxsmb.sys [-] --> NALEZENO
[Faked.Drv][FILE] redbook.sys : C:\WINDOWS\system32\drivers\redbook.sys [-] --> NALEZENO
[Faked.Drv][FILE] enum1394.sys : C:\WINDOWS\system32\drivers\enum1394.sys [-] --> NALEZENO
[Faked.Drv][FILE] rndismp.sys : C:\WINDOWS\system32\drivers\rndismp.sys [-] --> NALEZENO
[Faked.Drv][FILE] audstub.sys : C:\WINDOWS\system32\drivers\audstub.sys [-] --> NALEZENO
[Faked.Drv][FILE] RMCast.sys : C:\WINDOWS\system32\drivers\RMCast.sys [-] --> NALEZENO
[Faked.Drv][FILE] s3gnbm.sys : C:\WINDOWS\system32\drivers\s3gnbm.sys [-] --> NALEZENO
[Faked.Drv][FILE] scsiport.sys : C:\WINDOWS\system32\drivers\scsiport.sys [-] --> NALEZENO
[Faked.Drv][FILE] mhndrv.sys : C:\WINDOWS\system32\drivers\mhndrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] secdrv.sys : C:\WINDOWS\system32\drivers\secdrv.sys [-] --> NALEZENO
[Faked.Drv][FILE] serenum.sys : C:\WINDOWS\system32\drivers\serenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] sdbus.sys : C:\WINDOWS\system32\drivers\sdbus.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffp_mmc.sys : C:\WINDOWS\system32\drivers\sffp_mmc.sys [-] --> NALEZENO
[Faked.Drv][FILE] serial.sys : C:\WINDOWS\system32\drivers\serial.sys [-] --> NALEZENO
[Faked.Drv][FILE] sfloppy.sys : C:\WINDOWS\system32\drivers\sfloppy.sys [-] --> NALEZENO
[Faked.Drv][FILE] pxhelp20.sys : C:\WINDOWS\system32\drivers\pxhelp20.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdcmb.sys : C:\WINDOWS\system32\drivers\ccdcmb.sys [-] --> NALEZENO
[Faked.Drv][FILE] slip.sys : C:\WINDOWS\system32\drivers\slip.sys [-] --> NALEZENO
[Faked.Drv][FILE] sonydcam.sys : C:\WINDOWS\system32\drivers\sonydcam.sys [-] --> NALEZENO
[Faked.Drv][FILE] Hdaudio.sys : C:\WINDOWS\system32\drivers\Hdaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] splitter.sys : C:\WINDOWS\system32\drivers\splitter.sys [-] --> NALEZENO
[Faked.Drv][FILE] sr.sys : C:\WINDOWS\system32\drivers\sr.sys [-] --> NALEZENO
[Faked.Drv][FILE] ks.sys : C:\WINDOWS\system32\drivers\ks.sys [-] --> NALEZENO
[Faked.Drv][FILE] StreamIP.sys : C:\WINDOWS\system32\drivers\StreamIP.sys [-] --> NALEZENO
[Faked.Drv][FILE] stream.sys : C:\WINDOWS\system32\drivers\stream.sys [-] --> NALEZENO
[Faked.Drv][FILE] nv4_mini.sys : C:\WINDOWS\system32\drivers\nv4_mini.sys [-] --> NALEZENO
[Faked.Drv][FILE] swenum.sys : C:\WINDOWS\system32\drivers\swenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] swmidi.sys : C:\WINDOWS\system32\drivers\swmidi.sys [-] --> NALEZENO
[Faked.Drv][FILE] pciide.sys : C:\WINDOWS\system32\drivers\pciide.sys [-] --> NALEZENO
[Faked.Drv][FILE] sysaudio.sys : C:\WINDOWS\system32\drivers\sysaudio.sys [-] --> NALEZENO
[Faked.Drv][FILE] tape.sys : C:\WINDOWS\system32\drivers\tape.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthport.sys : C:\WINDOWS\system32\drivers\bthport.sys [-] --> NALEZENO
[Faked.Drv][FILE] tcpip.sys : C:\WINDOWS\system32\drivers\tcpip.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdi.sys : C:\WINDOWS\system32\drivers\tdi.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdpipe.sys : C:\WINDOWS\system32\drivers\tdpipe.sys [-] --> NALEZENO
[Faked.Drv][FILE] tdtcp.sys : C:\WINDOWS\system32\drivers\tdtcp.sys [-] --> NALEZENO
[Faked.Drv][FILE] smbali.sys : C:\WINDOWS\system32\drivers\smbali.sys [-] --> NALEZENO
[Faked.Drv][FILE] termdd.sys : C:\WINDOWS\system32\drivers\termdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] udfs.sys : C:\WINDOWS\system32\drivers\udfs.sys [-] --> NALEZENO
[Faked.Drv][FILE] uagp35.sys : C:\WINDOWS\system32\drivers\uagp35.sys [-] --> NALEZENO
[Faked.Drv][FILE] usb8023.sys : C:\WINDOWS\system32\drivers\usb8023.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbcamd.sys : C:\WINDOWS\system32\drivers\usbcamd.sys [-] --> NALEZENO
[Faked.Drv][FILE] usb8023x.sys : C:\WINDOWS\system32\drivers\usb8023x.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbcamd2.sys : C:\WINDOWS\system32\drivers\usbcamd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] RtkHDAud.Sys : C:\WINDOWS\system32\drivers\RtkHDAud.Sys [-] --> NALEZENO
[Faked.Drv][FILE] wdfldr.sys : C:\WINDOWS\system32\drivers\wdfldr.sys [-] --> NALEZENO
[Faked.Drv][FILE] MODEMCSA.sys : C:\WINDOWS\system32\drivers\MODEMCSA.sys [-] --> NALEZENO
[Faked.Drv][FILE] Rtenicxp.sys : C:\WINDOWS\system32\drivers\Rtenicxp.sys [-] --> NALEZENO
[Faked.Drv][FILE] rimsptsk.sys : C:\WINDOWS\system32\drivers\rimsptsk.sys [-] --> NALEZENO
[Faked.Drv][FILE] rimmptsk.sys : C:\WINDOWS\system32\drivers\rimmptsk.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbhub.sys : C:\WINDOWS\system32\drivers\usbhub.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbintel.sys : C:\WINDOWS\system32\drivers\usbintel.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbport.sys : C:\WINDOWS\system32\drivers\usbport.sys [-] --> NALEZENO
[Faked.Drv][FILE] epfw.sys : C:\WINDOWS\system32\drivers\epfw.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynTP.sys : C:\WINDOWS\system32\drivers\SynTP.sys [-] --> NALEZENO
[Faked.Drv][FILE] epfwtdi.sys : C:\WINDOWS\system32\drivers\epfwtdi.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbstor.sys : C:\WINDOWS\system32\drivers\usbstor.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbuhci.sys : C:\WINDOWS\system32\drivers\usbuhci.sys [-] --> NALEZENO
[Faked.Drv][FILE] vga.sys : C:\WINDOWS\system32\drivers\vga.sys [-] --> NALEZENO
[Faked.Drv][FILE] videoprt.sys : C:\WINDOWS\system32\drivers\videoprt.sys [-] --> NALEZENO
[Faked.Drv][FILE] volsnap.sys : C:\WINDOWS\system32\drivers\volsnap.sys [-] --> NALEZENO
[Faked.Drv][FILE] eamon.sys : C:\WINDOWS\system32\drivers\eamon.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdralw2k.sys : C:\WINDOWS\system32\drivers\cdralw2k.sys [-] --> NALEZENO
[Faked.Drv][FILE] cdr4_xp.sys : C:\WINDOWS\system32\drivers\cdr4_xp.sys [-] --> NALEZENO
[Faked.Drv][FILE] tcpip6.sys : C:\WINDOWS\system32\drivers\tcpip6.sys [-] --> NALEZENO
[Faked.Drv][FILE] wanarp.sys : C:\WINDOWS\system32\drivers\wanarp.sys [-] --> NALEZENO
[Faked.Drv][FILE] snpstd2.sys : C:\WINDOWS\system32\drivers\snpstd2.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynMini.sys : C:\WINDOWS\system32\drivers\SynMini.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynCamd.sys : C:\WINDOWS\system32\drivers\SynCamd.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynPin.sys : C:\WINDOWS\system32\drivers\SynPin.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynSam.sys : C:\WINDOWS\system32\drivers\SynSam.sys [-] --> NALEZENO
[Faked.Drv][FILE] SynScan.sys : C:\WINDOWS\system32\drivers\SynScan.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdmaud.sys : C:\WINDOWS\system32\drivers\wdmaud.sys [-] --> NALEZENO
[Faked.Drv][FILE] ksecdd.sys : C:\WINDOWS\system32\drivers\ksecdd.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbccgp.sys : C:\WINDOWS\system32\drivers\usbccgp.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidusb.sys : C:\WINDOWS\system32\drivers\hidusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] kbdhid.sys : C:\WINDOWS\system32\drivers\kbdhid.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv06nt.sys : C:\WINDOWS\system32\drivers\watv06nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv11nt.sys : C:\WINDOWS\system32\drivers\wadv11nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv09nt.sys : C:\WINDOWS\system32\drivers\wadv09nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv08nt.sys : C:\WINDOWS\system32\drivers\wadv08nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wadv07nt.sys : C:\WINDOWS\system32\drivers\wadv07nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] wacompen.sys : C:\WINDOWS\system32\drivers\wacompen.sys [-] --> NALEZENO
[Faked.Drv][FILE] wdf01000.sys : C:\WINDOWS\system32\drivers\wdf01000.sys [-] --> NALEZENO
[Faked.Drv][FILE] viaagp.sys : C:\WINDOWS\system32\drivers\viaagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbvideo.sys : C:\WINDOWS\system32\drivers\usbvideo.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbehci.sys : C:\WINDOWS\system32\drivers\usbehci.sys [-] --> NALEZENO
[Faked.Drv][FILE] update.sys : C:\WINDOWS\system32\drivers\update.sys [-] --> NALEZENO
[Faked.Drv][FILE] tunmp.sys : C:\WINDOWS\system32\drivers\tunmp.sys [-] --> NALEZENO
[Faked.Drv][FILE] slwdmsup.sys : C:\WINDOWS\system32\drivers\slwdmsup.sys [-] --> NALEZENO
[Faked.Drv][FILE] slnthal.sys : C:\WINDOWS\system32\drivers\slnthal.sys [-] --> NALEZENO
[Faked.Drv][FILE] slntamr.sys : C:\WINDOWS\system32\drivers\slntamr.sys [-] --> NALEZENO
[Faked.Drv][FILE] slnt7554.sys : C:\WINDOWS\system32\drivers\slnt7554.sys [-] --> NALEZENO
[Faked.Drv][FILE] sisagp.sys : C:\WINDOWS\system32\drivers\sisagp.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffp_sd.sys : C:\WINDOWS\system32\drivers\sffp_sd.sys [-] --> NALEZENO
[Faked.Drv][FILE] sffdisk.sys : C:\WINDOWS\system32\drivers\sffdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] rndismpx.sys : C:\WINDOWS\system32\drivers\rndismpx.sys [-] --> NALEZENO
[Faked.Drv][FILE] rfcomm.sys : C:\WINDOWS\system32\drivers\rfcomm.sys [-] --> NALEZENO
[Faked.Drv][FILE] recagent.sys : C:\WINDOWS\system32\drivers\recagent.sys [-] --> NALEZENO
[Faked.Drv][FILE] ntmtlfax.sys : C:\WINDOWS\system32\drivers\ntmtlfax.sys [-] --> NALEZENO
[Faked.Drv][FILE] mutohpen.sys : C:\WINDOWS\system32\drivers\mutohpen.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtxparhm.sys : C:\WINDOWS\system32\drivers\mtxparhm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtlstrm.sys : C:\WINDOWS\system32\drivers\mtlstrm.sys [-] --> NALEZENO
[Faked.Drv][FILE] mtlmnt5.sys : C:\WINDOWS\system32\drivers\mtlmnt5.sys [-] --> NALEZENO
[Faked.Drv][FILE] mssmbios.sys : C:\WINDOWS\system32\drivers\mssmbios.sys [-] --> NALEZENO
[Faked.Drv][FILE] ip6fw.sys : C:\WINDOWS\system32\drivers\ip6fw.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfcxts2.sys : C:\WINDOWS\system32\drivers\hsfcxts2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hsfbs2s2.sys : C:\WINDOWS\system32\drivers\hsfbs2s2.sys [-] --> NALEZENO
[Faked.Drv][FILE] hidir.sys : C:\WINDOWS\system32\drivers\hidir.sys [-] --> NALEZENO
[Faked.Drv][FILE] gagp30kx.sys : C:\WINDOWS\system32\drivers\gagp30kx.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthusb.sys : C:\WINDOWS\system32\drivers\bthusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthprint.sys : C:\WINDOWS\system32\drivers\bthprint.sys [-] --> NALEZENO
[Faked.Drv][FILE] 61883.sys : C:\WINDOWS\system32\drivers\61883.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthpan.sys : C:\WINDOWS\system32\drivers\bthpan.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthmodem.sys : C:\WINDOWS\system32\drivers\bthmodem.sys [-] --> NALEZENO
[Faked.Drv][FILE] bthenum.sys : C:\WINDOWS\system32\drivers\bthenum.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinxsxx.sys : C:\WINDOWS\system32\drivers\atinxsxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinxbxx.sys : C:\WINDOWS\system32\drivers\atinxbxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atintuxx.sys : C:\WINDOWS\system32\drivers\atintuxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinttxx.sys : C:\WINDOWS\system32\drivers\atinttxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinsnxx.sys : C:\WINDOWS\system32\drivers\atinsnxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinrvxx.sys : C:\WINDOWS\system32\drivers\atinrvxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinraxx.sys : C:\WINDOWS\system32\drivers\atinraxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinpdxx.sys : C:\WINDOWS\system32\drivers\atinpdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinmdxx.sys : C:\WINDOWS\system32\drivers\atinmdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] atinbtxx.sys : C:\WINDOWS\system32\drivers\atinbtxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati2mtag.sys : C:\WINDOWS\system32\drivers\ati2mtag.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati2mtaa.sys : C:\WINDOWS\system32\drivers\ati2mtaa.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1xsxx.sys : C:\WINDOWS\system32\drivers\ati1xsxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1xbxx.sys : C:\WINDOWS\system32\drivers\ati1xbxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1tuxx.sys : C:\WINDOWS\system32\drivers\ati1tuxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1ttxx.sys : C:\WINDOWS\system32\drivers\ati1ttxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1snxx.sys : C:\WINDOWS\system32\drivers\ati1snxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1rvxx.sys : C:\WINDOWS\system32\drivers\ati1rvxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1raxx.sys : C:\WINDOWS\system32\drivers\ati1raxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1pdxx.sys : C:\WINDOWS\system32\drivers\ati1pdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1mdxx.sys : C:\WINDOWS\system32\drivers\ati1mdxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] ati1btxx.sys : C:\WINDOWS\system32\drivers\ati1btxx.sys [-] --> NALEZENO
[Faked.Drv][FILE] amdk7.sys : C:\WINDOWS\system32\drivers\amdk7.sys [-] --> NALEZENO
[Faked.Drv][FILE] alim1541.sys : C:\WINDOWS\system32\drivers\alim1541.sys [-] --> NALEZENO
[Faked.Drv][FILE] agpcpq.sys : C:\WINDOWS\system32\drivers\agpcpq.sys [-] --> NALEZENO
[Faked.Drv][FILE] agp440.sys : C:\WINDOWS\system32\drivers\agp440.sys [-] --> NALEZENO
[Faked.Drv][FILE] nwrdr.sys : C:\WINDOWS\system32\drivers\nwrdr.sys [-] --> NALEZENO
[Faked.Drv][FILE] avc.sys : C:\WINDOWS\system32\drivers\avc.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbprint.sys : C:\WINDOWS\system32\drivers\usbprint.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbscan.sys : C:\WINDOWS\system32\drivers\usbscan.sys [-] --> NALEZENO
[Faked.Drv][FILE] ccdcmbo.sys : C:\WINDOWS\system32\drivers\ccdcmbo.sys [-] --> NALEZENO
[Faked.Drv][FILE] srv.sys : C:\WINDOWS\system32\drivers\srv.sys [-] --> NALEZENO
[Faked.Drv][FILE] msdv.sys : C:\WINDOWS\system32\drivers\msdv.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbser.sys : C:\WINDOWS\system32\drivers\usbser.sys [-] --> NALEZENO
[Faked.Drv][FILE] USBAUDIO.sys : C:\WINDOWS\system32\drivers\USBAUDIO.sys [-] --> NALEZENO
[Faked.Drv][FILE] ATKACPI.sys : C:\WINDOWS\system32\drivers\ATKACPI.sys [-] --> NALEZENO
[Faked.Drv][FILE] tap0901.sys : C:\WINDOWS\system32\drivers\tap0901.sys [-] --> NALEZENO
[Faked.Drv][FILE] hxxp.sys : C:\WINDOWS\system32\drivers\hxxp.sys [-] --> NALEZENO
[Faked.Drv][FILE] WudfPf.sys : C:\WINDOWS\system32\drivers\WudfPf.sys [-] --> NALEZENO
[Faked.Drv][FILE] BdaSup.sys : C:\WINDOWS\system32\drivers\BdaSup.sys [-] --> NALEZENO
[Faked.Drv][FILE] MPE.sys : C:\WINDOWS\system32\drivers\MPE.sys [-] --> NALEZENO
[Faked.Drv][FILE] TrueSight.sys : C:\WINDOWS\system32\drivers\TrueSight.sys [-] --> NALEZENO
[Faked.Drv][FILE] ndproxy.sys : C:\WINDOWS\system32\drivers\ndproxy.sys [-] --> NALEZENO
[Faked.Drv][FILE] u3kmini.sys : C:\WINDOWS\system32\drivers\u3kmini.sys [-] --> NALEZENO
[Faked.Drv][FILE] WudfRd.sys : C:\WINDOWS\system32\drivers\WudfRd.sys [-] --> NALEZENO
[Faked.Drv][FILE] wpdusb.sys : C:\WINDOWS\system32\drivers\wpdusb.sys [-] --> NALEZENO
[Faked.Drv][FILE] LVUSBSta.sys : C:\WINDOWS\system32\drivers\LVUSBSta.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbser_lowerfltj.sys : C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [-] --> NALEZENO
[Faked.Drv][FILE] rdpwd.sys : C:\WINDOWS\system32\drivers\rdpwd.sys [-] --> NALEZENO
[Faked.Drv][FILE] itsdisk.sys : C:\WINDOWS\system32\drivers\itsdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] PCASp50a64.sys : C:\WINDOWS\system32\drivers\PCASp50a64.sys [-] --> NALEZENO
[Faked.Drv][FILE] usbser_lowerflt.sys : C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [-] --> NALEZENO
[Faked.Drv][FILE] mbam.sys : C:\WINDOWS\system32\drivers\mbam.sys [-] --> NALEZENO
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9100828AS +++++
--- User ---
[MBR] 363269ed2f3112c8dc953d56edeb5431
[BSP] 4c2227f9b84ef0f8b746c7366406bf80 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 63 | Size: 4000 Mo
1 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8193150 | Size: 54839 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 120503565 | Size: 36554 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_03122013_02d1045.txt >>
RKreport[1]_S_03122013_02d1045.txt
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zamrznutí pc při připojení exter. disku
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
něco z tohoto:
[Faked.Drv][FILE] s24trans.sys : C:\WINDOWS\system32\drivers\s24trans.sys [-] --> NALEZENO
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> NALEZENO
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> NALEZENO
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Toto otestuj na Virustotal
něco z tohoto:
[Faked.Drv][FILE] s24trans.sys : C:\WINDOWS\system32\drivers\s24trans.sys [-] --> NALEZENO
[Faked.Drv][FILE] wmilib.sys : C:\WINDOWS\system32\drivers\wmilib.sys [-] --> NALEZENO
[Faked.Drv][FILE] dmload.sys : C:\WINDOWS\system32\drivers\dmload.sys [-] --> NALEZENO
[Faked.Drv][FILE] ftdisk.sys : C:\WINDOWS\system32\drivers\ftdisk.sys [-] --> NALEZENO
[Faked.Drv][FILE] mdmxsdk.sys : C:\WINDOWS\system32\drivers\mdmxsdk.sys [-] --> NALEZENO
[Faked.Drv][FILE] watv10nt.sys : C:\WINDOWS\system32\drivers\watv10nt.sys [-] --> NALEZENO
[Faked.Drv][FILE] ptilink.sys : C:\WINDOWS\system32\drivers\ptilink.sys [-] --> NALEZENO
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zamrznutí pc při připojení exter. disku
Až na ptilink.sys se to zdá výt vše v pořádku
s24trans.sys
https://www.virustotal.com/cs/file/8c49 ... 363103051/
wmilib.sys
https://www.virustotal.com/cs/file/1f8d ... 363103195/
dmload.sys
https://www.virustotal.com/cs/file/d41e ... 363103264/
ftdisk.sys
https://www.virustotal.com/cs/file/ff2c ... 363103374/
mdmxsdk.sys
https://www.virustotal.com/cs/file/4ad0 ... 363103534/
watv10nt.sys
https://www.virustotal.com/cs/file/d146 ... 363103605/
ptilink.sys
https://www.virustotal.com/cs/file/da76 ... 363103890/
s24trans.sys
https://www.virustotal.com/cs/file/8c49 ... 363103051/
wmilib.sys
https://www.virustotal.com/cs/file/1f8d ... 363103195/
dmload.sys
https://www.virustotal.com/cs/file/d41e ... 363103264/
ftdisk.sys
https://www.virustotal.com/cs/file/ff2c ... 363103374/
mdmxsdk.sys
https://www.virustotal.com/cs/file/4ad0 ... 363103534/
watv10nt.sys
https://www.virustotal.com/cs/file/d146 ... 363103605/
ptilink.sys
https://www.virustotal.com/cs/file/da76 ... 363103890/
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Zamrznutí pc při připojení exter. disku
C:\cc_20130308_193843.reg---zkus smazat sám.
Vlož nový log z HJT+ info o problémexh.
Vlož nový log z HJT+ info o problémexh.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Zamrznutí pc při připojení exter. disku
C:\cc_20130308_193843.reg -- smazán
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:13:12, on 12.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Asus\EZVCR\EZSERVICE.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASUS\Printer Utilities\UsbService.exe
C:\Program Files\ASUS\EZVCR\Agent.exe
C:\Program Files\ASUS\EZVCR\ASUS_IRAppl.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe
C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Kamil\My Documents\Downloads\hijackthis.exe
C:\WINDOWS\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bohusice.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O15 - Trusted Zone: *.mfcr.cz
O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://proxynet.mbudejovice.cz:3333/VatDec.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7887705944
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1156323750
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {7E88D4EE-0969-48ED-9F1C-B647586C0419} (Media Control) - http://192.168.100.105/Media.CAB
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisdpr.mfcr.cz/adistc/adis/idp ... tsignx.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: CamProExpress64 - AirLive - C:\Program Files\AirLive\CamPro Express 64\CamProExpress64.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: EZSERVICE - Unknown owner - C:\Program Files\Asus\EZVCR\EZSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ASUS Virtual MFP Service (UsbService) - Unknown owner - C:\Program Files\ASUS\Printer Utilities\UsbService.exe
--
End of file - 12621 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:13:12, on 12.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Asus\EZVCR\EZSERVICE.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASUS\Printer Utilities\UsbService.exe
C:\Program Files\ASUS\EZVCR\Agent.exe
C:\Program Files\ASUS\EZVCR\ASUS_IRAppl.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe
C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Kamil\My Documents\Downloads\hijackthis.exe
C:\WINDOWS\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bohusice.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All by ASUS Download - C:\Program Files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownloadAll.htm
O8 - Extra context menu item: Download using ASUS Download - C:\Program Files\Asus\WL-500gP V2 Wireless Router Utilities\ASDownload.htm
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O15 - Trusted Zone: *.mfcr.cz
O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://proxynet.mbudejovice.cz:3333/VatDec.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7887705944
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1156323750
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {7E88D4EE-0969-48ED-9F1C-B647586C0419} (Media Control) - http://192.168.100.105/Media.CAB
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisdpr.mfcr.cz/adistc/adis/idp ... tsignx.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\APSHook.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: CamProExpress64 - AirLive - C:\Program Files\AirLive\CamPro Express 64\CamProExpress64.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: EZSERVICE - Unknown owner - C:\Program Files\Asus\EZVCR\EZSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: ASUS Virtual MFP Service (UsbService) - Unknown owner - C:\Program Files\ASUS\Printer Utilities\UsbService.exe
--
End of file - 12621 bytes
Re: Zamrznutí pc při připojení exter. disku
Připojení flash - ok
Připojení disku - počítač se výrazně zpomalí, je prakticky nepoužitelnej, prohlížeč nezobrazí žádnou stránku (jako kdyby nešel net), nejde klasický vypnutí či restart (přes strart->vypnout nebo task manager) - jediná možnost přes tlačítko
Připojení disku - počítač se výrazně zpomalí, je prakticky nepoužitelnej, prohlížeč nezobrazí žádnou stránku (jako kdyby nešel net), nejde klasický vypnutí či restart (přes strart->vypnout nebo task manager) - jediná možnost přes tlačítko
- Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Zamrznutí pc při připojení exter. disku
Stáhni si Crystal Disk Info a nainstaluj jej. Během instalace neinstaluj SpeedUpMyPC2013 - je to jen balast.
- Po dokončení instalace se Ti CDI spustí.
- V horním menu vyber "Úpravy" a zvol "Kopírovat".
- Log sem zkopíruj.
Log je potřeba pro ten disk, který připojuješ. Hodil by se i jeho výrobce a model.
- Po dokončení instalace se Ti CDI spustí.
- V horním menu vyber "Úpravy" a zvol "Kopírovat".
- Log sem zkopíruj.
Log je potřeba pro ten disk, který připojuješ. Hodil by se i jeho výrobce a model.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.

Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 122 hostů