Pri pripojeni USB mi zamrza PC

Zpráva

kirkland · #1 Příspěvek od **kirkland** » 14 lis 2011 02:36

Zdravim,

mam problem ze ked pripojim hocijake USB zariadenie k PC tak mi ho nenacita a zamrzne mi PC. Mam podozrenie na nejaky vir..Poprosim o kontrolu logu. Dakujem!

Logfile of random's system information tool 1.08 (written by random/random)
Run by tom at 2011-11-14 02:36:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 68 GB (57%) free of 119 GB
Total RAM: 2038 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:36:38, on 14.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\PLFSetL.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\tom\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\tom\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tom\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tom\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tom\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\tom\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\tom\Plocha\RSIT.exe
C:\Program Files\trend micro\tom.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\tom\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6796.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8072 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1243878355.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-500.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-06-02 102400]
"PLFSetL"=C:\WINDOWS\PLFSetL.exe [2007-07-05 94208]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2007-12-11 307200]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-13 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-13 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-13 138008]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2011-01-12 1400832]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-01-12 1210640]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 3080264]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DriverMax"=C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2011-10-19 9251240]
"DriverMax_RESTART"=C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2011-10-19 9251240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
C:\WINDOWS\system32\M-AudioTaskBarIcon.exe [2009-11-09 643592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-04-22 247728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-11-21 641400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ WinCinema Manager.lnk]
C:\PROGRA~1\Sandisk\Common\Bin\WINCIN~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^tom^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-09-12 384000]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeCaption"=
"LegalNoticeText"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\DownloadHQ\DownloadHQ.exe"="C:\Program Files\DownloadHQ\DownloadHQ.exe:*:Enabled:DownloadHQ p2p for Windows"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

======List of files/folders created in the last 1 months======

2011-11-25 04:27:00 ----A---- C:\ComboFix.txt
2011-11-25 04:07:31 ----D---- C:\ComboFix
2011-11-23 02:50:55 ----A---- C:\WINDOWS\ScanSpyware.INI
2011-11-23 02:31:18 ----D---- C:\Documents and Settings\tom\Data aplikací\ScanSpyware
2011-11-22 03:06:02 ----D---- C:\Program Files\Smart File Advisor
2011-11-22 03:06:01 ----D---- C:\Program Files\Smart Projects
2011-11-20 12:16:12 ----D---- C:\Program Files\CodeStuff
2011-11-19 11:37:31 ----D---- C:\Program Files\Common Files\Java
2011-11-19 11:37:11 ----A---- C:\WINDOWS\system32\javaws.exe
2011-11-19 11:37:11 ----A---- C:\WINDOWS\system32\javaw.exe
2011-11-19 11:37:11 ----A---- C:\WINDOWS\system32\java.exe
2011-11-14 02:08:12 ----A---- C:\WINDOWS\vncutil.exe
2011-11-14 02:08:12 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2011-11-14 02:08:10 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2011-11-14 02:08:10 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2011-11-14 02:08:10 ----A---- C:\WINDOWS\RtkAudioService.exe
2011-11-14 02:06:12 ----A---- C:\WINDOWS\system32\drivers\umss.sys
2011-11-14 01:26:54 ----D---- C:\Program Files\Innovative Solutions
2011-11-14 01:04:20 ----D---- C:\Documents and Settings\tom\Data aplikací\3v
2011-11-14 00:42:03 ----D---- C:\Documents and Settings\tom\Data aplikací\Sammsoft
2011-11-07 13:11:09 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2011-11-07 13:11:09 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2011-11-07 13:09:32 ----D---- C:\Program Files\iPod
2011-11-07 13:09:25 ----D---- C:\Program Files\iTunes
2011-11-07 13:09:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-11-07 13:08:50 ----D---- C:\Program Files\Apple Software Update
2011-11-07 13:07:56 ----D---- C:\Program Files\Bonjour
2011-11-07 13:07:09 ----D---- C:\Program Files\Common Files\Apple
2011-11-07 11:37:56 ----D---- C:\Program Files\3GP Player
2011-10-25 23:55:28 ----SHD---- C:\RECYCLER
2011-10-15 22:51:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Martau
2011-10-15 22:51:43 ----D---- C:\Program Files\Total Uninstall 5

======List of files/folders modified in the last 1 months======

2011-11-25 04:27:04 ----D---- C:\Qoobox
2011-11-25 04:22:32 ----A---- C:\WINDOWS\system.ini
2011-11-25 04:21:50 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-25 04:20:57 ----SD---- C:\WINDOWS\Tasks
2011-11-25 04:16:32 ----D---- C:\WINDOWS\AppPatch
2011-11-24 13:30:09 ----D---- C:\WINDOWS\ehome
2011-11-23 10:55:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-23 00:25:31 ----D---- C:\Program Files\ESET
2011-11-22 02:41:32 ----D---- C:\Program Files\Alcohol Soft
2011-11-22 01:15:24 ----D---- C:\Documents and Settings\tom\Data aplikací\Media Player Classic
2011-11-21 17:51:21 ----D---- C:\Program Files\uTorrent
2011-11-20 12:30:43 ----D---- C:\WINDOWS\Debug
2011-11-20 01:31:17 ----D---- C:\Program Files\Mozilla Firefox
2011-11-19 11:37:05 ----D---- C:\Program Files\Java
2011-11-19 02:52:13 ----D---- C:\WINDOWS\system32\cs-cz
2011-11-19 02:52:13 ----D---- C:\Program Files\Internet Explorer
2011-11-19 02:52:02 ----D---- C:\WINDOWS\ie7updates
2011-11-14 02:36:36 ----D---- C:\WINDOWS\Prefetch
2011-11-14 02:36:30 ----D---- C:\Program Files\trend micro
2011-11-14 02:29:30 ----D---- C:\WINDOWS\temp
2011-11-14 02:25:07 ----HD---- C:\WINDOWS\inf
2011-11-14 02:25:03 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-14 02:23:51 ----D---- C:\WINDOWS
2011-11-14 02:23:25 ----D---- C:\WINDOWS\system32
2011-11-14 02:22:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-11-14 02:15:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-14 02:14:55 ----D---- C:\WINDOWS\system32\drivers
2011-11-14 02:12:23 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-11-14 02:08:44 ----D---- C:\WINDOWS\system32\RTCOM
2011-11-14 01:26:54 ----D---- C:\Program Files
2011-11-12 15:53:46 ----D---- C:\Documents and Settings\tom\Data aplikací\Skype
2011-11-12 10:12:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-07 13:21:39 ----D---- C:\Documents and Settings\tom\Data aplikací\Apple Computer
2011-11-07 13:11:43 ----SHD---- C:\WINDOWS\Installer
2011-11-07 13:11:43 ----D---- C:\Config.msi
2011-11-07 13:07:09 ----D---- C:\Program Files\Common Files
2011-11-03 17:09:29 ----D---- C:\Documents and Settings\tom\Data aplikací\uTorrent
2011-10-27 11:22:37 ----D---- C:\Documents and Settings\tom\Data aplikací\DVDVideoSoft
2011-10-27 11:22:28 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-10-27 11:22:14 ----D---- C:\Program Files\DVDVideoSoft
2011-10-27 11:22:13 ----RSD---- C:\WINDOWS\assembly
2011-10-17 08:24:00 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-07-02 431672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2011-08-04 61936]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2011-08-09 154136]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2010-05-19 13952]
R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 5504]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-05-09 237096]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-23 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-03-31 876384]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2011-08-09 39824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-10-18 6439528]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwLx32.sys [2010-10-07 6609920]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 PGR1394b;HS 3d Sensor IEEE 1394 Bus host controllers; C:\WINDOWS\system32\DRIVERS\HS3dSensor1394.sys [2008-02-19 72704]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-06-02 215904]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2009-06-19 290816]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-03-23 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 catchme;catchme; \??\C:\DOCUME~1\tom\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 econceal;MicroWorld Technologies Network Service; C:\WINDOWS\system32\DRIVERS\econceal.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-12-22 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-12-22 25512]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro; C:\WINDOWS\system32\DRIVERS\MAudioFastTrackPro.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-29 2206976]
S3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-11-28 52800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
S3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
S3 pneteth;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2010-09-02 13312]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [2006-06-09 6909]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-12 866576]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 MWAgent;MWAgent; C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE [2009-03-25 415744]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-10-25 75064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-12 481552]
R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2011-01-12 966656]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-27 194104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 821608]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-13 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-13 136176]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

chodnik74 · #2 Příspěvek od **chodnik74** » 14 lis 2011 06:57

Dobré ráno

Vy jste spouštěl sám Combofix?

Dostanete za uši

Nebezpeči Combofixu

Program je primárně určený pro rádce,takže svévolným použitím ztrácíte nárok na pomoc
Maže stopy po veškeré havěti,takže když ho použijete sami,tak v RSITU nic nejde vidět
Výsledný log je potřeba doluštit a dočistit,protože Combofix neumí mazat vše
Combofix může mít chybu,zboří vám systém a pokud nevíte,kam ukládá své zálohy a jak je obnovit,tak vás čeká reinstall systému
Combofix nekontroluje důležité knihovny(například hall.dll)

Vložte mi sem jeho log,který najdete ve C:\ComboFix.txt

ESET licence je zakoupená?

Zkusil bych první vypnout kontrolu USB disků u ESET, pokud máte novou 5 verzi ESS

Otevřete si váš antivirus
V okne antiviru stiskněte klávesu F5 ( čímž se vám otevře Pokročilé nastavení )
Ve stromu Počítač - Antivirus a antispyware - Výměnná média odškrkněne volbu Při vložení výměnného média a Povolit pravidla pro blokování výměnných médií a podvrďte OK

kirkland · #3 Příspěvek od **kirkland** » 14 lis 2011 10:37

Viem urobil som chybu s tym CF

posielam ten log z neho. Tu kontrolu diskov som uz vypol. licenciu si kupim tento tyzden.

ComboFix 11-10-24.04 - tom 25.11.2011 4:09.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1368 [GMT 1:00]
Spuštěný z: c:\documents and settings\tom\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\tom\Plocha\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: PC Tools Firewall Plus *Disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
FILE ::
"c:\windows\system32\hvnrbhzvfhphfqxt.exe"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\windows\system32\hvnrbhzvfhphfqxt.exe
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-25 do 2011-11-25 )))))))))))))))))))))))))))))))
.
.
2011-11-23 01:31 . 2011-11-23 09:55 -------- d-----w- c:\documents and settings\tom\Data aplikací\ScanSpyware
2011-11-22 02:06 . 2011-11-24 13:02 -------- d-----w- c:\program files\Smart File Advisor
2011-11-22 02:06 . 2011-11-22 02:06 -------- d-----w- c:\program files\Smart Projects
2011-11-20 11:16 . 2011-11-20 11:16 -------- d-----w- c:\program files\CodeStuff
2011-11-19 15:14 . 2011-11-19 15:14 -------- d-----w- c:\documents and settings\tom\Local Settings\Data aplikací\Facebook
2011-11-19 10:37 . 2011-11-19 10:37 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-13 13:54 . 2011-06-17 10:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-03 04:06 . 2010-10-15 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2009-07-27 15:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2010-03-31 08:09 . 2010-03-31 08:09 10437264 ----a-w- c:\program files\opera\program\plugins\PDFNetC.dll
2010-04-08 10:36 . 2010-04-08 10:36 107760 ----a-w- c:\program files\opera\program\plugins\ScorchPDFWrapper.dll
2011-09-29 07:32 . 2011-11-20 00:31 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-11-24_12.31.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-24 13:00 . 2011-11-24 13:00 16384 c:\windows\temp\Perflib_Perfdata_4c0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-06-02 102400]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2011-01-12 1400832]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-12 1210640]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-31 16806912]
"Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-9 147456]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-9 28672]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ WinCinema Manager.lnk
backup=c:\windows\pss\ WinCinema Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^tom^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\tom\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
2009-11-09 12:56 643592 ----a-w- c:\windows\system32\M-AudioTaskBarIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-09-28 01:03 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-04-08 10:38 251240 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-11-21 16:51 641400 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DownloadHQ\\DownloadHQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16551:TCP"= 16551:TCP:BitComet 16551 TCP
"16551:UDP"= 16551:UDP:BitComet 16551 UDP
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 09:20 118104]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [14.3.2011 12:51 249616]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22.9.2011 12:03 974944]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [14.3.2011 12:51 160448]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8.4.2009 11:38 92008]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2.2.2010 19:10 33792]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [17.3.2011 20:42 6609920]
R3 PGR1394b;HS 3d Sensor IEEE 1394 Bus host controllers;c:\windows\system32\drivers\HS3dSensor1394.sys [20.3.2011 03:10 72704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [22.12.2010 23:19 36640]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [22.12.2010 13:39 13224]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys --> c:\windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys --> c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [?]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [14.3.2011 12:49 89192]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [14.3.2011 12:49 124992]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [24.12.2010 00:26 13312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13.10.2011 16:53 136176]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13.10.2011 16:53 136176]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - GUPDATEM
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2009-09-02 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1200 series272A572217594EBCF1CEE215E352B92AD073FDE4243878355.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 15:56]
.
2011-11-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-28 08:46]
.
2011-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 15:53]
.
2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 15:53]
.
2011-11-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-24 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-09-06 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Free YouTube to MP3 Converter - c:\documents and settings\tom\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1 213.151.208.162
FF - ProfilePath - c:\documents and settings\tom\Data aplikací\Mozilla\Firefox\Profiles\j7ikcjnm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-hvnrbhzvfhphfqxt - c:\windows\system32\hvnrbhzvfhphfqxt.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-25 04:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1340)
c:\windows\system32\netprovcredman.dll
c:\windows\system32\igfxdev.dll
.
Celkový čas: 2011-11-25 04:26:57
ComboFix-quarantined-files.txt 2011-11-25 03:26
ComboFix2.txt 2011-11-24 12:36
ComboFix3.txt 2011-06-19 09:28
.
Před spuštěním: Volných bajtů: 77 320 757 248
Po spuštění: Volných bajtů: 77 301 141 504
.
- - End Of File - - 68CB12E4EC0A8ECAE853CBBDFCE78DA7

chodnik74 · #4 Příspěvek od **chodnik74** » 14 lis 2011 11:22

Pomohlo prenastaveni esetu? takze mate trial verzi? a jeste jedna otazka,kdo vam vytvarel script pro cf? mohl bych videt jeho obsah? na log z cf mrku odpoledne az budu na pc =)

kirkland · #5 Příspěvek od **kirkland** » 14 lis 2011 11:41

Myslim ze odtialto Rudi robil script a ten script uz asi nenajdem uz..Ano zatial mam trial verziu. Tazko povedat ci mi to pomohlo lebo napr. mobil ked pripojim tak mi to uz nemrzne ale ked pripojim cez USB ext. hardisk tak mi to stale zamrza. Dakujem

chodnik74 · #6 Příspěvek od **chodnik74** » 14 lis 2011 12:01

Dobre,mrknu pak na ten log,na mobilu to lustit nebudu =)

chodnik74 · #7 Příspěvek od **chodnik74** » 14 lis 2011 15:42

Vyzkoušejte disk na jiném pc

Vyčistíme po Combofixu a spustíme znova, ať víme současný stav

T-Cleaner

Spustíme,zmáčkneme klávesu A a potvrdíme ENTER(některé antiviry mohou detekovat utilitu jako vir-jedá se o falešný poplach,proto IGNOROVAT nebo dočasně vypnout antivir )
po použití T-Cleaner smažte

TFC

Stáhneme a spustíme program
Klikneme na Start a potvrdíme OK
Program začne uklízet,poté restartuje pc
po použití program smažte

Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!

Stáhneme si Combofix
Program uložíme nejlépe na Plochu
Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,)
Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
(Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )

kirkland · #8 Příspěvek od **kirkland** » 14 lis 2011 17:29

Skusal som iny disk ani ten nefunguje..tu je log z CF

ComboFix 11-11-14.01 - tom 14.11.2011 17:09:52.10.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1432 [GMT 1:00]
Spuštěný z: c:\documents and settings\tom\Plocha\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: PC Tools Firewall Plus *Disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-14 do 2011-11-14 )))))))))))))))))))))))))))))))
.
.
2011-11-23 01:31 . 2011-11-23 09:55 -------- d-----w- c:\documents and settings\tom\Data aplikací\ScanSpyware
2011-11-22 02:06 . 2011-10-25 22:45 -------- d-----w- c:\program files\Smart File Advisor
2011-11-22 02:06 . 2011-11-22 02:06 -------- d-----w- c:\program files\Smart Projects
2011-11-20 11:16 . 2011-11-20 11:16 -------- d-----w- c:\program files\CodeStuff
2011-11-19 15:14 . 2011-11-19 15:14 -------- d-----w- c:\documents and settings\tom\Local Settings\Data aplikací\Facebook
2011-11-19 10:37 . 2011-11-19 10:37 -------- d-----w- c:\program files\Common Files\Java
2011-11-14 15:37 . 2011-11-14 15:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microworld
2011-11-14 01:08 . 2011-10-13 19:03 16836 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2011-11-14 01:08 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2011-11-14 01:08 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2011-11-14 01:08 . 2011-10-18 17:10 64616 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-11-14 01:08 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2011-11-14 01:08 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2011-11-14 01:06 . 2009-05-22 18:24 19400 ----a-w- c:\windows\system32\drivers\umss.sys
2011-11-14 00:26 . 2011-11-14 00:26 -------- d-----w- c:\program files\Innovative Solutions
2011-11-14 00:04 . 2011-11-14 00:04 -------- d-----w- c:\documents and settings\tom\Data aplikací\3v
2011-11-13 23:42 . 2011-11-14 00:05 -------- d-----w- c:\documents and settings\tom\Data aplikací\Sammsoft
2011-11-07 12:11 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-07 12:11 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-11-07 12:09 . 2011-11-07 12:09 -------- d-----w- c:\program files\iPod
2011-11-07 12:09 . 2011-11-07 12:11 -------- d-----w- c:\program files\iTunes
2011-11-07 12:09 . 2011-11-07 12:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-11-07 12:08 . 2011-11-07 12:08 -------- d-----w- c:\program files\Apple Software Update
2011-11-07 12:08 . 2011-11-07 12:08 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Apple Computer
2011-11-07 12:07 . 2011-11-07 12:07 -------- d-----w- c:\program files\Bonjour
2011-11-07 12:07 . 2011-11-07 12:09 -------- d-----w- c:\program files\Common Files\Apple
2011-11-07 10:37 . 2011-11-07 11:52 -------- d-----w- c:\program files\3GP Player
2011-10-15 21:51 . 2011-10-15 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Martau
2011-10-15 21:51 . 2011-10-15 21:51 -------- d-----w- c:\program files\Total Uninstall 5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 18:53 . 2009-05-11 17:07 6439528 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-10-14 17:58 . 2009-05-11 17:07 20064872 ----a-w- c:\windows\RTHDCPL.EXE
2011-10-13 13:54 . 2011-06-17 10:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2009-05-11 16:43 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 04:06 . 2010-10-15 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2009-07-27 15:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-30 22:05 . 2011-08-30 22:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-29 15:20 . 2009-05-11 17:07 1493608 ----a-w- c:\windows\RtlUpd.exe
2011-08-17 21:25 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:25 . 2004-08-17 13:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:25 . 2011-06-24 22:31 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-08-17 21:25 . 2004-08-17 13:49 17408 ----a-w- c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2010-03-31 08:09 . 2010-03-31 08:09 10437264 ----a-w- c:\program files\opera\program\plugins\PDFNetC.dll
2010-04-08 10:36 . 2010-04-08 10:36 107760 ----a-w- c:\program files\opera\program\plugins\ScorchPDFWrapper.dll
2011-09-29 07:32 . 2011-11-20 00:31 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-10-19 9251240]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-10-19 9251240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-06-02 102400]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2011-01-12 1400832]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-12 1210640]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"RTHDCPL"="RTHDCPL.EXE" [2011-10-14 20064872]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ WinCinema Manager.lnk
backup=c:\windows\pss\ WinCinema Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^tom^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
path=c:\documents and settings\tom\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
2009-11-09 12:56 643592 ----a-w- c:\windows\system32\M-AudioTaskBarIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-09-28 01:03 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-04-22 12:21 247728 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2011-11-21 16:51 641400 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DownloadHQ\\DownloadHQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16551:TCP"= 16551:TCP:BitComet 16551 TCP
"16551:UDP"= 16551:UDP:BitComet 16551 UDP
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 09:20 118104]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [14.3.2011 12:51 249616]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22.9.2011 12:03 974944]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [14.3.2011 12:51 160448]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22.4.2011 13:21 92592]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2.2.2010 19:10 33792]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [17.3.2011 20:42 6609920]
R3 PGR1394b;HS 3d Sensor IEEE 1394 Bus host controllers;c:\windows\system32\drivers\HS3dSensor1394.sys [20.3.2011 03:10 72704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [14.11.2011 02:08 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [22.12.2010 23:19 36640]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [22.12.2010 13:39 13224]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys --> c:\windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys --> c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [?]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [14.3.2011 12:49 89192]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [14.3.2011 12:49 124992]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [24.12.2010 00:26 13312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13.10.2011 16:53 136176]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13.10.2011 16:53 136176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2009-09-02 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1200 series272A572217594EBCF1CEE215E352B92AD073FDE4243878355.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 15:56]
.
2011-11-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-28 08:46]
.
2011-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 15:53]
.
2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 15:53]
.
2011-11-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-14 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-09-06 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Free YouTube to MP3 Converter - c:\documents and settings\tom\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1 213.151.208.162
FF - ProfilePath - c:\documents and settings\tom\Data aplikací\Mozilla\Firefox\Profiles\j7ikcjnm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-14 17:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1336)
c:\windows\system32\netprovcredman.dll
.
Celkový čas: 2011-11-14 17:27:34
ComboFix-quarantined-files.txt 2011-11-14 16:27
.
Před spuštěním: Volných bajtů: 77 149 294 592
Po spuštění: Volných bajtů: 77 100 494 848
.
- - End Of File - - 6217FC4A24547E071788816706EAD08D

chodnik74 · #9 Příspěvek od **chodnik74** » 14 lis 2011 17:41

Otevřeme si Poznámkový blok Obrázek

(stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)

Vložíme do něj následující script:

Kód: Vybrat vše

KillAll::

DDS::
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.com

File::
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-1003.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-500.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-1003.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-500.job
c:\windows\Tasks\WGASetup.job

NetSvc::
Akamai	

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"Persistence"=-
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ WinCinema Manager.lnk]
[-HKLM\~\startupfolder\C:^Documents and Settings^tom^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"=dword:00000001

Reboot::

Soubor uložíme na Plochu jako CFScript.txt
Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
Poté Combofix provede všechny operace a udělá nový log,který sem vložte

Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfigurace

Malwarebytes' Anti-Malware Obrázek

Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
Objeví se vám log,který mi sem vložte
NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci

kirkland · #10 Příspěvek od **kirkland** » 14 lis 2011 19:09

Log z CF:

ComboFix 11-11-14.02 - tom 14.11.2011 18:39:22.11.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1232 [GMT 1:00]
Spuštěný z: c:\documents and settings\tom\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\tom\Plocha\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: PC Tools Firewall Plus *Disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
FILE ::
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-1003.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-500.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-1003.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-500.job"
"c:\windows\Tasks\WGASetup.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-14 do 2011-11-14 )))))))))))))))))))))))))))))))
.
.
2011-11-23 01:31 . 2011-11-23 09:55 -------- d-----w- c:\documents and settings\tom\Data aplikací\ScanSpyware
2011-11-22 02:06 . 2011-10-25 22:45 -------- d-----w- c:\program files\Smart File Advisor
2011-11-22 02:06 . 2011-11-22 02:06 -------- d-----w- c:\program files\Smart Projects
2011-11-20 11:16 . 2011-11-20 11:16 -------- d-----w- c:\program files\CodeStuff
2011-11-19 15:14 . 2011-11-19 15:14 -------- d-----w- c:\documents and settings\tom\Local Settings\Data aplikací\Facebook
2011-11-19 10:37 . 2011-11-19 10:37 -------- d-----w- c:\program files\Common Files\Java
2011-11-14 15:37 . 2011-11-14 15:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microworld
2011-11-14 01:08 . 2011-10-13 19:03 16836 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2011-11-14 01:08 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2011-11-14 01:08 . 2009-11-18 06:17 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2011-11-14 01:08 . 2011-10-18 17:10 64616 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2011-11-14 01:08 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2011-11-14 01:08 . 2009-11-18 06:16 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2011-11-14 01:06 . 2009-05-22 18:24 19400 ----a-w- c:\windows\system32\drivers\umss.sys
2011-11-14 00:26 . 2011-11-14 00:26 -------- d-----w- c:\program files\Innovative Solutions
2011-11-14 00:04 . 2011-11-14 00:04 -------- d-----w- c:\documents and settings\tom\Data aplikací\3v
2011-11-13 23:42 . 2011-11-14 00:05 -------- d-----w- c:\documents and settings\tom\Data aplikací\Sammsoft
2011-11-07 12:11 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-07 12:11 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-11-07 12:09 . 2011-11-07 12:09 -------- d-----w- c:\program files\iPod
2011-11-07 12:09 . 2011-11-07 12:11 -------- d-----w- c:\program files\iTunes
2011-11-07 12:09 . 2011-11-07 12:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-11-07 12:08 . 2011-11-07 12:08 -------- d-----w- c:\program files\Apple Software Update
2011-11-07 12:08 . 2011-11-07 12:08 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Apple Computer
2011-11-07 12:07 . 2011-11-07 12:07 -------- d-----w- c:\program files\Bonjour
2011-11-07 12:07 . 2011-11-07 12:09 -------- d-----w- c:\program files\Common Files\Apple
2011-11-07 10:37 . 2011-11-07 11:52 -------- d-----w- c:\program files\3GP Player
2011-10-15 21:51 . 2011-10-15 21:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Martau
2011-10-15 21:51 . 2011-10-15 21:51 -------- d-----w- c:\program files\Total Uninstall 5
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 18:53 . 2009-05-11 17:07 6439528 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2011-10-14 17:58 . 2009-05-11 17:07 20064872 ----a-w- c:\windows\RTHDCPL.EXE
2011-10-13 13:54 . 2011-06-17 10:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2009-05-11 16:43 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 04:06 . 2010-10-15 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 01:37 . 2009-07-27 15:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-30 22:05 . 2011-08-30 22:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-29 15:20 . 2009-05-11 17:07 1493608 ----a-w- c:\windows\RtlUpd.exe
2011-08-17 21:25 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-08-17 21:25 . 2004-08-17 13:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-17 21:25 . 2011-06-24 22:31 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-08-17 21:25 . 2004-08-17 13:49 17408 ----a-w- c:\windows\system32\corpol.dll
2011-08-17 13:49 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-17 12:22 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2010-03-31 08:09 . 2010-03-31 08:09 10437264 ----a-w- c:\program files\opera\program\plugins\PDFNetC.dll
2010-04-08 10:36 . 2010-04-08 10:36 107760 ----a-w- c:\program files\opera\program\plugins\ScorchPDFWrapper.dll
2011-09-29 07:32 . 2011-11-20 00:31 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-14_16.22.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-14 17:55 . 2011-11-14 17:55 16384 c:\windows\temp\Perflib_Perfdata_5a4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-10-19 9251240]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-10-19 9251240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-06-02 102400]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2011-01-12 1400832]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-01-12 1210640]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"RTHDCPL"="RTHDCPL.EXE" [2011-10-14 20064872]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ WinCinema Manager.lnk
backup=c:\windows\pss\ WinCinema Manager.lnkCommon Startup
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DownloadHQ\\DownloadHQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"16551:TCP"= 16551:TCP:BitComet 16551 TCP
"16551:UDP"= 16551:UDP:BitComet 16551 UDP
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 09:20 118104]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [14.3.2011 12:51 249616]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22.9.2011 12:03 974944]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [14.3.2011 12:51 160448]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22.4.2011 13:21 92592]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2.2.2010 19:10 33792]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [17.3.2011 20:42 6609920]
R3 PGR1394b;HS 3d Sensor IEEE 1394 Bus host controllers;c:\windows\system32\drivers\HS3dSensor1394.sys [20.3.2011 03:10 72704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [14.11.2011 02:08 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [22.12.2010 23:19 36640]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [22.12.2010 13:39 13224]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys --> c:\windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys --> c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [?]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [14.3.2011 12:49 89192]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [14.3.2011 12:49 124992]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [24.12.2010 00:26 13312]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13.10.2011 16:53 136176]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [13.10.2011 16:53 136176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2009-09-02 c:\windows\Tasks\FRU Task 2003-04-10 00:56ewlett-Packard2003-04-10 00:56p psc 1200 series272A572217594EBCF1CEE215E352B92AD073FDE4243878355.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 15:56]
.
2011-11-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-28 08:46]
.
2011-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 15:53]
.
2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-13 15:53]
.
2011-11-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-14 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-842925246-1383384898-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-1383384898-725345543-500.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-09 17:38]
.
2011-11-14 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-09-06 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Free YouTube to MP3 Converter - c:\documents and settings\tom\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1 213.151.208.162
FF - ProfilePath - c:\documents and settings\tom\Data aplikací\Mozilla\Firefox\Profiles\j7ikcjnm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-14 18:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1340)
c:\windows\system32\netprovcredman.dll
.
- - - - - - - > 'explorer.exe'(2024)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\COMMON~1\MICROW~1\Agent\MWASER.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\progra~1\COMMON~1\MICROW~1\Agent\MWAgent.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\docume~1\tom\LOCALS~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Celkový čas: 2011-11-14 19:01:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-14 18:01
ComboFix2.txt 2011-11-14 16:27
.
Před spuštěním: Volných bajtů: 77 024 976 896
Po spuštění: Volných bajtů: 77 002 772 480
.
- - End Of File - - 07CC21C7211D7A028FA5A312C4E7FBEF

kirkland · #11 Příspěvek od **kirkland** » 14 lis 2011 19:17

Log z mbam:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 8004

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

14.11.2011 19:13:54
mbam-log-2011-11-14 (19-13-54).txt

Typ kontroly: Rychlý test
Testované objekty: 208880
Uplynulý čas: 3 minut, 8 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

chodnik74 · #12 Příspěvek od **chodnik74** » 15 lis 2011 20:33

Pokračovat budeme zítra, dneska mám rodinné důvody, omlouvám se

kirkland · #13 Příspěvek od **kirkland** » 16 lis 2011 00:28

Pohoda jasne

chodnik74 · #14 Příspěvek od **chodnik74** » 16 lis 2011 06:37

Stáhněte si TDSSKiller

Spuste program a klikněte na Start Scan
Pokud program najde infikekci,tak ji bude lecit (Cure), povolte léčení kliknutím na tlačítko Continue
Pokud program najde podezrely soubor (suspicious),bude ho chtít přeskočit (Skip), povolte přeskočení kliknutim na tlačítko Continue
Po dokončení skenování bude možná potřeba restartovat počítač,ten povolíte programu kliknutím na tlačítko Reboot now
Po restartování počítače na vás vyskočí log(pokud se tak nestane,tak ho najdete na disku,kde máte nainstalovaná systém s názvem TDSSKiller.xxxx_log.txt) a vložte mi sem jeho obsah
Pokud nebude program požadovat restartování počítače,klikněte na tlačítko Close a následně na Report , čímž se Vám vytvoří log a jeho obsah mu sem vložte

Stáhneme si na Plochu program OTL Obrázek

Spustíme soubor OTL.exe (pokud máte Windows Vista nebo Windows 7,tak na soubor klikněte pravým
tlačítkem myši a dejte ,,Spustit jako správce,,)
Pokud používáte 64 bitový systém,zaškrkněte volbu Pro 64 bitové OS,pokud ne,tak by měla být
nezaškrknutá
Zaškrkněte okýnko Pro všechny uživatele,Kontrola havět "LOP",Kontrola havět "Purity"
Staří souborů změňte z 30 dnů na 7 dnů

Do spodního okýnka Vlastní skenování/opravy vložte následující script:

Kód: Vybrat vše

netsvcs
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
*crack* /s
*keygen* /s
*nocd* /s
*nodvd* /s
*AutoKMS* /s
*AutoRearm* /s
*Loader* /s
*w7lxe* /s
*Legalizator* /s
*GenuineXP* /s
*minodlogin* /s
serial.txt /s
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSucces
sTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikněte na tlačítko Prohledat
Po dokončení skenu,který trvá mezi 5-15 minuty se vám zobrazý dva logy OTL.txt a Extras.txt a ty
mě sem vložte

kirkland · #15 Příspěvek od **kirkland** » 16 lis 2011 09:47

Log z TDSSKiller:

09:41:24.0015 3292 TDSS rootkit removing tool 2.6.18.0 Nov 11 2011 15:47:15
09:41:24.0375 3292 ============================================================
09:41:24.0375 3292 Current date / time: 2011/11/16 09:41:24.0375
09:41:24.0375 3292 SystemInfo:
09:41:24.0375 3292
09:41:24.0375 3292 OS Version: 5.1.2600 ServicePack: 3.0
09:41:24.0375 3292 Product type: Workstation
09:41:24.0375 3292 ComputerName: TOM-NOTEBOOK
09:41:24.0375 3292 UserName: tom
09:41:24.0375 3292 Windows directory: C:\WINDOWS
09:41:24.0375 3292 System windows directory: C:\WINDOWS
09:41:24.0375 3292 Processor architecture: Intel x86
09:41:24.0375 3292 Number of processors: 2
09:41:24.0375 3292 Page size: 0x1000
09:41:24.0375 3292 Boot type: Normal boot
09:41:24.0375 3292 ============================================================
09:41:26.0234 3292 Initialize success
09:41:39.0703 0976 ============================================================
09:41:39.0703 0976 Scan started
09:41:39.0703 0976 Mode: Manual;
09:41:39.0703 0976 ============================================================
09:41:40.0031 0976 Abiosdsk - ok
09:41:40.0046 0976 abp480n5 - ok
09:41:40.0093 0976 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:41:40.0109 0976 ACPI - ok
09:41:40.0125 0976 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:41:40.0140 0976 ACPIEC - ok
09:41:40.0156 0976 adpu160m - ok
09:41:40.0234 0976 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:41:40.0234 0976 aec - ok
09:41:40.0343 0976 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:41:40.0343 0976 AFD - ok
09:41:40.0359 0976 Aha154x - ok
09:41:40.0375 0976 aic78u2 - ok
09:41:40.0390 0976 aic78xx - ok
09:41:40.0406 0976 AliIde - ok
09:41:40.0515 0976 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
09:41:40.0578 0976 Ambfilt - ok
09:41:40.0656 0976 amsint - ok
09:41:40.0703 0976 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:41:40.0703 0976 Arp1394 - ok
09:41:40.0718 0976 asc - ok
09:41:40.0718 0976 asc3350p - ok
09:41:40.0734 0976 asc3550 - ok
09:41:40.0765 0976 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:41:40.0765 0976 AsyncMac - ok
09:41:40.0796 0976 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:41:40.0796 0976 atapi - ok
09:41:40.0812 0976 Atdisk - ok
09:41:40.0859 0976 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:41:40.0859 0976 Atmarpc - ok
09:41:40.0968 0976 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:41:40.0968 0976 audstub - ok
09:41:41.0031 0976 b57w2k (6f7911f3e674363a91541e097f49b633) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:41:41.0031 0976 b57w2k - ok
09:41:41.0093 0976 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:41:41.0125 0976 Beep - ok
09:41:41.0187 0976 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\WINDOWS\system32\drivers\btaudio.sys
09:41:41.0218 0976 btaudio - ok
09:41:41.0328 0976 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\WINDOWS\system32\DRIVERS\btport.sys
09:41:41.0328 0976 BTDriver - ok
09:41:41.0421 0976 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
09:41:41.0421 0976 BTKRNL - ok
09:41:41.0546 0976 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
09:41:41.0578 0976 BTWDNDIS - ok
09:41:41.0625 0976 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\WINDOWS\system32\DRIVERS\btwhid.sys
09:41:41.0625 0976 btwhid - ok
09:41:41.0656 0976 btwmodem (8bcd7bfe9c70a8ff7444263435b18aa1) C:\WINDOWS\system32\DRIVERS\btwmodem.sys
09:41:41.0687 0976 btwmodem - ok
09:41:41.0734 0976 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys
09:41:41.0750 0976 BTWUSB - ok
09:41:42.0000 0976 catchme - ok
09:41:42.0109 0976 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:41:42.0156 0976 cbidf2k - ok
09:41:42.0187 0976 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:41:42.0187 0976 CCDECODE - ok
09:41:42.0187 0976 cd20xrnt - ok
09:41:42.0234 0976 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:41:42.0250 0976 Cdaudio - ok
09:41:42.0281 0976 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:41:42.0281 0976 Cdfs - ok
09:41:42.0296 0976 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:41:42.0312 0976 Cdrom - ok
09:41:42.0390 0976 Changer - ok
09:41:42.0437 0976 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
09:41:42.0437 0976 CLEDX - ok
09:41:42.0484 0976 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:41:42.0484 0976 CmBatt - ok
09:41:42.0500 0976 CmdIde - ok
09:41:42.0531 0976 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:41:42.0531 0976 Compbatt - ok
09:41:42.0546 0976 Cpqarray - ok
09:41:42.0625 0976 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
09:41:42.0640 0976 cpudrv - ok
09:41:42.0703 0976 dac2w2k - ok
09:41:42.0718 0976 dac960nt - ok
09:41:42.0765 0976 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:41:42.0765 0976 Disk - ok
09:41:42.0843 0976 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
09:41:42.0859 0976 dmboot - ok
09:41:42.0968 0976 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
09:41:42.0984 0976 dmio - ok
09:41:43.0015 0976 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:41:43.0015 0976 dmload - ok
09:41:43.0062 0976 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:41:43.0062 0976 DMusic - ok
09:41:43.0093 0976 dpti2o - ok
09:41:43.0109 0976 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:41:43.0125 0976 drmkaud - ok
09:41:43.0156 0976 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
09:41:43.0156 0976 eamon - ok
09:41:43.0250 0976 econceal - ok
09:41:43.0296 0976 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
09:41:43.0296 0976 ehdrv - ok
09:41:43.0328 0976 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\WINDOWS\system32\DRIVERS\epfw.sys
09:41:43.0328 0976 epfw - ok
09:41:43.0406 0976 Epfwndis (75d3bcd3e0eded0ab0f96d9a10ff01c9) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
09:41:43.0421 0976 Epfwndis - ok
09:41:43.0562 0976 epfwtdi (dc64f26f35e32c9472bbf8acd84060d3) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
09:41:43.0593 0976 epfwtdi - ok
09:41:43.0656 0976 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:41:43.0656 0976 Fastfat - ok
09:41:43.0687 0976 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
09:41:43.0703 0976 Fdc - ok
09:41:43.0734 0976 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
09:41:43.0765 0976 Fips - ok
09:41:43.0906 0976 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
09:41:43.0937 0976 Flpydisk - ok
09:41:43.0968 0976 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:41:43.0968 0976 FltMgr - ok
09:41:44.0015 0976 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS
09:41:44.0062 0976 FsUsbExDisk - ok
09:41:44.0171 0976 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:41:44.0218 0976 Fs_Rec - ok
09:41:44.0250 0976 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:41:44.0250 0976 Ftdisk - ok
09:41:44.0281 0976 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:41:44.0281 0976 GEARAspiWDM - ok
09:41:44.0328 0976 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
09:41:44.0328 0976 ggflt - ok
09:41:44.0343 0976 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
09:41:44.0343 0976 ggsemc - ok
09:41:44.0468 0976 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:41:44.0468 0976 Gpc - ok
09:41:44.0531 0976 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:41:44.0531 0976 HDAudBus - ok
09:41:44.0578 0976 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:41:44.0578 0976 HidUsb - ok
09:41:44.0625 0976 hpn - ok
09:41:44.0703 0976 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:41:44.0703 0976 HPZid412 - ok
09:41:44.0750 0976 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:41:44.0750 0976 HPZipr12 - ok
09:41:44.0781 0976 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:41:44.0781 0976 HPZius12 - ok
09:41:44.0843 0976 HSFHWAZL (6a5c4732d6803f84e2987edd8e4359ce) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
09:41:44.0843 0976 HSFHWAZL - ok
09:41:44.0921 0976 HSF_DPV (21c31273c6cc4826e74be8ae3b09d4a8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:41:44.0937 0976 HSF_DPV - ok
09:41:45.0015 0976 HTCAND32 - ok
09:41:45.0062 0976 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:41:45.0078 0976 HTTP - ok
09:41:45.0078 0976 hwdatacard - ok
09:41:45.0093 0976 i2omgmt - ok
09:41:45.0109 0976 i2omp - ok
09:41:45.0156 0976 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:41:45.0156 0976 i8042prt - ok
09:41:45.0406 0976 ialm (12c7f8d581c4a9f126f5f8f5683a1c29) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:41:45.0609 0976 ialm - ok
09:41:45.0750 0976 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:41:45.0750 0976 Imapi - ok
09:41:45.0765 0976 ini910u - ok
09:41:46.0109 0976 IntcAzAudAddService (58dabdef7a35f9e3ab1fabd2cbaf3d13) C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:41:46.0140 0976 IntcAzAudAddService - ok
09:41:46.0218 0976 IntelIde - ok
09:41:46.0250 0976 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:41:46.0250 0976 intelppm - ok
09:41:46.0281 0976 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:41:46.0281 0976 Ip6Fw - ok
09:41:46.0328 0976 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:41:46.0328 0976 IpFilterDriver - ok
09:41:46.0359 0976 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:41:46.0359 0976 IpInIp - ok
09:41:46.0390 0976 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:41:46.0390 0976 IpNat - ok
09:41:46.0515 0976 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:41:46.0531 0976 IPSec - ok
09:41:46.0546 0976 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
09:41:46.0546 0976 irda - ok
09:41:46.0609 0976 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:41:46.0609 0976 IRENUM - ok
09:41:46.0625 0976 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:41:46.0640 0976 isapnp - ok
09:41:46.0656 0976 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:41:46.0656 0976 Kbdclass - ok
09:41:46.0781 0976 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:41:46.0781 0976 kmixer - ok
09:41:46.0828 0976 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:41:46.0843 0976 KSecDD - ok
09:41:46.0843 0976 lbrtfdc - ok
09:41:46.0859 0976 MAUSBFASTTRACKPRO - ok
09:41:46.0921 0976 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:41:46.0921 0976 mdmxsdk - ok
09:41:46.0968 0976 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:41:46.0984 0976 mnmdd - ok
09:41:47.0093 0976 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
09:41:47.0093 0976 Modem - ok
09:41:47.0187 0976 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
09:41:48.0328 0976 Monfilt - ok
09:41:48.0437 0976 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:41:48.0437 0976 Mouclass - ok
09:41:48.0484 0976 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:41:48.0484 0976 mouhid - ok
09:41:48.0531 0976 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:41:48.0531 0976 MountMgr - ok
09:41:48.0546 0976 mraid35x - ok
09:41:48.0562 0976 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:41:48.0578 0976 MRxDAV - ok
09:41:48.0609 0976 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:41:48.0625 0976 MRxSmb - ok
09:41:48.0734 0976 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:41:48.0734 0976 Msfs - ok
09:41:48.0765 0976 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:41:48.0765 0976 MSKSSRV - ok
09:41:48.0796 0976 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:41:48.0812 0976 MSPCLOCK - ok
09:41:48.0843 0976 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:41:48.0843 0976 MSPQM - ok
09:41:48.0890 0976 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:41:48.0890 0976 mssmbios - ok
09:41:48.0890 0976 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:41:48.0906 0976 MSTEE - ok
09:41:48.0953 0976 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:41:48.0953 0976 Mup - ok
09:41:49.0046 0976 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:41:49.0062 0976 NABTSFEC - ok
09:41:49.0109 0976 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:41:49.0109 0976 NDIS - ok
09:41:49.0140 0976 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:41:49.0140 0976 NdisIP - ok
09:41:49.0187 0976 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:41:49.0187 0976 NdisTapi - ok
09:41:49.0296 0976 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:41:49.0296 0976 Ndisuio - ok
09:41:49.0296 0976 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:41:49.0312 0976 NdisWan - ok
09:41:49.0359 0976 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:41:49.0359 0976 NDProxy - ok
09:41:49.0390 0976 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:41:49.0390 0976 NetBIOS - ok
09:41:49.0421 0976 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:41:49.0421 0976 NetBT - ok
09:41:49.0609 0976 NETw4x32 (18b2d3e11ed7a3c898ade6a6692b6929) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
09:41:49.0703 0976 NETw4x32 - ok
09:41:49.0906 0976 NETw5x32 (05743fffc2bc88cc8e426321bc6a762e) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
09:41:50.0062 0976 NETw5x32 - ok
09:41:50.0406 0976 NETwLx32 (72062b53186e4a3f5fcbc41ebb62b905) C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
09:41:50.0640 0976 NETwLx32 - ok
09:41:50.0750 0976 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:41:50.0750 0976 NIC1394 - ok
09:41:50.0796 0976 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:41:50.0796 0976 Npfs - ok
09:41:50.0812 0976 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
09:41:50.0812 0976 NSCIRDA - ok
09:41:50.0859 0976 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:41:50.0859 0976 Ntfs - ok
09:41:50.0921 0976 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:41:50.0937 0976 Null - ok
09:41:51.0062 0976 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:41:51.0062 0976 NwlnkFlt - ok
09:41:51.0109 0976 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:41:51.0109 0976 NwlnkFwd - ok
09:41:51.0156 0976 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:41:51.0156 0976 ohci1394 - ok
09:41:51.0218 0976 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
09:41:51.0234 0976 Parport - ok
09:41:51.0250 0976 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:41:51.0250 0976 PartMgr - ok
09:41:51.0281 0976 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
09:41:51.0296 0976 ParVdm - ok
09:41:51.0343 0976 PCASp50 (5f0ed2f6da0df347ab7777eedd5253bb) C:\WINDOWS\system32\Drivers\PCASp50.sys
09:41:51.0359 0976 PCASp50 - ok
09:41:51.0484 0976 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:41:51.0484 0976 pccsmcfd - ok
09:41:51.0531 0976 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
09:41:51.0531 0976 PCI - ok
09:41:51.0531 0976 PCIDump - ok
09:41:51.0578 0976 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:41:51.0578 0976 PCIIde - ok
09:41:51.0593 0976 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:41:51.0593 0976 Pcmcia - ok
09:41:51.0625 0976 PCTAppEvent (f767f3b35c3ecf8a60b2a65beec50ef5) C:\WINDOWS\system32\drivers\PCTAppEvent.sys
09:41:51.0656 0976 PCTAppEvent - ok
09:41:51.0703 0976 PCTFW-PacketFilter (58db891ca76a2d49e33ba9fa13b86c89) C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys
09:41:51.0734 0976 PCTFW-PacketFilter - ok
09:41:51.0875 0976 pctgntdi (b76c829f00b9b534405b4ed5f58b8f52) C:\WINDOWS\system32\drivers\pctgntdi.sys
09:41:51.0906 0976 pctgntdi - ok
09:41:51.0937 0976 pctplfw (78d871114e7cb3115e058d1f85751c7f) C:\WINDOWS\system32\drivers\pctplfw.sys
09:41:51.0968 0976 pctplfw - ok
09:41:51.0984 0976 PDCOMP - ok
09:41:52.0000 0976 PDFRAME - ok
09:41:52.0000 0976 PDRELI - ok
09:41:52.0015 0976 PDRFRAME - ok
09:41:52.0031 0976 perc2 - ok
09:41:52.0046 0976 perc2hib - ok
09:41:52.0125 0976 PGR1394b (6fc9cda0b608dfda41e42d2e9c7d7874) C:\WINDOWS\system32\DRIVERS\HS3dSensor1394.sys
09:41:52.0140 0976 PGR1394b - ok
09:41:52.0265 0976 pneteth (088335b06f75adbcbb81575c7cae6c43) C:\WINDOWS\system32\DRIVERS\pneteth.sys
09:41:52.0265 0976 pneteth - ok
09:41:52.0328 0976 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:41:52.0328 0976 PptpMiniport - ok
09:41:52.0359 0976 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:41:52.0359 0976 PSched - ok
09:41:52.0406 0976 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:41:52.0406 0976 Ptilink - ok
09:41:52.0421 0976 ql1080 - ok
09:41:52.0421 0976 Ql10wnt - ok
09:41:52.0437 0976 ql12160 - ok
09:41:52.0453 0976 ql1240 - ok
09:41:52.0468 0976 ql1280 - ok
09:41:52.0609 0976 QV2KUX (0087f01d35a65b32393cc8bba46ee4a6) C:\WINDOWS\system32\DRIVERS\qv2kux.sys
09:41:52.0609 0976 QV2KUX - ok
09:41:52.0656 0976 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:41:52.0656 0976 RasAcd - ok
09:41:52.0750 0976 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:41:52.0765 0976 Rasirda - ok
09:41:52.0781 0976 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:41:52.0781 0976 Rasl2tp - ok
09:41:52.0875 0976 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:41:52.0875 0976 RasPppoe - ok
09:41:52.0906 0976 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:41:52.0906 0976 Raspti - ok
09:41:52.0953 0976 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:41:52.0953 0976 Rdbss - ok
09:41:52.0968 0976 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:41:52.0968 0976 RDPCDD - ok
09:41:53.0000 0976 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:41:53.0015 0976 rdpdr - ok
09:41:53.0062 0976 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:41:53.0078 0976 RDPWD - ok
09:41:53.0187 0976 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:41:53.0203 0976 redbook - ok
09:41:53.0250 0976 s24trans (27fc71da659305e260acbda15a318399) C:\WINDOWS\system32\DRIVERS\s24trans.sys
09:41:53.0250 0976 s24trans - ok
09:41:53.0296 0976 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:41:53.0296 0976 sdbus - ok
09:41:53.0328 0976 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:41:53.0343 0976 Secdrv - ok
09:41:53.0484 0976 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
09:41:53.0531 0976 Serial - ok
09:41:53.0656 0976 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
09:41:53.0656 0976 sfdrv01 - ok
09:41:53.0687 0976 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
09:41:53.0718 0976 sffdisk - ok
09:41:53.0734 0976 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
09:41:53.0750 0976 sffp_sd - ok
09:41:53.0859 0976 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
09:41:53.0859 0976 sfhlp02 - ok
09:41:53.0921 0976 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:41:53.0937 0976 Sfloppy - ok
09:41:53.0953 0976 Simbad - ok
09:41:53.0984 0976 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:41:53.0984 0976 SLIP - ok
09:41:54.0109 0976 SNP2UVC (0302bc619d4a723317e7f8eb0c362bd3) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
09:41:54.0125 0976 SNP2UVC - ok
09:41:54.0203 0976 Sparrow - ok
09:41:54.0265 0976 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:41:54.0281 0976 splitter - ok
09:41:54.0328 0976 sptd (614deea4bdcec3fd5a07bdc705723ad7) C:\WINDOWS\System32\Drivers\sptd.sys
09:41:54.0328 0976 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7
09:41:54.0328 0976 sptd ( LockedFile.Multi.Generic ) - warning
09:41:54.0328 0976 sptd - detected LockedFile.Multi.Generic (1)
09:41:54.0390 0976 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
09:41:54.0406 0976 sr - ok
09:41:54.0421 0976 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:41:54.0421 0976 Srv - ok
09:41:54.0562 0976 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
09:41:54.0562 0976 StarOpen - ok
09:41:54.0671 0976 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:41:54.0671 0976 streamip - ok
09:41:54.0734 0976 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:41:54.0734 0976 swenum - ok
09:41:54.0750 0976 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:41:54.0750 0976 swmidi - ok
09:41:54.0765 0976 symc810 - ok
09:41:54.0781 0976 symc8xx - ok
09:41:54.0796 0976 sym_hi - ok
09:41:54.0796 0976 sym_u3 - ok
09:41:54.0859 0976 SynTP (cc5da243cfdac58fc0408f7ce24084c5) C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:41:54.0875 0976 SynTP - ok
09:41:54.0890 0976 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:41:54.0906 0976 sysaudio - ok
09:41:55.0046 0976 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:41:55.0046 0976 Tcpip - ok
09:41:55.0093 0976 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:41:55.0125 0976 TDPIPE - ok
09:41:55.0140 0976 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:41:55.0171 0976 TDTCP - ok
09:41:55.0203 0976 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:41:55.0203 0976 TermDD - ok
09:41:55.0250 0976 tifm21 (28b7f973c36d157a7885b1ae42a4a2a9) C:\WINDOWS\system32\drivers\tifm21.sys
09:41:55.0265 0976 tifm21 - ok
09:41:55.0359 0976 TosIde - ok
09:41:55.0390 0976 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:41:55.0421 0976 Udfs - ok
09:41:55.0453 0976 UIUSys (7020c64a20709b39cbe4a1cf371a9cd5) C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
09:41:55.0453 0976 UIUSys - ok
09:41:55.0453 0976 ultra - ok
09:41:55.0515 0976 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:41:55.0531 0976 Update - ok
09:41:55.0609 0976 USBAAPL - ok
09:41:55.0656 0976 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:41:55.0656 0976 usbaudio - ok
09:41:55.0703 0976 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:41:55.0703 0976 usbccgp - ok
09:41:55.0765 0976 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:41:55.0781 0976 usbehci - ok
09:41:55.0875 0976 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:41:55.0875 0976 usbhub - ok
09:41:55.0937 0976 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:41:55.0937 0976 usbprint - ok
09:41:55.0968 0976 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:41:55.0968 0976 usbscan - ok
09:41:56.0000 0976 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:41:56.0015 0976 USBSTOR - ok
09:41:56.0062 0976 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:41:56.0078 0976 usbuhci - ok
09:41:56.0187 0976 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
09:41:56.0187 0976 usbvideo - ok
09:41:56.0218 0976 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
09:41:56.0218 0976 usb_rndisx - ok
09:41:56.0265 0976 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:41:56.0265 0976 VgaSave - ok
09:41:56.0281 0976 ViaIde - ok
09:41:56.0328 0976 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
09:41:56.0328 0976 VolSnap - ok
09:41:56.0406 0976 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:41:56.0406 0976 Wanarp - ok
09:41:56.0578 0976 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys
09:41:56.0609 0976 Wdf01000 - ok
09:41:56.0750 0976 WDICA - ok
09:41:56.0812 0976 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:41:56.0812 0976 wdmaud - ok
09:41:56.0984 0976 winachsf (307d248f97835b6879bdd361086924fe) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:41:57.0078 0976 winachsf - ok
09:41:57.0234 0976 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:41:57.0265 0976 WmiAcpi - ok
09:41:57.0765 0976 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:41:57.0765 0976 WpdUsb - ok
09:41:57.0828 0976 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:41:57.0828 0976 WS2IFSL - ok
09:41:57.0984 0976 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:41:57.0984 0976 WSTCODEC - ok
09:41:58.0046 0976 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:41:58.0062 0976 WudfPf - ok
09:41:58.0093 0976 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:41:58.0093 0976 WudfRd - ok
09:41:58.0140 0976 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
09:41:58.0296 0976 \Device\Harddisk0\DR0 - ok
09:41:58.0312 0976 Boot (0x1200) (3f662319bc014f9b69a9cf0026065988) \Device\Harddisk0\DR0\Partition0
09:41:58.0312 0976 \Device\Harddisk0\DR0\Partition0 - ok
09:41:58.0312 0976 Boot (0x1200) (d5c91e4d4b0f690f019e263a2564be37) \Device\Harddisk0\DR0\Partition1
09:41:58.0312 0976 \Device\Harddisk0\DR0\Partition1 - ok
09:41:58.0312 0976 ============================================================
09:41:58.0312 0976 Scan finished
09:41:58.0312 0976 ============================================================
09:41:58.0328 3588 Detected object count: 1
09:41:58.0328 3588 Actual detected object count: 1
09:42:26.0890 3588 sptd ( LockedFile.Multi.Generic ) - skipped by user
09:42:26.0890 3588 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
09:42:55.0265 3276 Deinitialize success

VIRY.CZ

Pri pripojeni USB mi zamrza PC

Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC

Re: Pri pripojeni USB mi zamrza PC