poprosim o kontrolu logu

[pjotr2009]

dakujem

__________________________________________________________
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2011-11-22 20:42:07
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 15 GB (25%) free of 60 GB
Total RAM: 511 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:25, on 22.11.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5148 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-02-01 1499440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-02-01 1499440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-05-14 3784704]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-05-14 81920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-03-09 26100520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Administrator\Desktop\SweetImSetup.exe"="C:\Documents and Settings\Administrator\Desktop\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2011-11-09 15:15:07 ----D---- C:\Program Files\TimeAdjuster

======List of files/folders modified in the last 1 months======

2011-11-22 20:42:10 ----D---- C:\Program Files\trend micro
2011-11-22 20:42:00 ----D---- C:\WINDOWS\Prefetch
2011-11-22 20:39:00 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2011-11-22 20:35:34 ----D---- C:\Program Files\Mozilla Firefox
2011-11-22 20:31:15 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2011-11-22 18:39:29 ----D---- C:\Documents and Settings\Administrator\Application Data\foobar2000
2011-11-22 17:32:16 ----A---- C:\WINDOWS\WINCMD.INI
2011-11-22 17:24:13 ----D---- C:\Filmy
2011-11-22 16:36:01 ----D---- C:\Documents and Settings\All Users\Application Data\Easybits GO
2011-11-22 16:35:33 ----D---- C:\WINDOWS\temp
2011-11-22 16:35:30 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2011-11-22 16:35:20 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-22 16:34:34 ----D---- C:\WINDOWS
2011-11-22 16:33:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-11-22 14:00:01 ----D---- C:\WINDOWS\system32\drivers
2011-11-21 18:05:02 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-11-21 18:05:02 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2011-11-09 15:15:07 ----RD---- C:\Program Files
2011-10-30 05:39:16 ----D---- C:\WINDOWS\system32
2011-10-30 05:39:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-28 05:00:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2004-08-03 87424]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-01-08 812416]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-05-14 2205760]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-06-13 45568]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2004-08-03 73472]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-07-07 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-05-14 114755]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

[pjotr2009]

dúfam že na mna nezabudnete. dakujem ludkovia. počítač mi čosi spomaluje, klávesnica občas vypadne čiže sa nedá písať a obnovím ju až stlačením ponuky štart a včera pri vypinani mi vybehlo že nejde vypnuť program ieplore.exe.

[motji]

Hezké dopoledne

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[pjotr2009]

hm. no tak som dal počítač oskenovať cez spybot search and destroy a našiel niečo. ked som to chcel odstrániť ozvala sa vzápätí aj avira a bol to vírus GEN/PWD.ZIP
z aviry som ju dal vymazať a spybot odo mna chcel aby som reštartoval počítač. to som urobil a po reštarte ešte oskenoval počítač. vraj nič nenašiel.
skúsim ale ešte pre istotu ten váš postup nech som si istý že tu nič nemám. zatial sa počítač správa normálne.

[pjotr2009]

no mbam síce nič nenašiel ale klávesnica mi stále vynecháva a počítač občas stále čosi spomalí.
tu je log

___________________________________________
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verzia databázy: 8213

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

23.11.2011 10:54:18
mbam-log-2011-11-23 (10-54-17).txt

Typ kontroly: Úplná kontrola (A:\|C:\|D:\|E:\|)
Objektov kontrolovaných: 177182
Uplynutý čas: 40 min, 35 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

[motji]

Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

[pjotr2009]

12:46:54.0296 2344 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
12:46:54.0406 2344 ============================================================
12:46:54.0406 2344 Current date / time: 2011/11/24 12:46:54.0406
12:46:54.0406 2344 SystemInfo:
12:46:54.0406 2344
12:46:54.0406 2344 OS Version: 5.1.2600 ServicePack: 2.0
12:46:54.0406 2344 Product type: Workstation
12:46:54.0406 2344 ComputerName: DOMACI
12:46:54.0406 2344 UserName: Administrator
12:46:54.0406 2344 Windows directory: C:\WINDOWS
12:46:54.0406 2344 System windows directory: C:\WINDOWS
12:46:54.0406 2344 Processor architecture: Intel x86
12:46:54.0406 2344 Number of processors: 2
12:46:54.0406 2344 Page size: 0x1000
12:46:54.0406 2344 Boot type: Normal boot
12:46:54.0406 2344 ============================================================
12:46:56.0953 2344 Initialize success
12:47:04.0031 3784 ============================================================
12:47:04.0031 3784 Scan started
12:47:04.0031 3784 Mode: Manual;
12:47:04.0031 3784 ============================================================
12:47:04.0953 3784 Abiosdsk - ok
12:47:04.0984 3784 abp480n5 - ok
12:47:05.0031 3784 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:47:05.0031 3784 ACPI - ok
12:47:05.0109 3784 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:47:05.0140 3784 ACPIEC - ok
12:47:05.0203 3784 adpu160m - ok
12:47:05.0265 3784 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
12:47:05.0312 3784 aec - ok
12:47:05.0390 3784 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
12:47:05.0437 3784 AFD - ok
12:47:05.0500 3784 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
12:47:05.0515 3784 agp440 - ok
12:47:05.0546 3784 Aha154x - ok
12:47:05.0562 3784 aic78u2 - ok
12:47:05.0593 3784 aic78xx - ok
12:47:05.0625 3784 AliIde - ok
12:47:05.0656 3784 amsint - ok
12:47:05.0687 3784 asc - ok
12:47:05.0718 3784 asc3350p - ok
12:47:05.0750 3784 asc3550 - ok
12:47:05.0796 3784 Aspi32 (20d04091eba710f6988f710507d85868) C:\WINDOWS\system32\drivers\Aspi32.sys
12:47:05.0843 3784 Aspi32 - ok
12:47:05.0921 3784 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:47:05.0937 3784 AsyncMac - ok
12:47:06.0015 3784 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:47:06.0015 3784 atapi - ok
12:47:06.0046 3784 Atdisk - ok
12:47:06.0093 3784 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:47:06.0125 3784 Atmarpc - ok
12:47:06.0187 3784 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:47:06.0218 3784 audstub - ok
12:47:06.0296 3784 avgio (6a646c46b9415e13095aa9b352040a7a) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
12:47:06.0328 3784 avgio - ok
12:47:06.0406 3784 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:47:06.0437 3784 avgntflt - ok
12:47:06.0500 3784 avipbb (452e382340bb0c5e694ed9d3625356d0) C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:47:06.0531 3784 avipbb - ok
12:47:06.0593 3784 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:47:06.0640 3784 Beep - ok
12:47:06.0656 3784 catchme - ok
12:47:06.0734 3784 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:47:06.0750 3784 cbidf2k - ok
12:47:06.0781 3784 cd20xrnt - ok
12:47:06.0843 3784 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:47:06.0875 3784 Cdaudio - ok
12:47:06.0937 3784 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
12:47:06.0968 3784 Cdfs - ok
12:47:07.0046 3784 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:47:07.0078 3784 Cdrom - ok
12:47:07.0125 3784 Changer - ok
12:47:07.0171 3784 CmdIde - ok
12:47:07.0250 3784 cmuda (ddcde8ced6e753f9ebbd07659f808d9d) C:\WINDOWS\system32\drivers\cmuda.sys
12:47:07.0281 3784 cmuda - ok
12:47:07.0328 3784 Cpqarray - ok
12:47:07.0359 3784 dac2w2k - ok
12:47:07.0375 3784 dac960nt - ok
12:47:07.0437 3784 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:47:07.0468 3784 Disk - ok
12:47:07.0562 3784 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
12:47:07.0656 3784 dmboot - ok
12:47:07.0718 3784 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
12:47:07.0750 3784 dmio - ok
12:47:07.0828 3784 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:47:07.0859 3784 dmload - ok
12:47:07.0937 3784 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
12:47:07.0968 3784 DMusic - ok
12:47:08.0015 3784 dpti2o - ok
12:47:08.0078 3784 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
12:47:08.0093 3784 drmkaud - ok
12:47:08.0171 3784 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
12:47:08.0203 3784 Fastfat - ok
12:47:08.0296 3784 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:47:08.0312 3784 Fdc - ok
12:47:08.0390 3784 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
12:47:08.0421 3784 Fips - ok
12:47:08.0484 3784 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:47:08.0515 3784 Flpydisk - ok
12:47:08.0578 3784 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
12:47:08.0609 3784 FltMgr - ok
12:47:08.0687 3784 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:47:08.0703 3784 Fs_Rec - ok
12:47:08.0781 3784 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:47:08.0796 3784 Ftdisk - ok
12:47:08.0843 3784 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:47:08.0875 3784 gameenum - ok
12:47:08.0968 3784 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
12:47:09.0000 3784 giveio - ok
12:47:09.0062 3784 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:47:09.0093 3784 Gpc - ok
12:47:09.0156 3784 hpn - ok
12:47:09.0203 3784 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
12:47:09.0203 3784 HTTP - ok
12:47:09.0250 3784 i2omgmt - ok
12:47:09.0281 3784 i2omp - ok
12:47:09.0328 3784 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:47:09.0359 3784 i8042prt - ok
12:47:09.0421 3784 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:47:09.0437 3784 Imapi - ok
12:47:09.0515 3784 ini910u - ok
12:47:09.0546 3784 IntelIde - ok
12:47:09.0593 3784 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:47:09.0640 3784 intelppm - ok
12:47:09.0703 3784 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
12:47:09.0734 3784 ip6fw - ok
12:47:09.0796 3784 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:47:09.0828 3784 IpFilterDriver - ok
12:47:09.0906 3784 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:47:09.0937 3784 IpInIp - ok
12:47:10.0000 3784 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:47:10.0000 3784 IpNat - ok
12:47:10.0062 3784 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:47:10.0078 3784 IPSec - ok
12:47:10.0140 3784 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys
12:47:10.0171 3784 irda - ok
12:47:10.0250 3784 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:47:10.0281 3784 IRENUM - ok
12:47:10.0359 3784 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
12:47:10.0390 3784 irsir - ok
12:47:10.0484 3784 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:47:10.0515 3784 isapnp - ok
12:47:10.0609 3784 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:47:10.0625 3784 Kbdclass - ok
12:47:10.0687 3784 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
12:47:10.0718 3784 kmixer - ok
12:47:10.0796 3784 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
12:47:10.0828 3784 KSecDD - ok
12:47:10.0890 3784 lbrtfdc - ok
12:47:10.0953 3784 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:47:10.0984 3784 mnmdd - ok
12:47:11.0031 3784 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
12:47:11.0078 3784 Modem - ok
12:47:11.0140 3784 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:47:11.0171 3784 Mouclass - ok
12:47:11.0234 3784 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
12:47:11.0250 3784 MountMgr - ok
12:47:11.0312 3784 mraid35x - ok
12:47:11.0375 3784 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:47:11.0406 3784 MRxDAV - ok
12:47:11.0484 3784 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:47:11.0562 3784 MRxSmb - ok
12:47:11.0640 3784 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
12:47:11.0656 3784 Msfs - ok
12:47:11.0734 3784 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:47:11.0750 3784 MSKSSRV - ok
12:47:11.0812 3784 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:47:11.0843 3784 MSPCLOCK - ok
12:47:11.0906 3784 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
12:47:11.0937 3784 MSPQM - ok
12:47:12.0015 3784 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:47:12.0015 3784 mssmbios - ok
12:47:12.0062 3784 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
12:47:12.0093 3784 ms_mpu401 - ok
12:47:12.0156 3784 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
12:47:12.0187 3784 Mup - ok
12:47:12.0250 3784 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
12:47:12.0281 3784 NDIS - ok
12:47:12.0343 3784 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:47:12.0375 3784 NdisTapi - ok
12:47:12.0421 3784 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:47:12.0453 3784 Ndisuio - ok
12:47:12.0515 3784 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:47:12.0546 3784 NdisWan - ok
12:47:12.0609 3784 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
12:47:12.0625 3784 NDProxy - ok
12:47:12.0718 3784 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:47:12.0734 3784 NetBIOS - ok
12:47:12.0796 3784 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:47:12.0843 3784 NetBT - ok
12:47:12.0968 3784 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
12:47:13.0000 3784 Npfs - ok
12:47:13.0078 3784 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
12:47:13.0156 3784 Ntfs - ok
12:47:13.0218 3784 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:47:13.0250 3784 Null - ok
12:47:13.0390 3784 nv (a162aa83f04adb29fdcb69a1f85f1a3e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:47:13.0515 3784 nv - ok
12:47:13.0578 3784 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:47:13.0609 3784 NwlnkFlt - ok
12:47:13.0687 3784 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:47:13.0718 3784 NwlnkFwd - ok
12:47:13.0765 3784 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
12:47:13.0781 3784 Parport - ok
12:47:13.0843 3784 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
12:47:13.0843 3784 PartMgr - ok
12:47:13.0890 3784 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:47:13.0906 3784 ParVdm - ok
12:47:13.0968 3784 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
12:47:13.0984 3784 PCI - ok
12:47:14.0031 3784 PCIDump - ok
12:47:14.0078 3784 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:47:14.0093 3784 PCIIde - ok
12:47:14.0140 3784 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:47:14.0156 3784 Pcmcia - ok
12:47:14.0203 3784 PDCOMP - ok
12:47:14.0234 3784 PDFRAME - ok
12:47:14.0250 3784 PDRELI - ok
12:47:14.0281 3784 PDRFRAME - ok
12:47:14.0296 3784 perc2 - ok
12:47:14.0328 3784 perc2hib - ok
12:47:14.0406 3784 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:47:14.0437 3784 PptpMiniport - ok
12:47:14.0500 3784 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
12:47:14.0531 3784 Processor - ok
12:47:14.0593 3784 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
12:47:14.0609 3784 PSched - ok
12:47:14.0687 3784 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:47:14.0718 3784 Ptilink - ok
12:47:14.0781 3784 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:47:14.0843 3784 PxHelp20 - ok
12:47:14.0906 3784 ql1080 - ok
12:47:14.0953 3784 Ql10wnt - ok
12:47:14.0968 3784 ql12160 - ok
12:47:15.0000 3784 ql1240 - ok
12:47:15.0031 3784 ql1280 - ok
12:47:15.0093 3784 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:47:15.0109 3784 RasAcd - ok
12:47:15.0156 3784 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
12:47:15.0171 3784 Rasirda - ok
12:47:15.0250 3784 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:47:15.0281 3784 Rasl2tp - ok
12:47:15.0328 3784 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:47:15.0359 3784 RasPppoe - ok
12:47:15.0437 3784 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:47:15.0453 3784 Raspti - ok
12:47:15.0531 3784 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:47:15.0578 3784 Rdbss - ok
12:47:15.0640 3784 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:47:15.0656 3784 RDPCDD - ok
12:47:15.0734 3784 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:47:15.0781 3784 rdpdr - ok
12:47:15.0875 3784 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
12:47:15.0890 3784 RDPWD - ok
12:47:15.0968 3784 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:47:15.0984 3784 redbook - ok
12:47:16.0078 3784 rtl8139 (d0ac0b0355a3ffb85eb77b083cd0627c) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
12:47:16.0109 3784 rtl8139 - ok
12:47:16.0187 3784 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:47:16.0234 3784 Secdrv - ok
12:47:16.0328 3784 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:47:16.0343 3784 serenum - ok
12:47:16.0406 3784 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
12:47:16.0437 3784 Serial - ok
12:47:16.0500 3784 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:47:16.0515 3784 Sfloppy - ok
12:47:16.0593 3784 Simbad - ok
12:47:16.0625 3784 Sparrow - ok
12:47:16.0671 3784 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
12:47:16.0687 3784 speedfan - ok
12:47:16.0734 3784 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
12:47:16.0750 3784 splitter - ok
12:47:16.0812 3784 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\System32\DRIVERS\sr.sys
12:47:16.0843 3784 sr - ok
12:47:16.0937 3784 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
12:47:17.0000 3784 Srv - ok
12:47:17.0062 3784 ssmdrv (654dfea96bc82b4acda4f37e5e4a3bbf) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
12:47:17.0093 3784 ssmdrv - ok
12:47:17.0156 3784 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:47:17.0187 3784 swenum - ok
12:47:17.0234 3784 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
12:47:17.0250 3784 swmidi - ok
12:47:17.0312 3784 symc810 - ok
12:47:17.0328 3784 symc8xx - ok
12:47:17.0359 3784 sym_hi - ok
12:47:17.0375 3784 sym_u3 - ok
12:47:17.0421 3784 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
12:47:17.0453 3784 sysaudio - ok
12:47:17.0546 3784 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:47:17.0609 3784 Tcpip - ok
12:47:17.0687 3784 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:47:17.0703 3784 TDPIPE - ok
12:47:17.0734 3784 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
12:47:17.0750 3784 TDTCP - ok
12:47:17.0796 3784 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:47:17.0828 3784 TermDD - ok
12:47:17.0890 3784 TosIde - ok
12:47:17.0953 3784 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
12:47:17.0968 3784 Udfs - ok
12:47:18.0015 3784 ultra - ok
12:47:18.0078 3784 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
12:47:18.0109 3784 Update - ok
12:47:18.0171 3784 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:47:18.0187 3784 usbehci - ok
12:47:18.0250 3784 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:47:18.0281 3784 usbhub - ok
12:47:18.0359 3784 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:47:18.0375 3784 usbscan - ok
12:47:18.0437 3784 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:47:18.0468 3784 USBSTOR - ok
12:47:18.0562 3784 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:47:18.0562 3784 usbuhci - ok
12:47:18.0609 3784 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
12:47:18.0640 3784 VgaSave - ok
12:47:18.0703 3784 ViaIde - ok
12:47:18.0750 3784 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
12:47:18.0765 3784 VolSnap - ok
12:47:18.0859 3784 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:47:18.0890 3784 Wanarp - ok
12:47:18.0953 3784 WDICA - ok
12:47:19.0015 3784 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
12:47:19.0031 3784 wdmaud - ok
12:47:19.0171 3784 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:47:19.0187 3784 WpdUsb - ok
12:47:19.0250 3784 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:47:19.0281 3784 WS2IFSL - ok
12:47:19.0359 3784 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:47:19.0375 3784 WudfPf - ok
12:47:19.0453 3784 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:47:19.0484 3784 WudfRd - ok
12:47:19.0531 3784 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:47:19.0640 3784 \Device\Harddisk0\DR0 - ok
12:47:19.0671 3784 Boot (0x1200) (f3e444d754ed1ed762850a42ea2e6f07) \Device\Harddisk0\DR0\Partition0
12:47:19.0671 3784 \Device\Harddisk0\DR0\Partition0 - ok
12:47:19.0703 3784 Boot (0x1200) (6884195647ae78fe032e5ad08c7d27e5) \Device\Harddisk0\DR0\Partition1
12:47:19.0703 3784 \Device\Harddisk0\DR0\Partition1 - ok
12:47:19.0703 3784 ============================================================
12:47:19.0703 3784 Scan finished
12:47:19.0703 3784 ============================================================
12:47:19.0718 3444 Detected object count: 0
12:47:19.0718 3444 Actual detected object count: 0

[motji]

Tak tdss rootkita nemáte. Jdeme hledat dál.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[pjotr2009]

ComboFix 11-11-26.04 - Administrator 27.11.2011 9:01.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.511.185 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-27 to 2011-11-27 )))))))))))))))))))))))))))))))
.
.
2011-11-09 14:15 . 2011-11-09 14:15 -------- d-----w- c:\program files\TimeAdjuster
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-31 15:00 . 2009-12-05 15:57 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-03-09 26100520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-05-14 3784704]
"nwiz"="nwiz.exe" [2004-05-14 831488]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-05-14 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-03 53760]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [27.8.2009 20:34 108289]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://home.sweetim.com
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\25t2mvec.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-27 09:07
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-11-27 09:11:27
ComboFix-quarantined-files.txt 2011-11-27 08:11
ComboFix2.txt 2010-03-08 14:06
.
Pre-Run: 14 753 914 880 bytes free
Post-Run: 14 778 630 144 bytes free
.
- - End Of File - - C35575AE8FB1B46FC59A6C66BDB11564

[motji]

Jak je na tom počítač?

[pjotr2009]

stále mi zvykne vypadnuť klavesnica, čiže nie je možné na nej písať, ako keby vybehlo nejake neviditelne okno a ide to napraviť tým že kliknem na toto ---> http://skola.dvp.sk/wp-content/uploads/ ... winkey.jpg

napadlo ma ale že by som si vymazal ten sweetim. čo myslíte ?

[motji]

Klidně ho vymažte.
Nemáte možnost vyzkoušet jinou klávesnici?